diff --git a/Cargo.lock b/Cargo.lock index 3c3ab2a92..aa70740ef 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -1028,6 +1028,7 @@ dependencies = [ "criterion", "hex", "libcrux-intrinsics", + "libcrux-platform", "libcrux-sha3", "pqcrypto-dilithium", "rand", diff --git a/libcrux-ml-dsa/Cargo.toml b/libcrux-ml-dsa/Cargo.toml index 0eb6a57f8..3f8c04df1 100644 --- a/libcrux-ml-dsa/Cargo.toml +++ b/libcrux-ml-dsa/Cargo.toml @@ -18,6 +18,7 @@ bench = false # so libtest doesn't eat the arguments to criterion [dependencies] libcrux-sha3 = { version = "0.0.2-alpha.3", path = "../libcrux-sha3" } libcrux-intrinsics = { version = "0.0.2-alpha.3", path = "../libcrux-intrinsics" } +libcrux-platform = { version = "0.0.2-alpha.3", path = "../sys/platform" } [dev-dependencies] rand = { version = "0.8" } @@ -25,7 +26,7 @@ hex = { version = "0.4.3", features = ["serde"] } serde_json = { version = "1.0" } serde = { version = "1.0", features = ["derive"] } criterion = "0.5" -pqcrypto-dilithium = { version = "0.5.0" } #, default-features = false +pqcrypto-dilithium = { version = "0.5.0" } #, default-features = false [features] simd128 = [] @@ -46,4 +47,3 @@ harness = false [[bench]] name = "ml-dsa" harness = false - diff --git a/libcrux-ml-dsa/benches/bench_utils.rs b/libcrux-ml-dsa/benches/bench_utils.rs index cc1b663eb..0ea3450e8 100644 --- a/libcrux-ml-dsa/benches/bench_utils.rs +++ b/libcrux-ml-dsa/benches/bench_utils.rs @@ -70,7 +70,8 @@ macro_rules! bench { #[macro_export] macro_rules! bench_group_libcrux { - ($variant:literal, $mod:ident, $keypair_t:ident, $signature_t:ident) => {{ + ($variant:literal, $mod:path, $keypair_t:ident, $signature_t:ident) => {{ + use $mod as p; bench!( "(libcrux) KeyGen", $variant, @@ -81,7 +82,7 @@ macro_rules! bench_group_libcrux { key_generation_seed }, |key_generation_seed: [u8; KEY_GENERATION_RANDOMNESS_SIZE]| { - $mod::generate_key_pair(key_generation_seed) + p::generate_key_pair(key_generation_seed) } ); @@ -94,7 +95,7 @@ macro_rules! bench_group_libcrux { bench_utils::random_array(); let signing_randomness: [u8; SIGNING_RANDOMNESS_SIZE] = bench_utils::random_array(); let message = bench_utils::random_array::<1023>(); - let keypair = $mod::generate_key_pair(key_generation_seed); + let keypair = p::generate_key_pair(key_generation_seed); (keypair, message, signing_randomness) }, @@ -102,7 +103,7 @@ macro_rules! bench_group_libcrux { $keypair_t, [u8; 1023], [u8; SIGNING_RANDOMNESS_SIZE] - )| { $mod::sign(&keypair.signing_key, &message, signing_randomness) } + )| { p::sign(&keypair.signing_key, &message, signing_randomness) } ); bench!( @@ -114,12 +115,12 @@ macro_rules! bench_group_libcrux { bench_utils::random_array(); let signing_randomness: [u8; SIGNING_RANDOMNESS_SIZE] = bench_utils::random_array(); let message = bench_utils::random_array::<1023>(); - let keypair = $mod::generate_key_pair(key_generation_seed); - let signature = $mod::sign(&keypair.signing_key, &message, signing_randomness); + let keypair = p::generate_key_pair(key_generation_seed); + let signature = p::sign(&keypair.signing_key, &message, signing_randomness); (keypair, message, signature) }, |(keypair, message, signature): ($keypair_t, [u8; 1023], $signature_t)| { - $mod::verify(&keypair.verification_key, &message, &signature).unwrap() + p::verify(&keypair.verification_key, &message, &signature).unwrap() } ); diff --git a/libcrux-ml-dsa/benches/manual44.rs b/libcrux-ml-dsa/benches/manual44.rs index 050296e14..a23a45a34 100644 --- a/libcrux-ml-dsa/benches/manual44.rs +++ b/libcrux-ml-dsa/benches/manual44.rs @@ -8,6 +8,25 @@ use pqcrypto_dilithium; mod bench_utils; fn main() { - bench_group_libcrux!("44", ml_dsa_44, MLDSA44KeyPair, MLDSA44Signature); + bench_group_libcrux!( + "44 portable", + ml_dsa_44::portable, + MLDSA44KeyPair, + MLDSA44Signature + ); + #[cfg(feature = "simd128")] + bench_group_libcrux!( + "44 sim1d28", + ml_dsa_44::neon, + MLDSA44KeyPair, + MLDSA44Signature + ); + #[cfg(feature = "simd256")] + bench_group_libcrux!( + "44 simd256", + ml_dsa_44::avx2, + MLDSA44KeyPair, + MLDSA44Signature + ); bench_group_pqclean!("44", dilithium2); } diff --git a/libcrux-ml-dsa/build.rs b/libcrux-ml-dsa/build.rs new file mode 100644 index 000000000..dce0fe33d --- /dev/null +++ b/libcrux-ml-dsa/build.rs @@ -0,0 +1,36 @@ +use std::env; + +fn main() { + let target_arch = env::var("CARGO_CFG_TARGET_ARCH").unwrap(); + let disable_simd128 = read_env("LIBCRUX_DISABLE_SIMD128"); + let disable_simd256 = read_env("LIBCRUX_DISABLE_SIMD256"); + + // Force a simd build. Make sure you know what you're doing. + let enable_simd128 = read_env("LIBCRUX_ENABLE_SIMD128"); + let enable_simd256 = read_env("LIBCRUX_ENABLE_SIMD256"); + + let simd128_possible = target_arch == "aarch64"; + if (simd128_possible || enable_simd128) && !disable_simd128 { + // We enable simd128 on all aarch64 builds. + println!("cargo:rustc-cfg=feature=\"simd128\""); + } + let simd256_possible = target_arch == "x86_64"; + if (simd256_possible || enable_simd256) && !disable_simd256 { + // We enable simd256 on all x86_64 builds. + // Note that this doesn't mean the required CPU features are available. + // But the compiler will support them and the runtime checks ensure that + // it's only used when available. + // + // We don't enable this on x86 because it seems to generate invalid code. + println!("cargo:rustc-cfg=feature=\"simd256\""); + } + + println!("cargo::rustc-check-cfg=cfg(eurydice)"); +} + +fn read_env(key: &str) -> bool { + match env::var(key) { + Ok(s) => s == "1" || s == "y" || s == "Y", + Err(_) => false, + } +} diff --git a/libcrux-ml-dsa/examples/sign_44.rs b/libcrux-ml-dsa/examples/sign_44.rs new file mode 100644 index 000000000..850f14cfa --- /dev/null +++ b/libcrux-ml-dsa/examples/sign_44.rs @@ -0,0 +1,21 @@ +use libcrux_ml_dsa::ml_dsa_44::*; +use rand::{rngs::OsRng, RngCore}; + +fn random_array() -> [u8; L] { + let mut rng = OsRng; + let mut seed = [0; L]; + rng.try_fill_bytes(&mut seed).unwrap(); + seed +} + +fn main() { + let key_generation_seed = random_array(); + let signing_randomness = random_array(); + let message = random_array::<1023>(); + + let keypair = generate_key_pair(key_generation_seed); + + for _i in 0..100_000 { + let _ = core::hint::black_box(sign(&keypair.signing_key, &message, signing_randomness)); + } +} diff --git a/libcrux-ml-dsa/src/hash_functions.rs b/libcrux-ml-dsa/src/hash_functions.rs index 67177cf71..cac3002b3 100644 --- a/libcrux-ml-dsa/src/hash_functions.rs +++ b/libcrux-ml-dsa/src/hash_functions.rs @@ -48,16 +48,6 @@ pub(crate) mod shake128 { pub(crate) const BLOCK_SIZE: usize = 168; pub(crate) const FIVE_BLOCKS_SIZE: usize = BLOCK_SIZE * 5; - pub(crate) trait Xof { - fn init_absorb(input: &[u8]) -> Self; - - // TODO: - // - There should only be a `squeeze_block` and `squeeze_five_blocks` - // - Use mutable out instead if performance is better - fn squeeze_first_five_blocks(&mut self) -> [u8; FIVE_BLOCKS_SIZE]; - fn squeeze_next_block(&mut self) -> [u8; BLOCK_SIZE]; - } - /// When sampling matrix A we always want to do 4 absorb/squeeze calls in /// parallel. pub(crate) trait XofX4 { @@ -89,35 +79,6 @@ pub(crate) mod portable { use super::{shake128, shake256}; - /// Portable SHAKE 128 state - pub(crate) struct Shake128 { - state: KeccakState, - } - - impl shake128::Xof for Shake128 { - #[inline(always)] - fn init_absorb(input: &[u8]) -> Self { - let mut state = shake128_init(); - shake128_absorb_final(&mut state, &input); - - Self { state } - } - - #[inline(always)] - fn squeeze_first_five_blocks(&mut self) -> [u8; shake128::FIVE_BLOCKS_SIZE] { - let mut out = [0u8; shake128::FIVE_BLOCKS_SIZE]; - incremental::shake128_squeeze_first_five_blocks(&mut self.state, &mut out); - out - } - - #[inline(always)] - fn squeeze_next_block(&mut self) -> [u8; shake128::BLOCK_SIZE] { - let mut out = [0u8; shake128::BLOCK_SIZE]; - incremental::shake128_squeeze_next_block(&mut self.state, &mut out); - out - } - } - /// Portable SHAKE 128 x4 state. /// /// We're using a portable implementation so this is actually sequential. @@ -304,7 +265,6 @@ pub(crate) mod portable { } } -// #[cfg(feature = "simd256")] /// A SIMD256 implementation of [`shake128::XofX4`] and [`shake256::Xof`] for AVX2. pub(crate) mod simd256 { @@ -319,11 +279,11 @@ pub(crate) mod simd256 { /// /// This only implements the XofX4 API. For the single Xof, the portable /// version is used. - pub(crate) struct Shake128 { + pub(crate) struct Shake128x4 { state: KeccakState, } - impl shake128::XofX4 for Shake128 { + impl shake128::XofX4 for Shake128x4 { /// Init the state and absorb 4 blocks in parallel. fn init_absorb(input0: &[u8], input1: &[u8], input2: &[u8], input3: &[u8]) -> Self { let mut state = x4::incremental::init(); @@ -404,11 +364,11 @@ pub(crate) mod simd256 { } /// AVX2 SHAKE 256 x4 state. - pub(crate) struct Shake256X4 { + pub(crate) struct Shake256x4 { state: KeccakState, } - impl shake256::XofX4 for Shake256X4 { + impl shake256::XofX4 for Shake256x4 { fn init_absorb(input0: &[u8], input1: &[u8], input2: &[u8], input3: &[u8]) -> Self { let mut state = x4::incremental::init(); x4::incremental::shake256_absorb_final(&mut state, &input0, &input1, &input2, &input3); @@ -478,62 +438,33 @@ pub(crate) mod simd256 { /// A SIMD256 implementation of [`shake128::Xof`] and [`shake256::Xof`] for Neon. pub(crate) mod neon { - // FIXME: This is only a portable implementation for now. - use libcrux_sha3::portable::{ - incremental::{self, shake128_absorb_final, shake128_init}, - shake256, KeccakState, - }; + use libcrux_sha3::neon::x2::{self, incremental::KeccakState}; use super::{shake128, shake256}; - // TODO: - // - measure if neon is faster or slower for the sequential shakes. - - /// Neon SHAKE 128 state - pub(crate) struct PortableShake128 { - state: KeccakState, - } - - impl shake128::Xof for PortableShake128 { - #[inline(always)] - fn init_absorb(input: &[u8]) -> Self { - let mut state = shake128_init(); - shake128_absorb_final(&mut state, &input); - - Self { state } - } - - #[inline(always)] - fn squeeze_first_five_blocks(&mut self) -> [u8; shake128::FIVE_BLOCKS_SIZE] { - let mut out = [0u8; shake128::FIVE_BLOCKS_SIZE]; - incremental::shake128_squeeze_first_five_blocks(&mut self.state, &mut out); - out - } - - #[inline(always)] - fn squeeze_next_block(&mut self) -> [u8; shake128::BLOCK_SIZE] { - let mut out = [0u8; shake128::BLOCK_SIZE]; - incremental::shake128_squeeze_next_block(&mut self.state, &mut out); - out - } + pub(crate) struct Shake128x4 { + state: [KeccakState; 2], } - impl shake128::XofX4 for PortableShake128 { + impl shake128::XofX4 for Shake128x4 { /// Init the state and absorb 4 blocks in parallel. - /// We're using a portable implementation so this is actually sequential. - fn init_absorb(_input0: &[u8], _input1: &[u8], _input2: &[u8], _input3: &[u8]) -> Self { - todo!() + fn init_absorb(input0: &[u8], input1: &[u8], input2: &[u8], input3: &[u8]) -> Self { + let mut state = [x2::incremental::init(), x2::incremental::init()]; + x2::incremental::shake128_absorb_final(&mut state[0], &input0, &input1); + x2::incremental::shake128_absorb_final(&mut state[1], &input2, &input3); + Self { state } } fn squeeze_first_five_blocks( &mut self, - _out0: &mut [u8; shake128::FIVE_BLOCKS_SIZE], - _out1: &mut [u8; shake128::FIVE_BLOCKS_SIZE], - _out2: &mut [u8; shake128::FIVE_BLOCKS_SIZE], - _out3: &mut [u8; shake128::FIVE_BLOCKS_SIZE], + out0: &mut [u8; shake128::FIVE_BLOCKS_SIZE], + out1: &mut [u8; shake128::FIVE_BLOCKS_SIZE], + out2: &mut [u8; shake128::FIVE_BLOCKS_SIZE], + out3: &mut [u8; shake128::FIVE_BLOCKS_SIZE], ) { - todo!() + x2::incremental::shake128_squeeze_first_five_blocks(&mut self.state[0], out0, out1); + x2::incremental::shake128_squeeze_first_five_blocks(&mut self.state[1], out2, out3); } fn squeeze_next_block( @@ -544,36 +475,78 @@ pub(crate) mod neon { [u8; shake128::BLOCK_SIZE], [u8; shake128::BLOCK_SIZE], ) { - todo!() + let mut out0 = [0u8; shake128::BLOCK_SIZE]; + let mut out1 = [0u8; shake128::BLOCK_SIZE]; + let mut out2 = [0u8; shake128::BLOCK_SIZE]; + let mut out3 = [0u8; shake128::BLOCK_SIZE]; + x2::incremental::shake128_squeeze_next_block(&mut self.state[0], &mut out0, &mut out1); + x2::incremental::shake128_squeeze_next_block(&mut self.state[1], &mut out2, &mut out3); + + (out0, out1, out2, out3) } } - /// Portable SHAKE 256 state - pub(crate) struct PortableShake256 { - state: KeccakState, + /// Neon SHAKE 256 x4 state + pub(crate) struct Shake256x4 { + state: [KeccakState; 2], } - impl shake256::Xof for PortableShake256 { - fn shake256(input: &[u8], out: &mut [u8; OUTPUT_LENGTH]) { - shake256(out, input); + + impl shake256::XofX4 for Shake256x4 { + fn init_absorb(input0: &[u8], input1: &[u8], input2: &[u8], input3: &[u8]) -> Self { + let mut state = [x2::incremental::init(), x2::incremental::init()]; + x2::incremental::shake256_absorb_final(&mut state[0], &input0, &input1); + x2::incremental::shake256_absorb_final(&mut state[1], &input2, &input3); + Self { state } } - fn init_absorb(input: &[u8]) -> Self { - let mut state = incremental::shake256_init(); - incremental::shake256_absorb_final(&mut state, input); + fn squeeze_first_block( + &mut self, + ) -> ( + [u8; shake256::BLOCK_SIZE], + [u8; shake256::BLOCK_SIZE], + [u8; shake256::BLOCK_SIZE], + [u8; shake256::BLOCK_SIZE], + ) { + let mut out0 = [0u8; shake256::BLOCK_SIZE]; + let mut out1 = [0u8; shake256::BLOCK_SIZE]; + let mut out2 = [0u8; shake256::BLOCK_SIZE]; + let mut out3 = [0u8; shake256::BLOCK_SIZE]; + x2::incremental::shake256_squeeze_first_block(&mut self.state[0], &mut out0, &mut out1); + x2::incremental::shake256_squeeze_first_block(&mut self.state[1], &mut out2, &mut out3); - Self { state } + (out0, out1, out2, out3) } - fn squeeze_first_block(&mut self) -> [u8; shake256::BLOCK_SIZE] { - let mut out = [0u8; shake256::BLOCK_SIZE]; - incremental::shake256_squeeze_first_block(&mut self.state, &mut out); - out + fn squeeze_next_block( + &mut self, + ) -> ( + [u8; shake256::BLOCK_SIZE], + [u8; shake256::BLOCK_SIZE], + [u8; shake256::BLOCK_SIZE], + [u8; shake256::BLOCK_SIZE], + ) { + let mut out0 = [0u8; shake256::BLOCK_SIZE]; + let mut out1 = [0u8; shake256::BLOCK_SIZE]; + let mut out2 = [0u8; shake256::BLOCK_SIZE]; + let mut out3 = [0u8; shake256::BLOCK_SIZE]; + x2::incremental::shake256_squeeze_next_block(&mut self.state[0], &mut out0, &mut out1); + x2::incremental::shake256_squeeze_next_block(&mut self.state[1], &mut out2, &mut out3); + + (out0, out1, out2, out3) } - fn squeeze_next_block(&mut self) -> [u8; shake256::BLOCK_SIZE] { - let mut out = [0u8; shake256::BLOCK_SIZE]; - incremental::shake256_squeeze_next_block(&mut self.state, &mut out); - out + fn shake256( + input0: &[u8], + input1: &[u8], + input2: &[u8], + input3: &[u8], + out0: &mut [u8; OUT_LEN], + out1: &mut [u8; OUT_LEN], + out2: &mut [u8; OUT_LEN], + out3: &mut [u8; OUT_LEN], + ) { + x2::shake256(input0, input1, out0, out1); + x2::shake256(input2, input3, out2, out3); } } } diff --git a/libcrux-ml-dsa/src/ml_dsa_44.rs b/libcrux-ml-dsa/src/ml_dsa_44.rs index b2b1338c0..2286d163f 100644 --- a/libcrux-ml-dsa/src/ml_dsa_44.rs +++ b/libcrux-ml-dsa/src/ml_dsa_44.rs @@ -1,4 +1,9 @@ -use crate::{constants::*, ml_dsa_generic, types::*, VerificationError}; +use crate::{ + constants::*, + ml_dsa_generic::{self, multiplexing}, + types::*, + VerificationError, +}; // ML-DSA-44-specific parameters @@ -60,39 +65,100 @@ pub type MLDSA44VerificationKey = MLDSAVerificationKey; pub type MLDSA44KeyPair = MLDSAKeyPair; pub type MLDSA44Signature = MLDSASignature; -// TODO: Multiplex more intelligently. -#[cfg(feature = "simd256")] -type SIMDUnit = crate::simd::avx2::AVX2SIMDUnit; -#[cfg(not(feature = "simd256"))] -type SIMDUnit = crate::simd::portable::PortableSIMDUnit; - -// For regular shake128 we only use portable. -type Shake128 = crate::hash_functions::portable::Shake128; - -#[cfg(feature = "simd256")] -type Shake128X4 = crate::hash_functions::simd256::Shake128; -#[cfg(not(feature = "simd256"))] -type Shake128X4 = crate::hash_functions::portable::Shake128X4; +// Instantiate the different functions. +macro_rules! instantiate { + ($modp:ident, $p:path, $doc:expr) => { + #[doc = $doc] + pub mod $modp { + use super::*; + use $p as p; + + /// Generate an ML-DSA-44 Key Pair + pub fn generate_key_pair( + randomness: [u8; KEY_GENERATION_RANDOMNESS_SIZE], + ) -> MLDSA44KeyPair { + let (signing_key, verification_key) = p::generate_key_pair::< + ROWS_IN_A, + COLUMNS_IN_A, + ETA, + ERROR_RING_ELEMENT_SIZE, + SIGNING_KEY_SIZE, + VERIFICATION_KEY_SIZE, + >(randomness); + + MLDSA44KeyPair { + signing_key: MLDSASigningKey(signing_key), + verification_key: MLDSAVerificationKey(verification_key), + } + } + + /// Generate an ML-DSA-44 Signature + pub fn sign( + signing_key: &MLDSA44SigningKey, + message: &[u8], + randomness: [u8; SIGNING_RANDOMNESS_SIZE], + ) -> MLDSA44Signature { + p::sign::< + ROWS_IN_A, + COLUMNS_IN_A, + ETA, + ERROR_RING_ELEMENT_SIZE, + GAMMA1_EXPONENT, + GAMMA2, + COMMITMENT_RING_ELEMENT_SIZE, + COMMITMENT_VECTOR_SIZE, + COMMITMENT_HASH_SIZE, + ONES_IN_VERIFIER_CHALLENGE, + MAX_ONES_IN_HINT, + GAMMA1_RING_ELEMENT_SIZE, + SIGNING_KEY_SIZE, + SIGNATURE_SIZE, + >(&signing_key.0, message, randomness) + } + + /// Verify an ML-DSA-44 Signature + pub fn verify( + verification_key: &MLDSA44VerificationKey, + message: &[u8], + signature: &MLDSA44Signature, + ) -> Result<(), VerificationError> { + p::verify::< + ROWS_IN_A, + COLUMNS_IN_A, + SIGNATURE_SIZE, + VERIFICATION_KEY_SIZE, + GAMMA1_EXPONENT, + GAMMA1_RING_ELEMENT_SIZE, + GAMMA2, + BETA, + COMMITMENT_RING_ELEMENT_SIZE, + COMMITMENT_VECTOR_SIZE, + COMMITMENT_HASH_SIZE, + ONES_IN_VERIFIER_CHALLENGE, + MAX_ONES_IN_HINT, + >(&verification_key.0, message, &signature.0) + } + } + }; +} -#[cfg(feature = "simd256")] -type Shake256X4 = crate::hash_functions::simd256::Shake256X4; -#[cfg(not(feature = "simd256"))] -type Shake256X4 = crate::hash_functions::portable::Shake256X4; +// Instantiations -// TODO: This is all portable for now. +instantiate! {portable, ml_dsa_generic::instantiations::portable, "Portable ML-DSA 44"} #[cfg(feature = "simd256")] -type Shake256 = crate::hash_functions::portable::Shake256; -#[cfg(not(feature = "simd256"))] -type Shake256 = crate::hash_functions::portable::Shake256; - -/// Generate an ML-DSA-44 Key Pair -pub fn generate_key_pair(randomness: [u8; 32]) -> MLDSA44KeyPair { - let (signing_key, verification_key) = ml_dsa_generic::generate_key_pair::< - SIMDUnit, // TODO: Multiplex this based on platform detection. - Shake128, - Shake128X4, - Shake256, - Shake256X4, +instantiate! {avx2, ml_dsa_generic::instantiations::avx2, "AVX2 Optimised ML-DSA 44"} +#[cfg(feature = "simd128")] +instantiate! {neon, ml_dsa_generic::instantiations::neon, "Neon Optimised ML-DSA 44"} + +/// Generate an ML-DSA 44 Key Pair +/// +/// Generate an ML-DSA key pair. The input is a byte array of size +/// [`KEY_GENERATION_RANDOMNESS_SIZE`]. +/// +/// This function returns an [`MLDSA44KeyPair`]. +#[cfg(not(eurydice))] +pub fn generate_key_pair(randomness: [u8; KEY_GENERATION_RANDOMNESS_SIZE]) -> MLDSA44KeyPair { + let (signing_key, verification_key) = multiplexing::generate_key_pair::< ROWS_IN_A, COLUMNS_IN_A, ETA, @@ -107,18 +173,18 @@ pub fn generate_key_pair(randomness: [u8; 32]) -> MLDSA44KeyPair { } } -/// Generate an ML-DSA-44 Signature +/// Sign with ML-DSA 44 +/// +/// Sign a `message` with the ML-DSA `signing_key`. +/// +/// This function returns an [`MLDSA44Signature`]. +#[cfg(not(eurydice))] pub fn sign( signing_key: &MLDSA44SigningKey, message: &[u8], randomness: [u8; SIGNING_RANDOMNESS_SIZE], ) -> MLDSA44Signature { - ml_dsa_generic::sign::< - SIMDUnit, // TODO: Multiplex this based on platform detection. - Shake128, - Shake128X4, - Shake256, - Shake256X4, + multiplexing::sign::< ROWS_IN_A, COLUMNS_IN_A, ETA, @@ -137,16 +203,16 @@ pub fn sign( } /// Verify an ML-DSA-44 Signature +/// +/// Returns `Ok` when the `signature` is valid for the `message` and +/// `verification_key`, and a [`VerificationError`] otherwise. +#[cfg(not(eurydice))] pub fn verify( verification_key: &MLDSA44VerificationKey, message: &[u8], signature: &MLDSA44Signature, ) -> Result<(), VerificationError> { - ml_dsa_generic::verify::< - SIMDUnit, // TODO: Multiplex this based on platform detection. - Shake128, - Shake128X4, - Shake256, + multiplexing::verify::< ROWS_IN_A, COLUMNS_IN_A, SIGNATURE_SIZE, diff --git a/libcrux-ml-dsa/src/ml_dsa_65.rs b/libcrux-ml-dsa/src/ml_dsa_65.rs index 285b89d0d..e5e2de977 100644 --- a/libcrux-ml-dsa/src/ml_dsa_65.rs +++ b/libcrux-ml-dsa/src/ml_dsa_65.rs @@ -68,16 +68,13 @@ type SIMDUnit = crate::simd::avx2::AVX2SIMDUnit; #[cfg(not(feature = "simd256"))] type SIMDUnit = crate::simd::portable::PortableSIMDUnit; -// For regular shake128 we only use portable. -type Shake128 = crate::hash_functions::portable::Shake128; - #[cfg(feature = "simd256")] -type Shake128X4 = crate::hash_functions::simd256::Shake128; +type Shake128X4 = crate::hash_functions::simd256::Shake128x4; #[cfg(not(feature = "simd256"))] type Shake128X4 = crate::hash_functions::portable::Shake128X4; #[cfg(feature = "simd256")] -type Shake256X4 = crate::hash_functions::simd256::Shake256X4; +type Shake256X4 = crate::hash_functions::simd256::Shake256x4; #[cfg(not(feature = "simd256"))] type Shake256X4 = crate::hash_functions::portable::Shake256X4; @@ -91,7 +88,6 @@ type Shake256 = crate::hash_functions::portable::Shake256; pub fn generate_key_pair(randomness: [u8; KEY_GENERATION_RANDOMNESS_SIZE]) -> MLDSA65KeyPair { let (signing_key, verification_key) = crate::ml_dsa_generic::generate_key_pair::< SIMDUnit, - Shake128, Shake128X4, Shake256, Shake256X4, @@ -117,7 +113,6 @@ pub fn sign( ) -> MLDSA65Signature { crate::ml_dsa_generic::sign::< SIMDUnit, - Shake128, Shake128X4, Shake256, Shake256X4, @@ -146,7 +141,6 @@ pub fn verify( ) -> Result<(), VerificationError> { crate::ml_dsa_generic::verify::< SIMDUnit, - Shake128, Shake128X4, Shake256, ROWS_IN_A, diff --git a/libcrux-ml-dsa/src/ml_dsa_87.rs b/libcrux-ml-dsa/src/ml_dsa_87.rs index 47840d027..409d6811b 100644 --- a/libcrux-ml-dsa/src/ml_dsa_87.rs +++ b/libcrux-ml-dsa/src/ml_dsa_87.rs @@ -71,16 +71,13 @@ type SIMDUnit = crate::simd::avx2::AVX2SIMDUnit; #[cfg(not(feature = "simd256"))] type SIMDUnit = crate::simd::portable::PortableSIMDUnit; -// For regular shake128 we only use portable. -type Shake128 = crate::hash_functions::portable::Shake128; - #[cfg(feature = "simd256")] -type Shake128X4 = crate::hash_functions::simd256::Shake128; +type Shake128X4 = crate::hash_functions::simd256::Shake128x4; #[cfg(not(feature = "simd256"))] type Shake128X4 = crate::hash_functions::portable::Shake128X4; #[cfg(feature = "simd256")] -type Shake256X4 = crate::hash_functions::simd256::Shake256X4; +type Shake256X4 = crate::hash_functions::simd256::Shake256x4; #[cfg(not(feature = "simd256"))] type Shake256X4 = crate::hash_functions::portable::Shake256X4; @@ -94,7 +91,6 @@ type Shake256 = crate::hash_functions::portable::Shake256; pub fn generate_key_pair(randomness: [u8; 32]) -> MLDSA87KeyPair { let (signing_key, verification_key) = crate::ml_dsa_generic::generate_key_pair::< SIMDUnit, - Shake128, Shake128X4, Shake256, Shake256X4, @@ -120,7 +116,6 @@ pub fn sign( ) -> MLDSA87Signature { crate::ml_dsa_generic::sign::< SIMDUnit, - Shake128, Shake128X4, Shake256, Shake256X4, @@ -149,7 +144,6 @@ pub fn verify( ) -> Result<(), VerificationError> { crate::ml_dsa_generic::verify::< SIMDUnit, - Shake128, Shake128X4, Shake256, ROWS_IN_A, diff --git a/libcrux-ml-dsa/src/ml_dsa_generic.rs b/libcrux-ml-dsa/src/ml_dsa_generic.rs index 7f90a1b3b..ce6e0a757 100644 --- a/libcrux-ml-dsa/src/ml_dsa_generic.rs +++ b/libcrux-ml-dsa/src/ml_dsa_generic.rs @@ -20,6 +20,9 @@ use crate::{ MLDSASignature, }; +pub(crate) mod instantiations; +pub(crate) mod multiplexing; + pub(crate) struct Signature< SIMDUnit: Operations, const COMMITMENT_HASH_SIZE: usize, @@ -31,10 +34,9 @@ pub(crate) struct Signature< pub hint: [[i32; COEFFICIENTS_IN_RING_ELEMENT]; ROWS_IN_A], } -#[allow(non_snake_case)] +/// Generate a key pair. pub(crate) fn generate_key_pair< SIMDUnit: Operations, - Shake128: shake128::Xof, Shake128X4: shake128::XofX4, Shake256: shake256::Xof, Shake256X4: shake256::XofX4, @@ -51,19 +53,19 @@ pub(crate) fn generate_key_pair< let mut seed_expanded = [0; 128]; Shake256::shake256::<128>(&randomness, &mut seed_expanded); - let (seed_for_A, seed_expanded) = seed_expanded.split_at(SEED_FOR_A_SIZE); + let (seed_for_a, seed_expanded) = seed_expanded.split_at(SEED_FOR_A_SIZE); let (seed_for_error_vectors, seed_for_signing) = seed_expanded.split_at(SEED_FOR_ERROR_VECTORS_SIZE); - let A_as_ntt = samplex4::matrix_A::( - into_padded_array(seed_for_A), + let a_as_ntt = samplex4::matrix_A::( + into_padded_array(seed_for_a), ); let (s1, s2) = samplex4::sample_s1_and_s2::( into_padded_array(seed_for_error_vectors), ); - let t = compute_As1_plus_s2::(&A_as_ntt, &s1, &s2); + let t = compute_As1_plus_s2::(&a_as_ntt, &s1, &s2); let (t0, t1) = power2round_vector::(t); @@ -71,7 +73,7 @@ pub(crate) fn generate_key_pair< SIMDUnit, ROWS_IN_A, VERIFICATION_KEY_SIZE, - >(seed_for_A, t1); + >(seed_for_a, t1); let signing_key_serialized = encoding::signing_key::generate_serialized::< SIMDUnit, @@ -82,7 +84,7 @@ pub(crate) fn generate_key_pair< ERROR_RING_ELEMENT_SIZE, SIGNING_KEY_SIZE, >( - seed_for_A, + seed_for_a, seed_for_signing, &verification_key_serialized, s1, @@ -103,7 +105,6 @@ pub enum VerificationError { #[allow(non_snake_case)] pub(crate) fn sign< SIMDUnit: Operations, - Shake128: shake128::Xof, Shake128X4: shake128::XofX4, Shake256: shake256::Xof, Shake256X4: shake256::XofX4, @@ -276,7 +277,6 @@ pub(crate) fn sign< #[allow(non_snake_case)] pub(crate) fn verify< SIMDUnit: Operations, - Shake128: shake128::Xof, Shake128X4: shake128::XofX4, Shake256: shake256::Xof, const ROWS_IN_A: usize, diff --git a/libcrux-ml-dsa/src/ml_dsa_generic/instantiations.rs b/libcrux-ml-dsa/src/ml_dsa_generic/instantiations.rs new file mode 100644 index 000000000..985c6e231 --- /dev/null +++ b/libcrux-ml-dsa/src/ml_dsa_generic/instantiations.rs @@ -0,0 +1,141 @@ +macro_rules! instantiate { + ($modp:ident, $simdunit:path, $shake128x4:path, $shake256:path, $shake256x4:path) => { + pub mod $modp { + use crate::{constants::*, ml_dsa_generic::VerificationError, types::*}; + + /// Generate key pair. + pub(crate) fn generate_key_pair< + const ROWS_IN_A: usize, + const COLUMNS_IN_A: usize, + const ETA: usize, + const ERROR_RING_ELEMENT_SIZE: usize, + const SIGNING_KEY_SIZE: usize, + const VERIFICATION_KEY_SIZE: usize, + >( + randomness: [u8; KEY_GENERATION_RANDOMNESS_SIZE], + ) -> ([u8; SIGNING_KEY_SIZE], [u8; VERIFICATION_KEY_SIZE]) { + crate::ml_dsa_generic::generate_key_pair::< + $simdunit, + $shake128x4, + $shake256, + $shake256x4, + ROWS_IN_A, + COLUMNS_IN_A, + ETA, + ERROR_RING_ELEMENT_SIZE, + SIGNING_KEY_SIZE, + VERIFICATION_KEY_SIZE, + >(randomness) + } + + /// Sign. + pub(crate) fn sign< + const ROWS_IN_A: usize, + const COLUMNS_IN_A: usize, + const ETA: usize, + const ERROR_RING_ELEMENT_SIZE: usize, + const GAMMA1_EXPONENT: usize, + const GAMMA2: i32, + const COMMITMENT_RING_ELEMENT_SIZE: usize, + const COMMITMENT_VECTOR_SIZE: usize, + const COMMITMENT_HASH_SIZE: usize, + const ONES_IN_VERIFIER_CHALLENGE: usize, + const MAX_ONES_IN_HINT: usize, + const GAMMA1_RING_ELEMENT_SIZE: usize, + const SIGNING_KEY_SIZE: usize, + const SIGNATURE_SIZE: usize, + >( + signing_key: &[u8; SIGNING_KEY_SIZE], + message: &[u8], + randomness: [u8; SIGNING_RANDOMNESS_SIZE], + ) -> MLDSASignature { + crate::ml_dsa_generic::sign::< + $simdunit, + $shake128x4, + $shake256, + $shake256x4, + ROWS_IN_A, + COLUMNS_IN_A, + ETA, + ERROR_RING_ELEMENT_SIZE, + GAMMA1_EXPONENT, + GAMMA2, + COMMITMENT_RING_ELEMENT_SIZE, + COMMITMENT_VECTOR_SIZE, + COMMITMENT_HASH_SIZE, + ONES_IN_VERIFIER_CHALLENGE, + MAX_ONES_IN_HINT, + GAMMA1_RING_ELEMENT_SIZE, + SIGNING_KEY_SIZE, + SIGNATURE_SIZE, + >(&signing_key, message, randomness) + } + + /// Verify + pub(crate) fn verify< + const ROWS_IN_A: usize, + const COLUMNS_IN_A: usize, + const SIGNATURE_SIZE: usize, + const VERIFICATION_KEY_SIZE: usize, + const GAMMA1_EXPONENT: usize, + const GAMMA1_RING_ELEMENT_SIZE: usize, + const GAMMA2: i32, + const BETA: i32, + const COMMITMENT_RING_ELEMENT_SIZE: usize, + const COMMITMENT_VECTOR_SIZE: usize, + const COMMITMENT_HASH_SIZE: usize, + const ONES_IN_VERIFIER_CHALLENGE: usize, + const MAX_ONES_IN_HINT: usize, + >( + verification_key: &[u8; VERIFICATION_KEY_SIZE], + message: &[u8], + signature: &[u8; SIGNATURE_SIZE], + ) -> Result<(), VerificationError> { + crate::ml_dsa_generic::verify::< + $simdunit, + $shake128x4, + $shake256, + ROWS_IN_A, + COLUMNS_IN_A, + SIGNATURE_SIZE, + VERIFICATION_KEY_SIZE, + GAMMA1_EXPONENT, + GAMMA1_RING_ELEMENT_SIZE, + GAMMA2, + BETA, + COMMITMENT_RING_ELEMENT_SIZE, + COMMITMENT_VECTOR_SIZE, + COMMITMENT_HASH_SIZE, + ONES_IN_VERIFIER_CHALLENGE, + MAX_ONES_IN_HINT, + >(verification_key, message, signature) + } + } + }; +} + +// Portable generic implementations. +instantiate! {portable, + crate::simd::portable::PortableSIMDUnit, + crate::hash_functions::portable::Shake128X4, + crate::hash_functions::portable::Shake256, + crate::hash_functions::portable::Shake256X4 +} + +// AVX2 generic implementation. +#[cfg(feature = "simd256")] +instantiate! {avx2, + crate::simd::portable::PortableSIMDUnit, + crate::hash_functions::simd256::Shake128x4, + crate::hash_functions::simd256::Shake256, + crate::hash_functions::simd256::Shake256x4 +} + +// NEON generic implementation. +#[cfg(feature = "simd128")] +instantiate! {neon, + crate::simd::portable::PortableSIMDUnit, + crate::hash_functions::neon::Shake128x4, + crate::hash_functions::portable::Shake256, + crate::hash_functions::neon::Shake256x4 +} diff --git a/libcrux-ml-dsa/src/ml_dsa_generic/multiplexing.rs b/libcrux-ml-dsa/src/ml_dsa_generic/multiplexing.rs new file mode 100644 index 000000000..45519e97c --- /dev/null +++ b/libcrux-ml-dsa/src/ml_dsa_generic/multiplexing.rs @@ -0,0 +1,210 @@ +use super::*; +use libcrux_platform; + +// For the case where we didn't compile with the simd128/simd256 features but +// have a CPU that has it and thus tries to call the simd128/simd256 version, +// we fall back to the portable version in this case. + +#[cfg(feature = "simd256")] +use instantiations::avx2::{ + generate_key_pair as generate_key_pair_avx2, sign as sign_avx2, verify as verify_avx2, +}; + +#[cfg(feature = "simd128")] +use instantiations::neon::{ + generate_key_pair as generate_key_pair_neon, sign as sign_neon, verify as verify_neon, +}; + +#[cfg(not(feature = "simd256"))] +use instantiations::portable::{ + generate_key_pair as generate_key_pair_avx2, sign as sign_avx2, verify as verify_avx2, +}; + +#[cfg(not(feature = "simd128"))] +use instantiations::portable::{ + generate_key_pair as generate_key_pair_neon, sign as sign_neon, verify as verify_neon, +}; + +pub(crate) fn generate_key_pair< + const ROWS_IN_A: usize, + const COLUMNS_IN_A: usize, + const ETA: usize, + const ERROR_RING_ELEMENT_SIZE: usize, + const SIGNING_KEY_SIZE: usize, + const VERIFICATION_KEY_SIZE: usize, +>( + randomness: [u8; KEY_GENERATION_RANDOMNESS_SIZE], +) -> ([u8; SIGNING_KEY_SIZE], [u8; VERIFICATION_KEY_SIZE]) { + if libcrux_platform::simd256_support() { + generate_key_pair_avx2::< + ROWS_IN_A, + COLUMNS_IN_A, + ETA, + ERROR_RING_ELEMENT_SIZE, + SIGNING_KEY_SIZE, + VERIFICATION_KEY_SIZE, + >(randomness) + } else if libcrux_platform::simd128_support() { + generate_key_pair_neon::< + ROWS_IN_A, + COLUMNS_IN_A, + ETA, + ERROR_RING_ELEMENT_SIZE, + SIGNING_KEY_SIZE, + VERIFICATION_KEY_SIZE, + >(randomness) + } else { + instantiations::portable::generate_key_pair::< + ROWS_IN_A, + COLUMNS_IN_A, + ETA, + ERROR_RING_ELEMENT_SIZE, + SIGNING_KEY_SIZE, + VERIFICATION_KEY_SIZE, + >(randomness) + } +} + +pub(crate) fn sign< + const ROWS_IN_A: usize, + const COLUMNS_IN_A: usize, + const ETA: usize, + const ERROR_RING_ELEMENT_SIZE: usize, + const GAMMA1_EXPONENT: usize, + const GAMMA2: i32, + const COMMITMENT_RING_ELEMENT_SIZE: usize, + const COMMITMENT_VECTOR_SIZE: usize, + const COMMITMENT_HASH_SIZE: usize, + const ONES_IN_VERIFIER_CHALLENGE: usize, + const MAX_ONES_IN_HINT: usize, + const GAMMA1_RING_ELEMENT_SIZE: usize, + const SIGNING_KEY_SIZE: usize, + const SIGNATURE_SIZE: usize, +>( + signing_key: &[u8; SIGNING_KEY_SIZE], + message: &[u8], + randomness: [u8; SIGNING_RANDOMNESS_SIZE], +) -> MLDSASignature { + if libcrux_platform::simd256_support() { + sign_avx2::< + ROWS_IN_A, + COLUMNS_IN_A, + ETA, + ERROR_RING_ELEMENT_SIZE, + GAMMA1_EXPONENT, + GAMMA2, + COMMITMENT_RING_ELEMENT_SIZE, + COMMITMENT_VECTOR_SIZE, + COMMITMENT_HASH_SIZE, + ONES_IN_VERIFIER_CHALLENGE, + MAX_ONES_IN_HINT, + GAMMA1_RING_ELEMENT_SIZE, + SIGNING_KEY_SIZE, + SIGNATURE_SIZE, + >(signing_key, message, randomness) + } else if libcrux_platform::simd128_support() { + sign_neon::< + ROWS_IN_A, + COLUMNS_IN_A, + ETA, + ERROR_RING_ELEMENT_SIZE, + GAMMA1_EXPONENT, + GAMMA2, + COMMITMENT_RING_ELEMENT_SIZE, + COMMITMENT_VECTOR_SIZE, + COMMITMENT_HASH_SIZE, + ONES_IN_VERIFIER_CHALLENGE, + MAX_ONES_IN_HINT, + GAMMA1_RING_ELEMENT_SIZE, + SIGNING_KEY_SIZE, + SIGNATURE_SIZE, + >(signing_key, message, randomness) + } else { + instantiations::portable::sign::< + ROWS_IN_A, + COLUMNS_IN_A, + ETA, + ERROR_RING_ELEMENT_SIZE, + GAMMA1_EXPONENT, + GAMMA2, + COMMITMENT_RING_ELEMENT_SIZE, + COMMITMENT_VECTOR_SIZE, + COMMITMENT_HASH_SIZE, + ONES_IN_VERIFIER_CHALLENGE, + MAX_ONES_IN_HINT, + GAMMA1_RING_ELEMENT_SIZE, + SIGNING_KEY_SIZE, + SIGNATURE_SIZE, + >(signing_key, message, randomness) + } +} + +pub(crate) fn verify< + const ROWS_IN_A: usize, + const COLUMNS_IN_A: usize, + const SIGNATURE_SIZE: usize, + const VERIFICATION_KEY_SIZE: usize, + const GAMMA1_EXPONENT: usize, + const GAMMA1_RING_ELEMENT_SIZE: usize, + const GAMMA2: i32, + const BETA: i32, + const COMMITMENT_RING_ELEMENT_SIZE: usize, + const COMMITMENT_VECTOR_SIZE: usize, + const COMMITMENT_HASH_SIZE: usize, + const ONES_IN_VERIFIER_CHALLENGE: usize, + const MAX_ONES_IN_HINT: usize, +>( + verification_key_serialized: &[u8; VERIFICATION_KEY_SIZE], + message: &[u8], + signature_serialized: &[u8; SIGNATURE_SIZE], +) -> Result<(), VerificationError> { + if libcrux_platform::simd256_support() { + verify_avx2::< + ROWS_IN_A, + COLUMNS_IN_A, + SIGNATURE_SIZE, + VERIFICATION_KEY_SIZE, + GAMMA1_EXPONENT, + GAMMA1_RING_ELEMENT_SIZE, + GAMMA2, + BETA, + COMMITMENT_RING_ELEMENT_SIZE, + COMMITMENT_VECTOR_SIZE, + COMMITMENT_HASH_SIZE, + ONES_IN_VERIFIER_CHALLENGE, + MAX_ONES_IN_HINT, + >(verification_key_serialized, message, signature_serialized) + } else if libcrux_platform::simd128_support() { + verify_neon::< + ROWS_IN_A, + COLUMNS_IN_A, + SIGNATURE_SIZE, + VERIFICATION_KEY_SIZE, + GAMMA1_EXPONENT, + GAMMA1_RING_ELEMENT_SIZE, + GAMMA2, + BETA, + COMMITMENT_RING_ELEMENT_SIZE, + COMMITMENT_VECTOR_SIZE, + COMMITMENT_HASH_SIZE, + ONES_IN_VERIFIER_CHALLENGE, + MAX_ONES_IN_HINT, + >(verification_key_serialized, message, signature_serialized) + } else { + instantiations::portable::verify::< + ROWS_IN_A, + COLUMNS_IN_A, + SIGNATURE_SIZE, + VERIFICATION_KEY_SIZE, + GAMMA1_EXPONENT, + GAMMA1_RING_ELEMENT_SIZE, + GAMMA2, + BETA, + COMMITMENT_RING_ELEMENT_SIZE, + COMMITMENT_VECTOR_SIZE, + COMMITMENT_HASH_SIZE, + ONES_IN_VERIFIER_CHALLENGE, + MAX_ONES_IN_HINT, + >(verification_key_serialized, message, signature_serialized) + } +} diff --git a/libcrux-ml-dsa/src/sample.rs b/libcrux-ml-dsa/src/sample.rs index e16ca46e4..a2bfcb198 100644 --- a/libcrux-ml-dsa/src/sample.rs +++ b/libcrux-ml-dsa/src/sample.rs @@ -410,7 +410,7 @@ pub(crate) fn sample_mask_vector< seed[65] = (*domain_separator >> 8) as u8; *domain_separator += 1; - // TODO: We may want to do another 4. + // TODO: For 87 we may want to do another 4 and discard 1. mask[i] = sample_mask_ring_element::(seed); } @@ -773,7 +773,7 @@ mod tests { fn test_sample_ring_element_uniform() { test_sample_ring_element_uniform_generic::< simd::avx2::AVX2SIMDUnit, - crate::hash_functions::simd256::Shake128, + crate::hash_functions::simd256::Shake128x4, >(); } @@ -781,7 +781,7 @@ mod tests { fn test_sample_error_ring_element() { test_sample_error_ring_element_generic::< simd::avx2::AVX2SIMDUnit, - hash_functions::simd256::Shake256X4, + hash_functions::simd256::Shake256x4, >(); } diff --git a/libcrux-ml-dsa/tests/nistkats.rs b/libcrux-ml-dsa/tests/nistkats.rs index 98c605495..e37749835 100644 --- a/libcrux-ml-dsa/tests/nistkats.rs +++ b/libcrux-ml-dsa/tests/nistkats.rs @@ -72,6 +72,8 @@ macro_rules! impl_nist_known_answer_tests { }; } +// 44 + impl_nist_known_answer_tests!( nist_known_answer_tests_44, 44, @@ -80,6 +82,34 @@ impl_nist_known_answer_tests!( libcrux_ml_dsa::ml_dsa_44::verify ); +impl_nist_known_answer_tests!( + nist_known_answer_tests_44_portable, + 44, + libcrux_ml_dsa::ml_dsa_44::portable::generate_key_pair, + libcrux_ml_dsa::ml_dsa_44::portable::sign, + libcrux_ml_dsa::ml_dsa_44::portable::verify +); + +#[cfg(feature = "simd128")] +impl_nist_known_answer_tests!( + nist_known_answer_tests_44_simd128, + 44, + libcrux_ml_dsa::ml_dsa_44::neon::generate_key_pair, + libcrux_ml_dsa::ml_dsa_44::neon::sign, + libcrux_ml_dsa::ml_dsa_44::neon::verify +); + +#[cfg(feature = "simd256")] +impl_nist_known_answer_tests!( + nist_known_answer_tests_44_simd256, + 44, + libcrux_ml_dsa::ml_dsa_44::avx2::generate_key_pair, + libcrux_ml_dsa::ml_dsa_44::avx2::sign, + libcrux_ml_dsa::ml_dsa_44::avx2::verify +); + +// 65 + impl_nist_known_answer_tests!( nist_known_answer_tests_65, 65, @@ -88,6 +118,8 @@ impl_nist_known_answer_tests!( libcrux_ml_dsa::ml_dsa_65::verify ); +// 87 + impl_nist_known_answer_tests!( nist_known_answer_tests_87, 87, diff --git a/libcrux-ml-dsa/tests/self.rs b/libcrux-ml-dsa/tests/self.rs index 64ec5a795..8eea70f26 100644 --- a/libcrux-ml-dsa/tests/self.rs +++ b/libcrux-ml-dsa/tests/self.rs @@ -87,24 +87,14 @@ macro_rules! impl_modified_signing_key_test { }; } +// 44 + impl_consistency_test!( consistency_44, ml_dsa_44::generate_key_pair, ml_dsa_44::sign, ml_dsa_44::verify ); -impl_consistency_test!( - consistency_65, - ml_dsa_65::generate_key_pair, - ml_dsa_65::sign, - ml_dsa_65::verify -); -impl_consistency_test!( - consistency_87, - ml_dsa_87::generate_key_pair, - ml_dsa_87::sign, - ml_dsa_87::verify -); impl_modified_signing_key_test!( modified_signing_key_44, @@ -113,6 +103,65 @@ impl_modified_signing_key_test!( ml_dsa_44::sign, ml_dsa_44::verify ); + +impl_consistency_test!( + consistency_44_portable, + ml_dsa_44::portable::generate_key_pair, + ml_dsa_44::portable::sign, + ml_dsa_44::portable::verify +); + +impl_modified_signing_key_test!( + modified_signing_key_44_portable, + ml_dsa_44::portable::generate_key_pair, + ml_dsa_44::MLDSA44SigningKey::len(), + ml_dsa_44::portable::sign, + ml_dsa_44::portable::verify +); + +#[cfg(feature = "simd128")] +impl_consistency_test!( + consistency_44_simd128, + ml_dsa_44::neon::generate_key_pair, + ml_dsa_44::neon::sign, + ml_dsa_44::neon::verify +); + +#[cfg(feature = "simd128")] +impl_modified_signing_key_test!( + modified_signing_key_44_simd128, + ml_dsa_44::neon::generate_key_pair, + ml_dsa_44::MLDSA44SigningKey::len(), + ml_dsa_44::neon::sign, + ml_dsa_44::neon::verify +); + +#[cfg(feature = "simd256")] +impl_consistency_test!( + consistency_44_simd256, + ml_dsa_44::avx2::generate_key_pair, + ml_dsa_44::avx2::sign, + ml_dsa_44::avx2::verify +); + +#[cfg(feature = "simd256")] +impl_modified_signing_key_test!( + modified_signing_key_44_simd256, + ml_dsa_44::avx2::generate_key_pair, + ml_dsa_44::MLDSA44SigningKey::len(), + ml_dsa_44::avx2::sign, + ml_dsa_44::avx2::verify +); + +// 65 + +impl_consistency_test!( + consistency_65, + ml_dsa_65::generate_key_pair, + ml_dsa_65::sign, + ml_dsa_65::verify +); + impl_modified_signing_key_test!( modified_signing_key_65, ml_dsa_65::generate_key_pair, @@ -120,6 +169,16 @@ impl_modified_signing_key_test!( ml_dsa_65::sign, ml_dsa_65::verify ); + +// 87 + +impl_consistency_test!( + consistency_87, + ml_dsa_87::generate_key_pair, + ml_dsa_87::sign, + ml_dsa_87::verify +); + impl_modified_signing_key_test!( modified_signing_key_87, ml_dsa_87::generate_key_pair, diff --git a/libcrux-ml-dsa/tests/wycheproof_sign.rs b/libcrux-ml-dsa/tests/wycheproof_sign.rs index dc83f6058..53fdc78a0 100644 --- a/libcrux-ml-dsa/tests/wycheproof_sign.rs +++ b/libcrux-ml-dsa/tests/wycheproof_sign.rs @@ -66,6 +66,37 @@ macro_rules! wycheproof_sign_test { }; } +// 44 + wycheproof_sign_test!(wycheproof_sign_44, 44, MLDSA44SigningKey, ml_dsa_44::sign); + +wycheproof_sign_test!( + wycheproof_sign_44_portable, + 44, + MLDSA44SigningKey, + ml_dsa_44::portable::sign +); + +#[cfg(feature = "simd128")] +wycheproof_sign_test!( + wycheproof_sign_44_simd128, + 44, + MLDSA44SigningKey, + ml_dsa_44::neon::sign +); + +#[cfg(feature = "simd256")] +wycheproof_sign_test!( + wycheproof_sign_44_simd256, + 44, + MLDSA44SigningKey, + ml_dsa_44::avx2::sign +); + +// 65 + wycheproof_sign_test!(wycheproof_sign_65, 65, MLDSA65SigningKey, ml_dsa_65::sign); + +// 87 + wycheproof_sign_test!(wycheproof_sign_87, 87, MLDSA87SigningKey, ml_dsa_87::sign); diff --git a/libcrux-ml-dsa/tests/wycheproof_verify.rs b/libcrux-ml-dsa/tests/wycheproof_verify.rs index eb2a1e697..9c394a0c4 100644 --- a/libcrux-ml-dsa/tests/wycheproof_verify.rs +++ b/libcrux-ml-dsa/tests/wycheproof_verify.rs @@ -66,6 +66,8 @@ macro_rules! wycheproof_sign_test { }; } +// 44 + wycheproof_sign_test!( wycheproof_sign_44, 44, @@ -73,6 +75,35 @@ wycheproof_sign_test!( ml_dsa_44::MLDSA44Signature, ml_dsa_44::verify ); + +wycheproof_sign_test!( + wycheproof_sign_44_portable, + 44, + ml_dsa_44::MLDSA44VerificationKey, + ml_dsa_44::MLDSA44Signature, + ml_dsa_44::portable::verify +); + +#[cfg(feature = "simd128")] +wycheproof_sign_test!( + wycheproof_sign_44_simd128, + 44, + ml_dsa_44::MLDSA44VerificationKey, + ml_dsa_44::MLDSA44Signature, + ml_dsa_44::neon::verify +); + +#[cfg(feature = "simd256")] +wycheproof_sign_test!( + wycheproof_sign_44_simd256, + 44, + ml_dsa_44::MLDSA44VerificationKey, + ml_dsa_44::MLDSA44Signature, + ml_dsa_44::avx2::verify +); + +// 65 + wycheproof_sign_test!( wycheproof_sign_65, 65, @@ -80,6 +111,9 @@ wycheproof_sign_test!( ml_dsa_65::MLDSA65Signature, ml_dsa_65::verify ); + +// 87 + wycheproof_sign_test!( wycheproof_sign_87, 87, diff --git a/libcrux-ml-kem/c/code_gen.txt b/libcrux-ml-kem/c/code_gen.txt index 2bcf79a2e..dde362958 100644 --- a/libcrux-ml-kem/c/code_gen.txt +++ b/libcrux-ml-kem/c/code_gen.txt @@ -2,5 +2,5 @@ This code was generated with the following revisions: Charon: b351338f6a84c7a1afc27433eb0ffdc668b3581d Eurydice: 7efec1624422fd5e94388ef06b9c76dfe7a48d46 Karamel: c96fb69d15693284644d6aecaa90afa37e4de8f0 -F*: 58c915a86a2c07c8eca8d9deafd76cb7a91f0eb7 -Libcrux: 6ff01fb3c57ff29ecb59bc62d9dc7fd231060cfb +F*: 5643e656b989aca7629723653a2570c7df6252b9-dirty +Libcrux: 99498eed461fa03566e0382b445c77bd2af5b59d diff --git a/libcrux-ml-kem/c/internal/libcrux_core.h b/libcrux-ml-kem/c/internal/libcrux_core.h index 8bb342a00..fac523ae0 100644 --- a/libcrux-ml-kem/c/internal/libcrux_core.h +++ b/libcrux-ml-kem/c/internal/libcrux_core.h @@ -7,8 +7,8 @@ * Charon: b351338f6a84c7a1afc27433eb0ffdc668b3581d * Eurydice: 7efec1624422fd5e94388ef06b9c76dfe7a48d46 * Karamel: c96fb69d15693284644d6aecaa90afa37e4de8f0 - * F*: 58c915a86a2c07c8eca8d9deafd76cb7a91f0eb7 - * Libcrux: 6ff01fb3c57ff29ecb59bc62d9dc7fd231060cfb + * F*: 5643e656b989aca7629723653a2570c7df6252b9-dirty + * Libcrux: 99498eed461fa03566e0382b445c77bd2af5b59d */ #ifndef __internal_libcrux_core_H @@ -69,7 +69,7 @@ A monomorphic instance of libcrux_ml_kem.types.from_b6 with const generics - SIZE= 1568 */ -libcrux_ml_kem_types_MlKemPublicKey_1f libcrux_ml_kem_types_from_b6_961( +libcrux_ml_kem_types_MlKemPublicKey_1f libcrux_ml_kem_types_from_b6_8c1( uint8_t value[1568U]); /** @@ -85,7 +85,7 @@ with const generics - PRIVATE_KEY_SIZE= 3168 - PUBLIC_KEY_SIZE= 1568 */ -libcrux_ml_kem_mlkem1024_MlKem1024KeyPair libcrux_ml_kem_types_from_17_821( +libcrux_ml_kem_mlkem1024_MlKem1024KeyPair libcrux_ml_kem_types_from_17_f61( libcrux_ml_kem_types_MlKemPrivateKey_95 sk, libcrux_ml_kem_types_MlKemPublicKey_1f pk); @@ -98,7 +98,7 @@ A monomorphic instance of libcrux_ml_kem.types.from_05 with const generics - SIZE= 3168 */ -libcrux_ml_kem_types_MlKemPrivateKey_95 libcrux_ml_kem_types_from_05_891( +libcrux_ml_kem_types_MlKemPrivateKey_95 libcrux_ml_kem_types_from_05_9d1( uint8_t value[3168U]); /** @@ -110,7 +110,7 @@ A monomorphic instance of libcrux_ml_kem.types.from_01 with const generics - SIZE= 1568 */ -libcrux_ml_kem_mlkem1024_MlKem1024Ciphertext libcrux_ml_kem_types_from_01_331( +libcrux_ml_kem_mlkem1024_MlKem1024Ciphertext libcrux_ml_kem_types_from_01_131( uint8_t value[1568U]); /** @@ -124,7 +124,7 @@ A monomorphic instance of libcrux_ml_kem.types.as_slice_cb with const generics - SIZE= 1568 */ -uint8_t *libcrux_ml_kem_types_as_slice_cb_3d1( +uint8_t *libcrux_ml_kem_types_as_slice_cb_a91( libcrux_ml_kem_types_MlKemPublicKey_1f *self); /** @@ -136,7 +136,7 @@ A monomorphic instance of libcrux_ml_kem.types.as_ref_00 with const generics - SIZE= 1568 */ -Eurydice_slice libcrux_ml_kem_types_as_ref_00_d81( +Eurydice_slice libcrux_ml_kem_types_as_ref_00_df1( libcrux_ml_kem_mlkem1024_MlKem1024Ciphertext *self); /** @@ -147,7 +147,7 @@ A monomorphic instance of libcrux_ml_kem.utils.into_padded_array with const generics - LEN= 1600 */ -void libcrux_ml_kem_utils_into_padded_array_6d4(Eurydice_slice slice, +void libcrux_ml_kem_utils_into_padded_array_424(Eurydice_slice slice, uint8_t ret[1600U]); /** @@ -159,7 +159,7 @@ A monomorphic instance of libcrux_ml_kem.types.from_b6 with const generics - SIZE= 1184 */ -libcrux_ml_kem_types_MlKemPublicKey_15 libcrux_ml_kem_types_from_b6_960( +libcrux_ml_kem_types_MlKemPublicKey_15 libcrux_ml_kem_types_from_b6_8c0( uint8_t value[1184U]); /** @@ -175,7 +175,7 @@ with const generics - PRIVATE_KEY_SIZE= 2400 - PUBLIC_KEY_SIZE= 1184 */ -libcrux_ml_kem_mlkem768_MlKem768KeyPair libcrux_ml_kem_types_from_17_820( +libcrux_ml_kem_mlkem768_MlKem768KeyPair libcrux_ml_kem_types_from_17_f60( libcrux_ml_kem_types_MlKemPrivateKey_55 sk, libcrux_ml_kem_types_MlKemPublicKey_15 pk); @@ -188,7 +188,7 @@ A monomorphic instance of libcrux_ml_kem.types.from_05 with const generics - SIZE= 2400 */ -libcrux_ml_kem_types_MlKemPrivateKey_55 libcrux_ml_kem_types_from_05_890( +libcrux_ml_kem_types_MlKemPrivateKey_55 libcrux_ml_kem_types_from_05_9d0( uint8_t value[2400U]); /** @@ -200,7 +200,7 @@ A monomorphic instance of libcrux_ml_kem.types.from_01 with const generics - SIZE= 1088 */ -libcrux_ml_kem_mlkem768_MlKem768Ciphertext libcrux_ml_kem_types_from_01_330( +libcrux_ml_kem_mlkem768_MlKem768Ciphertext libcrux_ml_kem_types_from_01_130( uint8_t value[1088U]); /** @@ -214,7 +214,7 @@ A monomorphic instance of libcrux_ml_kem.types.as_slice_cb with const generics - SIZE= 1184 */ -uint8_t *libcrux_ml_kem_types_as_slice_cb_3d0( +uint8_t *libcrux_ml_kem_types_as_slice_cb_a90( libcrux_ml_kem_types_MlKemPublicKey_15 *self); /** @@ -226,7 +226,7 @@ A monomorphic instance of libcrux_ml_kem.types.as_ref_00 with const generics - SIZE= 1088 */ -Eurydice_slice libcrux_ml_kem_types_as_ref_00_d80( +Eurydice_slice libcrux_ml_kem_types_as_ref_00_df0( libcrux_ml_kem_mlkem768_MlKem768Ciphertext *self); /** @@ -237,7 +237,7 @@ A monomorphic instance of libcrux_ml_kem.utils.into_padded_array with const generics - LEN= 1120 */ -void libcrux_ml_kem_utils_into_padded_array_6d3(Eurydice_slice slice, +void libcrux_ml_kem_utils_into_padded_array_423(Eurydice_slice slice, uint8_t ret[1120U]); /** @@ -249,7 +249,7 @@ A monomorphic instance of libcrux_ml_kem.types.from_b6 with const generics - SIZE= 800 */ -libcrux_ml_kem_types_MlKemPublicKey_be libcrux_ml_kem_types_from_b6_96( +libcrux_ml_kem_types_MlKemPublicKey_be libcrux_ml_kem_types_from_b6_8c( uint8_t value[800U]); /** @@ -265,7 +265,7 @@ with const generics - PRIVATE_KEY_SIZE= 1632 - PUBLIC_KEY_SIZE= 800 */ -libcrux_ml_kem_types_MlKemKeyPair_cb libcrux_ml_kem_types_from_17_82( +libcrux_ml_kem_types_MlKemKeyPair_cb libcrux_ml_kem_types_from_17_f6( libcrux_ml_kem_types_MlKemPrivateKey_5e sk, libcrux_ml_kem_types_MlKemPublicKey_be pk); @@ -278,7 +278,7 @@ A monomorphic instance of libcrux_ml_kem.types.from_05 with const generics - SIZE= 1632 */ -libcrux_ml_kem_types_MlKemPrivateKey_5e libcrux_ml_kem_types_from_05_89( +libcrux_ml_kem_types_MlKemPrivateKey_5e libcrux_ml_kem_types_from_05_9d( uint8_t value[1632U]); /** @@ -313,7 +313,7 @@ A monomorphic instance of libcrux_ml_kem.types.from_01 with const generics - SIZE= 768 */ -libcrux_ml_kem_types_MlKemCiphertext_e8 libcrux_ml_kem_types_from_01_33( +libcrux_ml_kem_types_MlKemCiphertext_e8 libcrux_ml_kem_types_from_01_13( uint8_t value[768U]); /** @@ -327,7 +327,7 @@ A monomorphic instance of libcrux_ml_kem.types.as_slice_cb with const generics - SIZE= 800 */ -uint8_t *libcrux_ml_kem_types_as_slice_cb_3d( +uint8_t *libcrux_ml_kem_types_as_slice_cb_a9( libcrux_ml_kem_types_MlKemPublicKey_be *self); /** @@ -338,7 +338,7 @@ A monomorphic instance of libcrux_ml_kem.utils.into_padded_array with const generics - LEN= 33 */ -void libcrux_ml_kem_utils_into_padded_array_6d2(Eurydice_slice slice, +void libcrux_ml_kem_utils_into_padded_array_422(Eurydice_slice slice, uint8_t ret[33U]); /** @@ -349,7 +349,7 @@ A monomorphic instance of libcrux_ml_kem.utils.into_padded_array with const generics - LEN= 34 */ -void libcrux_ml_kem_utils_into_padded_array_6d1(Eurydice_slice slice, +void libcrux_ml_kem_utils_into_padded_array_421(Eurydice_slice slice, uint8_t ret[34U]); /** @@ -361,7 +361,7 @@ A monomorphic instance of libcrux_ml_kem.types.as_ref_00 with const generics - SIZE= 768 */ -Eurydice_slice libcrux_ml_kem_types_as_ref_00_d8( +Eurydice_slice libcrux_ml_kem_types_as_ref_00_df( libcrux_ml_kem_types_MlKemCiphertext_e8 *self); /** @@ -372,7 +372,7 @@ A monomorphic instance of libcrux_ml_kem.utils.into_padded_array with const generics - LEN= 800 */ -void libcrux_ml_kem_utils_into_padded_array_6d0(Eurydice_slice slice, +void libcrux_ml_kem_utils_into_padded_array_420(Eurydice_slice slice, uint8_t ret[800U]); /** @@ -383,7 +383,7 @@ A monomorphic instance of libcrux_ml_kem.utils.into_padded_array with const generics - LEN= 64 */ -void libcrux_ml_kem_utils_into_padded_array_6d(Eurydice_slice slice, +void libcrux_ml_kem_utils_into_padded_array_42(Eurydice_slice slice, uint8_t ret[64U]); /** diff --git a/libcrux-ml-kem/c/internal/libcrux_mlkem_avx2.h b/libcrux-ml-kem/c/internal/libcrux_mlkem_avx2.h index 7564a96ad..7b2cba596 100644 --- a/libcrux-ml-kem/c/internal/libcrux_mlkem_avx2.h +++ b/libcrux-ml-kem/c/internal/libcrux_mlkem_avx2.h @@ -7,8 +7,8 @@ * Charon: b351338f6a84c7a1afc27433eb0ffdc668b3581d * Eurydice: 7efec1624422fd5e94388ef06b9c76dfe7a48d46 * Karamel: c96fb69d15693284644d6aecaa90afa37e4de8f0 - * F*: 58c915a86a2c07c8eca8d9deafd76cb7a91f0eb7 - * Libcrux: 6ff01fb3c57ff29ecb59bc62d9dc7fd231060cfb + * F*: 5643e656b989aca7629723653a2570c7df6252b9-dirty + * Libcrux: 99498eed461fa03566e0382b445c77bd2af5b59d */ #ifndef __internal_libcrux_mlkem_avx2_H @@ -48,7 +48,7 @@ with const generics - RANKED_BYTES_PER_RING_ELEMENT= 1152 - PUBLIC_KEY_SIZE= 1184 */ -bool libcrux_ml_kem_ind_cca_validate_public_key_311(uint8_t *public_key); +bool libcrux_ml_kem_ind_cca_validate_public_key_6e1(uint8_t *public_key); /** Validate an ML-KEM private key. @@ -65,7 +65,7 @@ with const generics - SECRET_KEY_SIZE= 2400 - CIPHERTEXT_SIZE= 1088 */ -bool libcrux_ml_kem_ind_cca_validate_private_key_4e1( +bool libcrux_ml_kem_ind_cca_validate_private_key_fd1( libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *_ciphertext); @@ -91,7 +91,7 @@ with const generics - ETA1_RANDOMNESS_SIZE= 128 */ libcrux_ml_kem_mlkem768_MlKem768KeyPair -libcrux_ml_kem_ind_cca_generate_keypair_5d1(uint8_t randomness[64U]); +libcrux_ml_kem_ind_cca_generate_keypair_611(uint8_t randomness[64U]); /** A monomorphic instance of libcrux_ml_kem.ind_cca.encapsulate @@ -112,7 +112,7 @@ with const generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -tuple_3c libcrux_ml_kem_ind_cca_encapsulate_cf1( +tuple_3c libcrux_ml_kem_ind_cca_encapsulate_ae1( libcrux_ml_kem_types_MlKemPublicKey_15 *public_key, uint8_t randomness[32U]); @@ -138,7 +138,7 @@ with const generics - ETA2_RANDOMNESS_SIZE= 128 - IMPLICIT_REJECTION_HASH_INPUT_SIZE= 1120 */ -void libcrux_ml_kem_ind_cca_decapsulate_a41( +void libcrux_ml_kem_ind_cca_decapsulate_bb1( libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext, uint8_t ret[32U]); @@ -157,7 +157,7 @@ with const generics - RANKED_BYTES_PER_RING_ELEMENT= 1536 - PUBLIC_KEY_SIZE= 1568 */ -bool libcrux_ml_kem_ind_cca_validate_public_key_310(uint8_t *public_key); +bool libcrux_ml_kem_ind_cca_validate_public_key_6e0(uint8_t *public_key); /** Validate an ML-KEM private key. @@ -174,7 +174,7 @@ with const generics - SECRET_KEY_SIZE= 3168 - CIPHERTEXT_SIZE= 1568 */ -bool libcrux_ml_kem_ind_cca_validate_private_key_4e0( +bool libcrux_ml_kem_ind_cca_validate_private_key_fd0( libcrux_ml_kem_types_MlKemPrivateKey_95 *private_key, libcrux_ml_kem_mlkem1024_MlKem1024Ciphertext *_ciphertext); @@ -200,7 +200,7 @@ with const generics - ETA1_RANDOMNESS_SIZE= 128 */ libcrux_ml_kem_mlkem1024_MlKem1024KeyPair -libcrux_ml_kem_ind_cca_generate_keypair_5d0(uint8_t randomness[64U]); +libcrux_ml_kem_ind_cca_generate_keypair_610(uint8_t randomness[64U]); /** A monomorphic instance of libcrux_ml_kem.ind_cca.encapsulate @@ -221,7 +221,7 @@ with const generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -tuple_21 libcrux_ml_kem_ind_cca_encapsulate_cf0( +tuple_21 libcrux_ml_kem_ind_cca_encapsulate_ae0( libcrux_ml_kem_types_MlKemPublicKey_1f *public_key, uint8_t randomness[32U]); @@ -247,7 +247,7 @@ with const generics - ETA2_RANDOMNESS_SIZE= 128 - IMPLICIT_REJECTION_HASH_INPUT_SIZE= 1600 */ -void libcrux_ml_kem_ind_cca_decapsulate_a40( +void libcrux_ml_kem_ind_cca_decapsulate_bb0( libcrux_ml_kem_types_MlKemPrivateKey_95 *private_key, libcrux_ml_kem_mlkem1024_MlKem1024Ciphertext *ciphertext, uint8_t ret[32U]); @@ -266,7 +266,7 @@ with const generics - RANKED_BYTES_PER_RING_ELEMENT= 768 - PUBLIC_KEY_SIZE= 800 */ -bool libcrux_ml_kem_ind_cca_validate_public_key_31(uint8_t *public_key); +bool libcrux_ml_kem_ind_cca_validate_public_key_6e(uint8_t *public_key); /** Validate an ML-KEM private key. @@ -283,7 +283,7 @@ with const generics - SECRET_KEY_SIZE= 1632 - CIPHERTEXT_SIZE= 768 */ -bool libcrux_ml_kem_ind_cca_validate_private_key_4e( +bool libcrux_ml_kem_ind_cca_validate_private_key_fd( libcrux_ml_kem_types_MlKemPrivateKey_5e *private_key, libcrux_ml_kem_types_MlKemCiphertext_e8 *_ciphertext); @@ -308,7 +308,7 @@ with const generics - ETA1= 3 - ETA1_RANDOMNESS_SIZE= 192 */ -libcrux_ml_kem_types_MlKemKeyPair_cb libcrux_ml_kem_ind_cca_generate_keypair_5d( +libcrux_ml_kem_types_MlKemKeyPair_cb libcrux_ml_kem_ind_cca_generate_keypair_61( uint8_t randomness[64U]); /** @@ -330,7 +330,7 @@ with const generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -tuple_ec libcrux_ml_kem_ind_cca_encapsulate_cf( +tuple_ec libcrux_ml_kem_ind_cca_encapsulate_ae( libcrux_ml_kem_types_MlKemPublicKey_be *public_key, uint8_t randomness[32U]); @@ -356,7 +356,7 @@ with const generics - ETA2_RANDOMNESS_SIZE= 128 - IMPLICIT_REJECTION_HASH_INPUT_SIZE= 800 */ -void libcrux_ml_kem_ind_cca_decapsulate_a4( +void libcrux_ml_kem_ind_cca_decapsulate_bb( libcrux_ml_kem_types_MlKemPrivateKey_5e *private_key, libcrux_ml_kem_types_MlKemCiphertext_e8 *ciphertext, uint8_t ret[32U]); diff --git a/libcrux-ml-kem/c/internal/libcrux_mlkem_portable.h b/libcrux-ml-kem/c/internal/libcrux_mlkem_portable.h index 9da52548f..0353b2721 100644 --- a/libcrux-ml-kem/c/internal/libcrux_mlkem_portable.h +++ b/libcrux-ml-kem/c/internal/libcrux_mlkem_portable.h @@ -7,8 +7,8 @@ * Charon: b351338f6a84c7a1afc27433eb0ffdc668b3581d * Eurydice: 7efec1624422fd5e94388ef06b9c76dfe7a48d46 * Karamel: c96fb69d15693284644d6aecaa90afa37e4de8f0 - * F*: 58c915a86a2c07c8eca8d9deafd76cb7a91f0eb7 - * Libcrux: 6ff01fb3c57ff29ecb59bc62d9dc7fd231060cfb + * F*: 5643e656b989aca7629723653a2570c7df6252b9-dirty + * Libcrux: 99498eed461fa03566e0382b445c77bd2af5b59d */ #ifndef __internal_libcrux_mlkem_portable_H @@ -53,7 +53,7 @@ with const generics - RANKED_BYTES_PER_RING_ELEMENT= 1536 - PUBLIC_KEY_SIZE= 1568 */ -bool libcrux_ml_kem_ind_cca_validate_public_key_b71(uint8_t *public_key); +bool libcrux_ml_kem_ind_cca_validate_public_key_7b1(uint8_t *public_key); /** Validate an ML-KEM private key. @@ -70,7 +70,7 @@ with const generics - SECRET_KEY_SIZE= 3168 - CIPHERTEXT_SIZE= 1568 */ -bool libcrux_ml_kem_ind_cca_validate_private_key_dc( +bool libcrux_ml_kem_ind_cca_validate_private_key_be( libcrux_ml_kem_types_MlKemPrivateKey_95 *private_key, libcrux_ml_kem_mlkem1024_MlKem1024Ciphertext *_ciphertext); @@ -96,7 +96,7 @@ libcrux_ml_kem_variant_MlKem with const generics - ETA1_RANDOMNESS_SIZE= 128 */ libcrux_ml_kem_mlkem1024_MlKem1024KeyPair -libcrux_ml_kem_ind_cca_generate_keypair_f61(uint8_t randomness[64U]); +libcrux_ml_kem_ind_cca_generate_keypair_d41(uint8_t randomness[64U]); /** A monomorphic instance of libcrux_ml_kem.ind_cca.encapsulate @@ -117,7 +117,7 @@ libcrux_ml_kem_variant_MlKem with const generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -tuple_21 libcrux_ml_kem_ind_cca_encapsulate_eb1( +tuple_21 libcrux_ml_kem_ind_cca_encapsulate_f41( libcrux_ml_kem_types_MlKemPublicKey_1f *public_key, uint8_t randomness[32U]); @@ -143,7 +143,7 @@ libcrux_ml_kem_variant_MlKem with const generics - ETA2_RANDOMNESS_SIZE= 128 - IMPLICIT_REJECTION_HASH_INPUT_SIZE= 1600 */ -void libcrux_ml_kem_ind_cca_decapsulate_1f1( +void libcrux_ml_kem_ind_cca_decapsulate_641( libcrux_ml_kem_types_MlKemPrivateKey_95 *private_key, libcrux_ml_kem_mlkem1024_MlKem1024Ciphertext *ciphertext, uint8_t ret[32U]); @@ -162,7 +162,7 @@ with const generics - RANKED_BYTES_PER_RING_ELEMENT= 768 - PUBLIC_KEY_SIZE= 800 */ -bool libcrux_ml_kem_ind_cca_validate_public_key_b70(uint8_t *public_key); +bool libcrux_ml_kem_ind_cca_validate_public_key_7b0(uint8_t *public_key); /** Validate an ML-KEM private key. @@ -179,7 +179,7 @@ with const generics - SECRET_KEY_SIZE= 1632 - CIPHERTEXT_SIZE= 768 */ -bool libcrux_ml_kem_ind_cca_validate_private_key_03( +bool libcrux_ml_kem_ind_cca_validate_private_key_db( libcrux_ml_kem_types_MlKemPrivateKey_5e *private_key, libcrux_ml_kem_types_MlKemCiphertext_e8 *_ciphertext); @@ -205,7 +205,7 @@ libcrux_ml_kem_variant_MlKem with const generics - ETA1_RANDOMNESS_SIZE= 192 */ libcrux_ml_kem_types_MlKemKeyPair_cb -libcrux_ml_kem_ind_cca_generate_keypair_f60(uint8_t randomness[64U]); +libcrux_ml_kem_ind_cca_generate_keypair_d40(uint8_t randomness[64U]); /** A monomorphic instance of libcrux_ml_kem.ind_cca.encapsulate @@ -226,7 +226,7 @@ libcrux_ml_kem_variant_MlKem with const generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -tuple_ec libcrux_ml_kem_ind_cca_encapsulate_eb0( +tuple_ec libcrux_ml_kem_ind_cca_encapsulate_f40( libcrux_ml_kem_types_MlKemPublicKey_be *public_key, uint8_t randomness[32U]); @@ -252,7 +252,7 @@ libcrux_ml_kem_variant_MlKem with const generics - ETA2_RANDOMNESS_SIZE= 128 - IMPLICIT_REJECTION_HASH_INPUT_SIZE= 800 */ -void libcrux_ml_kem_ind_cca_decapsulate_1f0( +void libcrux_ml_kem_ind_cca_decapsulate_640( libcrux_ml_kem_types_MlKemPrivateKey_5e *private_key, libcrux_ml_kem_types_MlKemCiphertext_e8 *ciphertext, uint8_t ret[32U]); @@ -271,7 +271,7 @@ with const generics - RANKED_BYTES_PER_RING_ELEMENT= 1152 - PUBLIC_KEY_SIZE= 1184 */ -bool libcrux_ml_kem_ind_cca_validate_public_key_b7(uint8_t *public_key); +bool libcrux_ml_kem_ind_cca_validate_public_key_7b(uint8_t *public_key); /** Validate an ML-KEM private key. @@ -288,7 +288,7 @@ with const generics - SECRET_KEY_SIZE= 2400 - CIPHERTEXT_SIZE= 1088 */ -bool libcrux_ml_kem_ind_cca_validate_private_key_05( +bool libcrux_ml_kem_ind_cca_validate_private_key_c7( libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *_ciphertext); @@ -314,7 +314,7 @@ libcrux_ml_kem_variant_MlKem with const generics - ETA1_RANDOMNESS_SIZE= 128 */ libcrux_ml_kem_mlkem768_MlKem768KeyPair -libcrux_ml_kem_ind_cca_generate_keypair_f6(uint8_t randomness[64U]); +libcrux_ml_kem_ind_cca_generate_keypair_d4(uint8_t randomness[64U]); /** A monomorphic instance of libcrux_ml_kem.ind_cca.encapsulate @@ -335,7 +335,7 @@ libcrux_ml_kem_variant_MlKem with const generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -tuple_3c libcrux_ml_kem_ind_cca_encapsulate_eb( +tuple_3c libcrux_ml_kem_ind_cca_encapsulate_f4( libcrux_ml_kem_types_MlKemPublicKey_15 *public_key, uint8_t randomness[32U]); @@ -361,7 +361,7 @@ libcrux_ml_kem_variant_MlKem with const generics - ETA2_RANDOMNESS_SIZE= 128 - IMPLICIT_REJECTION_HASH_INPUT_SIZE= 1120 */ -void libcrux_ml_kem_ind_cca_decapsulate_1f( +void libcrux_ml_kem_ind_cca_decapsulate_64( libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext, uint8_t ret[32U]); diff --git a/libcrux-ml-kem/c/internal/libcrux_sha3_avx2.h b/libcrux-ml-kem/c/internal/libcrux_sha3_avx2.h index cc0379248..f39f4c3b2 100644 --- a/libcrux-ml-kem/c/internal/libcrux_sha3_avx2.h +++ b/libcrux-ml-kem/c/internal/libcrux_sha3_avx2.h @@ -7,8 +7,8 @@ * Charon: b351338f6a84c7a1afc27433eb0ffdc668b3581d * Eurydice: 7efec1624422fd5e94388ef06b9c76dfe7a48d46 * Karamel: c96fb69d15693284644d6aecaa90afa37e4de8f0 - * F*: 58c915a86a2c07c8eca8d9deafd76cb7a91f0eb7 - * Libcrux: 6ff01fb3c57ff29ecb59bc62d9dc7fd231060cfb + * F*: 5643e656b989aca7629723653a2570c7df6252b9-dirty + * Libcrux: 99498eed461fa03566e0382b445c77bd2af5b59d */ #ifndef __internal_libcrux_sha3_avx2_H diff --git a/libcrux-ml-kem/c/internal/libcrux_sha3_internal.h b/libcrux-ml-kem/c/internal/libcrux_sha3_internal.h index 4c2df7a39..a71b1d5fe 100644 --- a/libcrux-ml-kem/c/internal/libcrux_sha3_internal.h +++ b/libcrux-ml-kem/c/internal/libcrux_sha3_internal.h @@ -7,8 +7,8 @@ * Charon: b351338f6a84c7a1afc27433eb0ffdc668b3581d * Eurydice: 7efec1624422fd5e94388ef06b9c76dfe7a48d46 * Karamel: c96fb69d15693284644d6aecaa90afa37e4de8f0 - * F*: 58c915a86a2c07c8eca8d9deafd76cb7a91f0eb7 - * Libcrux: 6ff01fb3c57ff29ecb59bc62d9dc7fd231060cfb + * F*: 5643e656b989aca7629723653a2570c7df6252b9-dirty + * Libcrux: 99498eed461fa03566e0382b445c77bd2af5b59d */ #ifndef __internal_libcrux_sha3_internal_H diff --git a/libcrux-ml-kem/c/libcrux_core.c b/libcrux-ml-kem/c/libcrux_core.c index 2aaca7fae..4713a24f9 100644 --- a/libcrux-ml-kem/c/libcrux_core.c +++ b/libcrux-ml-kem/c/libcrux_core.c @@ -7,8 +7,8 @@ * Charon: b351338f6a84c7a1afc27433eb0ffdc668b3581d * Eurydice: 7efec1624422fd5e94388ef06b9c76dfe7a48d46 * Karamel: c96fb69d15693284644d6aecaa90afa37e4de8f0 - * F*: 58c915a86a2c07c8eca8d9deafd76cb7a91f0eb7 - * Libcrux: 6ff01fb3c57ff29ecb59bc62d9dc7fd231060cfb + * F*: 5643e656b989aca7629723653a2570c7df6252b9-dirty + * Libcrux: 99498eed461fa03566e0382b445c77bd2af5b59d */ #include "internal/libcrux_core.h" @@ -91,7 +91,7 @@ A monomorphic instance of libcrux_ml_kem.types.from_b6 with const generics - SIZE= 1568 */ -libcrux_ml_kem_types_MlKemPublicKey_1f libcrux_ml_kem_types_from_b6_961( +libcrux_ml_kem_types_MlKemPublicKey_1f libcrux_ml_kem_types_from_b6_8c1( uint8_t value[1568U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_value[1568U]; @@ -114,7 +114,7 @@ with const generics - PRIVATE_KEY_SIZE= 3168 - PUBLIC_KEY_SIZE= 1568 */ -libcrux_ml_kem_mlkem1024_MlKem1024KeyPair libcrux_ml_kem_types_from_17_821( +libcrux_ml_kem_mlkem1024_MlKem1024KeyPair libcrux_ml_kem_types_from_17_f61( libcrux_ml_kem_types_MlKemPrivateKey_95 sk, libcrux_ml_kem_types_MlKemPublicKey_1f pk) { return ( @@ -130,7 +130,7 @@ A monomorphic instance of libcrux_ml_kem.types.from_05 with const generics - SIZE= 3168 */ -libcrux_ml_kem_types_MlKemPrivateKey_95 libcrux_ml_kem_types_from_05_891( +libcrux_ml_kem_types_MlKemPrivateKey_95 libcrux_ml_kem_types_from_05_9d1( uint8_t value[3168U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_value[3168U]; @@ -149,7 +149,7 @@ A monomorphic instance of libcrux_ml_kem.types.from_01 with const generics - SIZE= 1568 */ -libcrux_ml_kem_mlkem1024_MlKem1024Ciphertext libcrux_ml_kem_types_from_01_331( +libcrux_ml_kem_mlkem1024_MlKem1024Ciphertext libcrux_ml_kem_types_from_01_131( uint8_t value[1568U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_value[1568U]; @@ -170,7 +170,7 @@ A monomorphic instance of libcrux_ml_kem.types.as_slice_cb with const generics - SIZE= 1568 */ -uint8_t *libcrux_ml_kem_types_as_slice_cb_3d1( +uint8_t *libcrux_ml_kem_types_as_slice_cb_a91( libcrux_ml_kem_types_MlKemPublicKey_1f *self) { return self->value; } @@ -184,7 +184,7 @@ A monomorphic instance of libcrux_ml_kem.types.as_ref_00 with const generics - SIZE= 1568 */ -Eurydice_slice libcrux_ml_kem_types_as_ref_00_d81( +Eurydice_slice libcrux_ml_kem_types_as_ref_00_df1( libcrux_ml_kem_mlkem1024_MlKem1024Ciphertext *self) { return Eurydice_array_to_slice((size_t)1568U, self->value, uint8_t); } @@ -197,7 +197,7 @@ A monomorphic instance of libcrux_ml_kem.utils.into_padded_array with const generics - LEN= 1600 */ -void libcrux_ml_kem_utils_into_padded_array_6d4(Eurydice_slice slice, +void libcrux_ml_kem_utils_into_padded_array_424(Eurydice_slice slice, uint8_t ret[1600U]) { uint8_t out[1600U] = {0U}; uint8_t *uu____0 = out; @@ -217,7 +217,7 @@ A monomorphic instance of libcrux_ml_kem.types.from_b6 with const generics - SIZE= 1184 */ -libcrux_ml_kem_types_MlKemPublicKey_15 libcrux_ml_kem_types_from_b6_960( +libcrux_ml_kem_types_MlKemPublicKey_15 libcrux_ml_kem_types_from_b6_8c0( uint8_t value[1184U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_value[1184U]; @@ -240,7 +240,7 @@ with const generics - PRIVATE_KEY_SIZE= 2400 - PUBLIC_KEY_SIZE= 1184 */ -libcrux_ml_kem_mlkem768_MlKem768KeyPair libcrux_ml_kem_types_from_17_820( +libcrux_ml_kem_mlkem768_MlKem768KeyPair libcrux_ml_kem_types_from_17_f60( libcrux_ml_kem_types_MlKemPrivateKey_55 sk, libcrux_ml_kem_types_MlKemPublicKey_15 pk) { return ( @@ -256,7 +256,7 @@ A monomorphic instance of libcrux_ml_kem.types.from_05 with const generics - SIZE= 2400 */ -libcrux_ml_kem_types_MlKemPrivateKey_55 libcrux_ml_kem_types_from_05_890( +libcrux_ml_kem_types_MlKemPrivateKey_55 libcrux_ml_kem_types_from_05_9d0( uint8_t value[2400U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_value[2400U]; @@ -275,7 +275,7 @@ A monomorphic instance of libcrux_ml_kem.types.from_01 with const generics - SIZE= 1088 */ -libcrux_ml_kem_mlkem768_MlKem768Ciphertext libcrux_ml_kem_types_from_01_330( +libcrux_ml_kem_mlkem768_MlKem768Ciphertext libcrux_ml_kem_types_from_01_130( uint8_t value[1088U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_value[1088U]; @@ -296,7 +296,7 @@ A monomorphic instance of libcrux_ml_kem.types.as_slice_cb with const generics - SIZE= 1184 */ -uint8_t *libcrux_ml_kem_types_as_slice_cb_3d0( +uint8_t *libcrux_ml_kem_types_as_slice_cb_a90( libcrux_ml_kem_types_MlKemPublicKey_15 *self) { return self->value; } @@ -310,7 +310,7 @@ A monomorphic instance of libcrux_ml_kem.types.as_ref_00 with const generics - SIZE= 1088 */ -Eurydice_slice libcrux_ml_kem_types_as_ref_00_d80( +Eurydice_slice libcrux_ml_kem_types_as_ref_00_df0( libcrux_ml_kem_mlkem768_MlKem768Ciphertext *self) { return Eurydice_array_to_slice((size_t)1088U, self->value, uint8_t); } @@ -323,7 +323,7 @@ A monomorphic instance of libcrux_ml_kem.utils.into_padded_array with const generics - LEN= 1120 */ -void libcrux_ml_kem_utils_into_padded_array_6d3(Eurydice_slice slice, +void libcrux_ml_kem_utils_into_padded_array_423(Eurydice_slice slice, uint8_t ret[1120U]) { uint8_t out[1120U] = {0U}; uint8_t *uu____0 = out; @@ -343,7 +343,7 @@ A monomorphic instance of libcrux_ml_kem.types.from_b6 with const generics - SIZE= 800 */ -libcrux_ml_kem_types_MlKemPublicKey_be libcrux_ml_kem_types_from_b6_96( +libcrux_ml_kem_types_MlKemPublicKey_be libcrux_ml_kem_types_from_b6_8c( uint8_t value[800U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_value[800U]; @@ -366,7 +366,7 @@ with const generics - PRIVATE_KEY_SIZE= 1632 - PUBLIC_KEY_SIZE= 800 */ -libcrux_ml_kem_types_MlKemKeyPair_cb libcrux_ml_kem_types_from_17_82( +libcrux_ml_kem_types_MlKemKeyPair_cb libcrux_ml_kem_types_from_17_f6( libcrux_ml_kem_types_MlKemPrivateKey_5e sk, libcrux_ml_kem_types_MlKemPublicKey_be pk) { return (CLITERAL(libcrux_ml_kem_types_MlKemKeyPair_cb){.sk = sk, .pk = pk}); @@ -381,7 +381,7 @@ A monomorphic instance of libcrux_ml_kem.types.from_05 with const generics - SIZE= 1632 */ -libcrux_ml_kem_types_MlKemPrivateKey_5e libcrux_ml_kem_types_from_05_89( +libcrux_ml_kem_types_MlKemPrivateKey_5e libcrux_ml_kem_types_from_05_9d( uint8_t value[1632U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_value[1632U]; @@ -420,7 +420,7 @@ A monomorphic instance of libcrux_ml_kem.types.from_01 with const generics - SIZE= 768 */ -libcrux_ml_kem_types_MlKemCiphertext_e8 libcrux_ml_kem_types_from_01_33( +libcrux_ml_kem_types_MlKemCiphertext_e8 libcrux_ml_kem_types_from_01_13( uint8_t value[768U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_value[768U]; @@ -441,7 +441,7 @@ A monomorphic instance of libcrux_ml_kem.types.as_slice_cb with const generics - SIZE= 800 */ -uint8_t *libcrux_ml_kem_types_as_slice_cb_3d( +uint8_t *libcrux_ml_kem_types_as_slice_cb_a9( libcrux_ml_kem_types_MlKemPublicKey_be *self) { return self->value; } @@ -454,7 +454,7 @@ A monomorphic instance of libcrux_ml_kem.utils.into_padded_array with const generics - LEN= 33 */ -void libcrux_ml_kem_utils_into_padded_array_6d2(Eurydice_slice slice, +void libcrux_ml_kem_utils_into_padded_array_422(Eurydice_slice slice, uint8_t ret[33U]) { uint8_t out[33U] = {0U}; uint8_t *uu____0 = out; @@ -473,7 +473,7 @@ A monomorphic instance of libcrux_ml_kem.utils.into_padded_array with const generics - LEN= 34 */ -void libcrux_ml_kem_utils_into_padded_array_6d1(Eurydice_slice slice, +void libcrux_ml_kem_utils_into_padded_array_421(Eurydice_slice slice, uint8_t ret[34U]) { uint8_t out[34U] = {0U}; uint8_t *uu____0 = out; @@ -493,7 +493,7 @@ A monomorphic instance of libcrux_ml_kem.types.as_ref_00 with const generics - SIZE= 768 */ -Eurydice_slice libcrux_ml_kem_types_as_ref_00_d8( +Eurydice_slice libcrux_ml_kem_types_as_ref_00_df( libcrux_ml_kem_types_MlKemCiphertext_e8 *self) { return Eurydice_array_to_slice((size_t)768U, self->value, uint8_t); } @@ -506,7 +506,7 @@ A monomorphic instance of libcrux_ml_kem.utils.into_padded_array with const generics - LEN= 800 */ -void libcrux_ml_kem_utils_into_padded_array_6d0(Eurydice_slice slice, +void libcrux_ml_kem_utils_into_padded_array_420(Eurydice_slice slice, uint8_t ret[800U]) { uint8_t out[800U] = {0U}; uint8_t *uu____0 = out; @@ -525,7 +525,7 @@ A monomorphic instance of libcrux_ml_kem.utils.into_padded_array with const generics - LEN= 64 */ -void libcrux_ml_kem_utils_into_padded_array_6d(Eurydice_slice slice, +void libcrux_ml_kem_utils_into_padded_array_42(Eurydice_slice slice, uint8_t ret[64U]) { uint8_t out[64U] = {0U}; uint8_t *uu____0 = out; diff --git a/libcrux-ml-kem/c/libcrux_core.h b/libcrux-ml-kem/c/libcrux_core.h index 834cae0c2..e0a6152f9 100644 --- a/libcrux-ml-kem/c/libcrux_core.h +++ b/libcrux-ml-kem/c/libcrux_core.h @@ -7,8 +7,8 @@ * Charon: b351338f6a84c7a1afc27433eb0ffdc668b3581d * Eurydice: 7efec1624422fd5e94388ef06b9c76dfe7a48d46 * Karamel: c96fb69d15693284644d6aecaa90afa37e4de8f0 - * F*: 58c915a86a2c07c8eca8d9deafd76cb7a91f0eb7 - * Libcrux: 6ff01fb3c57ff29ecb59bc62d9dc7fd231060cfb + * F*: 5643e656b989aca7629723653a2570c7df6252b9-dirty + * Libcrux: 99498eed461fa03566e0382b445c77bd2af5b59d */ #ifndef __libcrux_core_H diff --git a/libcrux-ml-kem/c/libcrux_mlkem1024.h b/libcrux-ml-kem/c/libcrux_mlkem1024.h index 841c51e9e..15fe78611 100644 --- a/libcrux-ml-kem/c/libcrux_mlkem1024.h +++ b/libcrux-ml-kem/c/libcrux_mlkem1024.h @@ -7,8 +7,8 @@ * Charon: b351338f6a84c7a1afc27433eb0ffdc668b3581d * Eurydice: 7efec1624422fd5e94388ef06b9c76dfe7a48d46 * Karamel: c96fb69d15693284644d6aecaa90afa37e4de8f0 - * F*: 58c915a86a2c07c8eca8d9deafd76cb7a91f0eb7 - * Libcrux: 6ff01fb3c57ff29ecb59bc62d9dc7fd231060cfb + * F*: 5643e656b989aca7629723653a2570c7df6252b9-dirty + * Libcrux: 99498eed461fa03566e0382b445c77bd2af5b59d */ #ifndef __libcrux_mlkem1024_H diff --git a/libcrux-ml-kem/c/libcrux_mlkem1024_avx2.c b/libcrux-ml-kem/c/libcrux_mlkem1024_avx2.c index a4d0a04de..ec89cbbb1 100644 --- a/libcrux-ml-kem/c/libcrux_mlkem1024_avx2.c +++ b/libcrux-ml-kem/c/libcrux_mlkem1024_avx2.c @@ -7,8 +7,8 @@ * Charon: b351338f6a84c7a1afc27433eb0ffdc668b3581d * Eurydice: 7efec1624422fd5e94388ef06b9c76dfe7a48d46 * Karamel: c96fb69d15693284644d6aecaa90afa37e4de8f0 - * F*: 58c915a86a2c07c8eca8d9deafd76cb7a91f0eb7 - * Libcrux: 6ff01fb3c57ff29ecb59bc62d9dc7fd231060cfb + * F*: 5643e656b989aca7629723653a2570c7df6252b9-dirty + * Libcrux: 99498eed461fa03566e0382b445c77bd2af5b59d */ #include "libcrux_mlkem1024_avx2.h" @@ -38,11 +38,11 @@ with const generics - ETA2_RANDOMNESS_SIZE= 128 - IMPLICIT_REJECTION_HASH_INPUT_SIZE= 1600 */ -static void decapsulate_8a0( +static void decapsulate_470( libcrux_ml_kem_types_MlKemPrivateKey_95 *private_key, libcrux_ml_kem_mlkem1024_MlKem1024Ciphertext *ciphertext, uint8_t ret[32U]) { - libcrux_ml_kem_ind_cca_decapsulate_a40(private_key, ciphertext, ret); + libcrux_ml_kem_ind_cca_decapsulate_bb0(private_key, ciphertext, ret); } /** @@ -56,7 +56,7 @@ void libcrux_ml_kem_mlkem1024_avx2_decapsulate( libcrux_ml_kem_types_MlKemPrivateKey_95 *private_key, libcrux_ml_kem_mlkem1024_MlKem1024Ciphertext *ciphertext, uint8_t ret[32U]) { - decapsulate_8a0(private_key, ciphertext, ret); + decapsulate_470(private_key, ciphertext, ret); } /** @@ -76,14 +76,14 @@ with const generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -static tuple_21 encapsulate_1e0( +static tuple_21 encapsulate_030( libcrux_ml_kem_types_MlKemPublicKey_1f *public_key, uint8_t randomness[32U]) { libcrux_ml_kem_types_MlKemPublicKey_1f *uu____0 = public_key; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness, (size_t)32U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_encapsulate_cf0(uu____0, copy_of_randomness); + return libcrux_ml_kem_ind_cca_encapsulate_ae0(uu____0, copy_of_randomness); } /** @@ -100,7 +100,7 @@ tuple_21 libcrux_ml_kem_mlkem1024_avx2_encapsulate( /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness, (size_t)32U * sizeof(uint8_t)); - return encapsulate_1e0(uu____0, copy_of_randomness); + return encapsulate_030(uu____0, copy_of_randomness); } /** @@ -117,12 +117,12 @@ libcrux_ml_kem.ind_cca.instantiations.avx2.generate_keypair with const generics - ETA1= 2 - ETA1_RANDOMNESS_SIZE= 128 */ -static libcrux_ml_kem_mlkem1024_MlKem1024KeyPair generate_keypair_e50( +static libcrux_ml_kem_mlkem1024_MlKem1024KeyPair generate_keypair_990( uint8_t randomness[64U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[64U]; memcpy(copy_of_randomness, randomness, (size_t)64U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_generate_keypair_5d0(copy_of_randomness); + return libcrux_ml_kem_ind_cca_generate_keypair_610(copy_of_randomness); } /** @@ -133,7 +133,7 @@ libcrux_ml_kem_mlkem1024_avx2_generate_key_pair(uint8_t randomness[64U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[64U]; memcpy(copy_of_randomness, randomness, (size_t)64U * sizeof(uint8_t)); - return generate_keypair_e50(copy_of_randomness); + return generate_keypair_990(copy_of_randomness); } /** @@ -147,10 +147,10 @@ generics - SECRET_KEY_SIZE= 3168 - CIPHERTEXT_SIZE= 1568 */ -static KRML_MUSTINLINE bool validate_private_key_250( +static KRML_MUSTINLINE bool validate_private_key_900( libcrux_ml_kem_types_MlKemPrivateKey_95 *private_key, libcrux_ml_kem_mlkem1024_MlKem1024Ciphertext *ciphertext) { - return libcrux_ml_kem_ind_cca_validate_private_key_4e0(private_key, + return libcrux_ml_kem_ind_cca_validate_private_key_fd0(private_key, ciphertext); } @@ -162,7 +162,7 @@ static KRML_MUSTINLINE bool validate_private_key_250( bool libcrux_ml_kem_mlkem1024_avx2_validate_private_key( libcrux_ml_kem_types_MlKemPrivateKey_95 *private_key, libcrux_ml_kem_mlkem1024_MlKem1024Ciphertext *ciphertext) { - return validate_private_key_250(private_key, ciphertext); + return validate_private_key_900(private_key, ciphertext); } /** @@ -176,8 +176,8 @@ generics - RANKED_BYTES_PER_RING_ELEMENT= 1536 - PUBLIC_KEY_SIZE= 1568 */ -static KRML_MUSTINLINE bool validate_public_key_910(uint8_t *public_key) { - return libcrux_ml_kem_ind_cca_validate_public_key_310(public_key); +static KRML_MUSTINLINE bool validate_public_key_670(uint8_t *public_key) { + return libcrux_ml_kem_ind_cca_validate_public_key_6e0(public_key); } /** @@ -187,5 +187,5 @@ static KRML_MUSTINLINE bool validate_public_key_910(uint8_t *public_key) { */ bool libcrux_ml_kem_mlkem1024_avx2_validate_public_key( libcrux_ml_kem_types_MlKemPublicKey_1f *public_key) { - return validate_public_key_910(public_key->value); + return validate_public_key_670(public_key->value); } diff --git a/libcrux-ml-kem/c/libcrux_mlkem1024_avx2.h b/libcrux-ml-kem/c/libcrux_mlkem1024_avx2.h index 3e6d607aa..07c10744f 100644 --- a/libcrux-ml-kem/c/libcrux_mlkem1024_avx2.h +++ b/libcrux-ml-kem/c/libcrux_mlkem1024_avx2.h @@ -7,8 +7,8 @@ * Charon: b351338f6a84c7a1afc27433eb0ffdc668b3581d * Eurydice: 7efec1624422fd5e94388ef06b9c76dfe7a48d46 * Karamel: c96fb69d15693284644d6aecaa90afa37e4de8f0 - * F*: 58c915a86a2c07c8eca8d9deafd76cb7a91f0eb7 - * Libcrux: 6ff01fb3c57ff29ecb59bc62d9dc7fd231060cfb + * F*: 5643e656b989aca7629723653a2570c7df6252b9-dirty + * Libcrux: 99498eed461fa03566e0382b445c77bd2af5b59d */ #ifndef __libcrux_mlkem1024_avx2_H diff --git a/libcrux-ml-kem/c/libcrux_mlkem1024_portable.c b/libcrux-ml-kem/c/libcrux_mlkem1024_portable.c index 567d45bb5..54ba411c7 100644 --- a/libcrux-ml-kem/c/libcrux_mlkem1024_portable.c +++ b/libcrux-ml-kem/c/libcrux_mlkem1024_portable.c @@ -7,8 +7,8 @@ * Charon: b351338f6a84c7a1afc27433eb0ffdc668b3581d * Eurydice: 7efec1624422fd5e94388ef06b9c76dfe7a48d46 * Karamel: c96fb69d15693284644d6aecaa90afa37e4de8f0 - * F*: 58c915a86a2c07c8eca8d9deafd76cb7a91f0eb7 - * Libcrux: 6ff01fb3c57ff29ecb59bc62d9dc7fd231060cfb + * F*: 5643e656b989aca7629723653a2570c7df6252b9-dirty + * Libcrux: 99498eed461fa03566e0382b445c77bd2af5b59d */ #include "libcrux_mlkem1024_portable.h" @@ -38,11 +38,11 @@ libcrux_ml_kem.ind_cca.instantiations.portable.decapsulate with const generics - ETA2_RANDOMNESS_SIZE= 128 - IMPLICIT_REJECTION_HASH_INPUT_SIZE= 1600 */ -static void decapsulate_671( +static void decapsulate_ce1( libcrux_ml_kem_types_MlKemPrivateKey_95 *private_key, libcrux_ml_kem_mlkem1024_MlKem1024Ciphertext *ciphertext, uint8_t ret[32U]) { - libcrux_ml_kem_ind_cca_decapsulate_1f1(private_key, ciphertext, ret); + libcrux_ml_kem_ind_cca_decapsulate_641(private_key, ciphertext, ret); } /** @@ -56,7 +56,7 @@ void libcrux_ml_kem_mlkem1024_portable_decapsulate( libcrux_ml_kem_types_MlKemPrivateKey_95 *private_key, libcrux_ml_kem_mlkem1024_MlKem1024Ciphertext *ciphertext, uint8_t ret[32U]) { - decapsulate_671(private_key, ciphertext, ret); + decapsulate_ce1(private_key, ciphertext, ret); } /** @@ -76,14 +76,14 @@ libcrux_ml_kem.ind_cca.instantiations.portable.encapsulate with const generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -static tuple_21 encapsulate_021( +static tuple_21 encapsulate_371( libcrux_ml_kem_types_MlKemPublicKey_1f *public_key, uint8_t randomness[32U]) { libcrux_ml_kem_types_MlKemPublicKey_1f *uu____0 = public_key; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness, (size_t)32U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_encapsulate_eb1(uu____0, copy_of_randomness); + return libcrux_ml_kem_ind_cca_encapsulate_f41(uu____0, copy_of_randomness); } /** @@ -100,7 +100,7 @@ tuple_21 libcrux_ml_kem_mlkem1024_portable_encapsulate( /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness, (size_t)32U * sizeof(uint8_t)); - return encapsulate_021(uu____0, copy_of_randomness); + return encapsulate_371(uu____0, copy_of_randomness); } /** @@ -118,12 +118,12 @@ generics - ETA1= 2 - ETA1_RANDOMNESS_SIZE= 128 */ -static libcrux_ml_kem_mlkem1024_MlKem1024KeyPair generate_keypair_871( +static libcrux_ml_kem_mlkem1024_MlKem1024KeyPair generate_keypair_631( uint8_t randomness[64U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[64U]; memcpy(copy_of_randomness, randomness, (size_t)64U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_generate_keypair_f61(copy_of_randomness); + return libcrux_ml_kem_ind_cca_generate_keypair_d41(copy_of_randomness); } /** @@ -134,7 +134,7 @@ libcrux_ml_kem_mlkem1024_portable_generate_key_pair(uint8_t randomness[64U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[64U]; memcpy(copy_of_randomness, randomness, (size_t)64U * sizeof(uint8_t)); - return generate_keypair_871(copy_of_randomness); + return generate_keypair_631(copy_of_randomness); } /** @@ -148,10 +148,10 @@ generics - SECRET_KEY_SIZE= 3168 - CIPHERTEXT_SIZE= 1568 */ -static KRML_MUSTINLINE bool validate_private_key_e81( +static KRML_MUSTINLINE bool validate_private_key_f21( libcrux_ml_kem_types_MlKemPrivateKey_95 *private_key, libcrux_ml_kem_mlkem1024_MlKem1024Ciphertext *ciphertext) { - return libcrux_ml_kem_ind_cca_validate_private_key_dc(private_key, + return libcrux_ml_kem_ind_cca_validate_private_key_be(private_key, ciphertext); } @@ -163,7 +163,7 @@ static KRML_MUSTINLINE bool validate_private_key_e81( bool libcrux_ml_kem_mlkem1024_portable_validate_private_key( libcrux_ml_kem_types_MlKemPrivateKey_95 *private_key, libcrux_ml_kem_mlkem1024_MlKem1024Ciphertext *ciphertext) { - return validate_private_key_e81(private_key, ciphertext); + return validate_private_key_f21(private_key, ciphertext); } /** @@ -177,8 +177,8 @@ generics - RANKED_BYTES_PER_RING_ELEMENT= 1536 - PUBLIC_KEY_SIZE= 1568 */ -static KRML_MUSTINLINE bool validate_public_key_7d1(uint8_t *public_key) { - return libcrux_ml_kem_ind_cca_validate_public_key_b71(public_key); +static KRML_MUSTINLINE bool validate_public_key_d61(uint8_t *public_key) { + return libcrux_ml_kem_ind_cca_validate_public_key_7b1(public_key); } /** @@ -188,5 +188,5 @@ static KRML_MUSTINLINE bool validate_public_key_7d1(uint8_t *public_key) { */ bool libcrux_ml_kem_mlkem1024_portable_validate_public_key( libcrux_ml_kem_types_MlKemPublicKey_1f *public_key) { - return validate_public_key_7d1(public_key->value); + return validate_public_key_d61(public_key->value); } diff --git a/libcrux-ml-kem/c/libcrux_mlkem1024_portable.h b/libcrux-ml-kem/c/libcrux_mlkem1024_portable.h index 23ab356ea..2207e0f1e 100644 --- a/libcrux-ml-kem/c/libcrux_mlkem1024_portable.h +++ b/libcrux-ml-kem/c/libcrux_mlkem1024_portable.h @@ -7,8 +7,8 @@ * Charon: b351338f6a84c7a1afc27433eb0ffdc668b3581d * Eurydice: 7efec1624422fd5e94388ef06b9c76dfe7a48d46 * Karamel: c96fb69d15693284644d6aecaa90afa37e4de8f0 - * F*: 58c915a86a2c07c8eca8d9deafd76cb7a91f0eb7 - * Libcrux: 6ff01fb3c57ff29ecb59bc62d9dc7fd231060cfb + * F*: 5643e656b989aca7629723653a2570c7df6252b9-dirty + * Libcrux: 99498eed461fa03566e0382b445c77bd2af5b59d */ #ifndef __libcrux_mlkem1024_portable_H diff --git a/libcrux-ml-kem/c/libcrux_mlkem512.h b/libcrux-ml-kem/c/libcrux_mlkem512.h index 02ea52467..e955cc307 100644 --- a/libcrux-ml-kem/c/libcrux_mlkem512.h +++ b/libcrux-ml-kem/c/libcrux_mlkem512.h @@ -7,8 +7,8 @@ * Charon: b351338f6a84c7a1afc27433eb0ffdc668b3581d * Eurydice: 7efec1624422fd5e94388ef06b9c76dfe7a48d46 * Karamel: c96fb69d15693284644d6aecaa90afa37e4de8f0 - * F*: 58c915a86a2c07c8eca8d9deafd76cb7a91f0eb7 - * Libcrux: 6ff01fb3c57ff29ecb59bc62d9dc7fd231060cfb + * F*: 5643e656b989aca7629723653a2570c7df6252b9-dirty + * Libcrux: 99498eed461fa03566e0382b445c77bd2af5b59d */ #ifndef __libcrux_mlkem512_H diff --git a/libcrux-ml-kem/c/libcrux_mlkem512_avx2.c b/libcrux-ml-kem/c/libcrux_mlkem512_avx2.c index bed940812..217a6dcf3 100644 --- a/libcrux-ml-kem/c/libcrux_mlkem512_avx2.c +++ b/libcrux-ml-kem/c/libcrux_mlkem512_avx2.c @@ -7,8 +7,8 @@ * Charon: b351338f6a84c7a1afc27433eb0ffdc668b3581d * Eurydice: 7efec1624422fd5e94388ef06b9c76dfe7a48d46 * Karamel: c96fb69d15693284644d6aecaa90afa37e4de8f0 - * F*: 58c915a86a2c07c8eca8d9deafd76cb7a91f0eb7 - * Libcrux: 6ff01fb3c57ff29ecb59bc62d9dc7fd231060cfb + * F*: 5643e656b989aca7629723653a2570c7df6252b9-dirty + * Libcrux: 99498eed461fa03566e0382b445c77bd2af5b59d */ #include "libcrux_mlkem512_avx2.h" @@ -38,10 +38,10 @@ with const generics - ETA2_RANDOMNESS_SIZE= 128 - IMPLICIT_REJECTION_HASH_INPUT_SIZE= 800 */ -static void decapsulate_8a(libcrux_ml_kem_types_MlKemPrivateKey_5e *private_key, +static void decapsulate_47(libcrux_ml_kem_types_MlKemPrivateKey_5e *private_key, libcrux_ml_kem_types_MlKemCiphertext_e8 *ciphertext, uint8_t ret[32U]) { - libcrux_ml_kem_ind_cca_decapsulate_a4(private_key, ciphertext, ret); + libcrux_ml_kem_ind_cca_decapsulate_bb(private_key, ciphertext, ret); } /** @@ -54,7 +54,7 @@ static void decapsulate_8a(libcrux_ml_kem_types_MlKemPrivateKey_5e *private_key, void libcrux_ml_kem_mlkem512_avx2_decapsulate( libcrux_ml_kem_types_MlKemPrivateKey_5e *private_key, libcrux_ml_kem_types_MlKemCiphertext_e8 *ciphertext, uint8_t ret[32U]) { - decapsulate_8a(private_key, ciphertext, ret); + decapsulate_47(private_key, ciphertext, ret); } /** @@ -74,14 +74,14 @@ with const generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -static tuple_ec encapsulate_1e( +static tuple_ec encapsulate_03( libcrux_ml_kem_types_MlKemPublicKey_be *public_key, uint8_t randomness[32U]) { libcrux_ml_kem_types_MlKemPublicKey_be *uu____0 = public_key; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness, (size_t)32U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_encapsulate_cf(uu____0, copy_of_randomness); + return libcrux_ml_kem_ind_cca_encapsulate_ae(uu____0, copy_of_randomness); } /** @@ -98,7 +98,7 @@ tuple_ec libcrux_ml_kem_mlkem512_avx2_encapsulate( /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness, (size_t)32U * sizeof(uint8_t)); - return encapsulate_1e(uu____0, copy_of_randomness); + return encapsulate_03(uu____0, copy_of_randomness); } /** @@ -115,12 +115,12 @@ libcrux_ml_kem.ind_cca.instantiations.avx2.generate_keypair with const generics - ETA1= 3 - ETA1_RANDOMNESS_SIZE= 192 */ -static libcrux_ml_kem_types_MlKemKeyPair_cb generate_keypair_e5( +static libcrux_ml_kem_types_MlKemKeyPair_cb generate_keypair_99( uint8_t randomness[64U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[64U]; memcpy(copy_of_randomness, randomness, (size_t)64U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_generate_keypair_5d(copy_of_randomness); + return libcrux_ml_kem_ind_cca_generate_keypair_61(copy_of_randomness); } /** @@ -131,7 +131,7 @@ libcrux_ml_kem_mlkem512_avx2_generate_key_pair(uint8_t randomness[64U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[64U]; memcpy(copy_of_randomness, randomness, (size_t)64U * sizeof(uint8_t)); - return generate_keypair_e5(copy_of_randomness); + return generate_keypair_99(copy_of_randomness); } /** @@ -145,10 +145,10 @@ generics - SECRET_KEY_SIZE= 1632 - CIPHERTEXT_SIZE= 768 */ -static KRML_MUSTINLINE bool validate_private_key_25( +static KRML_MUSTINLINE bool validate_private_key_90( libcrux_ml_kem_types_MlKemPrivateKey_5e *private_key, libcrux_ml_kem_types_MlKemCiphertext_e8 *ciphertext) { - return libcrux_ml_kem_ind_cca_validate_private_key_4e(private_key, + return libcrux_ml_kem_ind_cca_validate_private_key_fd(private_key, ciphertext); } @@ -160,7 +160,7 @@ static KRML_MUSTINLINE bool validate_private_key_25( bool libcrux_ml_kem_mlkem512_avx2_validate_private_key( libcrux_ml_kem_types_MlKemPrivateKey_5e *private_key, libcrux_ml_kem_types_MlKemCiphertext_e8 *ciphertext) { - return validate_private_key_25(private_key, ciphertext); + return validate_private_key_90(private_key, ciphertext); } /** @@ -174,8 +174,8 @@ generics - RANKED_BYTES_PER_RING_ELEMENT= 768 - PUBLIC_KEY_SIZE= 800 */ -static KRML_MUSTINLINE bool validate_public_key_91(uint8_t *public_key) { - return libcrux_ml_kem_ind_cca_validate_public_key_31(public_key); +static KRML_MUSTINLINE bool validate_public_key_67(uint8_t *public_key) { + return libcrux_ml_kem_ind_cca_validate_public_key_6e(public_key); } /** @@ -185,5 +185,5 @@ static KRML_MUSTINLINE bool validate_public_key_91(uint8_t *public_key) { */ bool libcrux_ml_kem_mlkem512_avx2_validate_public_key( libcrux_ml_kem_types_MlKemPublicKey_be *public_key) { - return validate_public_key_91(public_key->value); + return validate_public_key_67(public_key->value); } diff --git a/libcrux-ml-kem/c/libcrux_mlkem512_avx2.h b/libcrux-ml-kem/c/libcrux_mlkem512_avx2.h index 2aab23be0..1a7f83ca6 100644 --- a/libcrux-ml-kem/c/libcrux_mlkem512_avx2.h +++ b/libcrux-ml-kem/c/libcrux_mlkem512_avx2.h @@ -7,8 +7,8 @@ * Charon: b351338f6a84c7a1afc27433eb0ffdc668b3581d * Eurydice: 7efec1624422fd5e94388ef06b9c76dfe7a48d46 * Karamel: c96fb69d15693284644d6aecaa90afa37e4de8f0 - * F*: 58c915a86a2c07c8eca8d9deafd76cb7a91f0eb7 - * Libcrux: 6ff01fb3c57ff29ecb59bc62d9dc7fd231060cfb + * F*: 5643e656b989aca7629723653a2570c7df6252b9-dirty + * Libcrux: 99498eed461fa03566e0382b445c77bd2af5b59d */ #ifndef __libcrux_mlkem512_avx2_H diff --git a/libcrux-ml-kem/c/libcrux_mlkem512_portable.c b/libcrux-ml-kem/c/libcrux_mlkem512_portable.c index d03204616..b77e15702 100644 --- a/libcrux-ml-kem/c/libcrux_mlkem512_portable.c +++ b/libcrux-ml-kem/c/libcrux_mlkem512_portable.c @@ -7,8 +7,8 @@ * Charon: b351338f6a84c7a1afc27433eb0ffdc668b3581d * Eurydice: 7efec1624422fd5e94388ef06b9c76dfe7a48d46 * Karamel: c96fb69d15693284644d6aecaa90afa37e4de8f0 - * F*: 58c915a86a2c07c8eca8d9deafd76cb7a91f0eb7 - * Libcrux: 6ff01fb3c57ff29ecb59bc62d9dc7fd231060cfb + * F*: 5643e656b989aca7629723653a2570c7df6252b9-dirty + * Libcrux: 99498eed461fa03566e0382b445c77bd2af5b59d */ #include "libcrux_mlkem512_portable.h" @@ -38,10 +38,10 @@ libcrux_ml_kem.ind_cca.instantiations.portable.decapsulate with const generics - ETA2_RANDOMNESS_SIZE= 128 - IMPLICIT_REJECTION_HASH_INPUT_SIZE= 800 */ -static void decapsulate_670( +static void decapsulate_ce0( libcrux_ml_kem_types_MlKemPrivateKey_5e *private_key, libcrux_ml_kem_types_MlKemCiphertext_e8 *ciphertext, uint8_t ret[32U]) { - libcrux_ml_kem_ind_cca_decapsulate_1f0(private_key, ciphertext, ret); + libcrux_ml_kem_ind_cca_decapsulate_640(private_key, ciphertext, ret); } /** @@ -54,7 +54,7 @@ static void decapsulate_670( void libcrux_ml_kem_mlkem512_portable_decapsulate( libcrux_ml_kem_types_MlKemPrivateKey_5e *private_key, libcrux_ml_kem_types_MlKemCiphertext_e8 *ciphertext, uint8_t ret[32U]) { - decapsulate_670(private_key, ciphertext, ret); + decapsulate_ce0(private_key, ciphertext, ret); } /** @@ -74,14 +74,14 @@ libcrux_ml_kem.ind_cca.instantiations.portable.encapsulate with const generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -static tuple_ec encapsulate_020( +static tuple_ec encapsulate_370( libcrux_ml_kem_types_MlKemPublicKey_be *public_key, uint8_t randomness[32U]) { libcrux_ml_kem_types_MlKemPublicKey_be *uu____0 = public_key; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness, (size_t)32U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_encapsulate_eb0(uu____0, copy_of_randomness); + return libcrux_ml_kem_ind_cca_encapsulate_f40(uu____0, copy_of_randomness); } /** @@ -98,7 +98,7 @@ tuple_ec libcrux_ml_kem_mlkem512_portable_encapsulate( /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness, (size_t)32U * sizeof(uint8_t)); - return encapsulate_020(uu____0, copy_of_randomness); + return encapsulate_370(uu____0, copy_of_randomness); } /** @@ -116,12 +116,12 @@ generics - ETA1= 3 - ETA1_RANDOMNESS_SIZE= 192 */ -static libcrux_ml_kem_types_MlKemKeyPair_cb generate_keypair_870( +static libcrux_ml_kem_types_MlKemKeyPair_cb generate_keypair_630( uint8_t randomness[64U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[64U]; memcpy(copy_of_randomness, randomness, (size_t)64U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_generate_keypair_f60(copy_of_randomness); + return libcrux_ml_kem_ind_cca_generate_keypair_d40(copy_of_randomness); } /** @@ -132,7 +132,7 @@ libcrux_ml_kem_mlkem512_portable_generate_key_pair(uint8_t randomness[64U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[64U]; memcpy(copy_of_randomness, randomness, (size_t)64U * sizeof(uint8_t)); - return generate_keypair_870(copy_of_randomness); + return generate_keypair_630(copy_of_randomness); } /** @@ -146,10 +146,10 @@ generics - SECRET_KEY_SIZE= 1632 - CIPHERTEXT_SIZE= 768 */ -static KRML_MUSTINLINE bool validate_private_key_e80( +static KRML_MUSTINLINE bool validate_private_key_f20( libcrux_ml_kem_types_MlKemPrivateKey_5e *private_key, libcrux_ml_kem_types_MlKemCiphertext_e8 *ciphertext) { - return libcrux_ml_kem_ind_cca_validate_private_key_03(private_key, + return libcrux_ml_kem_ind_cca_validate_private_key_db(private_key, ciphertext); } @@ -161,7 +161,7 @@ static KRML_MUSTINLINE bool validate_private_key_e80( bool libcrux_ml_kem_mlkem512_portable_validate_private_key( libcrux_ml_kem_types_MlKemPrivateKey_5e *private_key, libcrux_ml_kem_types_MlKemCiphertext_e8 *ciphertext) { - return validate_private_key_e80(private_key, ciphertext); + return validate_private_key_f20(private_key, ciphertext); } /** @@ -175,8 +175,8 @@ generics - RANKED_BYTES_PER_RING_ELEMENT= 768 - PUBLIC_KEY_SIZE= 800 */ -static KRML_MUSTINLINE bool validate_public_key_7d0(uint8_t *public_key) { - return libcrux_ml_kem_ind_cca_validate_public_key_b70(public_key); +static KRML_MUSTINLINE bool validate_public_key_d60(uint8_t *public_key) { + return libcrux_ml_kem_ind_cca_validate_public_key_7b0(public_key); } /** @@ -186,5 +186,5 @@ static KRML_MUSTINLINE bool validate_public_key_7d0(uint8_t *public_key) { */ bool libcrux_ml_kem_mlkem512_portable_validate_public_key( libcrux_ml_kem_types_MlKemPublicKey_be *public_key) { - return validate_public_key_7d0(public_key->value); + return validate_public_key_d60(public_key->value); } diff --git a/libcrux-ml-kem/c/libcrux_mlkem512_portable.h b/libcrux-ml-kem/c/libcrux_mlkem512_portable.h index 5a413af62..e0e40f336 100644 --- a/libcrux-ml-kem/c/libcrux_mlkem512_portable.h +++ b/libcrux-ml-kem/c/libcrux_mlkem512_portable.h @@ -7,8 +7,8 @@ * Charon: b351338f6a84c7a1afc27433eb0ffdc668b3581d * Eurydice: 7efec1624422fd5e94388ef06b9c76dfe7a48d46 * Karamel: c96fb69d15693284644d6aecaa90afa37e4de8f0 - * F*: 58c915a86a2c07c8eca8d9deafd76cb7a91f0eb7 - * Libcrux: 6ff01fb3c57ff29ecb59bc62d9dc7fd231060cfb + * F*: 5643e656b989aca7629723653a2570c7df6252b9-dirty + * Libcrux: 99498eed461fa03566e0382b445c77bd2af5b59d */ #ifndef __libcrux_mlkem512_portable_H diff --git a/libcrux-ml-kem/c/libcrux_mlkem768.h b/libcrux-ml-kem/c/libcrux_mlkem768.h index 02ccf2b06..c18af1445 100644 --- a/libcrux-ml-kem/c/libcrux_mlkem768.h +++ b/libcrux-ml-kem/c/libcrux_mlkem768.h @@ -7,8 +7,8 @@ * Charon: b351338f6a84c7a1afc27433eb0ffdc668b3581d * Eurydice: 7efec1624422fd5e94388ef06b9c76dfe7a48d46 * Karamel: c96fb69d15693284644d6aecaa90afa37e4de8f0 - * F*: 58c915a86a2c07c8eca8d9deafd76cb7a91f0eb7 - * Libcrux: 6ff01fb3c57ff29ecb59bc62d9dc7fd231060cfb + * F*: 5643e656b989aca7629723653a2570c7df6252b9-dirty + * Libcrux: 99498eed461fa03566e0382b445c77bd2af5b59d */ #ifndef __libcrux_mlkem768_H diff --git a/libcrux-ml-kem/c/libcrux_mlkem768_avx2.c b/libcrux-ml-kem/c/libcrux_mlkem768_avx2.c index c3ba6c4e9..0f50bb03b 100644 --- a/libcrux-ml-kem/c/libcrux_mlkem768_avx2.c +++ b/libcrux-ml-kem/c/libcrux_mlkem768_avx2.c @@ -7,8 +7,8 @@ * Charon: b351338f6a84c7a1afc27433eb0ffdc668b3581d * Eurydice: 7efec1624422fd5e94388ef06b9c76dfe7a48d46 * Karamel: c96fb69d15693284644d6aecaa90afa37e4de8f0 - * F*: 58c915a86a2c07c8eca8d9deafd76cb7a91f0eb7 - * Libcrux: 6ff01fb3c57ff29ecb59bc62d9dc7fd231060cfb + * F*: 5643e656b989aca7629723653a2570c7df6252b9-dirty + * Libcrux: 99498eed461fa03566e0382b445c77bd2af5b59d */ #include "libcrux_mlkem768_avx2.h" @@ -38,10 +38,10 @@ with const generics - ETA2_RANDOMNESS_SIZE= 128 - IMPLICIT_REJECTION_HASH_INPUT_SIZE= 1120 */ -static void decapsulate_8a1( +static void decapsulate_471( libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext, uint8_t ret[32U]) { - libcrux_ml_kem_ind_cca_decapsulate_a41(private_key, ciphertext, ret); + libcrux_ml_kem_ind_cca_decapsulate_bb1(private_key, ciphertext, ret); } /** @@ -54,7 +54,7 @@ static void decapsulate_8a1( void libcrux_ml_kem_mlkem768_avx2_decapsulate( libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext, uint8_t ret[32U]) { - decapsulate_8a1(private_key, ciphertext, ret); + decapsulate_471(private_key, ciphertext, ret); } /** @@ -74,14 +74,14 @@ with const generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -static tuple_3c encapsulate_1e1( +static tuple_3c encapsulate_031( libcrux_ml_kem_types_MlKemPublicKey_15 *public_key, uint8_t randomness[32U]) { libcrux_ml_kem_types_MlKemPublicKey_15 *uu____0 = public_key; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness, (size_t)32U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_encapsulate_cf1(uu____0, copy_of_randomness); + return libcrux_ml_kem_ind_cca_encapsulate_ae1(uu____0, copy_of_randomness); } /** @@ -98,7 +98,7 @@ tuple_3c libcrux_ml_kem_mlkem768_avx2_encapsulate( /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness, (size_t)32U * sizeof(uint8_t)); - return encapsulate_1e1(uu____0, copy_of_randomness); + return encapsulate_031(uu____0, copy_of_randomness); } /** @@ -115,12 +115,12 @@ libcrux_ml_kem.ind_cca.instantiations.avx2.generate_keypair with const generics - ETA1= 2 - ETA1_RANDOMNESS_SIZE= 128 */ -static libcrux_ml_kem_mlkem768_MlKem768KeyPair generate_keypair_e51( +static libcrux_ml_kem_mlkem768_MlKem768KeyPair generate_keypair_991( uint8_t randomness[64U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[64U]; memcpy(copy_of_randomness, randomness, (size_t)64U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_generate_keypair_5d1(copy_of_randomness); + return libcrux_ml_kem_ind_cca_generate_keypair_611(copy_of_randomness); } /** @@ -131,7 +131,7 @@ libcrux_ml_kem_mlkem768_avx2_generate_key_pair(uint8_t randomness[64U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[64U]; memcpy(copy_of_randomness, randomness, (size_t)64U * sizeof(uint8_t)); - return generate_keypair_e51(copy_of_randomness); + return generate_keypair_991(copy_of_randomness); } /** @@ -145,10 +145,10 @@ generics - SECRET_KEY_SIZE= 2400 - CIPHERTEXT_SIZE= 1088 */ -static KRML_MUSTINLINE bool validate_private_key_251( +static KRML_MUSTINLINE bool validate_private_key_901( libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext) { - return libcrux_ml_kem_ind_cca_validate_private_key_4e1(private_key, + return libcrux_ml_kem_ind_cca_validate_private_key_fd1(private_key, ciphertext); } @@ -160,7 +160,7 @@ static KRML_MUSTINLINE bool validate_private_key_251( bool libcrux_ml_kem_mlkem768_avx2_validate_private_key( libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext) { - return validate_private_key_251(private_key, ciphertext); + return validate_private_key_901(private_key, ciphertext); } /** @@ -174,8 +174,8 @@ generics - RANKED_BYTES_PER_RING_ELEMENT= 1152 - PUBLIC_KEY_SIZE= 1184 */ -static KRML_MUSTINLINE bool validate_public_key_911(uint8_t *public_key) { - return libcrux_ml_kem_ind_cca_validate_public_key_311(public_key); +static KRML_MUSTINLINE bool validate_public_key_671(uint8_t *public_key) { + return libcrux_ml_kem_ind_cca_validate_public_key_6e1(public_key); } /** @@ -185,5 +185,5 @@ static KRML_MUSTINLINE bool validate_public_key_911(uint8_t *public_key) { */ bool libcrux_ml_kem_mlkem768_avx2_validate_public_key( libcrux_ml_kem_types_MlKemPublicKey_15 *public_key) { - return validate_public_key_911(public_key->value); + return validate_public_key_671(public_key->value); } diff --git a/libcrux-ml-kem/c/libcrux_mlkem768_avx2.h b/libcrux-ml-kem/c/libcrux_mlkem768_avx2.h index 6d98df841..aeb4d0450 100644 --- a/libcrux-ml-kem/c/libcrux_mlkem768_avx2.h +++ b/libcrux-ml-kem/c/libcrux_mlkem768_avx2.h @@ -7,8 +7,8 @@ * Charon: b351338f6a84c7a1afc27433eb0ffdc668b3581d * Eurydice: 7efec1624422fd5e94388ef06b9c76dfe7a48d46 * Karamel: c96fb69d15693284644d6aecaa90afa37e4de8f0 - * F*: 58c915a86a2c07c8eca8d9deafd76cb7a91f0eb7 - * Libcrux: 6ff01fb3c57ff29ecb59bc62d9dc7fd231060cfb + * F*: 5643e656b989aca7629723653a2570c7df6252b9-dirty + * Libcrux: 99498eed461fa03566e0382b445c77bd2af5b59d */ #ifndef __libcrux_mlkem768_avx2_H diff --git a/libcrux-ml-kem/c/libcrux_mlkem768_portable.c b/libcrux-ml-kem/c/libcrux_mlkem768_portable.c index c677d78d5..4c862d52c 100644 --- a/libcrux-ml-kem/c/libcrux_mlkem768_portable.c +++ b/libcrux-ml-kem/c/libcrux_mlkem768_portable.c @@ -7,8 +7,8 @@ * Charon: b351338f6a84c7a1afc27433eb0ffdc668b3581d * Eurydice: 7efec1624422fd5e94388ef06b9c76dfe7a48d46 * Karamel: c96fb69d15693284644d6aecaa90afa37e4de8f0 - * F*: 58c915a86a2c07c8eca8d9deafd76cb7a91f0eb7 - * Libcrux: 6ff01fb3c57ff29ecb59bc62d9dc7fd231060cfb + * F*: 5643e656b989aca7629723653a2570c7df6252b9-dirty + * Libcrux: 99498eed461fa03566e0382b445c77bd2af5b59d */ #include "libcrux_mlkem768_portable.h" @@ -38,10 +38,10 @@ libcrux_ml_kem.ind_cca.instantiations.portable.decapsulate with const generics - ETA2_RANDOMNESS_SIZE= 128 - IMPLICIT_REJECTION_HASH_INPUT_SIZE= 1120 */ -static void decapsulate_67( +static void decapsulate_ce( libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext, uint8_t ret[32U]) { - libcrux_ml_kem_ind_cca_decapsulate_1f(private_key, ciphertext, ret); + libcrux_ml_kem_ind_cca_decapsulate_64(private_key, ciphertext, ret); } /** @@ -54,7 +54,7 @@ static void decapsulate_67( void libcrux_ml_kem_mlkem768_portable_decapsulate( libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext, uint8_t ret[32U]) { - decapsulate_67(private_key, ciphertext, ret); + decapsulate_ce(private_key, ciphertext, ret); } /** @@ -74,14 +74,14 @@ libcrux_ml_kem.ind_cca.instantiations.portable.encapsulate with const generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -static tuple_3c encapsulate_02( +static tuple_3c encapsulate_37( libcrux_ml_kem_types_MlKemPublicKey_15 *public_key, uint8_t randomness[32U]) { libcrux_ml_kem_types_MlKemPublicKey_15 *uu____0 = public_key; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness, (size_t)32U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_encapsulate_eb(uu____0, copy_of_randomness); + return libcrux_ml_kem_ind_cca_encapsulate_f4(uu____0, copy_of_randomness); } /** @@ -98,7 +98,7 @@ tuple_3c libcrux_ml_kem_mlkem768_portable_encapsulate( /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness, (size_t)32U * sizeof(uint8_t)); - return encapsulate_02(uu____0, copy_of_randomness); + return encapsulate_37(uu____0, copy_of_randomness); } /** @@ -116,12 +116,12 @@ generics - ETA1= 2 - ETA1_RANDOMNESS_SIZE= 128 */ -static libcrux_ml_kem_mlkem768_MlKem768KeyPair generate_keypair_87( +static libcrux_ml_kem_mlkem768_MlKem768KeyPair generate_keypair_63( uint8_t randomness[64U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[64U]; memcpy(copy_of_randomness, randomness, (size_t)64U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_generate_keypair_f6(copy_of_randomness); + return libcrux_ml_kem_ind_cca_generate_keypair_d4(copy_of_randomness); } /** @@ -132,7 +132,7 @@ libcrux_ml_kem_mlkem768_portable_generate_key_pair(uint8_t randomness[64U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[64U]; memcpy(copy_of_randomness, randomness, (size_t)64U * sizeof(uint8_t)); - return generate_keypair_87(copy_of_randomness); + return generate_keypair_63(copy_of_randomness); } /** @@ -146,10 +146,10 @@ generics - SECRET_KEY_SIZE= 2400 - CIPHERTEXT_SIZE= 1088 */ -static KRML_MUSTINLINE bool validate_private_key_e8( +static KRML_MUSTINLINE bool validate_private_key_f2( libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext) { - return libcrux_ml_kem_ind_cca_validate_private_key_05(private_key, + return libcrux_ml_kem_ind_cca_validate_private_key_c7(private_key, ciphertext); } @@ -161,7 +161,7 @@ static KRML_MUSTINLINE bool validate_private_key_e8( bool libcrux_ml_kem_mlkem768_portable_validate_private_key( libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext) { - return validate_private_key_e8(private_key, ciphertext); + return validate_private_key_f2(private_key, ciphertext); } /** @@ -175,8 +175,8 @@ generics - RANKED_BYTES_PER_RING_ELEMENT= 1152 - PUBLIC_KEY_SIZE= 1184 */ -static KRML_MUSTINLINE bool validate_public_key_7d(uint8_t *public_key) { - return libcrux_ml_kem_ind_cca_validate_public_key_b7(public_key); +static KRML_MUSTINLINE bool validate_public_key_d6(uint8_t *public_key) { + return libcrux_ml_kem_ind_cca_validate_public_key_7b(public_key); } /** @@ -186,5 +186,5 @@ static KRML_MUSTINLINE bool validate_public_key_7d(uint8_t *public_key) { */ bool libcrux_ml_kem_mlkem768_portable_validate_public_key( libcrux_ml_kem_types_MlKemPublicKey_15 *public_key) { - return validate_public_key_7d(public_key->value); + return validate_public_key_d6(public_key->value); } diff --git a/libcrux-ml-kem/c/libcrux_mlkem768_portable.h b/libcrux-ml-kem/c/libcrux_mlkem768_portable.h index 1a6be3e82..15f45f131 100644 --- a/libcrux-ml-kem/c/libcrux_mlkem768_portable.h +++ b/libcrux-ml-kem/c/libcrux_mlkem768_portable.h @@ -7,8 +7,8 @@ * Charon: b351338f6a84c7a1afc27433eb0ffdc668b3581d * Eurydice: 7efec1624422fd5e94388ef06b9c76dfe7a48d46 * Karamel: c96fb69d15693284644d6aecaa90afa37e4de8f0 - * F*: 58c915a86a2c07c8eca8d9deafd76cb7a91f0eb7 - * Libcrux: 6ff01fb3c57ff29ecb59bc62d9dc7fd231060cfb + * F*: 5643e656b989aca7629723653a2570c7df6252b9-dirty + * Libcrux: 99498eed461fa03566e0382b445c77bd2af5b59d */ #ifndef __libcrux_mlkem768_portable_H diff --git a/libcrux-ml-kem/c/libcrux_mlkem_avx2.c b/libcrux-ml-kem/c/libcrux_mlkem_avx2.c index 934de1b6b..e7386e0d0 100644 --- a/libcrux-ml-kem/c/libcrux_mlkem_avx2.c +++ b/libcrux-ml-kem/c/libcrux_mlkem_avx2.c @@ -7,8 +7,8 @@ * Charon: b351338f6a84c7a1afc27433eb0ffdc668b3581d * Eurydice: 7efec1624422fd5e94388ef06b9c76dfe7a48d46 * Karamel: c96fb69d15693284644d6aecaa90afa37e4de8f0 - * F*: 58c915a86a2c07c8eca8d9deafd76cb7a91f0eb7 - * Libcrux: 6ff01fb3c57ff29ecb59bc62d9dc7fd231060cfb + * F*: 5643e656b989aca7629723653a2570c7df6252b9-dirty + * Libcrux: 99498eed461fa03566e0382b445c77bd2af5b59d */ #include "internal/libcrux_mlkem_avx2.h" @@ -1035,7 +1035,7 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ -static libcrux_ml_kem_polynomial_PolynomialRingElement_d2 ZERO_89_9f(void) { +static libcrux_ml_kem_polynomial_PolynomialRingElement_d2 ZERO_89_7d(void) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 lit; lit.coefficients[0U] = libcrux_ml_kem_vector_avx2_ZERO_ea(); lit.coefficients[1U] = libcrux_ml_kem_vector_avx2_ZERO_ea(); @@ -1069,8 +1069,8 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -deserialize_to_reduced_ring_element_4d(Eurydice_slice serialized) { - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 re = ZERO_89_9f(); +deserialize_to_reduced_ring_element_d0(Eurydice_slice serialized) { + libcrux_ml_kem_polynomial_PolynomialRingElement_d2 re = ZERO_89_7d(); for (size_t i = (size_t)0U; i < Eurydice_slice_len(serialized, uint8_t) / (size_t)24U; i++) { size_t i0 = i; @@ -1096,12 +1096,12 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - PUBLIC_KEY_SIZE= 1184 - K= 3 */ -static KRML_MUSTINLINE void deserialize_ring_elements_reduced_414( +static KRML_MUSTINLINE void deserialize_ring_elements_reduced_b64( Eurydice_slice public_key, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 ret[3U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 deserialized_pk[3U]; KRML_MAYBE_FOR3(i, (size_t)0U, (size_t)3U, (size_t)1U, - deserialized_pk[i] = ZERO_89_9f();); + deserialized_pk[i] = ZERO_89_7d();); for (size_t i = (size_t)0U; i < Eurydice_slice_len(public_key, uint8_t) / LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT; @@ -1113,7 +1113,7 @@ static KRML_MUSTINLINE void deserialize_ring_elements_reduced_414( LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT, uint8_t); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 uu____0 = - deserialize_to_reduced_ring_element_4d(ring_element); + deserialize_to_reduced_ring_element_d0(ring_element); deserialized_pk[i0] = uu____0; } memcpy( @@ -1126,7 +1126,7 @@ A monomorphic instance of libcrux_ml_kem.vector.avx2.arithmetic.shift_right with const generics - SHIFT_BY= 15 */ -static KRML_MUSTINLINE __m256i shift_right_1d(__m256i vector) { +static KRML_MUSTINLINE __m256i shift_right_9a(__m256i vector) { return mm256_srai_epi16((int32_t)15, vector, __m256i); } @@ -1139,8 +1139,8 @@ A monomorphic instance of libcrux_ml_kem.vector.avx2.shift_right_ea with const generics - SHIFT_BY= 15 */ -static __m256i shift_right_ea_89(__m256i vector) { - return shift_right_1d(vector); +static __m256i shift_right_ea_07(__m256i vector) { + return shift_right_9a(vector); } /** @@ -1149,8 +1149,8 @@ libcrux_ml_kem.vector.traits.to_unsigned_representative with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ -static __m256i to_unsigned_representative_9b(__m256i a) { - __m256i t = shift_right_ea_89(a); +static __m256i to_unsigned_representative_38(__m256i a) { + __m256i t = shift_right_ea_07(a); __m256i fm = libcrux_ml_kem_vector_avx2_bitwise_and_with_constant_ea( t, LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_MODULUS); return libcrux_ml_kem_vector_avx2_add_ea(a, &fm); @@ -1162,13 +1162,13 @@ libcrux_ml_kem.serialize.serialize_uncompressed_ring_element with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ -static KRML_MUSTINLINE void serialize_uncompressed_ring_element_b6( +static KRML_MUSTINLINE void serialize_uncompressed_ring_element_16( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re, uint8_t ret[384U]) { uint8_t serialized[384U] = {0U}; for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { size_t i0 = i; - __m256i coefficient = to_unsigned_representative_9b(re->coefficients[i0]); + __m256i coefficient = to_unsigned_representative_38(re->coefficients[i0]); uint8_t bytes[24U]; libcrux_ml_kem_vector_avx2_serialize_12_ea(coefficient, bytes); Eurydice_slice uu____0 = Eurydice_array_to_subslice2( @@ -1189,7 +1189,7 @@ with const generics - K= 3 - OUT_LEN= 1152 */ -static KRML_MUSTINLINE void serialize_secret_key_6d1( +static KRML_MUSTINLINE void serialize_secret_key_fd1( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *key, uint8_t ret[1152U]) { uint8_t out[1152U] = {0U}; @@ -1207,7 +1207,7 @@ static KRML_MUSTINLINE void serialize_secret_key_6d1( (i0 + (size_t)1U) * LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT, uint8_t); uint8_t ret0[384U]; - serialize_uncompressed_ring_element_b6(&re, ret0); + serialize_uncompressed_ring_element_16(&re, ret0); Eurydice_slice_copy( uu____0, Eurydice_array_to_slice((size_t)384U, ret0, uint8_t), uint8_t); } @@ -1225,14 +1225,14 @@ with const generics - RANKED_BYTES_PER_RING_ELEMENT= 1152 - PUBLIC_KEY_SIZE= 1184 */ -static KRML_MUSTINLINE void serialize_public_key_d01( +static KRML_MUSTINLINE void serialize_public_key_771( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *t_as_ntt, Eurydice_slice seed_for_a, uint8_t ret[1184U]) { uint8_t public_key_serialized[1184U] = {0U}; Eurydice_slice uu____0 = Eurydice_array_to_subslice2( public_key_serialized, (size_t)0U, (size_t)1152U, uint8_t); uint8_t ret0[1152U]; - serialize_secret_key_6d1(t_as_ntt, ret0); + serialize_secret_key_fd1(t_as_ntt, ret0); Eurydice_slice_copy( uu____0, Eurydice_array_to_slice((size_t)1152U, ret0, uint8_t), uint8_t); Eurydice_slice_copy( @@ -1257,15 +1257,15 @@ with const generics - RANKED_BYTES_PER_RING_ELEMENT= 1152 - PUBLIC_KEY_SIZE= 1184 */ -bool libcrux_ml_kem_ind_cca_validate_public_key_311(uint8_t *public_key) { +bool libcrux_ml_kem_ind_cca_validate_public_key_6e1(uint8_t *public_key) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 deserialized_pk[3U]; - deserialize_ring_elements_reduced_414( + deserialize_ring_elements_reduced_b64( Eurydice_array_to_subslice_to((size_t)1184U, public_key, (size_t)1152U, uint8_t, size_t), deserialized_pk); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *uu____0 = deserialized_pk; uint8_t public_key_serialized[1184U]; - serialize_public_key_d01( + serialize_public_key_771( uu____0, Eurydice_array_to_subslice_from((size_t)1184U, public_key, (size_t)1152U, uint8_t, size_t), @@ -1283,7 +1283,7 @@ A monomorphic instance of libcrux_ml_kem.hash_functions.avx2.H_a9 with const generics - K= 3 */ -static KRML_MUSTINLINE void H_a9_381(Eurydice_slice input, uint8_t ret[32U]) { +static KRML_MUSTINLINE void H_a9_161(Eurydice_slice input, uint8_t ret[32U]) { libcrux_ml_kem_hash_functions_avx2_H(input, ret); } @@ -1302,11 +1302,11 @@ with const generics - SECRET_KEY_SIZE= 2400 - CIPHERTEXT_SIZE= 1088 */ -bool libcrux_ml_kem_ind_cca_validate_private_key_4e1( +bool libcrux_ml_kem_ind_cca_validate_private_key_fd1( libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *_ciphertext) { uint8_t t[32U]; - H_a9_381(Eurydice_array_to_subslice2( + H_a9_161(Eurydice_array_to_subslice2( private_key->value, (size_t)384U * (size_t)3U, (size_t)768U * (size_t)3U + (size_t)32U, uint8_t), t); @@ -1326,7 +1326,7 @@ A monomorphic instance of libcrux_ml_kem.hash_functions.avx2.G_a9 with const generics - K= 3 */ -static KRML_MUSTINLINE void G_a9_5a1(Eurydice_slice input, uint8_t ret[64U]) { +static KRML_MUSTINLINE void G_a9_671(Eurydice_slice input, uint8_t ret[64U]) { libcrux_ml_kem_hash_functions_avx2_G(input, ret); } @@ -1340,7 +1340,7 @@ with types libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics - K= 3 */ -static KRML_MUSTINLINE void cpa_keygen_seed_d8_7c1( +static KRML_MUSTINLINE void cpa_keygen_seed_d8_511( Eurydice_slice key_generation_seed, uint8_t ret[64U]) { uint8_t seed[33U] = {0U}; Eurydice_slice_copy( @@ -1351,7 +1351,7 @@ static KRML_MUSTINLINE void cpa_keygen_seed_d8_7c1( seed[LIBCRUX_ML_KEM_CONSTANTS_CPA_PKE_KEY_GENERATION_SEED_SIZE] = (uint8_t)(size_t)3U; uint8_t ret0[64U]; - G_a9_5a1(Eurydice_array_to_slice((size_t)33U, seed, uint8_t), ret0); + G_a9_671(Eurydice_array_to_slice((size_t)33U, seed, uint8_t), ret0); memcpy(ret, ret0, (size_t)64U * sizeof(uint8_t)); } @@ -1361,10 +1361,10 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector, libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics - K= 3 */ -static void closure_d01( +static void closure_641( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 ret[3U]) { KRML_MAYBE_FOR3(i, (size_t)0U, (size_t)3U, (size_t)1U, - ret[i] = ZERO_89_9f();); + ret[i] = ZERO_89_7d();); } /** @@ -1373,7 +1373,7 @@ libcrux_ml_kem.hash_functions.avx2.shake128_init_absorb with const generics - K= 3 */ static KRML_MUSTINLINE libcrux_sha3_avx2_x4_incremental_KeccakState -shake128_init_absorb_e51(uint8_t input[3U][34U]) { +shake128_init_absorb_2a1(uint8_t input[3U][34U]) { libcrux_sha3_generic_keccak_KeccakState_29 state = libcrux_sha3_avx2_x4_incremental_init(); libcrux_sha3_avx2_x4_incremental_shake128_absorb_final( @@ -1394,11 +1394,11 @@ libcrux_ml_kem.hash_functions.avx2.shake128_init_absorb_a9 with const generics - K= 3 */ static KRML_MUSTINLINE libcrux_sha3_avx2_x4_incremental_KeccakState -shake128_init_absorb_a9_301(uint8_t input[3U][34U]) { +shake128_init_absorb_a9_1c1(uint8_t input[3U][34U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_input[3U][34U]; memcpy(copy_of_input, input, (size_t)3U * sizeof(uint8_t[34U])); - return shake128_init_absorb_e51(copy_of_input); + return shake128_init_absorb_2a1(copy_of_input); } /** @@ -1407,7 +1407,7 @@ libcrux_ml_kem.hash_functions.avx2.shake128_squeeze_three_blocks with const generics - K= 3 */ -static KRML_MUSTINLINE void shake128_squeeze_three_blocks_621( +static KRML_MUSTINLINE void shake128_squeeze_three_blocks_0c1( libcrux_sha3_avx2_x4_incremental_KeccakState *st, uint8_t ret[3U][504U]) { uint8_t out[3U][504U] = {{0U}}; uint8_t out0[504U] = {0U}; @@ -1441,9 +1441,9 @@ libcrux_ml_kem.hash_functions.avx2.shake128_squeeze_three_blocks_a9 with const generics - K= 3 */ -static KRML_MUSTINLINE void shake128_squeeze_three_blocks_a9_a11( +static KRML_MUSTINLINE void shake128_squeeze_three_blocks_a9_2e1( libcrux_sha3_avx2_x4_incremental_KeccakState *self, uint8_t ret[3U][504U]) { - shake128_squeeze_three_blocks_621(self, ret); + shake128_squeeze_three_blocks_0c1(self, ret); } /** @@ -1494,7 +1494,7 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - K= 3 - N= 504 */ -static KRML_MUSTINLINE bool sample_from_uniform_distribution_next_9a3( +static KRML_MUSTINLINE bool sample_from_uniform_distribution_next_6b3( uint8_t randomness[3U][504U], size_t *sampled_coefficients, int16_t (*out)[272U]) { KRML_MAYBE_FOR3( @@ -1531,7 +1531,7 @@ A monomorphic instance of libcrux_ml_kem.hash_functions.avx2.shake128_squeeze_block with const generics - K= 3 */ -static KRML_MUSTINLINE void shake128_squeeze_block_581( +static KRML_MUSTINLINE void shake128_squeeze_block_4a1( libcrux_sha3_avx2_x4_incremental_KeccakState *st, uint8_t ret[3U][168U]) { uint8_t out[3U][168U] = {{0U}}; uint8_t out0[168U] = {0U}; @@ -1564,9 +1564,9 @@ A monomorphic instance of libcrux_ml_kem.hash_functions.avx2.shake128_squeeze_block_a9 with const generics - K= 3 */ -static KRML_MUSTINLINE void shake128_squeeze_block_a9_931( +static KRML_MUSTINLINE void shake128_squeeze_block_a9_1d1( libcrux_sha3_avx2_x4_incremental_KeccakState *self, uint8_t ret[3U][168U]) { - shake128_squeeze_block_581(self, ret); + shake128_squeeze_block_4a1(self, ret); } /** @@ -1617,7 +1617,7 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - K= 3 - N= 168 */ -static KRML_MUSTINLINE bool sample_from_uniform_distribution_next_9a4( +static KRML_MUSTINLINE bool sample_from_uniform_distribution_next_6b4( uint8_t randomness[3U][168U], size_t *sampled_coefficients, int16_t (*out)[272U]) { KRML_MAYBE_FOR3( @@ -1660,8 +1660,8 @@ with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -from_i16_array_89_94(Eurydice_slice a) { - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 result = ZERO_89_9f(); +from_i16_array_89_82(Eurydice_slice a) { + libcrux_ml_kem_polynomial_PolynomialRingElement_d2 result = ZERO_89_7d(); for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { size_t i0 = i; @@ -1678,9 +1678,9 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector, libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics - K= 3 */ -static libcrux_ml_kem_polynomial_PolynomialRingElement_d2 closure_a51( +static libcrux_ml_kem_polynomial_PolynomialRingElement_d2 closure_861( int16_t s[272U]) { - return from_i16_array_89_94( + return from_i16_array_89_82( Eurydice_array_to_subslice2(s, (size_t)0U, (size_t)256U, int16_t)); } @@ -1690,7 +1690,7 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector, libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics - K= 3 */ -static KRML_MUSTINLINE void sample_from_xof_161( +static KRML_MUSTINLINE void sample_from_xof_6c1( uint8_t seeds[3U][34U], libcrux_ml_kem_polynomial_PolynomialRingElement_d2 ret[3U]) { size_t sampled_coefficients[3U] = {0U}; @@ -1699,25 +1699,25 @@ static KRML_MUSTINLINE void sample_from_xof_161( uint8_t copy_of_seeds[3U][34U]; memcpy(copy_of_seeds, seeds, (size_t)3U * sizeof(uint8_t[34U])); libcrux_sha3_avx2_x4_incremental_KeccakState xof_state = - shake128_init_absorb_a9_301(copy_of_seeds); + shake128_init_absorb_a9_1c1(copy_of_seeds); uint8_t randomness0[3U][504U]; - shake128_squeeze_three_blocks_a9_a11(&xof_state, randomness0); + shake128_squeeze_three_blocks_a9_2e1(&xof_state, randomness0); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness0[3U][504U]; memcpy(copy_of_randomness0, randomness0, (size_t)3U * sizeof(uint8_t[504U])); - bool done = sample_from_uniform_distribution_next_9a3( + bool done = sample_from_uniform_distribution_next_6b3( copy_of_randomness0, sampled_coefficients, out); while (true) { if (done) { break; } else { uint8_t randomness[3U][168U]; - shake128_squeeze_block_a9_931(&xof_state, randomness); + shake128_squeeze_block_a9_1d1(&xof_state, randomness); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[3U][168U]; memcpy(copy_of_randomness, randomness, (size_t)3U * sizeof(uint8_t[168U])); - done = sample_from_uniform_distribution_next_9a4( + done = sample_from_uniform_distribution_next_6b4( copy_of_randomness, sampled_coefficients, out); } } @@ -1726,7 +1726,7 @@ static KRML_MUSTINLINE void sample_from_xof_161( memcpy(copy_of_out, out, (size_t)3U * sizeof(int16_t[272U])); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 ret0[3U]; KRML_MAYBE_FOR3(i, (size_t)0U, (size_t)3U, (size_t)1U, - ret0[i] = closure_a51(copy_of_out[i]);); + ret0[i] = closure_861(copy_of_out[i]);); memcpy( ret, ret0, (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); @@ -1738,12 +1738,12 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector, libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics - K= 3 */ -static KRML_MUSTINLINE void sample_matrix_A_b81( +static KRML_MUSTINLINE void sample_matrix_A_291( uint8_t seed[34U], bool transpose, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 ret[3U][3U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 A_transpose[3U][3U]; KRML_MAYBE_FOR3(i, (size_t)0U, (size_t)3U, (size_t)1U, - closure_d01(A_transpose[i]);); + closure_641(A_transpose[i]);); KRML_MAYBE_FOR3( i0, (size_t)0U, (size_t)3U, (size_t)1U, size_t i1 = i0; /* Passing arrays by value in Rust generates a copy in C */ @@ -1758,7 +1758,7 @@ static KRML_MUSTINLINE void sample_matrix_A_b81( uint8_t copy_of_seeds[3U][34U]; memcpy(copy_of_seeds, seeds, (size_t)3U * sizeof(uint8_t[34U])); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 sampled[3U]; - sample_from_xof_161(copy_of_seeds, sampled); + sample_from_xof_6c1(copy_of_seeds, sampled); for (size_t i = (size_t)0U; i < Eurydice_slice_len( Eurydice_array_to_slice( @@ -1798,7 +1798,7 @@ with const generics - K= 3 - LEN= 128 */ -static KRML_MUSTINLINE void PRFxN_e12(uint8_t (*input)[33U], +static KRML_MUSTINLINE void PRFxN_082(uint8_t (*input)[33U], uint8_t ret[3U][128U]) { uint8_t out[3U][128U] = {{0U}}; uint8_t out0[128U] = {0U}; @@ -1836,9 +1836,9 @@ with const generics - K= 3 - LEN= 128 */ -static KRML_MUSTINLINE void PRFxN_a9_9b2(uint8_t (*input)[33U], +static KRML_MUSTINLINE void PRFxN_a9_162(uint8_t (*input)[33U], uint8_t ret[3U][128U]) { - PRFxN_e12(input, ret); + PRFxN_082(input, ret); } /** @@ -1897,7 +1897,7 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -sample_from_binomial_distribution_2_13(Eurydice_slice randomness) { +sample_from_binomial_distribution_2_f2(Eurydice_slice randomness) { int16_t sampled_i16s[256U] = {0U}; for (size_t i0 = (size_t)0U; i0 < Eurydice_slice_len(randomness, uint8_t) / (size_t)4U; i0++) { @@ -1931,7 +1931,7 @@ sample_from_binomial_distribution_2_13(Eurydice_slice randomness) { sampled_i16s[(size_t)8U * chunk_number + offset] = outcome_1 - outcome_2; } } - return from_i16_array_89_94( + return from_i16_array_89_82( Eurydice_array_to_slice((size_t)256U, sampled_i16s, int16_t)); } @@ -1942,7 +1942,7 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -sample_from_binomial_distribution_3_12(Eurydice_slice randomness) { +sample_from_binomial_distribution_3_75(Eurydice_slice randomness) { int16_t sampled_i16s[256U] = {0U}; for (size_t i0 = (size_t)0U; i0 < Eurydice_slice_len(randomness, uint8_t) / (size_t)3U; i0++) { @@ -1975,7 +1975,7 @@ sample_from_binomial_distribution_3_12(Eurydice_slice randomness) { sampled_i16s[(size_t)4U * chunk_number + offset] = outcome_1 - outcome_2; } } - return from_i16_array_89_94( + return from_i16_array_89_82( Eurydice_array_to_slice((size_t)256U, sampled_i16s, int16_t)); } @@ -1986,8 +1986,8 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - ETA= 2 */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -sample_from_binomial_distribution_5f0(Eurydice_slice randomness) { - return sample_from_binomial_distribution_2_13(randomness); +sample_from_binomial_distribution_910(Eurydice_slice randomness) { + return sample_from_binomial_distribution_2_f2(randomness); } /** @@ -1996,7 +1996,7 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ -static KRML_MUSTINLINE void ntt_at_layer_7_34( +static KRML_MUSTINLINE void ntt_at_layer_7_2f( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re) { size_t step = LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT / (size_t)2U; for (size_t i = (size_t)0U; i < step; i++) { @@ -2021,7 +2021,7 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ -static __m256i montgomery_multiply_fe_e8(__m256i v, int16_t fer) { +static __m256i montgomery_multiply_fe_a6(__m256i v, int16_t fer) { return libcrux_ml_kem_vector_avx2_montgomery_multiply_by_constant_ea(v, fer); } @@ -2032,8 +2032,8 @@ with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_vector_avx2_SIMD256Vector_x2 -ntt_layer_int_vec_step_6c(__m256i a, __m256i b, int16_t zeta_r) { - __m256i t = montgomery_multiply_fe_e8(b, zeta_r); +ntt_layer_int_vec_step_0d(__m256i a, __m256i b, int16_t zeta_r) { + __m256i t = montgomery_multiply_fe_a6(b, zeta_r); b = libcrux_ml_kem_vector_avx2_sub_ea(a, &t); a = libcrux_ml_kem_vector_avx2_add_ea(a, &t); return (CLITERAL(libcrux_ml_kem_vector_avx2_SIMD256Vector_x2){.fst = a, @@ -2046,7 +2046,7 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ -static KRML_MUSTINLINE void ntt_at_layer_4_plus_46( +static KRML_MUSTINLINE void ntt_at_layer_4_plus_a5( size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re, size_t layer) { size_t step = (size_t)1U << (uint32_t)layer; @@ -2059,7 +2059,7 @@ static KRML_MUSTINLINE void ntt_at_layer_4_plus_46( for (size_t i = offset_vec; i < offset_vec + step_vec; i++) { size_t j = i; libcrux_ml_kem_vector_avx2_SIMD256Vector_x2 uu____0 = - ntt_layer_int_vec_step_6c( + ntt_layer_int_vec_step_0d( re->coefficients[j], re->coefficients[j + step_vec], libcrux_ml_kem_polynomial_ZETAS_TIMES_MONTGOMERY_R[zeta_i[0U]]); __m256i x = uu____0.fst; @@ -2076,7 +2076,7 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ -static KRML_MUSTINLINE void ntt_at_layer_3_3d( +static KRML_MUSTINLINE void ntt_at_layer_3_46( size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re) { KRML_MAYBE_FOR16( i, (size_t)0U, (size_t)16U, (size_t)1U, size_t round = i; @@ -2092,7 +2092,7 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ -static KRML_MUSTINLINE void ntt_at_layer_2_16( +static KRML_MUSTINLINE void ntt_at_layer_2_53( size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re) { KRML_MAYBE_FOR16( i, (size_t)0U, (size_t)16U, (size_t)1U, size_t round = i; @@ -2111,7 +2111,7 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ -static KRML_MUSTINLINE void ntt_at_layer_1_8f( +static KRML_MUSTINLINE void ntt_at_layer_1_f7( size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re) { KRML_MAYBE_FOR16( i, (size_t)0U, (size_t)16U, (size_t)1U, size_t round = i; @@ -2138,7 +2138,7 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ -static KRML_MUSTINLINE void poly_barrett_reduce_89_ef( +static KRML_MUSTINLINE void poly_barrett_reduce_89_f5( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *self) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { @@ -2154,17 +2154,17 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ -static KRML_MUSTINLINE void ntt_binomially_sampled_ring_element_58( +static KRML_MUSTINLINE void ntt_binomially_sampled_ring_element_e1( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re) { - ntt_at_layer_7_34(re); + ntt_at_layer_7_2f(re); size_t zeta_i = (size_t)1U; - ntt_at_layer_4_plus_46(&zeta_i, re, (size_t)6U); - ntt_at_layer_4_plus_46(&zeta_i, re, (size_t)5U); - ntt_at_layer_4_plus_46(&zeta_i, re, (size_t)4U); - ntt_at_layer_3_3d(&zeta_i, re); - ntt_at_layer_2_16(&zeta_i, re); - ntt_at_layer_1_8f(&zeta_i, re); - poly_barrett_reduce_89_ef(re); + ntt_at_layer_4_plus_a5(&zeta_i, re, (size_t)6U); + ntt_at_layer_4_plus_a5(&zeta_i, re, (size_t)5U); + ntt_at_layer_4_plus_a5(&zeta_i, re, (size_t)4U); + ntt_at_layer_3_46(&zeta_i, re); + ntt_at_layer_2_53(&zeta_i, re); + ntt_at_layer_1_f7(&zeta_i, re); + poly_barrett_reduce_89_f5(re); } /** @@ -2179,11 +2179,11 @@ libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics - ETA= 2 - ETA_RANDOMNESS_SIZE= 128 */ -static KRML_MUSTINLINE tuple_b00 sample_vector_cbd_then_ntt_881( +static KRML_MUSTINLINE tuple_b00 sample_vector_cbd_then_ntt_6e1( uint8_t prf_input[33U], uint8_t domain_separator) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 re_as_ntt[3U]; KRML_MAYBE_FOR3(i, (size_t)0U, (size_t)3U, (size_t)1U, - re_as_ntt[i] = ZERO_89_9f();); + re_as_ntt[i] = ZERO_89_7d();); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_prf_input[33U]; memcpy(copy_of_prf_input, prf_input, (size_t)33U * sizeof(uint8_t)); @@ -2195,12 +2195,12 @@ static KRML_MUSTINLINE tuple_b00 sample_vector_cbd_then_ntt_881( prf_inputs[i0][32U] = domain_separator; domain_separator = (uint32_t)domain_separator + 1U;); uint8_t prf_outputs[3U][128U]; - PRFxN_a9_9b2(prf_inputs, prf_outputs); + PRFxN_a9_162(prf_inputs, prf_outputs); KRML_MAYBE_FOR3( i, (size_t)0U, (size_t)3U, (size_t)1U, size_t i0 = i; - re_as_ntt[i0] = sample_from_binomial_distribution_5f0( + re_as_ntt[i0] = sample_from_binomial_distribution_910( Eurydice_array_to_slice((size_t)128U, prf_outputs[i0], uint8_t)); - ntt_binomially_sampled_ring_element_58(&re_as_ntt[i0]);); + ntt_binomially_sampled_ring_element_e1(&re_as_ntt[i0]);); /* Passing arrays by value in Rust generates a copy in C */ libcrux_ml_kem_polynomial_PolynomialRingElement_d2 copy_of_re_as_ntt[3U]; memcpy( @@ -2252,9 +2252,9 @@ with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -ntt_multiply_89_ce(libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *self, +ntt_multiply_89_04(libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *self, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *rhs) { - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 out = ZERO_89_9f(); + libcrux_ml_kem_polynomial_PolynomialRingElement_d2 out = ZERO_89_7d(); for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { size_t i0 = i; @@ -2289,7 +2289,7 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - K= 3 */ -static KRML_MUSTINLINE void add_to_ring_element_89_7e1( +static KRML_MUSTINLINE void add_to_ring_element_89_981( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *self, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *rhs) { for (size_t i = (size_t)0U; @@ -2309,7 +2309,7 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ -static __m256i to_standard_domain_bf(__m256i v) { +static __m256i to_standard_domain_8a(__m256i v) { return libcrux_ml_kem_vector_avx2_montgomery_multiply_by_constant_ea( v, LIBCRUX_ML_KEM_VECTOR_TRAITS_MONTGOMERY_R_SQUARED_MOD_FIELD_MODULUS); } @@ -2324,14 +2324,14 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ -static KRML_MUSTINLINE void add_standard_error_reduce_89_67( +static KRML_MUSTINLINE void add_standard_error_reduce_89_c1( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *self, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *error) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { size_t j = i; __m256i coefficient_normal_form = - to_standard_domain_bf(self->coefficients[j]); + to_standard_domain_8a(self->coefficients[j]); self->coefficients[j] = libcrux_ml_kem_vector_avx2_barrett_reduce_ea( libcrux_ml_kem_vector_avx2_add_ea(coefficient_normal_form, &error->coefficients[j])); @@ -2347,14 +2347,14 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - K= 3 */ -static KRML_MUSTINLINE void compute_As_plus_e_2d1( +static KRML_MUSTINLINE void compute_As_plus_e_6a1( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 (*matrix_A)[3U], libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *s_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *error_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 ret[3U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 result[3U]; KRML_MAYBE_FOR3(i, (size_t)0U, (size_t)3U, (size_t)1U, - result[i] = ZERO_89_9f();); + result[i] = ZERO_89_7d();); for (size_t i0 = (size_t)0U; i0 < Eurydice_slice_len( Eurydice_array_to_slice( @@ -2375,10 +2375,10 @@ static KRML_MUSTINLINE void compute_As_plus_e_2d1( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *matrix_element = &row[j]; libcrux_ml_kem_polynomial_PolynomialRingElement_d2 product = - ntt_multiply_89_ce(matrix_element, &s_as_ntt[j]); - add_to_ring_element_89_7e1(&result[i1], &product); + ntt_multiply_89_04(matrix_element, &s_as_ntt[j]); + add_to_ring_element_89_981(&result[i1], &product); } - add_standard_error_reduce_89_67(&result[i1], &error_as_ntt[i1]); + add_standard_error_reduce_89_c1(&result[i1], &error_as_ntt[i1]); } memcpy( ret, result, @@ -2397,10 +2397,10 @@ with const generics - ETA1= 2 - ETA1_RANDOMNESS_SIZE= 128 */ -static libcrux_ml_kem_utils_extraction_helper_Keypair768 generate_keypair_9d1( +static libcrux_ml_kem_utils_extraction_helper_Keypair768 generate_keypair_511( Eurydice_slice key_generation_seed) { uint8_t hashed[64U]; - cpa_keygen_seed_d8_7c1(key_generation_seed, hashed); + cpa_keygen_seed_d8_511(key_generation_seed, hashed); Eurydice_slice_uint8_t_x2 uu____0 = Eurydice_slice_split_at( Eurydice_array_to_slice((size_t)64U, hashed, uint8_t), (size_t)32U, uint8_t, Eurydice_slice_uint8_t_x2); @@ -2408,15 +2408,15 @@ static libcrux_ml_kem_utils_extraction_helper_Keypair768 generate_keypair_9d1( Eurydice_slice seed_for_secret_and_error = uu____0.snd; libcrux_ml_kem_polynomial_PolynomialRingElement_d2 A_transpose[3U][3U]; uint8_t ret[34U]; - libcrux_ml_kem_utils_into_padded_array_6d1(seed_for_A0, ret); - sample_matrix_A_b81(ret, true, A_transpose); + libcrux_ml_kem_utils_into_padded_array_421(seed_for_A0, ret); + sample_matrix_A_291(ret, true, A_transpose); uint8_t prf_input[33U]; - libcrux_ml_kem_utils_into_padded_array_6d2(seed_for_secret_and_error, + libcrux_ml_kem_utils_into_padded_array_422(seed_for_secret_and_error, prf_input); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_prf_input0[33U]; memcpy(copy_of_prf_input0, prf_input, (size_t)33U * sizeof(uint8_t)); - tuple_b00 uu____2 = sample_vector_cbd_then_ntt_881(copy_of_prf_input0, 0U); + tuple_b00 uu____2 = sample_vector_cbd_then_ntt_6e1(copy_of_prf_input0, 0U); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 secret_as_ntt[3U]; memcpy( secret_as_ntt, uu____2.fst, @@ -2428,20 +2428,20 @@ static libcrux_ml_kem_utils_extraction_helper_Keypair768 generate_keypair_9d1( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 error_as_ntt[3U]; memcpy( error_as_ntt, - sample_vector_cbd_then_ntt_881(copy_of_prf_input, domain_separator).fst, + sample_vector_cbd_then_ntt_6e1(copy_of_prf_input, domain_separator).fst, (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 t_as_ntt[3U]; - compute_As_plus_e_2d1(A_transpose, secret_as_ntt, error_as_ntt, t_as_ntt); + compute_As_plus_e_6a1(A_transpose, secret_as_ntt, error_as_ntt, t_as_ntt); uint8_t seed_for_A[32U]; core_result_Result_00 dst; Eurydice_slice_to_array2(&dst, seed_for_A0, Eurydice_slice, uint8_t[32U]); core_result_unwrap_41_33(dst, seed_for_A); uint8_t public_key_serialized[1184U]; - serialize_public_key_d01( + serialize_public_key_771( t_as_ntt, Eurydice_array_to_slice((size_t)32U, seed_for_A, uint8_t), public_key_serialized); uint8_t secret_key_serialized[1152U]; - serialize_secret_key_6d1(secret_as_ntt, secret_key_serialized); + serialize_secret_key_fd1(secret_as_ntt, secret_key_serialized); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_secret_key_serialized[1152U]; memcpy(copy_of_secret_key_serialized, secret_key_serialized, @@ -2468,7 +2468,7 @@ with const generics - K= 3 - SERIALIZED_KEY_LEN= 2400 */ -static KRML_MUSTINLINE void serialize_kem_secret_key_d41( +static KRML_MUSTINLINE void serialize_kem_secret_key_f51( Eurydice_slice private_key, Eurydice_slice public_key, Eurydice_slice implicit_rejection_value, uint8_t ret[2400U]) { uint8_t out[2400U] = {0U}; @@ -2494,7 +2494,7 @@ static KRML_MUSTINLINE void serialize_kem_secret_key_d41( Eurydice_slice uu____6 = Eurydice_array_to_subslice2( out, pointer, pointer + LIBCRUX_ML_KEM_CONSTANTS_H_DIGEST_SIZE, uint8_t); uint8_t ret0[32U]; - H_a9_381(public_key, ret0); + H_a9_161(public_key, ret0); Eurydice_slice_copy( uu____6, Eurydice_array_to_slice((size_t)32U, ret0, uint8_t), uint8_t); pointer = pointer + LIBCRUX_ML_KEM_CONSTANTS_H_DIGEST_SIZE; @@ -2532,7 +2532,7 @@ with const generics - ETA1_RANDOMNESS_SIZE= 128 */ libcrux_ml_kem_mlkem768_MlKem768KeyPair -libcrux_ml_kem_ind_cca_generate_keypair_5d1(uint8_t randomness[64U]) { +libcrux_ml_kem_ind_cca_generate_keypair_611(uint8_t randomness[64U]) { Eurydice_slice ind_cpa_keypair_randomness = Eurydice_array_to_subslice2( randomness, (size_t)0U, LIBCRUX_ML_KEM_CONSTANTS_CPA_PKE_KEY_GENERATION_SEED_SIZE, uint8_t); @@ -2541,13 +2541,13 @@ libcrux_ml_kem_ind_cca_generate_keypair_5d1(uint8_t randomness[64U]) { LIBCRUX_ML_KEM_CONSTANTS_CPA_PKE_KEY_GENERATION_SEED_SIZE, uint8_t, size_t); libcrux_ml_kem_utils_extraction_helper_Keypair768 uu____0 = - generate_keypair_9d1(ind_cpa_keypair_randomness); + generate_keypair_511(ind_cpa_keypair_randomness); uint8_t ind_cpa_private_key[1152U]; memcpy(ind_cpa_private_key, uu____0.fst, (size_t)1152U * sizeof(uint8_t)); uint8_t public_key[1184U]; memcpy(public_key, uu____0.snd, (size_t)1184U * sizeof(uint8_t)); uint8_t secret_key_serialized[2400U]; - serialize_kem_secret_key_d41( + serialize_kem_secret_key_f51( Eurydice_array_to_slice((size_t)1152U, ind_cpa_private_key, uint8_t), Eurydice_array_to_slice((size_t)1184U, public_key, uint8_t), implicit_rejection_value, secret_key_serialized); @@ -2556,13 +2556,13 @@ libcrux_ml_kem_ind_cca_generate_keypair_5d1(uint8_t randomness[64U]) { memcpy(copy_of_secret_key_serialized, secret_key_serialized, (size_t)2400U * sizeof(uint8_t)); libcrux_ml_kem_types_MlKemPrivateKey_55 private_key = - libcrux_ml_kem_types_from_05_890(copy_of_secret_key_serialized); + libcrux_ml_kem_types_from_05_9d0(copy_of_secret_key_serialized); libcrux_ml_kem_types_MlKemPrivateKey_55 uu____2 = private_key; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_public_key[1184U]; memcpy(copy_of_public_key, public_key, (size_t)1184U * sizeof(uint8_t)); - return libcrux_ml_kem_types_from_17_820( - uu____2, libcrux_ml_kem_types_from_b6_960(copy_of_public_key)); + return libcrux_ml_kem_types_from_17_f60( + uu____2, libcrux_ml_kem_types_from_b6_8c0(copy_of_public_key)); } /** @@ -2575,7 +2575,7 @@ with types libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics - K= 3 */ -static KRML_MUSTINLINE void entropy_preprocess_d8_c61(Eurydice_slice randomness, +static KRML_MUSTINLINE void entropy_preprocess_d8_e11(Eurydice_slice randomness, uint8_t ret[32U]) { uint8_t out[32U] = {0U}; Eurydice_slice_copy(Eurydice_array_to_slice((size_t)32U, out, uint8_t), @@ -2596,12 +2596,12 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - PUBLIC_KEY_SIZE= 1152 - K= 3 */ -static KRML_MUSTINLINE void deserialize_ring_elements_reduced_413( +static KRML_MUSTINLINE void deserialize_ring_elements_reduced_b63( Eurydice_slice public_key, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 ret[3U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 deserialized_pk[3U]; KRML_MAYBE_FOR3(i, (size_t)0U, (size_t)3U, (size_t)1U, - deserialized_pk[i] = ZERO_89_9f();); + deserialized_pk[i] = ZERO_89_7d();); for (size_t i = (size_t)0U; i < Eurydice_slice_len(public_key, uint8_t) / LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT; @@ -2613,7 +2613,7 @@ static KRML_MUSTINLINE void deserialize_ring_elements_reduced_413( LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT, uint8_t); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 uu____0 = - deserialize_to_reduced_ring_element_4d(ring_element); + deserialize_to_reduced_ring_element_d0(ring_element); deserialized_pk[i0] = uu____0; } memcpy( @@ -2633,10 +2633,10 @@ libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics - ETA2= 2 */ static KRML_MUSTINLINE tuple_b00 -sample_ring_element_cbd_ec1(uint8_t prf_input[33U], uint8_t domain_separator) { +sample_ring_element_cbd_851(uint8_t prf_input[33U], uint8_t domain_separator) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 error_1[3U]; KRML_MAYBE_FOR3(i, (size_t)0U, (size_t)3U, (size_t)1U, - error_1[i] = ZERO_89_9f();); + error_1[i] = ZERO_89_7d();); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_prf_input[33U]; memcpy(copy_of_prf_input, prf_input, (size_t)33U * sizeof(uint8_t)); @@ -2648,11 +2648,11 @@ sample_ring_element_cbd_ec1(uint8_t prf_input[33U], uint8_t domain_separator) { prf_inputs[i0][32U] = domain_separator; domain_separator = (uint32_t)domain_separator + 1U;); uint8_t prf_outputs[3U][128U]; - PRFxN_a9_9b2(prf_inputs, prf_outputs); + PRFxN_a9_162(prf_inputs, prf_outputs); KRML_MAYBE_FOR3( i, (size_t)0U, (size_t)3U, (size_t)1U, size_t i0 = i; libcrux_ml_kem_polynomial_PolynomialRingElement_d2 uu____1 = - sample_from_binomial_distribution_5f0( + sample_from_binomial_distribution_910( Eurydice_array_to_slice((size_t)128U, prf_outputs[i0], uint8_t)); error_1[i0] = uu____1;); /* Passing arrays by value in Rust generates a copy in C */ @@ -2673,7 +2673,7 @@ A monomorphic instance of libcrux_ml_kem.hash_functions.avx2.PRF with const generics - LEN= 128 */ -static KRML_MUSTINLINE void PRF_ba0(Eurydice_slice input, uint8_t ret[128U]) { +static KRML_MUSTINLINE void PRF_d10(Eurydice_slice input, uint8_t ret[128U]) { uint8_t digest[128U] = {0U}; libcrux_sha3_portable_shake256( Eurydice_array_to_slice((size_t)128U, digest, uint8_t), input); @@ -2690,9 +2690,9 @@ with const generics - K= 3 - LEN= 128 */ -static KRML_MUSTINLINE void PRF_a9_b04(Eurydice_slice input, +static KRML_MUSTINLINE void PRF_a9_424(Eurydice_slice input, uint8_t ret[128U]) { - PRF_ba0(input, ret); + PRF_d10(input, ret); } /** @@ -2701,7 +2701,7 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ -static KRML_MUSTINLINE void invert_ntt_at_layer_1_23( +static KRML_MUSTINLINE void invert_ntt_at_layer_1_a5( size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re) { KRML_MAYBE_FOR16( i, (size_t)0U, (size_t)16U, (size_t)1U, size_t round = i; @@ -2725,7 +2725,7 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ -static KRML_MUSTINLINE void invert_ntt_at_layer_2_83( +static KRML_MUSTINLINE void invert_ntt_at_layer_2_0a( size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re) { KRML_MAYBE_FOR16( i, (size_t)0U, (size_t)16U, (size_t)1U, size_t round = i; @@ -2745,7 +2745,7 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ -static KRML_MUSTINLINE void invert_ntt_at_layer_3_38( +static KRML_MUSTINLINE void invert_ntt_at_layer_3_2b( size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re) { KRML_MAYBE_FOR16( i, (size_t)0U, (size_t)16U, (size_t)1U, size_t round = i; @@ -2763,11 +2763,11 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_vector_avx2_SIMD256Vector_x2 -inv_ntt_layer_int_vec_step_reduce_49(__m256i a, __m256i b, int16_t zeta_r) { +inv_ntt_layer_int_vec_step_reduce_d6(__m256i a, __m256i b, int16_t zeta_r) { __m256i a_minus_b = libcrux_ml_kem_vector_avx2_sub_ea(b, &a); a = libcrux_ml_kem_vector_avx2_barrett_reduce_ea( libcrux_ml_kem_vector_avx2_add_ea(a, &b)); - b = montgomery_multiply_fe_e8(a_minus_b, zeta_r); + b = montgomery_multiply_fe_a6(a_minus_b, zeta_r); return (CLITERAL(libcrux_ml_kem_vector_avx2_SIMD256Vector_x2){.fst = a, .snd = b}); } @@ -2778,7 +2778,7 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ -static KRML_MUSTINLINE void invert_ntt_at_layer_4_plus_1a( +static KRML_MUSTINLINE void invert_ntt_at_layer_4_plus_dd( size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re, size_t layer) { size_t step = (size_t)1U << (uint32_t)layer; @@ -2793,7 +2793,7 @@ static KRML_MUSTINLINE void invert_ntt_at_layer_4_plus_1a( for (size_t i = offset_vec; i < offset_vec + step_vec; i++) { size_t j = i; libcrux_ml_kem_vector_avx2_SIMD256Vector_x2 uu____0 = - inv_ntt_layer_int_vec_step_reduce_49( + inv_ntt_layer_int_vec_step_reduce_d6( re->coefficients[j], re->coefficients[j + step_vec], libcrux_ml_kem_polynomial_ZETAS_TIMES_MONTGOMERY_R[zeta_i[0U]]); __m256i x = uu____0.fst; @@ -2810,18 +2810,18 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - K= 3 */ -static KRML_MUSTINLINE void invert_ntt_montgomery_771( +static KRML_MUSTINLINE void invert_ntt_montgomery_3e1( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re) { size_t zeta_i = LIBCRUX_ML_KEM_CONSTANTS_COEFFICIENTS_IN_RING_ELEMENT / (size_t)2U; - invert_ntt_at_layer_1_23(&zeta_i, re); - invert_ntt_at_layer_2_83(&zeta_i, re); - invert_ntt_at_layer_3_38(&zeta_i, re); - invert_ntt_at_layer_4_plus_1a(&zeta_i, re, (size_t)4U); - invert_ntt_at_layer_4_plus_1a(&zeta_i, re, (size_t)5U); - invert_ntt_at_layer_4_plus_1a(&zeta_i, re, (size_t)6U); - invert_ntt_at_layer_4_plus_1a(&zeta_i, re, (size_t)7U); - poly_barrett_reduce_89_ef(re); + invert_ntt_at_layer_1_a5(&zeta_i, re); + invert_ntt_at_layer_2_0a(&zeta_i, re); + invert_ntt_at_layer_3_2b(&zeta_i, re); + invert_ntt_at_layer_4_plus_dd(&zeta_i, re, (size_t)4U); + invert_ntt_at_layer_4_plus_dd(&zeta_i, re, (size_t)5U); + invert_ntt_at_layer_4_plus_dd(&zeta_i, re, (size_t)6U); + invert_ntt_at_layer_4_plus_dd(&zeta_i, re, (size_t)7U); + poly_barrett_reduce_89_f5(re); } /** @@ -2834,7 +2834,7 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ -static KRML_MUSTINLINE void add_error_reduce_89_82( +static KRML_MUSTINLINE void add_error_reduce_89_69( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *self, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *error) { for (size_t i = (size_t)0U; @@ -2858,14 +2858,14 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - K= 3 */ -static KRML_MUSTINLINE void compute_vector_u_621( +static KRML_MUSTINLINE void compute_vector_u_731( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 (*a_as_ntt)[3U], libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *r_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *error_1, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 ret[3U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 result[3U]; KRML_MAYBE_FOR3(i, (size_t)0U, (size_t)3U, (size_t)1U, - result[i] = ZERO_89_9f();); + result[i] = ZERO_89_7d();); for (size_t i0 = (size_t)0U; i0 < Eurydice_slice_len( Eurydice_array_to_slice( @@ -2885,11 +2885,11 @@ static KRML_MUSTINLINE void compute_vector_u_621( size_t j = i; libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *a_element = &row[j]; libcrux_ml_kem_polynomial_PolynomialRingElement_d2 product = - ntt_multiply_89_ce(a_element, &r_as_ntt[j]); - add_to_ring_element_89_7e1(&result[i1], &product); + ntt_multiply_89_04(a_element, &r_as_ntt[j]); + add_to_ring_element_89_981(&result[i1], &product); } - invert_ntt_montgomery_771(&result[i1]); - add_error_reduce_89_82(&result[i1], &error_1[i1]); + invert_ntt_montgomery_3e1(&result[i1]); + add_error_reduce_89_69(&result[i1], &error_1[i1]); } memcpy( ret, result, @@ -2902,7 +2902,7 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ -static __m256i decompress_1_ed(__m256i v) { +static __m256i decompress_1_0b(__m256i v) { return libcrux_ml_kem_vector_avx2_bitwise_and_with_constant_ea( libcrux_ml_kem_vector_avx2_sub_ea(libcrux_ml_kem_vector_avx2_ZERO_ea(), &v), @@ -2916,8 +2916,8 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -deserialize_then_decompress_message_f5(uint8_t serialized[32U]) { - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 re = ZERO_89_9f(); +deserialize_then_decompress_message_4d(uint8_t serialized[32U]) { + libcrux_ml_kem_polynomial_PolynomialRingElement_d2 re = ZERO_89_7d(); KRML_MAYBE_FOR16( i, (size_t)0U, (size_t)16U, (size_t)1U, size_t i0 = i; __m256i coefficient_compressed = @@ -2925,7 +2925,7 @@ deserialize_then_decompress_message_f5(uint8_t serialized[32U]) { Eurydice_array_to_subslice2(serialized, (size_t)2U * i0, (size_t)2U * i0 + (size_t)2U, uint8_t)); - re.coefficients[i0] = decompress_1_ed(coefficient_compressed);); + re.coefficients[i0] = decompress_1_0b(coefficient_compressed);); return re; } @@ -2940,7 +2940,7 @@ with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -add_message_error_reduce_89_ef( +add_message_error_reduce_89_c3( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *self, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *message, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 result) { @@ -2970,18 +2970,18 @@ with const generics - K= 3 */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -compute_ring_element_v_961( +compute_ring_element_v_881( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *t_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *r_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *error_2, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *message) { - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 result = ZERO_89_9f(); + libcrux_ml_kem_polynomial_PolynomialRingElement_d2 result = ZERO_89_7d(); KRML_MAYBE_FOR3(i, (size_t)0U, (size_t)3U, (size_t)1U, size_t i0 = i; libcrux_ml_kem_polynomial_PolynomialRingElement_d2 product = - ntt_multiply_89_ce(&t_as_ntt[i0], &r_as_ntt[i0]); - add_to_ring_element_89_7e1(&result, &product);); - invert_ntt_montgomery_771(&result); - result = add_message_error_reduce_89_ef(error_2, message, result); + ntt_multiply_89_04(&t_as_ntt[i0], &r_as_ntt[i0]); + add_to_ring_element_89_981(&result, &product);); + invert_ntt_montgomery_3e1(&result); + result = add_message_error_reduce_89_c3(error_2, message, result); return result; } @@ -2992,7 +2992,7 @@ generics - COEFFICIENT_BITS= 10 */ static KRML_MUSTINLINE __m256i -compress_ciphertext_coefficient_3b(__m256i vector) { +compress_ciphertext_coefficient_de(__m256i vector) { __m256i field_modulus_halved = mm256_set1_epi32( ((int32_t)LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_MODULUS - (int32_t)1) / (int32_t)2); @@ -3039,8 +3039,8 @@ A monomorphic instance of libcrux_ml_kem.vector.avx2.compress_ea with const generics - COEFFICIENT_BITS= 10 */ -static __m256i compress_ea_8c(__m256i vector) { - return compress_ciphertext_coefficient_3b(vector); +static __m256i compress_ea_39(__m256i vector) { + return compress_ciphertext_coefficient_de(vector); } /** @@ -3049,14 +3049,14 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - OUT_LEN= 320 */ -static KRML_MUSTINLINE void compress_then_serialize_10_b2( +static KRML_MUSTINLINE void compress_then_serialize_10_3e( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re, uint8_t ret[320U]) { uint8_t serialized[320U] = {0U}; for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { size_t i0 = i; __m256i coefficient = - compress_ea_8c(to_unsigned_representative_9b(re->coefficients[i0])); + compress_ea_39(to_unsigned_representative_38(re->coefficients[i0])); uint8_t bytes[20U]; libcrux_ml_kem_vector_avx2_serialize_10_ea(coefficient, bytes); Eurydice_slice uu____0 = Eurydice_array_to_subslice2( @@ -3074,7 +3074,7 @@ generics - COEFFICIENT_BITS= 11 */ static KRML_MUSTINLINE __m256i -compress_ciphertext_coefficient_3b0(__m256i vector) { +compress_ciphertext_coefficient_de0(__m256i vector) { __m256i field_modulus_halved = mm256_set1_epi32( ((int32_t)LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_MODULUS - (int32_t)1) / (int32_t)2); @@ -3121,8 +3121,8 @@ A monomorphic instance of libcrux_ml_kem.vector.avx2.compress_ea with const generics - COEFFICIENT_BITS= 11 */ -static __m256i compress_ea_8c0(__m256i vector) { - return compress_ciphertext_coefficient_3b0(vector); +static __m256i compress_ea_390(__m256i vector) { + return compress_ciphertext_coefficient_de0(vector); } /** @@ -3132,10 +3132,10 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - COMPRESSION_FACTOR= 10 - OUT_LEN= 320 */ -static KRML_MUSTINLINE void compress_then_serialize_ring_element_u_21( +static KRML_MUSTINLINE void compress_then_serialize_ring_element_u_5b( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re, uint8_t ret[320U]) { uint8_t uu____0[320U]; - compress_then_serialize_10_b2(re, uu____0); + compress_then_serialize_10_3e(re, uu____0); memcpy(ret, uu____0, (size_t)320U * sizeof(uint8_t)); } @@ -3151,7 +3151,7 @@ with const generics - COMPRESSION_FACTOR= 10 - BLOCK_LEN= 320 */ -static void compress_then_serialize_u_271( +static void compress_then_serialize_u_4b1( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 input[3U], Eurydice_slice out) { for (size_t i = (size_t)0U; @@ -3167,7 +3167,7 @@ static void compress_then_serialize_u_271( out, i0 * ((size_t)960U / (size_t)3U), (i0 + (size_t)1U) * ((size_t)960U / (size_t)3U), uint8_t); uint8_t ret[320U]; - compress_then_serialize_ring_element_u_21(&re, ret); + compress_then_serialize_ring_element_u_5b(&re, ret); Eurydice_slice_copy( uu____0, Eurydice_array_to_slice((size_t)320U, ret, uint8_t), uint8_t); } @@ -3180,7 +3180,7 @@ generics - COEFFICIENT_BITS= 4 */ static KRML_MUSTINLINE __m256i -compress_ciphertext_coefficient_3b1(__m256i vector) { +compress_ciphertext_coefficient_de1(__m256i vector) { __m256i field_modulus_halved = mm256_set1_epi32( ((int32_t)LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_MODULUS - (int32_t)1) / (int32_t)2); @@ -3227,8 +3227,8 @@ A monomorphic instance of libcrux_ml_kem.vector.avx2.compress_ea with const generics - COEFFICIENT_BITS= 4 */ -static __m256i compress_ea_8c1(__m256i vector) { - return compress_ciphertext_coefficient_3b1(vector); +static __m256i compress_ea_391(__m256i vector) { + return compress_ciphertext_coefficient_de1(vector); } /** @@ -3237,14 +3237,14 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ -static KRML_MUSTINLINE void compress_then_serialize_4_9e( +static KRML_MUSTINLINE void compress_then_serialize_4_93( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 re, Eurydice_slice serialized) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { size_t i0 = i; __m256i coefficient = - compress_ea_8c1(to_unsigned_representative_9b(re.coefficients[i0])); + compress_ea_391(to_unsigned_representative_38(re.coefficients[i0])); uint8_t bytes[8U]; libcrux_ml_kem_vector_avx2_serialize_4_ea(coefficient, bytes); Eurydice_slice_copy( @@ -3261,7 +3261,7 @@ generics - COEFFICIENT_BITS= 5 */ static KRML_MUSTINLINE __m256i -compress_ciphertext_coefficient_3b2(__m256i vector) { +compress_ciphertext_coefficient_de2(__m256i vector) { __m256i field_modulus_halved = mm256_set1_epi32( ((int32_t)LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_MODULUS - (int32_t)1) / (int32_t)2); @@ -3308,8 +3308,8 @@ A monomorphic instance of libcrux_ml_kem.vector.avx2.compress_ea with const generics - COEFFICIENT_BITS= 5 */ -static __m256i compress_ea_8c2(__m256i vector) { - return compress_ciphertext_coefficient_3b2(vector); +static __m256i compress_ea_392(__m256i vector) { + return compress_ciphertext_coefficient_de2(vector); } /** @@ -3318,14 +3318,14 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ -static KRML_MUSTINLINE void compress_then_serialize_5_cb( +static KRML_MUSTINLINE void compress_then_serialize_5_8c( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 re, Eurydice_slice serialized) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { size_t i0 = i; __m256i coefficients = - compress_ea_8c2(to_unsigned_representative_9b(re.coefficients[i0])); + compress_ea_392(to_unsigned_representative_38(re.coefficients[i0])); uint8_t bytes[10U]; libcrux_ml_kem_vector_avx2_serialize_5_ea(coefficients, bytes); Eurydice_slice_copy( @@ -3342,9 +3342,9 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - COMPRESSION_FACTOR= 4 - OUT_LEN= 128 */ -static KRML_MUSTINLINE void compress_then_serialize_ring_element_v_15( +static KRML_MUSTINLINE void compress_then_serialize_ring_element_v_e4( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 re, Eurydice_slice out) { - compress_then_serialize_4_9e(re, out); + compress_then_serialize_4_93(re, out); } /** @@ -3364,24 +3364,24 @@ libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -static void encrypt_901(Eurydice_slice public_key, uint8_t message[32U], +static void encrypt_041(Eurydice_slice public_key, uint8_t message[32U], Eurydice_slice randomness, uint8_t ret[1088U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 t_as_ntt[3U]; - deserialize_ring_elements_reduced_413( + deserialize_ring_elements_reduced_b63( Eurydice_slice_subslice_to(public_key, (size_t)1152U, uint8_t, size_t), t_as_ntt); Eurydice_slice seed = Eurydice_slice_subslice_from(public_key, (size_t)1152U, uint8_t, size_t); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 A[3U][3U]; uint8_t ret0[34U]; - libcrux_ml_kem_utils_into_padded_array_6d1(seed, ret0); - sample_matrix_A_b81(ret0, false, A); + libcrux_ml_kem_utils_into_padded_array_421(seed, ret0); + sample_matrix_A_291(ret0, false, A); uint8_t prf_input[33U]; - libcrux_ml_kem_utils_into_padded_array_6d2(randomness, prf_input); + libcrux_ml_kem_utils_into_padded_array_422(randomness, prf_input); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_prf_input0[33U]; memcpy(copy_of_prf_input0, prf_input, (size_t)33U * sizeof(uint8_t)); - tuple_b00 uu____1 = sample_vector_cbd_then_ntt_881(copy_of_prf_input0, 0U); + tuple_b00 uu____1 = sample_vector_cbd_then_ntt_6e1(copy_of_prf_input0, 0U); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 r_as_ntt[3U]; memcpy( r_as_ntt, uu____1.fst, @@ -3391,7 +3391,7 @@ static void encrypt_901(Eurydice_slice public_key, uint8_t message[32U], uint8_t copy_of_prf_input[33U]; memcpy(copy_of_prf_input, prf_input, (size_t)33U * sizeof(uint8_t)); tuple_b00 uu____3 = - sample_ring_element_cbd_ec1(copy_of_prf_input, domain_separator0); + sample_ring_element_cbd_851(copy_of_prf_input, domain_separator0); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 error_1[3U]; memcpy( error_1, uu____3.fst, @@ -3399,31 +3399,31 @@ static void encrypt_901(Eurydice_slice public_key, uint8_t message[32U], uint8_t domain_separator = uu____3.snd; prf_input[32U] = domain_separator; uint8_t prf_output[128U]; - PRF_a9_b04(Eurydice_array_to_slice((size_t)33U, prf_input, uint8_t), + PRF_a9_424(Eurydice_array_to_slice((size_t)33U, prf_input, uint8_t), prf_output); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 error_2 = - sample_from_binomial_distribution_5f0( + sample_from_binomial_distribution_910( Eurydice_array_to_slice((size_t)128U, prf_output, uint8_t)); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 u[3U]; - compute_vector_u_621(A, r_as_ntt, error_1, u); + compute_vector_u_731(A, r_as_ntt, error_1, u); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_message[32U]; memcpy(copy_of_message, message, (size_t)32U * sizeof(uint8_t)); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 message_as_ring_element = - deserialize_then_decompress_message_f5(copy_of_message); + deserialize_then_decompress_message_4d(copy_of_message); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 v = - compute_ring_element_v_961(t_as_ntt, r_as_ntt, &error_2, + compute_ring_element_v_881(t_as_ntt, r_as_ntt, &error_2, &message_as_ring_element); uint8_t ciphertext[1088U] = {0U}; libcrux_ml_kem_polynomial_PolynomialRingElement_d2 uu____5[3U]; memcpy( uu____5, u, (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); - compress_then_serialize_u_271( + compress_then_serialize_u_4b1( uu____5, Eurydice_array_to_subslice2(ciphertext, (size_t)0U, (size_t)960U, uint8_t)); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 uu____6 = v; - compress_then_serialize_ring_element_v_15( + compress_then_serialize_ring_element_v_e4( uu____6, Eurydice_array_to_subslice_from((size_t)1088U, ciphertext, (size_t)960U, uint8_t, size_t)); memcpy(ret, ciphertext, (size_t)1088U * sizeof(uint8_t)); @@ -3440,7 +3440,7 @@ with const generics - K= 3 - CIPHERTEXT_SIZE= 1088 */ -static KRML_MUSTINLINE void kdf_d8_421(Eurydice_slice shared_secret, +static KRML_MUSTINLINE void kdf_d8_d21(Eurydice_slice shared_secret, uint8_t ret[32U]) { uint8_t out[32U] = {0U}; Eurydice_slice_copy(Eurydice_array_to_slice((size_t)32U, out, uint8_t), @@ -3467,27 +3467,27 @@ with const generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -tuple_3c libcrux_ml_kem_ind_cca_encapsulate_cf1( +tuple_3c libcrux_ml_kem_ind_cca_encapsulate_ae1( libcrux_ml_kem_types_MlKemPublicKey_15 *public_key, uint8_t randomness[32U]) { uint8_t randomness0[32U]; - entropy_preprocess_d8_c61( + entropy_preprocess_d8_e11( Eurydice_array_to_slice((size_t)32U, randomness, uint8_t), randomness0); uint8_t to_hash[64U]; - libcrux_ml_kem_utils_into_padded_array_6d( + libcrux_ml_kem_utils_into_padded_array_42( Eurydice_array_to_slice((size_t)32U, randomness0, uint8_t), to_hash); Eurydice_slice uu____0 = Eurydice_array_to_subslice_from( (size_t)64U, to_hash, LIBCRUX_ML_KEM_CONSTANTS_H_DIGEST_SIZE, uint8_t, size_t); uint8_t ret[32U]; - H_a9_381(Eurydice_array_to_slice( - (size_t)1184U, libcrux_ml_kem_types_as_slice_cb_3d0(public_key), + H_a9_161(Eurydice_array_to_slice( + (size_t)1184U, libcrux_ml_kem_types_as_slice_cb_a90(public_key), uint8_t), ret); Eurydice_slice_copy( uu____0, Eurydice_array_to_slice((size_t)32U, ret, uint8_t), uint8_t); uint8_t hashed[64U]; - G_a9_5a1(Eurydice_array_to_slice((size_t)64U, to_hash, uint8_t), hashed); + G_a9_671(Eurydice_array_to_slice((size_t)64U, to_hash, uint8_t), hashed); Eurydice_slice_uint8_t_x2 uu____1 = Eurydice_slice_split_at( Eurydice_array_to_slice((size_t)64U, hashed, uint8_t), LIBCRUX_ML_KEM_CONSTANTS_SHARED_SECRET_SIZE, uint8_t, @@ -3495,19 +3495,19 @@ tuple_3c libcrux_ml_kem_ind_cca_encapsulate_cf1( Eurydice_slice shared_secret = uu____1.fst; Eurydice_slice pseudorandomness = uu____1.snd; Eurydice_slice uu____2 = Eurydice_array_to_slice( - (size_t)1184U, libcrux_ml_kem_types_as_slice_cb_3d0(public_key), uint8_t); + (size_t)1184U, libcrux_ml_kem_types_as_slice_cb_a90(public_key), uint8_t); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness0, (size_t)32U * sizeof(uint8_t)); uint8_t ciphertext[1088U]; - encrypt_901(uu____2, copy_of_randomness, pseudorandomness, ciphertext); + encrypt_041(uu____2, copy_of_randomness, pseudorandomness, ciphertext); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_ciphertext[1088U]; memcpy(copy_of_ciphertext, ciphertext, (size_t)1088U * sizeof(uint8_t)); libcrux_ml_kem_mlkem768_MlKem768Ciphertext ciphertext0 = - libcrux_ml_kem_types_from_01_330(copy_of_ciphertext); + libcrux_ml_kem_types_from_01_130(copy_of_ciphertext); uint8_t shared_secret_array[32U]; - kdf_d8_421(shared_secret, shared_secret_array); + kdf_d8_d21(shared_secret, shared_secret_array); libcrux_ml_kem_mlkem768_MlKem768Ciphertext uu____5 = ciphertext0; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_shared_secret_array[32U]; @@ -3526,8 +3526,8 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -deserialize_to_uncompressed_ring_element_cb(Eurydice_slice serialized) { - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 re = ZERO_89_9f(); +deserialize_to_uncompressed_ring_element_4f(Eurydice_slice serialized) { + libcrux_ml_kem_polynomial_PolynomialRingElement_d2 re = ZERO_89_7d(); for (size_t i = (size_t)0U; i < Eurydice_slice_len(serialized, uint8_t) / (size_t)24U; i++) { size_t i0 = i; @@ -3547,12 +3547,12 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - K= 3 */ -static KRML_MUSTINLINE void deserialize_secret_key_651( +static KRML_MUSTINLINE void deserialize_secret_key_f11( Eurydice_slice secret_key, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 ret[3U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 secret_as_ntt[3U]; KRML_MAYBE_FOR3(i, (size_t)0U, (size_t)3U, (size_t)1U, - secret_as_ntt[i] = ZERO_89_9f();); + secret_as_ntt[i] = ZERO_89_7d();); for (size_t i = (size_t)0U; i < Eurydice_slice_len(secret_key, uint8_t) / LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT; @@ -3564,7 +3564,7 @@ static KRML_MUSTINLINE void deserialize_secret_key_651( LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT, uint8_t); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 uu____0 = - deserialize_to_uncompressed_ring_element_cb(secret_bytes); + deserialize_to_uncompressed_ring_element_4f(secret_bytes); secret_as_ntt[i0] = uu____0; } memcpy( @@ -3589,7 +3589,7 @@ generics - COEFFICIENT_BITS= 10 */ static KRML_MUSTINLINE __m256i -decompress_ciphertext_coefficient_7f(__m256i vector) { +decompress_ciphertext_coefficient_45(__m256i vector) { __m256i field_modulus = mm256_set1_epi32((int32_t)LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_MODULUS); __m256i two_pow_coefficient_bits = @@ -3633,8 +3633,8 @@ libcrux_ml_kem.vector.avx2.decompress_ciphertext_coefficient_ea with const generics - COEFFICIENT_BITS= 10 */ -static __m256i decompress_ciphertext_coefficient_ea_b3(__m256i vector) { - return decompress_ciphertext_coefficient_7f(vector); +static __m256i decompress_ciphertext_coefficient_ea_5b(__m256i vector) { + return decompress_ciphertext_coefficient_45(vector); } /** @@ -3644,15 +3644,15 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -deserialize_then_decompress_10_d3(Eurydice_slice serialized) { - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 re = ZERO_89_9f(); +deserialize_then_decompress_10_58(Eurydice_slice serialized) { + libcrux_ml_kem_polynomial_PolynomialRingElement_d2 re = ZERO_89_7d(); for (size_t i = (size_t)0U; i < Eurydice_slice_len(serialized, uint8_t) / (size_t)20U; i++) { size_t i0 = i; Eurydice_slice bytes = Eurydice_slice_subslice2( serialized, i0 * (size_t)20U, i0 * (size_t)20U + (size_t)20U, uint8_t); __m256i coefficient = libcrux_ml_kem_vector_avx2_deserialize_10_ea(bytes); - re.coefficients[i0] = decompress_ciphertext_coefficient_ea_b3(coefficient); + re.coefficients[i0] = decompress_ciphertext_coefficient_ea_5b(coefficient); } return re; } @@ -3664,7 +3664,7 @@ generics - COEFFICIENT_BITS= 11 */ static KRML_MUSTINLINE __m256i -decompress_ciphertext_coefficient_7f0(__m256i vector) { +decompress_ciphertext_coefficient_450(__m256i vector) { __m256i field_modulus = mm256_set1_epi32((int32_t)LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_MODULUS); __m256i two_pow_coefficient_bits = @@ -3708,8 +3708,8 @@ libcrux_ml_kem.vector.avx2.decompress_ciphertext_coefficient_ea with const generics - COEFFICIENT_BITS= 11 */ -static __m256i decompress_ciphertext_coefficient_ea_b30(__m256i vector) { - return decompress_ciphertext_coefficient_7f0(vector); +static __m256i decompress_ciphertext_coefficient_ea_5b0(__m256i vector) { + return decompress_ciphertext_coefficient_450(vector); } /** @@ -3719,15 +3719,15 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -deserialize_then_decompress_11_29(Eurydice_slice serialized) { - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 re = ZERO_89_9f(); +deserialize_then_decompress_11_99(Eurydice_slice serialized) { + libcrux_ml_kem_polynomial_PolynomialRingElement_d2 re = ZERO_89_7d(); for (size_t i = (size_t)0U; i < Eurydice_slice_len(serialized, uint8_t) / (size_t)22U; i++) { size_t i0 = i; Eurydice_slice bytes = Eurydice_slice_subslice2( serialized, i0 * (size_t)22U, i0 * (size_t)22U + (size_t)22U, uint8_t); __m256i coefficient = libcrux_ml_kem_vector_avx2_deserialize_11_ea(bytes); - re.coefficients[i0] = decompress_ciphertext_coefficient_ea_b30(coefficient); + re.coefficients[i0] = decompress_ciphertext_coefficient_ea_5b0(coefficient); } return re; } @@ -3739,8 +3739,8 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - COMPRESSION_FACTOR= 10 */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -deserialize_then_decompress_ring_element_u_36(Eurydice_slice serialized) { - return deserialize_then_decompress_10_d3(serialized); +deserialize_then_decompress_ring_element_u_69(Eurydice_slice serialized) { + return deserialize_then_decompress_10_58(serialized); } /** @@ -3749,17 +3749,17 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - VECTOR_U_COMPRESSION_FACTOR= 10 */ -static KRML_MUSTINLINE void ntt_vector_u_08( +static KRML_MUSTINLINE void ntt_vector_u_26( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re) { size_t zeta_i = (size_t)0U; - ntt_at_layer_4_plus_46(&zeta_i, re, (size_t)7U); - ntt_at_layer_4_plus_46(&zeta_i, re, (size_t)6U); - ntt_at_layer_4_plus_46(&zeta_i, re, (size_t)5U); - ntt_at_layer_4_plus_46(&zeta_i, re, (size_t)4U); - ntt_at_layer_3_3d(&zeta_i, re); - ntt_at_layer_2_16(&zeta_i, re); - ntt_at_layer_1_8f(&zeta_i, re); - poly_barrett_reduce_89_ef(re); + ntt_at_layer_4_plus_a5(&zeta_i, re, (size_t)7U); + ntt_at_layer_4_plus_a5(&zeta_i, re, (size_t)6U); + ntt_at_layer_4_plus_a5(&zeta_i, re, (size_t)5U); + ntt_at_layer_4_plus_a5(&zeta_i, re, (size_t)4U); + ntt_at_layer_3_46(&zeta_i, re); + ntt_at_layer_2_53(&zeta_i, re); + ntt_at_layer_1_f7(&zeta_i, re); + poly_barrett_reduce_89_f5(re); } /** @@ -3774,12 +3774,12 @@ with const generics - CIPHERTEXT_SIZE= 1088 - U_COMPRESSION_FACTOR= 10 */ -static KRML_MUSTINLINE void deserialize_then_decompress_u_221( +static KRML_MUSTINLINE void deserialize_then_decompress_u_831( uint8_t *ciphertext, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 ret[3U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 u_as_ntt[3U]; KRML_MAYBE_FOR3(i, (size_t)0U, (size_t)3U, (size_t)1U, - u_as_ntt[i] = ZERO_89_9f();); + u_as_ntt[i] = ZERO_89_7d();); for (size_t i = (size_t)0U; i < Eurydice_slice_len( Eurydice_array_to_slice((size_t)1088U, ciphertext, uint8_t), @@ -3797,8 +3797,8 @@ static KRML_MUSTINLINE void deserialize_then_decompress_u_221( LIBCRUX_ML_KEM_CONSTANTS_COEFFICIENTS_IN_RING_ELEMENT * (size_t)10U / (size_t)8U, uint8_t); - u_as_ntt[i0] = deserialize_then_decompress_ring_element_u_36(u_bytes); - ntt_vector_u_08(&u_as_ntt[i0]); + u_as_ntt[i0] = deserialize_then_decompress_ring_element_u_69(u_bytes); + ntt_vector_u_26(&u_as_ntt[i0]); } memcpy( ret, u_as_ntt, @@ -3812,7 +3812,7 @@ generics - COEFFICIENT_BITS= 4 */ static KRML_MUSTINLINE __m256i -decompress_ciphertext_coefficient_7f1(__m256i vector) { +decompress_ciphertext_coefficient_451(__m256i vector) { __m256i field_modulus = mm256_set1_epi32((int32_t)LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_MODULUS); __m256i two_pow_coefficient_bits = @@ -3856,8 +3856,8 @@ libcrux_ml_kem.vector.avx2.decompress_ciphertext_coefficient_ea with const generics - COEFFICIENT_BITS= 4 */ -static __m256i decompress_ciphertext_coefficient_ea_b31(__m256i vector) { - return decompress_ciphertext_coefficient_7f1(vector); +static __m256i decompress_ciphertext_coefficient_ea_5b1(__m256i vector) { + return decompress_ciphertext_coefficient_451(vector); } /** @@ -3867,15 +3867,15 @@ with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -deserialize_then_decompress_4_c8(Eurydice_slice serialized) { - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 re = ZERO_89_9f(); +deserialize_then_decompress_4_37(Eurydice_slice serialized) { + libcrux_ml_kem_polynomial_PolynomialRingElement_d2 re = ZERO_89_7d(); for (size_t i = (size_t)0U; i < Eurydice_slice_len(serialized, uint8_t) / (size_t)8U; i++) { size_t i0 = i; Eurydice_slice bytes = Eurydice_slice_subslice2( serialized, i0 * (size_t)8U, i0 * (size_t)8U + (size_t)8U, uint8_t); __m256i coefficient = libcrux_ml_kem_vector_avx2_deserialize_4_ea(bytes); - re.coefficients[i0] = decompress_ciphertext_coefficient_ea_b31(coefficient); + re.coefficients[i0] = decompress_ciphertext_coefficient_ea_5b1(coefficient); } return re; } @@ -3887,7 +3887,7 @@ generics - COEFFICIENT_BITS= 5 */ static KRML_MUSTINLINE __m256i -decompress_ciphertext_coefficient_7f2(__m256i vector) { +decompress_ciphertext_coefficient_452(__m256i vector) { __m256i field_modulus = mm256_set1_epi32((int32_t)LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_MODULUS); __m256i two_pow_coefficient_bits = @@ -3931,8 +3931,8 @@ libcrux_ml_kem.vector.avx2.decompress_ciphertext_coefficient_ea with const generics - COEFFICIENT_BITS= 5 */ -static __m256i decompress_ciphertext_coefficient_ea_b32(__m256i vector) { - return decompress_ciphertext_coefficient_7f2(vector); +static __m256i decompress_ciphertext_coefficient_ea_5b2(__m256i vector) { + return decompress_ciphertext_coefficient_452(vector); } /** @@ -3942,8 +3942,8 @@ with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -deserialize_then_decompress_5_10(Eurydice_slice serialized) { - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 re = ZERO_89_9f(); +deserialize_then_decompress_5_a1(Eurydice_slice serialized) { + libcrux_ml_kem_polynomial_PolynomialRingElement_d2 re = ZERO_89_7d(); for (size_t i = (size_t)0U; i < Eurydice_slice_len(serialized, uint8_t) / (size_t)10U; i++) { size_t i0 = i; @@ -3951,7 +3951,7 @@ deserialize_then_decompress_5_10(Eurydice_slice serialized) { serialized, i0 * (size_t)10U, i0 * (size_t)10U + (size_t)10U, uint8_t); re.coefficients[i0] = libcrux_ml_kem_vector_avx2_deserialize_5_ea(bytes); re.coefficients[i0] = - decompress_ciphertext_coefficient_ea_b32(re.coefficients[i0]); + decompress_ciphertext_coefficient_ea_5b2(re.coefficients[i0]); } return re; } @@ -3963,8 +3963,8 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - COMPRESSION_FACTOR= 4 */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -deserialize_then_decompress_ring_element_v_e4(Eurydice_slice serialized) { - return deserialize_then_decompress_4_c8(serialized); +deserialize_then_decompress_ring_element_v_86(Eurydice_slice serialized) { + return deserialize_then_decompress_4_37(serialized); } /** @@ -3978,7 +3978,7 @@ with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -subtract_reduce_89_12(libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *self, +subtract_reduce_89_ed(libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *self, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 b) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { @@ -4006,17 +4006,17 @@ with const generics - K= 3 */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -compute_message_141( +compute_message_7d1( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *v, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *secret_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *u_as_ntt) { - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 result = ZERO_89_9f(); + libcrux_ml_kem_polynomial_PolynomialRingElement_d2 result = ZERO_89_7d(); KRML_MAYBE_FOR3(i, (size_t)0U, (size_t)3U, (size_t)1U, size_t i0 = i; libcrux_ml_kem_polynomial_PolynomialRingElement_d2 product = - ntt_multiply_89_ce(&secret_as_ntt[i0], &u_as_ntt[i0]); - add_to_ring_element_89_7e1(&result, &product);); - invert_ntt_montgomery_771(&result); - result = subtract_reduce_89_12(v, result); + ntt_multiply_89_04(&secret_as_ntt[i0], &u_as_ntt[i0]); + add_to_ring_element_89_981(&result, &product);); + invert_ntt_montgomery_3e1(&result); + result = subtract_reduce_89_ed(v, result); return result; } @@ -4026,12 +4026,12 @@ libcrux_ml_kem.serialize.compress_then_serialize_message with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ -static KRML_MUSTINLINE void compress_then_serialize_message_45( +static KRML_MUSTINLINE void compress_then_serialize_message_70( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 re, uint8_t ret[32U]) { uint8_t serialized[32U] = {0U}; KRML_MAYBE_FOR16( i, (size_t)0U, (size_t)16U, (size_t)1U, size_t i0 = i; - __m256i coefficient = to_unsigned_representative_9b(re.coefficients[i0]); + __m256i coefficient = to_unsigned_representative_38(re.coefficients[i0]); __m256i coefficient_compressed = libcrux_ml_kem_vector_avx2_compress_1_ea(coefficient); uint8_t bytes[2U]; @@ -4078,18 +4078,18 @@ with const generics - U_COMPRESSION_FACTOR= 10 - V_COMPRESSION_FACTOR= 4 */ -static void decrypt_unpacked_531(IndCpaPrivateKeyUnpacked_a0 *secret_key, +static void decrypt_unpacked_c31(IndCpaPrivateKeyUnpacked_a0 *secret_key, uint8_t *ciphertext, uint8_t ret[32U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 u_as_ntt[3U]; - deserialize_then_decompress_u_221(ciphertext, u_as_ntt); + deserialize_then_decompress_u_831(ciphertext, u_as_ntt); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 v = - deserialize_then_decompress_ring_element_v_e4( + deserialize_then_decompress_ring_element_v_86( Eurydice_array_to_subslice_from((size_t)1088U, ciphertext, (size_t)960U, uint8_t, size_t)); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 message = - compute_message_141(&v, secret_key->secret_as_ntt, u_as_ntt); + compute_message_7d1(&v, secret_key->secret_as_ntt, u_as_ntt); uint8_t ret0[32U]; - compress_then_serialize_message_45(message, ret0); + compress_then_serialize_message_70(message, ret0); memcpy(ret, ret0, (size_t)32U * sizeof(uint8_t)); } @@ -4103,10 +4103,10 @@ with const generics - U_COMPRESSION_FACTOR= 10 - V_COMPRESSION_FACTOR= 4 */ -static void decrypt_ec1(Eurydice_slice secret_key, uint8_t *ciphertext, +static void decrypt_fd1(Eurydice_slice secret_key, uint8_t *ciphertext, uint8_t ret[32U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 secret_as_ntt[3U]; - deserialize_secret_key_651(secret_key, secret_as_ntt); + deserialize_secret_key_f11(secret_key, secret_as_ntt); /* Passing arrays by value in Rust generates a copy in C */ libcrux_ml_kem_polynomial_PolynomialRingElement_d2 copy_of_secret_as_ntt[3U]; memcpy( @@ -4117,7 +4117,7 @@ static void decrypt_ec1(Eurydice_slice secret_key, uint8_t *ciphertext, secret_key_unpacked.secret_as_ntt, copy_of_secret_as_ntt, (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); uint8_t ret0[32U]; - decrypt_unpacked_531(&secret_key_unpacked, ciphertext, ret0); + decrypt_unpacked_c31(&secret_key_unpacked, ciphertext, ret0); memcpy(ret, ret0, (size_t)32U * sizeof(uint8_t)); } @@ -4126,7 +4126,7 @@ A monomorphic instance of libcrux_ml_kem.hash_functions.avx2.PRF with const generics - LEN= 32 */ -static KRML_MUSTINLINE void PRF_ba(Eurydice_slice input, uint8_t ret[32U]) { +static KRML_MUSTINLINE void PRF_d1(Eurydice_slice input, uint8_t ret[32U]) { uint8_t digest[32U] = {0U}; libcrux_sha3_portable_shake256( Eurydice_array_to_slice((size_t)32U, digest, uint8_t), input); @@ -4143,8 +4143,8 @@ with const generics - K= 3 - LEN= 32 */ -static KRML_MUSTINLINE void PRF_a9_b03(Eurydice_slice input, uint8_t ret[32U]) { - PRF_ba(input, ret); +static KRML_MUSTINLINE void PRF_a9_423(Eurydice_slice input, uint8_t ret[32U]) { + PRF_d1(input, ret); } /** @@ -4169,7 +4169,7 @@ with const generics - ETA2_RANDOMNESS_SIZE= 128 - IMPLICIT_REJECTION_HASH_INPUT_SIZE= 1120 */ -void libcrux_ml_kem_ind_cca_decapsulate_a41( +void libcrux_ml_kem_ind_cca_decapsulate_bb1( libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext, uint8_t ret[32U]) { Eurydice_slice_uint8_t_x2 uu____0 = Eurydice_slice_split_at( @@ -4187,9 +4187,9 @@ void libcrux_ml_kem_ind_cca_decapsulate_a41( Eurydice_slice ind_cpa_public_key_hash = uu____2.fst; Eurydice_slice implicit_rejection_value = uu____2.snd; uint8_t decrypted[32U]; - decrypt_ec1(ind_cpa_secret_key, ciphertext->value, decrypted); + decrypt_fd1(ind_cpa_secret_key, ciphertext->value, decrypted); uint8_t to_hash0[64U]; - libcrux_ml_kem_utils_into_padded_array_6d( + libcrux_ml_kem_utils_into_padded_array_42( Eurydice_array_to_slice((size_t)32U, decrypted, uint8_t), to_hash0); Eurydice_slice_copy( Eurydice_array_to_subslice_from( @@ -4197,7 +4197,7 @@ void libcrux_ml_kem_ind_cca_decapsulate_a41( uint8_t, size_t), ind_cpa_public_key_hash, uint8_t); uint8_t hashed[64U]; - G_a9_5a1(Eurydice_array_to_slice((size_t)64U, to_hash0, uint8_t), hashed); + G_a9_671(Eurydice_array_to_slice((size_t)64U, to_hash0, uint8_t), hashed); Eurydice_slice_uint8_t_x2 uu____3 = Eurydice_slice_split_at( Eurydice_array_to_slice((size_t)64U, hashed, uint8_t), LIBCRUX_ML_KEM_CONSTANTS_SHARED_SECRET_SIZE, uint8_t, @@ -4205,31 +4205,31 @@ void libcrux_ml_kem_ind_cca_decapsulate_a41( Eurydice_slice shared_secret0 = uu____3.fst; Eurydice_slice pseudorandomness = uu____3.snd; uint8_t to_hash[1120U]; - libcrux_ml_kem_utils_into_padded_array_6d3(implicit_rejection_value, to_hash); + libcrux_ml_kem_utils_into_padded_array_423(implicit_rejection_value, to_hash); Eurydice_slice uu____4 = Eurydice_array_to_subslice_from( (size_t)1120U, to_hash, LIBCRUX_ML_KEM_CONSTANTS_SHARED_SECRET_SIZE, uint8_t, size_t); - Eurydice_slice_copy(uu____4, libcrux_ml_kem_types_as_ref_00_d80(ciphertext), + Eurydice_slice_copy(uu____4, libcrux_ml_kem_types_as_ref_00_df0(ciphertext), uint8_t); uint8_t implicit_rejection_shared_secret0[32U]; - PRF_a9_b03(Eurydice_array_to_slice((size_t)1120U, to_hash, uint8_t), + PRF_a9_423(Eurydice_array_to_slice((size_t)1120U, to_hash, uint8_t), implicit_rejection_shared_secret0); Eurydice_slice uu____5 = ind_cpa_public_key; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_decrypted[32U]; memcpy(copy_of_decrypted, decrypted, (size_t)32U * sizeof(uint8_t)); uint8_t expected_ciphertext[1088U]; - encrypt_901(uu____5, copy_of_decrypted, pseudorandomness, + encrypt_041(uu____5, copy_of_decrypted, pseudorandomness, expected_ciphertext); uint8_t implicit_rejection_shared_secret[32U]; - kdf_d8_421(Eurydice_array_to_slice( + kdf_d8_d21(Eurydice_array_to_slice( (size_t)32U, implicit_rejection_shared_secret0, uint8_t), implicit_rejection_shared_secret); uint8_t shared_secret[32U]; - kdf_d8_421(shared_secret0, shared_secret); + kdf_d8_d21(shared_secret0, shared_secret); uint8_t ret0[32U]; libcrux_ml_kem_constant_time_ops_compare_ciphertexts_select_shared_secret_in_constant_time( - libcrux_ml_kem_types_as_ref_00_d80(ciphertext), + libcrux_ml_kem_types_as_ref_00_df0(ciphertext), Eurydice_array_to_slice((size_t)1088U, expected_ciphertext, uint8_t), Eurydice_array_to_slice((size_t)32U, shared_secret, uint8_t), Eurydice_array_to_slice((size_t)32U, implicit_rejection_shared_secret, @@ -4251,12 +4251,12 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - PUBLIC_KEY_SIZE= 1568 - K= 4 */ -static KRML_MUSTINLINE void deserialize_ring_elements_reduced_412( +static KRML_MUSTINLINE void deserialize_ring_elements_reduced_b62( Eurydice_slice public_key, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 ret[4U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 deserialized_pk[4U]; KRML_MAYBE_FOR4(i, (size_t)0U, (size_t)4U, (size_t)1U, - deserialized_pk[i] = ZERO_89_9f();); + deserialized_pk[i] = ZERO_89_7d();); for (size_t i = (size_t)0U; i < Eurydice_slice_len(public_key, uint8_t) / LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT; @@ -4268,7 +4268,7 @@ static KRML_MUSTINLINE void deserialize_ring_elements_reduced_412( LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT, uint8_t); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 uu____0 = - deserialize_to_reduced_ring_element_4d(ring_element); + deserialize_to_reduced_ring_element_d0(ring_element); deserialized_pk[i0] = uu____0; } memcpy( @@ -4286,7 +4286,7 @@ with const generics - K= 4 - OUT_LEN= 1536 */ -static KRML_MUSTINLINE void serialize_secret_key_6d0( +static KRML_MUSTINLINE void serialize_secret_key_fd0( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *key, uint8_t ret[1536U]) { uint8_t out[1536U] = {0U}; @@ -4304,7 +4304,7 @@ static KRML_MUSTINLINE void serialize_secret_key_6d0( (i0 + (size_t)1U) * LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT, uint8_t); uint8_t ret0[384U]; - serialize_uncompressed_ring_element_b6(&re, ret0); + serialize_uncompressed_ring_element_16(&re, ret0); Eurydice_slice_copy( uu____0, Eurydice_array_to_slice((size_t)384U, ret0, uint8_t), uint8_t); } @@ -4322,14 +4322,14 @@ with const generics - RANKED_BYTES_PER_RING_ELEMENT= 1536 - PUBLIC_KEY_SIZE= 1568 */ -static KRML_MUSTINLINE void serialize_public_key_d00( +static KRML_MUSTINLINE void serialize_public_key_770( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *t_as_ntt, Eurydice_slice seed_for_a, uint8_t ret[1568U]) { uint8_t public_key_serialized[1568U] = {0U}; Eurydice_slice uu____0 = Eurydice_array_to_subslice2( public_key_serialized, (size_t)0U, (size_t)1536U, uint8_t); uint8_t ret0[1536U]; - serialize_secret_key_6d0(t_as_ntt, ret0); + serialize_secret_key_fd0(t_as_ntt, ret0); Eurydice_slice_copy( uu____0, Eurydice_array_to_slice((size_t)1536U, ret0, uint8_t), uint8_t); Eurydice_slice_copy( @@ -4354,15 +4354,15 @@ with const generics - RANKED_BYTES_PER_RING_ELEMENT= 1536 - PUBLIC_KEY_SIZE= 1568 */ -bool libcrux_ml_kem_ind_cca_validate_public_key_310(uint8_t *public_key) { +bool libcrux_ml_kem_ind_cca_validate_public_key_6e0(uint8_t *public_key) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 deserialized_pk[4U]; - deserialize_ring_elements_reduced_412( + deserialize_ring_elements_reduced_b62( Eurydice_array_to_subslice_to((size_t)1568U, public_key, (size_t)1536U, uint8_t, size_t), deserialized_pk); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *uu____0 = deserialized_pk; uint8_t public_key_serialized[1568U]; - serialize_public_key_d00( + serialize_public_key_770( uu____0, Eurydice_array_to_subslice_from((size_t)1568U, public_key, (size_t)1536U, uint8_t, size_t), @@ -4380,7 +4380,7 @@ A monomorphic instance of libcrux_ml_kem.hash_functions.avx2.H_a9 with const generics - K= 4 */ -static KRML_MUSTINLINE void H_a9_380(Eurydice_slice input, uint8_t ret[32U]) { +static KRML_MUSTINLINE void H_a9_160(Eurydice_slice input, uint8_t ret[32U]) { libcrux_ml_kem_hash_functions_avx2_H(input, ret); } @@ -4399,11 +4399,11 @@ with const generics - SECRET_KEY_SIZE= 3168 - CIPHERTEXT_SIZE= 1568 */ -bool libcrux_ml_kem_ind_cca_validate_private_key_4e0( +bool libcrux_ml_kem_ind_cca_validate_private_key_fd0( libcrux_ml_kem_types_MlKemPrivateKey_95 *private_key, libcrux_ml_kem_mlkem1024_MlKem1024Ciphertext *_ciphertext) { uint8_t t[32U]; - H_a9_380(Eurydice_array_to_subslice2( + H_a9_160(Eurydice_array_to_subslice2( private_key->value, (size_t)384U * (size_t)4U, (size_t)768U * (size_t)4U + (size_t)32U, uint8_t), t); @@ -4423,7 +4423,7 @@ A monomorphic instance of libcrux_ml_kem.hash_functions.avx2.G_a9 with const generics - K= 4 */ -static KRML_MUSTINLINE void G_a9_5a0(Eurydice_slice input, uint8_t ret[64U]) { +static KRML_MUSTINLINE void G_a9_670(Eurydice_slice input, uint8_t ret[64U]) { libcrux_ml_kem_hash_functions_avx2_G(input, ret); } @@ -4437,7 +4437,7 @@ with types libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics - K= 4 */ -static KRML_MUSTINLINE void cpa_keygen_seed_d8_7c0( +static KRML_MUSTINLINE void cpa_keygen_seed_d8_510( Eurydice_slice key_generation_seed, uint8_t ret[64U]) { uint8_t seed[33U] = {0U}; Eurydice_slice_copy( @@ -4448,7 +4448,7 @@ static KRML_MUSTINLINE void cpa_keygen_seed_d8_7c0( seed[LIBCRUX_ML_KEM_CONSTANTS_CPA_PKE_KEY_GENERATION_SEED_SIZE] = (uint8_t)(size_t)4U; uint8_t ret0[64U]; - G_a9_5a0(Eurydice_array_to_slice((size_t)33U, seed, uint8_t), ret0); + G_a9_670(Eurydice_array_to_slice((size_t)33U, seed, uint8_t), ret0); memcpy(ret, ret0, (size_t)64U * sizeof(uint8_t)); } @@ -4458,10 +4458,10 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector, libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics - K= 4 */ -static void closure_d00( +static void closure_640( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 ret[4U]) { KRML_MAYBE_FOR4(i, (size_t)0U, (size_t)4U, (size_t)1U, - ret[i] = ZERO_89_9f();); + ret[i] = ZERO_89_7d();); } /** @@ -4470,7 +4470,7 @@ libcrux_ml_kem.hash_functions.avx2.shake128_init_absorb with const generics - K= 4 */ static KRML_MUSTINLINE libcrux_sha3_avx2_x4_incremental_KeccakState -shake128_init_absorb_e50(uint8_t input[4U][34U]) { +shake128_init_absorb_2a0(uint8_t input[4U][34U]) { libcrux_sha3_generic_keccak_KeccakState_29 state = libcrux_sha3_avx2_x4_incremental_init(); libcrux_sha3_avx2_x4_incremental_shake128_absorb_final( @@ -4491,11 +4491,11 @@ libcrux_ml_kem.hash_functions.avx2.shake128_init_absorb_a9 with const generics - K= 4 */ static KRML_MUSTINLINE libcrux_sha3_avx2_x4_incremental_KeccakState -shake128_init_absorb_a9_300(uint8_t input[4U][34U]) { +shake128_init_absorb_a9_1c0(uint8_t input[4U][34U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_input[4U][34U]; memcpy(copy_of_input, input, (size_t)4U * sizeof(uint8_t[34U])); - return shake128_init_absorb_e50(copy_of_input); + return shake128_init_absorb_2a0(copy_of_input); } /** @@ -4504,7 +4504,7 @@ libcrux_ml_kem.hash_functions.avx2.shake128_squeeze_three_blocks with const generics - K= 4 */ -static KRML_MUSTINLINE void shake128_squeeze_three_blocks_620( +static KRML_MUSTINLINE void shake128_squeeze_three_blocks_0c0( libcrux_sha3_avx2_x4_incremental_KeccakState *st, uint8_t ret[4U][504U]) { uint8_t out[4U][504U] = {{0U}}; uint8_t out0[504U] = {0U}; @@ -4541,9 +4541,9 @@ libcrux_ml_kem.hash_functions.avx2.shake128_squeeze_three_blocks_a9 with const generics - K= 4 */ -static KRML_MUSTINLINE void shake128_squeeze_three_blocks_a9_a10( +static KRML_MUSTINLINE void shake128_squeeze_three_blocks_a9_2e0( libcrux_sha3_avx2_x4_incremental_KeccakState *self, uint8_t ret[4U][504U]) { - shake128_squeeze_three_blocks_620(self, ret); + shake128_squeeze_three_blocks_0c0(self, ret); } /** @@ -4594,7 +4594,7 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - K= 4 - N= 504 */ -static KRML_MUSTINLINE bool sample_from_uniform_distribution_next_9a1( +static KRML_MUSTINLINE bool sample_from_uniform_distribution_next_6b1( uint8_t randomness[4U][504U], size_t *sampled_coefficients, int16_t (*out)[272U]) { KRML_MAYBE_FOR4( @@ -4631,7 +4631,7 @@ A monomorphic instance of libcrux_ml_kem.hash_functions.avx2.shake128_squeeze_block with const generics - K= 4 */ -static KRML_MUSTINLINE void shake128_squeeze_block_580( +static KRML_MUSTINLINE void shake128_squeeze_block_4a0( libcrux_sha3_avx2_x4_incremental_KeccakState *st, uint8_t ret[4U][168U]) { uint8_t out[4U][168U] = {{0U}}; uint8_t out0[168U] = {0U}; @@ -4667,9 +4667,9 @@ A monomorphic instance of libcrux_ml_kem.hash_functions.avx2.shake128_squeeze_block_a9 with const generics - K= 4 */ -static KRML_MUSTINLINE void shake128_squeeze_block_a9_930( +static KRML_MUSTINLINE void shake128_squeeze_block_a9_1d0( libcrux_sha3_avx2_x4_incremental_KeccakState *self, uint8_t ret[4U][168U]) { - shake128_squeeze_block_580(self, ret); + shake128_squeeze_block_4a0(self, ret); } /** @@ -4720,7 +4720,7 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - K= 4 - N= 168 */ -static KRML_MUSTINLINE bool sample_from_uniform_distribution_next_9a2( +static KRML_MUSTINLINE bool sample_from_uniform_distribution_next_6b2( uint8_t randomness[4U][168U], size_t *sampled_coefficients, int16_t (*out)[272U]) { KRML_MAYBE_FOR4( @@ -4758,9 +4758,9 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector, libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics - K= 4 */ -static libcrux_ml_kem_polynomial_PolynomialRingElement_d2 closure_a50( +static libcrux_ml_kem_polynomial_PolynomialRingElement_d2 closure_860( int16_t s[272U]) { - return from_i16_array_89_94( + return from_i16_array_89_82( Eurydice_array_to_subslice2(s, (size_t)0U, (size_t)256U, int16_t)); } @@ -4770,7 +4770,7 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector, libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics - K= 4 */ -static KRML_MUSTINLINE void sample_from_xof_160( +static KRML_MUSTINLINE void sample_from_xof_6c0( uint8_t seeds[4U][34U], libcrux_ml_kem_polynomial_PolynomialRingElement_d2 ret[4U]) { size_t sampled_coefficients[4U] = {0U}; @@ -4779,25 +4779,25 @@ static KRML_MUSTINLINE void sample_from_xof_160( uint8_t copy_of_seeds[4U][34U]; memcpy(copy_of_seeds, seeds, (size_t)4U * sizeof(uint8_t[34U])); libcrux_sha3_avx2_x4_incremental_KeccakState xof_state = - shake128_init_absorb_a9_300(copy_of_seeds); + shake128_init_absorb_a9_1c0(copy_of_seeds); uint8_t randomness0[4U][504U]; - shake128_squeeze_three_blocks_a9_a10(&xof_state, randomness0); + shake128_squeeze_three_blocks_a9_2e0(&xof_state, randomness0); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness0[4U][504U]; memcpy(copy_of_randomness0, randomness0, (size_t)4U * sizeof(uint8_t[504U])); - bool done = sample_from_uniform_distribution_next_9a1( + bool done = sample_from_uniform_distribution_next_6b1( copy_of_randomness0, sampled_coefficients, out); while (true) { if (done) { break; } else { uint8_t randomness[4U][168U]; - shake128_squeeze_block_a9_930(&xof_state, randomness); + shake128_squeeze_block_a9_1d0(&xof_state, randomness); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[4U][168U]; memcpy(copy_of_randomness, randomness, (size_t)4U * sizeof(uint8_t[168U])); - done = sample_from_uniform_distribution_next_9a2( + done = sample_from_uniform_distribution_next_6b2( copy_of_randomness, sampled_coefficients, out); } } @@ -4806,7 +4806,7 @@ static KRML_MUSTINLINE void sample_from_xof_160( memcpy(copy_of_out, out, (size_t)4U * sizeof(int16_t[272U])); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 ret0[4U]; KRML_MAYBE_FOR4(i, (size_t)0U, (size_t)4U, (size_t)1U, - ret0[i] = closure_a50(copy_of_out[i]);); + ret0[i] = closure_860(copy_of_out[i]);); memcpy( ret, ret0, (size_t)4U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); @@ -4818,12 +4818,12 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector, libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics - K= 4 */ -static KRML_MUSTINLINE void sample_matrix_A_b80( +static KRML_MUSTINLINE void sample_matrix_A_290( uint8_t seed[34U], bool transpose, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 ret[4U][4U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 A_transpose[4U][4U]; KRML_MAYBE_FOR4(i, (size_t)0U, (size_t)4U, (size_t)1U, - closure_d00(A_transpose[i]);); + closure_640(A_transpose[i]);); KRML_MAYBE_FOR4( i0, (size_t)0U, (size_t)4U, (size_t)1U, size_t i1 = i0; /* Passing arrays by value in Rust generates a copy in C */ @@ -4838,7 +4838,7 @@ static KRML_MUSTINLINE void sample_matrix_A_b80( uint8_t copy_of_seeds[4U][34U]; memcpy(copy_of_seeds, seeds, (size_t)4U * sizeof(uint8_t[34U])); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 sampled[4U]; - sample_from_xof_160(copy_of_seeds, sampled); + sample_from_xof_6c0(copy_of_seeds, sampled); for (size_t i = (size_t)0U; i < Eurydice_slice_len( Eurydice_array_to_slice( @@ -4878,7 +4878,7 @@ with const generics - K= 4 - LEN= 128 */ -static KRML_MUSTINLINE void PRFxN_e11(uint8_t (*input)[33U], +static KRML_MUSTINLINE void PRFxN_081(uint8_t (*input)[33U], uint8_t ret[4U][128U]) { uint8_t out[4U][128U] = {{0U}}; uint8_t out0[128U] = {0U}; @@ -4919,9 +4919,9 @@ with const generics - K= 4 - LEN= 128 */ -static KRML_MUSTINLINE void PRFxN_a9_9b1(uint8_t (*input)[33U], +static KRML_MUSTINLINE void PRFxN_a9_161(uint8_t (*input)[33U], uint8_t ret[4U][128U]) { - PRFxN_e11(input, ret); + PRFxN_081(input, ret); } /** @@ -4936,11 +4936,11 @@ libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics - ETA= 2 - ETA_RANDOMNESS_SIZE= 128 */ -static KRML_MUSTINLINE tuple_71 sample_vector_cbd_then_ntt_880( +static KRML_MUSTINLINE tuple_71 sample_vector_cbd_then_ntt_6e0( uint8_t prf_input[33U], uint8_t domain_separator) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 re_as_ntt[4U]; KRML_MAYBE_FOR4(i, (size_t)0U, (size_t)4U, (size_t)1U, - re_as_ntt[i] = ZERO_89_9f();); + re_as_ntt[i] = ZERO_89_7d();); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_prf_input[33U]; memcpy(copy_of_prf_input, prf_input, (size_t)33U * sizeof(uint8_t)); @@ -4952,12 +4952,12 @@ static KRML_MUSTINLINE tuple_71 sample_vector_cbd_then_ntt_880( prf_inputs[i0][32U] = domain_separator; domain_separator = (uint32_t)domain_separator + 1U;); uint8_t prf_outputs[4U][128U]; - PRFxN_a9_9b1(prf_inputs, prf_outputs); + PRFxN_a9_161(prf_inputs, prf_outputs); KRML_MAYBE_FOR4( i, (size_t)0U, (size_t)4U, (size_t)1U, size_t i0 = i; - re_as_ntt[i0] = sample_from_binomial_distribution_5f0( + re_as_ntt[i0] = sample_from_binomial_distribution_910( Eurydice_array_to_slice((size_t)128U, prf_outputs[i0], uint8_t)); - ntt_binomially_sampled_ring_element_58(&re_as_ntt[i0]);); + ntt_binomially_sampled_ring_element_e1(&re_as_ntt[i0]);); /* Passing arrays by value in Rust generates a copy in C */ libcrux_ml_kem_polynomial_PolynomialRingElement_d2 copy_of_re_as_ntt[4U]; memcpy( @@ -4985,7 +4985,7 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - K= 4 */ -static KRML_MUSTINLINE void add_to_ring_element_89_7e0( +static KRML_MUSTINLINE void add_to_ring_element_89_980( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *self, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *rhs) { for (size_t i = (size_t)0U; @@ -5008,14 +5008,14 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - K= 4 */ -static KRML_MUSTINLINE void compute_As_plus_e_2d0( +static KRML_MUSTINLINE void compute_As_plus_e_6a0( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 (*matrix_A)[4U], libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *s_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *error_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 ret[4U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 result[4U]; KRML_MAYBE_FOR4(i, (size_t)0U, (size_t)4U, (size_t)1U, - result[i] = ZERO_89_9f();); + result[i] = ZERO_89_7d();); for (size_t i0 = (size_t)0U; i0 < Eurydice_slice_len( Eurydice_array_to_slice( @@ -5036,10 +5036,10 @@ static KRML_MUSTINLINE void compute_As_plus_e_2d0( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *matrix_element = &row[j]; libcrux_ml_kem_polynomial_PolynomialRingElement_d2 product = - ntt_multiply_89_ce(matrix_element, &s_as_ntt[j]); - add_to_ring_element_89_7e0(&result[i1], &product); + ntt_multiply_89_04(matrix_element, &s_as_ntt[j]); + add_to_ring_element_89_980(&result[i1], &product); } - add_standard_error_reduce_89_67(&result[i1], &error_as_ntt[i1]); + add_standard_error_reduce_89_c1(&result[i1], &error_as_ntt[i1]); } memcpy( ret, result, @@ -5058,10 +5058,10 @@ with const generics - ETA1= 2 - ETA1_RANDOMNESS_SIZE= 128 */ -static libcrux_ml_kem_utils_extraction_helper_Keypair1024 generate_keypair_9d0( +static libcrux_ml_kem_utils_extraction_helper_Keypair1024 generate_keypair_510( Eurydice_slice key_generation_seed) { uint8_t hashed[64U]; - cpa_keygen_seed_d8_7c0(key_generation_seed, hashed); + cpa_keygen_seed_d8_510(key_generation_seed, hashed); Eurydice_slice_uint8_t_x2 uu____0 = Eurydice_slice_split_at( Eurydice_array_to_slice((size_t)64U, hashed, uint8_t), (size_t)32U, uint8_t, Eurydice_slice_uint8_t_x2); @@ -5069,15 +5069,15 @@ static libcrux_ml_kem_utils_extraction_helper_Keypair1024 generate_keypair_9d0( Eurydice_slice seed_for_secret_and_error = uu____0.snd; libcrux_ml_kem_polynomial_PolynomialRingElement_d2 A_transpose[4U][4U]; uint8_t ret[34U]; - libcrux_ml_kem_utils_into_padded_array_6d1(seed_for_A0, ret); - sample_matrix_A_b80(ret, true, A_transpose); + libcrux_ml_kem_utils_into_padded_array_421(seed_for_A0, ret); + sample_matrix_A_290(ret, true, A_transpose); uint8_t prf_input[33U]; - libcrux_ml_kem_utils_into_padded_array_6d2(seed_for_secret_and_error, + libcrux_ml_kem_utils_into_padded_array_422(seed_for_secret_and_error, prf_input); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_prf_input0[33U]; memcpy(copy_of_prf_input0, prf_input, (size_t)33U * sizeof(uint8_t)); - tuple_71 uu____2 = sample_vector_cbd_then_ntt_880(copy_of_prf_input0, 0U); + tuple_71 uu____2 = sample_vector_cbd_then_ntt_6e0(copy_of_prf_input0, 0U); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 secret_as_ntt[4U]; memcpy( secret_as_ntt, uu____2.fst, @@ -5089,20 +5089,20 @@ static libcrux_ml_kem_utils_extraction_helper_Keypair1024 generate_keypair_9d0( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 error_as_ntt[4U]; memcpy( error_as_ntt, - sample_vector_cbd_then_ntt_880(copy_of_prf_input, domain_separator).fst, + sample_vector_cbd_then_ntt_6e0(copy_of_prf_input, domain_separator).fst, (size_t)4U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 t_as_ntt[4U]; - compute_As_plus_e_2d0(A_transpose, secret_as_ntt, error_as_ntt, t_as_ntt); + compute_As_plus_e_6a0(A_transpose, secret_as_ntt, error_as_ntt, t_as_ntt); uint8_t seed_for_A[32U]; core_result_Result_00 dst; Eurydice_slice_to_array2(&dst, seed_for_A0, Eurydice_slice, uint8_t[32U]); core_result_unwrap_41_33(dst, seed_for_A); uint8_t public_key_serialized[1568U]; - serialize_public_key_d00( + serialize_public_key_770( t_as_ntt, Eurydice_array_to_slice((size_t)32U, seed_for_A, uint8_t), public_key_serialized); uint8_t secret_key_serialized[1536U]; - serialize_secret_key_6d0(secret_as_ntt, secret_key_serialized); + serialize_secret_key_fd0(secret_as_ntt, secret_key_serialized); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_secret_key_serialized[1536U]; memcpy(copy_of_secret_key_serialized, secret_key_serialized, @@ -5129,7 +5129,7 @@ with const generics - K= 4 - SERIALIZED_KEY_LEN= 3168 */ -static KRML_MUSTINLINE void serialize_kem_secret_key_d40( +static KRML_MUSTINLINE void serialize_kem_secret_key_f50( Eurydice_slice private_key, Eurydice_slice public_key, Eurydice_slice implicit_rejection_value, uint8_t ret[3168U]) { uint8_t out[3168U] = {0U}; @@ -5155,7 +5155,7 @@ static KRML_MUSTINLINE void serialize_kem_secret_key_d40( Eurydice_slice uu____6 = Eurydice_array_to_subslice2( out, pointer, pointer + LIBCRUX_ML_KEM_CONSTANTS_H_DIGEST_SIZE, uint8_t); uint8_t ret0[32U]; - H_a9_380(public_key, ret0); + H_a9_160(public_key, ret0); Eurydice_slice_copy( uu____6, Eurydice_array_to_slice((size_t)32U, ret0, uint8_t), uint8_t); pointer = pointer + LIBCRUX_ML_KEM_CONSTANTS_H_DIGEST_SIZE; @@ -5193,7 +5193,7 @@ with const generics - ETA1_RANDOMNESS_SIZE= 128 */ libcrux_ml_kem_mlkem1024_MlKem1024KeyPair -libcrux_ml_kem_ind_cca_generate_keypair_5d0(uint8_t randomness[64U]) { +libcrux_ml_kem_ind_cca_generate_keypair_610(uint8_t randomness[64U]) { Eurydice_slice ind_cpa_keypair_randomness = Eurydice_array_to_subslice2( randomness, (size_t)0U, LIBCRUX_ML_KEM_CONSTANTS_CPA_PKE_KEY_GENERATION_SEED_SIZE, uint8_t); @@ -5202,13 +5202,13 @@ libcrux_ml_kem_ind_cca_generate_keypair_5d0(uint8_t randomness[64U]) { LIBCRUX_ML_KEM_CONSTANTS_CPA_PKE_KEY_GENERATION_SEED_SIZE, uint8_t, size_t); libcrux_ml_kem_utils_extraction_helper_Keypair1024 uu____0 = - generate_keypair_9d0(ind_cpa_keypair_randomness); + generate_keypair_510(ind_cpa_keypair_randomness); uint8_t ind_cpa_private_key[1536U]; memcpy(ind_cpa_private_key, uu____0.fst, (size_t)1536U * sizeof(uint8_t)); uint8_t public_key[1568U]; memcpy(public_key, uu____0.snd, (size_t)1568U * sizeof(uint8_t)); uint8_t secret_key_serialized[3168U]; - serialize_kem_secret_key_d40( + serialize_kem_secret_key_f50( Eurydice_array_to_slice((size_t)1536U, ind_cpa_private_key, uint8_t), Eurydice_array_to_slice((size_t)1568U, public_key, uint8_t), implicit_rejection_value, secret_key_serialized); @@ -5217,13 +5217,13 @@ libcrux_ml_kem_ind_cca_generate_keypair_5d0(uint8_t randomness[64U]) { memcpy(copy_of_secret_key_serialized, secret_key_serialized, (size_t)3168U * sizeof(uint8_t)); libcrux_ml_kem_types_MlKemPrivateKey_95 private_key = - libcrux_ml_kem_types_from_05_891(copy_of_secret_key_serialized); + libcrux_ml_kem_types_from_05_9d1(copy_of_secret_key_serialized); libcrux_ml_kem_types_MlKemPrivateKey_95 uu____2 = private_key; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_public_key[1568U]; memcpy(copy_of_public_key, public_key, (size_t)1568U * sizeof(uint8_t)); - return libcrux_ml_kem_types_from_17_821( - uu____2, libcrux_ml_kem_types_from_b6_961(copy_of_public_key)); + return libcrux_ml_kem_types_from_17_f61( + uu____2, libcrux_ml_kem_types_from_b6_8c1(copy_of_public_key)); } /** @@ -5236,7 +5236,7 @@ with types libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics - K= 4 */ -static KRML_MUSTINLINE void entropy_preprocess_d8_c60(Eurydice_slice randomness, +static KRML_MUSTINLINE void entropy_preprocess_d8_e10(Eurydice_slice randomness, uint8_t ret[32U]) { uint8_t out[32U] = {0U}; Eurydice_slice_copy(Eurydice_array_to_slice((size_t)32U, out, uint8_t), @@ -5257,12 +5257,12 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - PUBLIC_KEY_SIZE= 1536 - K= 4 */ -static KRML_MUSTINLINE void deserialize_ring_elements_reduced_411( +static KRML_MUSTINLINE void deserialize_ring_elements_reduced_b61( Eurydice_slice public_key, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 ret[4U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 deserialized_pk[4U]; KRML_MAYBE_FOR4(i, (size_t)0U, (size_t)4U, (size_t)1U, - deserialized_pk[i] = ZERO_89_9f();); + deserialized_pk[i] = ZERO_89_7d();); for (size_t i = (size_t)0U; i < Eurydice_slice_len(public_key, uint8_t) / LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT; @@ -5274,7 +5274,7 @@ static KRML_MUSTINLINE void deserialize_ring_elements_reduced_411( LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT, uint8_t); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 uu____0 = - deserialize_to_reduced_ring_element_4d(ring_element); + deserialize_to_reduced_ring_element_d0(ring_element); deserialized_pk[i0] = uu____0; } memcpy( @@ -5294,10 +5294,10 @@ libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics - ETA2= 2 */ static KRML_MUSTINLINE tuple_71 -sample_ring_element_cbd_ec0(uint8_t prf_input[33U], uint8_t domain_separator) { +sample_ring_element_cbd_850(uint8_t prf_input[33U], uint8_t domain_separator) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 error_1[4U]; KRML_MAYBE_FOR4(i, (size_t)0U, (size_t)4U, (size_t)1U, - error_1[i] = ZERO_89_9f();); + error_1[i] = ZERO_89_7d();); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_prf_input[33U]; memcpy(copy_of_prf_input, prf_input, (size_t)33U * sizeof(uint8_t)); @@ -5309,11 +5309,11 @@ sample_ring_element_cbd_ec0(uint8_t prf_input[33U], uint8_t domain_separator) { prf_inputs[i0][32U] = domain_separator; domain_separator = (uint32_t)domain_separator + 1U;); uint8_t prf_outputs[4U][128U]; - PRFxN_a9_9b1(prf_inputs, prf_outputs); + PRFxN_a9_161(prf_inputs, prf_outputs); KRML_MAYBE_FOR4( i, (size_t)0U, (size_t)4U, (size_t)1U, size_t i0 = i; libcrux_ml_kem_polynomial_PolynomialRingElement_d2 uu____1 = - sample_from_binomial_distribution_5f0( + sample_from_binomial_distribution_910( Eurydice_array_to_slice((size_t)128U, prf_outputs[i0], uint8_t)); error_1[i0] = uu____1;); /* Passing arrays by value in Rust generates a copy in C */ @@ -5339,9 +5339,9 @@ with const generics - K= 4 - LEN= 128 */ -static KRML_MUSTINLINE void PRF_a9_b02(Eurydice_slice input, +static KRML_MUSTINLINE void PRF_a9_422(Eurydice_slice input, uint8_t ret[128U]) { - PRF_ba0(input, ret); + PRF_d10(input, ret); } /** @@ -5350,18 +5350,18 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - K= 4 */ -static KRML_MUSTINLINE void invert_ntt_montgomery_770( +static KRML_MUSTINLINE void invert_ntt_montgomery_3e0( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re) { size_t zeta_i = LIBCRUX_ML_KEM_CONSTANTS_COEFFICIENTS_IN_RING_ELEMENT / (size_t)2U; - invert_ntt_at_layer_1_23(&zeta_i, re); - invert_ntt_at_layer_2_83(&zeta_i, re); - invert_ntt_at_layer_3_38(&zeta_i, re); - invert_ntt_at_layer_4_plus_1a(&zeta_i, re, (size_t)4U); - invert_ntt_at_layer_4_plus_1a(&zeta_i, re, (size_t)5U); - invert_ntt_at_layer_4_plus_1a(&zeta_i, re, (size_t)6U); - invert_ntt_at_layer_4_plus_1a(&zeta_i, re, (size_t)7U); - poly_barrett_reduce_89_ef(re); + invert_ntt_at_layer_1_a5(&zeta_i, re); + invert_ntt_at_layer_2_0a(&zeta_i, re); + invert_ntt_at_layer_3_2b(&zeta_i, re); + invert_ntt_at_layer_4_plus_dd(&zeta_i, re, (size_t)4U); + invert_ntt_at_layer_4_plus_dd(&zeta_i, re, (size_t)5U); + invert_ntt_at_layer_4_plus_dd(&zeta_i, re, (size_t)6U); + invert_ntt_at_layer_4_plus_dd(&zeta_i, re, (size_t)7U); + poly_barrett_reduce_89_f5(re); } /** @@ -5373,14 +5373,14 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - K= 4 */ -static KRML_MUSTINLINE void compute_vector_u_620( +static KRML_MUSTINLINE void compute_vector_u_730( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 (*a_as_ntt)[4U], libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *r_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *error_1, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 ret[4U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 result[4U]; KRML_MAYBE_FOR4(i, (size_t)0U, (size_t)4U, (size_t)1U, - result[i] = ZERO_89_9f();); + result[i] = ZERO_89_7d();); for (size_t i0 = (size_t)0U; i0 < Eurydice_slice_len( Eurydice_array_to_slice( @@ -5400,11 +5400,11 @@ static KRML_MUSTINLINE void compute_vector_u_620( size_t j = i; libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *a_element = &row[j]; libcrux_ml_kem_polynomial_PolynomialRingElement_d2 product = - ntt_multiply_89_ce(a_element, &r_as_ntt[j]); - add_to_ring_element_89_7e0(&result[i1], &product); + ntt_multiply_89_04(a_element, &r_as_ntt[j]); + add_to_ring_element_89_980(&result[i1], &product); } - invert_ntt_montgomery_770(&result[i1]); - add_error_reduce_89_82(&result[i1], &error_1[i1]); + invert_ntt_montgomery_3e0(&result[i1]); + add_error_reduce_89_69(&result[i1], &error_1[i1]); } memcpy( ret, result, @@ -5421,18 +5421,18 @@ with const generics - K= 4 */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -compute_ring_element_v_960( +compute_ring_element_v_880( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *t_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *r_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *error_2, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *message) { - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 result = ZERO_89_9f(); + libcrux_ml_kem_polynomial_PolynomialRingElement_d2 result = ZERO_89_7d(); KRML_MAYBE_FOR4(i, (size_t)0U, (size_t)4U, (size_t)1U, size_t i0 = i; libcrux_ml_kem_polynomial_PolynomialRingElement_d2 product = - ntt_multiply_89_ce(&t_as_ntt[i0], &r_as_ntt[i0]); - add_to_ring_element_89_7e0(&result, &product);); - invert_ntt_montgomery_770(&result); - result = add_message_error_reduce_89_ef(error_2, message, result); + ntt_multiply_89_04(&t_as_ntt[i0], &r_as_ntt[i0]); + add_to_ring_element_89_980(&result, &product);); + invert_ntt_montgomery_3e0(&result); + result = add_message_error_reduce_89_c3(error_2, message, result); return result; } @@ -5442,14 +5442,14 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - OUT_LEN= 352 */ -static KRML_MUSTINLINE void compress_then_serialize_11_ac0( +static KRML_MUSTINLINE void compress_then_serialize_11_c70( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re, uint8_t ret[352U]) { uint8_t serialized[352U] = {0U}; for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { size_t i0 = i; __m256i coefficient = - compress_ea_8c0(to_unsigned_representative_9b(re->coefficients[i0])); + compress_ea_390(to_unsigned_representative_38(re->coefficients[i0])); uint8_t bytes[22U]; libcrux_ml_kem_vector_avx2_serialize_11_ea(coefficient, bytes); Eurydice_slice uu____0 = Eurydice_array_to_subslice2( @@ -5467,10 +5467,10 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - COMPRESSION_FACTOR= 11 - OUT_LEN= 352 */ -static KRML_MUSTINLINE void compress_then_serialize_ring_element_u_210( +static KRML_MUSTINLINE void compress_then_serialize_ring_element_u_5b0( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re, uint8_t ret[352U]) { uint8_t uu____0[352U]; - compress_then_serialize_11_ac0(re, uu____0); + compress_then_serialize_11_c70(re, uu____0); memcpy(ret, uu____0, (size_t)352U * sizeof(uint8_t)); } @@ -5486,7 +5486,7 @@ with const generics - COMPRESSION_FACTOR= 11 - BLOCK_LEN= 352 */ -static void compress_then_serialize_u_270( +static void compress_then_serialize_u_4b0( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 input[4U], Eurydice_slice out) { for (size_t i = (size_t)0U; @@ -5502,7 +5502,7 @@ static void compress_then_serialize_u_270( out, i0 * ((size_t)1408U / (size_t)4U), (i0 + (size_t)1U) * ((size_t)1408U / (size_t)4U), uint8_t); uint8_t ret[352U]; - compress_then_serialize_ring_element_u_210(&re, ret); + compress_then_serialize_ring_element_u_5b0(&re, ret); Eurydice_slice_copy( uu____0, Eurydice_array_to_slice((size_t)352U, ret, uint8_t), uint8_t); } @@ -5515,9 +5515,9 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - COMPRESSION_FACTOR= 5 - OUT_LEN= 160 */ -static KRML_MUSTINLINE void compress_then_serialize_ring_element_v_150( +static KRML_MUSTINLINE void compress_then_serialize_ring_element_v_e40( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 re, Eurydice_slice out) { - compress_then_serialize_5_cb(re, out); + compress_then_serialize_5_8c(re, out); } /** @@ -5537,24 +5537,24 @@ libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -static void encrypt_900(Eurydice_slice public_key, uint8_t message[32U], +static void encrypt_040(Eurydice_slice public_key, uint8_t message[32U], Eurydice_slice randomness, uint8_t ret[1568U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 t_as_ntt[4U]; - deserialize_ring_elements_reduced_411( + deserialize_ring_elements_reduced_b61( Eurydice_slice_subslice_to(public_key, (size_t)1536U, uint8_t, size_t), t_as_ntt); Eurydice_slice seed = Eurydice_slice_subslice_from(public_key, (size_t)1536U, uint8_t, size_t); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 A[4U][4U]; uint8_t ret0[34U]; - libcrux_ml_kem_utils_into_padded_array_6d1(seed, ret0); - sample_matrix_A_b80(ret0, false, A); + libcrux_ml_kem_utils_into_padded_array_421(seed, ret0); + sample_matrix_A_290(ret0, false, A); uint8_t prf_input[33U]; - libcrux_ml_kem_utils_into_padded_array_6d2(randomness, prf_input); + libcrux_ml_kem_utils_into_padded_array_422(randomness, prf_input); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_prf_input0[33U]; memcpy(copy_of_prf_input0, prf_input, (size_t)33U * sizeof(uint8_t)); - tuple_71 uu____1 = sample_vector_cbd_then_ntt_880(copy_of_prf_input0, 0U); + tuple_71 uu____1 = sample_vector_cbd_then_ntt_6e0(copy_of_prf_input0, 0U); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 r_as_ntt[4U]; memcpy( r_as_ntt, uu____1.fst, @@ -5564,7 +5564,7 @@ static void encrypt_900(Eurydice_slice public_key, uint8_t message[32U], uint8_t copy_of_prf_input[33U]; memcpy(copy_of_prf_input, prf_input, (size_t)33U * sizeof(uint8_t)); tuple_71 uu____3 = - sample_ring_element_cbd_ec0(copy_of_prf_input, domain_separator0); + sample_ring_element_cbd_850(copy_of_prf_input, domain_separator0); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 error_1[4U]; memcpy( error_1, uu____3.fst, @@ -5572,31 +5572,31 @@ static void encrypt_900(Eurydice_slice public_key, uint8_t message[32U], uint8_t domain_separator = uu____3.snd; prf_input[32U] = domain_separator; uint8_t prf_output[128U]; - PRF_a9_b02(Eurydice_array_to_slice((size_t)33U, prf_input, uint8_t), + PRF_a9_422(Eurydice_array_to_slice((size_t)33U, prf_input, uint8_t), prf_output); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 error_2 = - sample_from_binomial_distribution_5f0( + sample_from_binomial_distribution_910( Eurydice_array_to_slice((size_t)128U, prf_output, uint8_t)); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 u[4U]; - compute_vector_u_620(A, r_as_ntt, error_1, u); + compute_vector_u_730(A, r_as_ntt, error_1, u); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_message[32U]; memcpy(copy_of_message, message, (size_t)32U * sizeof(uint8_t)); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 message_as_ring_element = - deserialize_then_decompress_message_f5(copy_of_message); + deserialize_then_decompress_message_4d(copy_of_message); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 v = - compute_ring_element_v_960(t_as_ntt, r_as_ntt, &error_2, + compute_ring_element_v_880(t_as_ntt, r_as_ntt, &error_2, &message_as_ring_element); uint8_t ciphertext[1568U] = {0U}; libcrux_ml_kem_polynomial_PolynomialRingElement_d2 uu____5[4U]; memcpy( uu____5, u, (size_t)4U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); - compress_then_serialize_u_270( + compress_then_serialize_u_4b0( uu____5, Eurydice_array_to_subslice2(ciphertext, (size_t)0U, (size_t)1408U, uint8_t)); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 uu____6 = v; - compress_then_serialize_ring_element_v_150( + compress_then_serialize_ring_element_v_e40( uu____6, Eurydice_array_to_subslice_from((size_t)1568U, ciphertext, (size_t)1408U, uint8_t, size_t)); memcpy(ret, ciphertext, (size_t)1568U * sizeof(uint8_t)); @@ -5613,7 +5613,7 @@ with const generics - K= 4 - CIPHERTEXT_SIZE= 1568 */ -static KRML_MUSTINLINE void kdf_d8_420(Eurydice_slice shared_secret, +static KRML_MUSTINLINE void kdf_d8_d20(Eurydice_slice shared_secret, uint8_t ret[32U]) { uint8_t out[32U] = {0U}; Eurydice_slice_copy(Eurydice_array_to_slice((size_t)32U, out, uint8_t), @@ -5640,27 +5640,27 @@ with const generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -tuple_21 libcrux_ml_kem_ind_cca_encapsulate_cf0( +tuple_21 libcrux_ml_kem_ind_cca_encapsulate_ae0( libcrux_ml_kem_types_MlKemPublicKey_1f *public_key, uint8_t randomness[32U]) { uint8_t randomness0[32U]; - entropy_preprocess_d8_c60( + entropy_preprocess_d8_e10( Eurydice_array_to_slice((size_t)32U, randomness, uint8_t), randomness0); uint8_t to_hash[64U]; - libcrux_ml_kem_utils_into_padded_array_6d( + libcrux_ml_kem_utils_into_padded_array_42( Eurydice_array_to_slice((size_t)32U, randomness0, uint8_t), to_hash); Eurydice_slice uu____0 = Eurydice_array_to_subslice_from( (size_t)64U, to_hash, LIBCRUX_ML_KEM_CONSTANTS_H_DIGEST_SIZE, uint8_t, size_t); uint8_t ret[32U]; - H_a9_380(Eurydice_array_to_slice( - (size_t)1568U, libcrux_ml_kem_types_as_slice_cb_3d1(public_key), + H_a9_160(Eurydice_array_to_slice( + (size_t)1568U, libcrux_ml_kem_types_as_slice_cb_a91(public_key), uint8_t), ret); Eurydice_slice_copy( uu____0, Eurydice_array_to_slice((size_t)32U, ret, uint8_t), uint8_t); uint8_t hashed[64U]; - G_a9_5a0(Eurydice_array_to_slice((size_t)64U, to_hash, uint8_t), hashed); + G_a9_670(Eurydice_array_to_slice((size_t)64U, to_hash, uint8_t), hashed); Eurydice_slice_uint8_t_x2 uu____1 = Eurydice_slice_split_at( Eurydice_array_to_slice((size_t)64U, hashed, uint8_t), LIBCRUX_ML_KEM_CONSTANTS_SHARED_SECRET_SIZE, uint8_t, @@ -5668,19 +5668,19 @@ tuple_21 libcrux_ml_kem_ind_cca_encapsulate_cf0( Eurydice_slice shared_secret = uu____1.fst; Eurydice_slice pseudorandomness = uu____1.snd; Eurydice_slice uu____2 = Eurydice_array_to_slice( - (size_t)1568U, libcrux_ml_kem_types_as_slice_cb_3d1(public_key), uint8_t); + (size_t)1568U, libcrux_ml_kem_types_as_slice_cb_a91(public_key), uint8_t); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness0, (size_t)32U * sizeof(uint8_t)); uint8_t ciphertext[1568U]; - encrypt_900(uu____2, copy_of_randomness, pseudorandomness, ciphertext); + encrypt_040(uu____2, copy_of_randomness, pseudorandomness, ciphertext); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_ciphertext[1568U]; memcpy(copy_of_ciphertext, ciphertext, (size_t)1568U * sizeof(uint8_t)); libcrux_ml_kem_mlkem1024_MlKem1024Ciphertext ciphertext0 = - libcrux_ml_kem_types_from_01_331(copy_of_ciphertext); + libcrux_ml_kem_types_from_01_131(copy_of_ciphertext); uint8_t shared_secret_array[32U]; - kdf_d8_420(shared_secret, shared_secret_array); + kdf_d8_d20(shared_secret, shared_secret_array); libcrux_ml_kem_mlkem1024_MlKem1024Ciphertext uu____5 = ciphertext0; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_shared_secret_array[32U]; @@ -5701,12 +5701,12 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - K= 4 */ -static KRML_MUSTINLINE void deserialize_secret_key_650( +static KRML_MUSTINLINE void deserialize_secret_key_f10( Eurydice_slice secret_key, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 ret[4U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 secret_as_ntt[4U]; KRML_MAYBE_FOR4(i, (size_t)0U, (size_t)4U, (size_t)1U, - secret_as_ntt[i] = ZERO_89_9f();); + secret_as_ntt[i] = ZERO_89_7d();); for (size_t i = (size_t)0U; i < Eurydice_slice_len(secret_key, uint8_t) / LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT; @@ -5718,7 +5718,7 @@ static KRML_MUSTINLINE void deserialize_secret_key_650( LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT, uint8_t); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 uu____0 = - deserialize_to_uncompressed_ring_element_cb(secret_bytes); + deserialize_to_uncompressed_ring_element_4f(secret_bytes); secret_as_ntt[i0] = uu____0; } memcpy( @@ -5743,8 +5743,8 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - COMPRESSION_FACTOR= 11 */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -deserialize_then_decompress_ring_element_u_360(Eurydice_slice serialized) { - return deserialize_then_decompress_11_29(serialized); +deserialize_then_decompress_ring_element_u_690(Eurydice_slice serialized) { + return deserialize_then_decompress_11_99(serialized); } /** @@ -5753,17 +5753,17 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - VECTOR_U_COMPRESSION_FACTOR= 11 */ -static KRML_MUSTINLINE void ntt_vector_u_080( +static KRML_MUSTINLINE void ntt_vector_u_260( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re) { size_t zeta_i = (size_t)0U; - ntt_at_layer_4_plus_46(&zeta_i, re, (size_t)7U); - ntt_at_layer_4_plus_46(&zeta_i, re, (size_t)6U); - ntt_at_layer_4_plus_46(&zeta_i, re, (size_t)5U); - ntt_at_layer_4_plus_46(&zeta_i, re, (size_t)4U); - ntt_at_layer_3_3d(&zeta_i, re); - ntt_at_layer_2_16(&zeta_i, re); - ntt_at_layer_1_8f(&zeta_i, re); - poly_barrett_reduce_89_ef(re); + ntt_at_layer_4_plus_a5(&zeta_i, re, (size_t)7U); + ntt_at_layer_4_plus_a5(&zeta_i, re, (size_t)6U); + ntt_at_layer_4_plus_a5(&zeta_i, re, (size_t)5U); + ntt_at_layer_4_plus_a5(&zeta_i, re, (size_t)4U); + ntt_at_layer_3_46(&zeta_i, re); + ntt_at_layer_2_53(&zeta_i, re); + ntt_at_layer_1_f7(&zeta_i, re); + poly_barrett_reduce_89_f5(re); } /** @@ -5778,12 +5778,12 @@ with const generics - CIPHERTEXT_SIZE= 1568 - U_COMPRESSION_FACTOR= 11 */ -static KRML_MUSTINLINE void deserialize_then_decompress_u_220( +static KRML_MUSTINLINE void deserialize_then_decompress_u_830( uint8_t *ciphertext, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 ret[4U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 u_as_ntt[4U]; KRML_MAYBE_FOR4(i, (size_t)0U, (size_t)4U, (size_t)1U, - u_as_ntt[i] = ZERO_89_9f();); + u_as_ntt[i] = ZERO_89_7d();); for (size_t i = (size_t)0U; i < Eurydice_slice_len( Eurydice_array_to_slice((size_t)1568U, ciphertext, uint8_t), @@ -5801,8 +5801,8 @@ static KRML_MUSTINLINE void deserialize_then_decompress_u_220( LIBCRUX_ML_KEM_CONSTANTS_COEFFICIENTS_IN_RING_ELEMENT * (size_t)11U / (size_t)8U, uint8_t); - u_as_ntt[i0] = deserialize_then_decompress_ring_element_u_360(u_bytes); - ntt_vector_u_080(&u_as_ntt[i0]); + u_as_ntt[i0] = deserialize_then_decompress_ring_element_u_690(u_bytes); + ntt_vector_u_260(&u_as_ntt[i0]); } memcpy( ret, u_as_ntt, @@ -5816,8 +5816,8 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - COMPRESSION_FACTOR= 5 */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -deserialize_then_decompress_ring_element_v_e40(Eurydice_slice serialized) { - return deserialize_then_decompress_5_10(serialized); +deserialize_then_decompress_ring_element_v_860(Eurydice_slice serialized) { + return deserialize_then_decompress_5_a1(serialized); } /** @@ -5833,17 +5833,17 @@ with const generics - K= 4 */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -compute_message_140( +compute_message_7d0( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *v, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *secret_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *u_as_ntt) { - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 result = ZERO_89_9f(); + libcrux_ml_kem_polynomial_PolynomialRingElement_d2 result = ZERO_89_7d(); KRML_MAYBE_FOR4(i, (size_t)0U, (size_t)4U, (size_t)1U, size_t i0 = i; libcrux_ml_kem_polynomial_PolynomialRingElement_d2 product = - ntt_multiply_89_ce(&secret_as_ntt[i0], &u_as_ntt[i0]); - add_to_ring_element_89_7e0(&result, &product);); - invert_ntt_montgomery_770(&result); - result = subtract_reduce_89_12(v, result); + ntt_multiply_89_04(&secret_as_ntt[i0], &u_as_ntt[i0]); + add_to_ring_element_89_980(&result, &product);); + invert_ntt_montgomery_3e0(&result); + result = subtract_reduce_89_ed(v, result); return result; } @@ -5881,18 +5881,18 @@ with const generics - U_COMPRESSION_FACTOR= 11 - V_COMPRESSION_FACTOR= 5 */ -static void decrypt_unpacked_530(IndCpaPrivateKeyUnpacked_01 *secret_key, +static void decrypt_unpacked_c30(IndCpaPrivateKeyUnpacked_01 *secret_key, uint8_t *ciphertext, uint8_t ret[32U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 u_as_ntt[4U]; - deserialize_then_decompress_u_220(ciphertext, u_as_ntt); + deserialize_then_decompress_u_830(ciphertext, u_as_ntt); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 v = - deserialize_then_decompress_ring_element_v_e40( + deserialize_then_decompress_ring_element_v_860( Eurydice_array_to_subslice_from((size_t)1568U, ciphertext, (size_t)1408U, uint8_t, size_t)); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 message = - compute_message_140(&v, secret_key->secret_as_ntt, u_as_ntt); + compute_message_7d0(&v, secret_key->secret_as_ntt, u_as_ntt); uint8_t ret0[32U]; - compress_then_serialize_message_45(message, ret0); + compress_then_serialize_message_70(message, ret0); memcpy(ret, ret0, (size_t)32U * sizeof(uint8_t)); } @@ -5906,10 +5906,10 @@ with const generics - U_COMPRESSION_FACTOR= 11 - V_COMPRESSION_FACTOR= 5 */ -static void decrypt_ec0(Eurydice_slice secret_key, uint8_t *ciphertext, +static void decrypt_fd0(Eurydice_slice secret_key, uint8_t *ciphertext, uint8_t ret[32U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 secret_as_ntt[4U]; - deserialize_secret_key_650(secret_key, secret_as_ntt); + deserialize_secret_key_f10(secret_key, secret_as_ntt); /* Passing arrays by value in Rust generates a copy in C */ libcrux_ml_kem_polynomial_PolynomialRingElement_d2 copy_of_secret_as_ntt[4U]; memcpy( @@ -5920,7 +5920,7 @@ static void decrypt_ec0(Eurydice_slice secret_key, uint8_t *ciphertext, secret_key_unpacked.secret_as_ntt, copy_of_secret_as_ntt, (size_t)4U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); uint8_t ret0[32U]; - decrypt_unpacked_530(&secret_key_unpacked, ciphertext, ret0); + decrypt_unpacked_c30(&secret_key_unpacked, ciphertext, ret0); memcpy(ret, ret0, (size_t)32U * sizeof(uint8_t)); } @@ -5934,8 +5934,8 @@ with const generics - K= 4 - LEN= 32 */ -static KRML_MUSTINLINE void PRF_a9_b01(Eurydice_slice input, uint8_t ret[32U]) { - PRF_ba(input, ret); +static KRML_MUSTINLINE void PRF_a9_421(Eurydice_slice input, uint8_t ret[32U]) { + PRF_d1(input, ret); } /** @@ -5960,7 +5960,7 @@ with const generics - ETA2_RANDOMNESS_SIZE= 128 - IMPLICIT_REJECTION_HASH_INPUT_SIZE= 1600 */ -void libcrux_ml_kem_ind_cca_decapsulate_a40( +void libcrux_ml_kem_ind_cca_decapsulate_bb0( libcrux_ml_kem_types_MlKemPrivateKey_95 *private_key, libcrux_ml_kem_mlkem1024_MlKem1024Ciphertext *ciphertext, uint8_t ret[32U]) { @@ -5979,9 +5979,9 @@ void libcrux_ml_kem_ind_cca_decapsulate_a40( Eurydice_slice ind_cpa_public_key_hash = uu____2.fst; Eurydice_slice implicit_rejection_value = uu____2.snd; uint8_t decrypted[32U]; - decrypt_ec0(ind_cpa_secret_key, ciphertext->value, decrypted); + decrypt_fd0(ind_cpa_secret_key, ciphertext->value, decrypted); uint8_t to_hash0[64U]; - libcrux_ml_kem_utils_into_padded_array_6d( + libcrux_ml_kem_utils_into_padded_array_42( Eurydice_array_to_slice((size_t)32U, decrypted, uint8_t), to_hash0); Eurydice_slice_copy( Eurydice_array_to_subslice_from( @@ -5989,7 +5989,7 @@ void libcrux_ml_kem_ind_cca_decapsulate_a40( uint8_t, size_t), ind_cpa_public_key_hash, uint8_t); uint8_t hashed[64U]; - G_a9_5a0(Eurydice_array_to_slice((size_t)64U, to_hash0, uint8_t), hashed); + G_a9_670(Eurydice_array_to_slice((size_t)64U, to_hash0, uint8_t), hashed); Eurydice_slice_uint8_t_x2 uu____3 = Eurydice_slice_split_at( Eurydice_array_to_slice((size_t)64U, hashed, uint8_t), LIBCRUX_ML_KEM_CONSTANTS_SHARED_SECRET_SIZE, uint8_t, @@ -5997,31 +5997,31 @@ void libcrux_ml_kem_ind_cca_decapsulate_a40( Eurydice_slice shared_secret0 = uu____3.fst; Eurydice_slice pseudorandomness = uu____3.snd; uint8_t to_hash[1600U]; - libcrux_ml_kem_utils_into_padded_array_6d4(implicit_rejection_value, to_hash); + libcrux_ml_kem_utils_into_padded_array_424(implicit_rejection_value, to_hash); Eurydice_slice uu____4 = Eurydice_array_to_subslice_from( (size_t)1600U, to_hash, LIBCRUX_ML_KEM_CONSTANTS_SHARED_SECRET_SIZE, uint8_t, size_t); - Eurydice_slice_copy(uu____4, libcrux_ml_kem_types_as_ref_00_d81(ciphertext), + Eurydice_slice_copy(uu____4, libcrux_ml_kem_types_as_ref_00_df1(ciphertext), uint8_t); uint8_t implicit_rejection_shared_secret0[32U]; - PRF_a9_b01(Eurydice_array_to_slice((size_t)1600U, to_hash, uint8_t), + PRF_a9_421(Eurydice_array_to_slice((size_t)1600U, to_hash, uint8_t), implicit_rejection_shared_secret0); Eurydice_slice uu____5 = ind_cpa_public_key; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_decrypted[32U]; memcpy(copy_of_decrypted, decrypted, (size_t)32U * sizeof(uint8_t)); uint8_t expected_ciphertext[1568U]; - encrypt_900(uu____5, copy_of_decrypted, pseudorandomness, + encrypt_040(uu____5, copy_of_decrypted, pseudorandomness, expected_ciphertext); uint8_t implicit_rejection_shared_secret[32U]; - kdf_d8_420(Eurydice_array_to_slice( + kdf_d8_d20(Eurydice_array_to_slice( (size_t)32U, implicit_rejection_shared_secret0, uint8_t), implicit_rejection_shared_secret); uint8_t shared_secret[32U]; - kdf_d8_420(shared_secret0, shared_secret); + kdf_d8_d20(shared_secret0, shared_secret); uint8_t ret0[32U]; libcrux_ml_kem_constant_time_ops_compare_ciphertexts_select_shared_secret_in_constant_time( - libcrux_ml_kem_types_as_ref_00_d81(ciphertext), + libcrux_ml_kem_types_as_ref_00_df1(ciphertext), Eurydice_array_to_slice((size_t)1568U, expected_ciphertext, uint8_t), Eurydice_array_to_slice((size_t)32U, shared_secret, uint8_t), Eurydice_array_to_slice((size_t)32U, implicit_rejection_shared_secret, @@ -6043,12 +6043,12 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - PUBLIC_KEY_SIZE= 800 - K= 2 */ -static KRML_MUSTINLINE void deserialize_ring_elements_reduced_410( +static KRML_MUSTINLINE void deserialize_ring_elements_reduced_b60( Eurydice_slice public_key, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 ret[2U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 deserialized_pk[2U]; KRML_MAYBE_FOR2(i, (size_t)0U, (size_t)2U, (size_t)1U, - deserialized_pk[i] = ZERO_89_9f();); + deserialized_pk[i] = ZERO_89_7d();); for (size_t i = (size_t)0U; i < Eurydice_slice_len(public_key, uint8_t) / LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT; @@ -6060,7 +6060,7 @@ static KRML_MUSTINLINE void deserialize_ring_elements_reduced_410( LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT, uint8_t); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 uu____0 = - deserialize_to_reduced_ring_element_4d(ring_element); + deserialize_to_reduced_ring_element_d0(ring_element); deserialized_pk[i0] = uu____0; } memcpy( @@ -6078,7 +6078,7 @@ with const generics - K= 2 - OUT_LEN= 768 */ -static KRML_MUSTINLINE void serialize_secret_key_6d( +static KRML_MUSTINLINE void serialize_secret_key_fd( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *key, uint8_t ret[768U]) { uint8_t out[768U] = {0U}; @@ -6096,7 +6096,7 @@ static KRML_MUSTINLINE void serialize_secret_key_6d( (i0 + (size_t)1U) * LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT, uint8_t); uint8_t ret0[384U]; - serialize_uncompressed_ring_element_b6(&re, ret0); + serialize_uncompressed_ring_element_16(&re, ret0); Eurydice_slice_copy( uu____0, Eurydice_array_to_slice((size_t)384U, ret0, uint8_t), uint8_t); } @@ -6114,14 +6114,14 @@ with const generics - RANKED_BYTES_PER_RING_ELEMENT= 768 - PUBLIC_KEY_SIZE= 800 */ -static KRML_MUSTINLINE void serialize_public_key_d0( +static KRML_MUSTINLINE void serialize_public_key_77( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *t_as_ntt, Eurydice_slice seed_for_a, uint8_t ret[800U]) { uint8_t public_key_serialized[800U] = {0U}; Eurydice_slice uu____0 = Eurydice_array_to_subslice2( public_key_serialized, (size_t)0U, (size_t)768U, uint8_t); uint8_t ret0[768U]; - serialize_secret_key_6d(t_as_ntt, ret0); + serialize_secret_key_fd(t_as_ntt, ret0); Eurydice_slice_copy( uu____0, Eurydice_array_to_slice((size_t)768U, ret0, uint8_t), uint8_t); Eurydice_slice_copy( @@ -6146,15 +6146,15 @@ with const generics - RANKED_BYTES_PER_RING_ELEMENT= 768 - PUBLIC_KEY_SIZE= 800 */ -bool libcrux_ml_kem_ind_cca_validate_public_key_31(uint8_t *public_key) { +bool libcrux_ml_kem_ind_cca_validate_public_key_6e(uint8_t *public_key) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 deserialized_pk[2U]; - deserialize_ring_elements_reduced_410( + deserialize_ring_elements_reduced_b60( Eurydice_array_to_subslice_to((size_t)800U, public_key, (size_t)768U, uint8_t, size_t), deserialized_pk); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *uu____0 = deserialized_pk; uint8_t public_key_serialized[800U]; - serialize_public_key_d0( + serialize_public_key_77( uu____0, Eurydice_array_to_subslice_from((size_t)800U, public_key, (size_t)768U, uint8_t, size_t), @@ -6172,7 +6172,7 @@ A monomorphic instance of libcrux_ml_kem.hash_functions.avx2.H_a9 with const generics - K= 2 */ -static KRML_MUSTINLINE void H_a9_38(Eurydice_slice input, uint8_t ret[32U]) { +static KRML_MUSTINLINE void H_a9_16(Eurydice_slice input, uint8_t ret[32U]) { libcrux_ml_kem_hash_functions_avx2_H(input, ret); } @@ -6191,11 +6191,11 @@ with const generics - SECRET_KEY_SIZE= 1632 - CIPHERTEXT_SIZE= 768 */ -bool libcrux_ml_kem_ind_cca_validate_private_key_4e( +bool libcrux_ml_kem_ind_cca_validate_private_key_fd( libcrux_ml_kem_types_MlKemPrivateKey_5e *private_key, libcrux_ml_kem_types_MlKemCiphertext_e8 *_ciphertext) { uint8_t t[32U]; - H_a9_38(Eurydice_array_to_subslice2( + H_a9_16(Eurydice_array_to_subslice2( private_key->value, (size_t)384U * (size_t)2U, (size_t)768U * (size_t)2U + (size_t)32U, uint8_t), t); @@ -6215,7 +6215,7 @@ A monomorphic instance of libcrux_ml_kem.hash_functions.avx2.G_a9 with const generics - K= 2 */ -static KRML_MUSTINLINE void G_a9_5a(Eurydice_slice input, uint8_t ret[64U]) { +static KRML_MUSTINLINE void G_a9_67(Eurydice_slice input, uint8_t ret[64U]) { libcrux_ml_kem_hash_functions_avx2_G(input, ret); } @@ -6229,7 +6229,7 @@ with types libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics - K= 2 */ -static KRML_MUSTINLINE void cpa_keygen_seed_d8_7c( +static KRML_MUSTINLINE void cpa_keygen_seed_d8_51( Eurydice_slice key_generation_seed, uint8_t ret[64U]) { uint8_t seed[33U] = {0U}; Eurydice_slice_copy( @@ -6240,7 +6240,7 @@ static KRML_MUSTINLINE void cpa_keygen_seed_d8_7c( seed[LIBCRUX_ML_KEM_CONSTANTS_CPA_PKE_KEY_GENERATION_SEED_SIZE] = (uint8_t)(size_t)2U; uint8_t ret0[64U]; - G_a9_5a(Eurydice_array_to_slice((size_t)33U, seed, uint8_t), ret0); + G_a9_67(Eurydice_array_to_slice((size_t)33U, seed, uint8_t), ret0); memcpy(ret, ret0, (size_t)64U * sizeof(uint8_t)); } @@ -6250,10 +6250,10 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector, libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics - K= 2 */ -static void closure_d0( +static void closure_64( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 ret[2U]) { KRML_MAYBE_FOR2(i, (size_t)0U, (size_t)2U, (size_t)1U, - ret[i] = ZERO_89_9f();); + ret[i] = ZERO_89_7d();); } /** @@ -6262,7 +6262,7 @@ libcrux_ml_kem.hash_functions.avx2.shake128_init_absorb with const generics - K= 2 */ static KRML_MUSTINLINE libcrux_sha3_avx2_x4_incremental_KeccakState -shake128_init_absorb_e5(uint8_t input[2U][34U]) { +shake128_init_absorb_2a(uint8_t input[2U][34U]) { libcrux_sha3_generic_keccak_KeccakState_29 state = libcrux_sha3_avx2_x4_incremental_init(); libcrux_sha3_avx2_x4_incremental_shake128_absorb_final( @@ -6283,11 +6283,11 @@ libcrux_ml_kem.hash_functions.avx2.shake128_init_absorb_a9 with const generics - K= 2 */ static KRML_MUSTINLINE libcrux_sha3_avx2_x4_incremental_KeccakState -shake128_init_absorb_a9_30(uint8_t input[2U][34U]) { +shake128_init_absorb_a9_1c(uint8_t input[2U][34U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_input[2U][34U]; memcpy(copy_of_input, input, (size_t)2U * sizeof(uint8_t[34U])); - return shake128_init_absorb_e5(copy_of_input); + return shake128_init_absorb_2a(copy_of_input); } /** @@ -6296,7 +6296,7 @@ libcrux_ml_kem.hash_functions.avx2.shake128_squeeze_three_blocks with const generics - K= 2 */ -static KRML_MUSTINLINE void shake128_squeeze_three_blocks_62( +static KRML_MUSTINLINE void shake128_squeeze_three_blocks_0c( libcrux_sha3_avx2_x4_incremental_KeccakState *st, uint8_t ret[2U][504U]) { uint8_t out[2U][504U] = {{0U}}; uint8_t out0[504U] = {0U}; @@ -6327,9 +6327,9 @@ libcrux_ml_kem.hash_functions.avx2.shake128_squeeze_three_blocks_a9 with const generics - K= 2 */ -static KRML_MUSTINLINE void shake128_squeeze_three_blocks_a9_a1( +static KRML_MUSTINLINE void shake128_squeeze_three_blocks_a9_2e( libcrux_sha3_avx2_x4_incremental_KeccakState *self, uint8_t ret[2U][504U]) { - shake128_squeeze_three_blocks_62(self, ret); + shake128_squeeze_three_blocks_0c(self, ret); } /** @@ -6380,7 +6380,7 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - K= 2 - N= 504 */ -static KRML_MUSTINLINE bool sample_from_uniform_distribution_next_9a( +static KRML_MUSTINLINE bool sample_from_uniform_distribution_next_6b( uint8_t randomness[2U][504U], size_t *sampled_coefficients, int16_t (*out)[272U]) { KRML_MAYBE_FOR2( @@ -6417,7 +6417,7 @@ A monomorphic instance of libcrux_ml_kem.hash_functions.avx2.shake128_squeeze_block with const generics - K= 2 */ -static KRML_MUSTINLINE void shake128_squeeze_block_58( +static KRML_MUSTINLINE void shake128_squeeze_block_4a( libcrux_sha3_avx2_x4_incremental_KeccakState *st, uint8_t ret[2U][168U]) { uint8_t out[2U][168U] = {{0U}}; uint8_t out0[168U] = {0U}; @@ -6447,9 +6447,9 @@ A monomorphic instance of libcrux_ml_kem.hash_functions.avx2.shake128_squeeze_block_a9 with const generics - K= 2 */ -static KRML_MUSTINLINE void shake128_squeeze_block_a9_93( +static KRML_MUSTINLINE void shake128_squeeze_block_a9_1d( libcrux_sha3_avx2_x4_incremental_KeccakState *self, uint8_t ret[2U][168U]) { - shake128_squeeze_block_58(self, ret); + shake128_squeeze_block_4a(self, ret); } /** @@ -6500,7 +6500,7 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - K= 2 - N= 168 */ -static KRML_MUSTINLINE bool sample_from_uniform_distribution_next_9a0( +static KRML_MUSTINLINE bool sample_from_uniform_distribution_next_6b0( uint8_t randomness[2U][168U], size_t *sampled_coefficients, int16_t (*out)[272U]) { KRML_MAYBE_FOR2( @@ -6538,9 +6538,9 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector, libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics - K= 2 */ -static libcrux_ml_kem_polynomial_PolynomialRingElement_d2 closure_a5( +static libcrux_ml_kem_polynomial_PolynomialRingElement_d2 closure_86( int16_t s[272U]) { - return from_i16_array_89_94( + return from_i16_array_89_82( Eurydice_array_to_subslice2(s, (size_t)0U, (size_t)256U, int16_t)); } @@ -6550,7 +6550,7 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector, libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics - K= 2 */ -static KRML_MUSTINLINE void sample_from_xof_16( +static KRML_MUSTINLINE void sample_from_xof_6c( uint8_t seeds[2U][34U], libcrux_ml_kem_polynomial_PolynomialRingElement_d2 ret[2U]) { size_t sampled_coefficients[2U] = {0U}; @@ -6559,25 +6559,25 @@ static KRML_MUSTINLINE void sample_from_xof_16( uint8_t copy_of_seeds[2U][34U]; memcpy(copy_of_seeds, seeds, (size_t)2U * sizeof(uint8_t[34U])); libcrux_sha3_avx2_x4_incremental_KeccakState xof_state = - shake128_init_absorb_a9_30(copy_of_seeds); + shake128_init_absorb_a9_1c(copy_of_seeds); uint8_t randomness0[2U][504U]; - shake128_squeeze_three_blocks_a9_a1(&xof_state, randomness0); + shake128_squeeze_three_blocks_a9_2e(&xof_state, randomness0); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness0[2U][504U]; memcpy(copy_of_randomness0, randomness0, (size_t)2U * sizeof(uint8_t[504U])); - bool done = sample_from_uniform_distribution_next_9a( + bool done = sample_from_uniform_distribution_next_6b( copy_of_randomness0, sampled_coefficients, out); while (true) { if (done) { break; } else { uint8_t randomness[2U][168U]; - shake128_squeeze_block_a9_93(&xof_state, randomness); + shake128_squeeze_block_a9_1d(&xof_state, randomness); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[2U][168U]; memcpy(copy_of_randomness, randomness, (size_t)2U * sizeof(uint8_t[168U])); - done = sample_from_uniform_distribution_next_9a0( + done = sample_from_uniform_distribution_next_6b0( copy_of_randomness, sampled_coefficients, out); } } @@ -6586,7 +6586,7 @@ static KRML_MUSTINLINE void sample_from_xof_16( memcpy(copy_of_out, out, (size_t)2U * sizeof(int16_t[272U])); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 ret0[2U]; KRML_MAYBE_FOR2(i, (size_t)0U, (size_t)2U, (size_t)1U, - ret0[i] = closure_a5(copy_of_out[i]);); + ret0[i] = closure_86(copy_of_out[i]);); memcpy( ret, ret0, (size_t)2U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); @@ -6598,12 +6598,12 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector, libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics - K= 2 */ -static KRML_MUSTINLINE void sample_matrix_A_b8( +static KRML_MUSTINLINE void sample_matrix_A_29( uint8_t seed[34U], bool transpose, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 ret[2U][2U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 A_transpose[2U][2U]; KRML_MAYBE_FOR2(i, (size_t)0U, (size_t)2U, (size_t)1U, - closure_d0(A_transpose[i]);); + closure_64(A_transpose[i]);); KRML_MAYBE_FOR2( i0, (size_t)0U, (size_t)2U, (size_t)1U, size_t i1 = i0; /* Passing arrays by value in Rust generates a copy in C */ @@ -6618,7 +6618,7 @@ static KRML_MUSTINLINE void sample_matrix_A_b8( uint8_t copy_of_seeds[2U][34U]; memcpy(copy_of_seeds, seeds, (size_t)2U * sizeof(uint8_t[34U])); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 sampled[2U]; - sample_from_xof_16(copy_of_seeds, sampled); + sample_from_xof_6c(copy_of_seeds, sampled); for (size_t i = (size_t)0U; i < Eurydice_slice_len( Eurydice_array_to_slice( @@ -6658,7 +6658,7 @@ with const generics - K= 2 - LEN= 192 */ -static KRML_MUSTINLINE void PRFxN_e1(uint8_t (*input)[33U], +static KRML_MUSTINLINE void PRFxN_08(uint8_t (*input)[33U], uint8_t ret[2U][192U]) { uint8_t out[2U][192U] = {{0U}}; uint8_t out0[192U] = {0U}; @@ -6693,9 +6693,9 @@ with const generics - K= 2 - LEN= 192 */ -static KRML_MUSTINLINE void PRFxN_a9_9b(uint8_t (*input)[33U], +static KRML_MUSTINLINE void PRFxN_a9_16(uint8_t (*input)[33U], uint8_t ret[2U][192U]) { - PRFxN_e1(input, ret); + PRFxN_08(input, ret); } /** @@ -6705,8 +6705,8 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - ETA= 3 */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -sample_from_binomial_distribution_5f(Eurydice_slice randomness) { - return sample_from_binomial_distribution_3_12(randomness); +sample_from_binomial_distribution_91(Eurydice_slice randomness) { + return sample_from_binomial_distribution_3_75(randomness); } /** @@ -6721,11 +6721,11 @@ libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics - ETA= 3 - ETA_RANDOMNESS_SIZE= 192 */ -static KRML_MUSTINLINE tuple_74 sample_vector_cbd_then_ntt_88( +static KRML_MUSTINLINE tuple_74 sample_vector_cbd_then_ntt_6e( uint8_t prf_input[33U], uint8_t domain_separator) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 re_as_ntt[2U]; KRML_MAYBE_FOR2(i, (size_t)0U, (size_t)2U, (size_t)1U, - re_as_ntt[i] = ZERO_89_9f();); + re_as_ntt[i] = ZERO_89_7d();); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_prf_input[33U]; memcpy(copy_of_prf_input, prf_input, (size_t)33U * sizeof(uint8_t)); @@ -6737,12 +6737,12 @@ static KRML_MUSTINLINE tuple_74 sample_vector_cbd_then_ntt_88( prf_inputs[i0][32U] = domain_separator; domain_separator = (uint32_t)domain_separator + 1U;); uint8_t prf_outputs[2U][192U]; - PRFxN_a9_9b(prf_inputs, prf_outputs); + PRFxN_a9_16(prf_inputs, prf_outputs); KRML_MAYBE_FOR2( i, (size_t)0U, (size_t)2U, (size_t)1U, size_t i0 = i; - re_as_ntt[i0] = sample_from_binomial_distribution_5f( + re_as_ntt[i0] = sample_from_binomial_distribution_91( Eurydice_array_to_slice((size_t)192U, prf_outputs[i0], uint8_t)); - ntt_binomially_sampled_ring_element_58(&re_as_ntt[i0]);); + ntt_binomially_sampled_ring_element_e1(&re_as_ntt[i0]);); /* Passing arrays by value in Rust generates a copy in C */ libcrux_ml_kem_polynomial_PolynomialRingElement_d2 copy_of_re_as_ntt[2U]; memcpy( @@ -6770,7 +6770,7 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - K= 2 */ -static KRML_MUSTINLINE void add_to_ring_element_89_7e( +static KRML_MUSTINLINE void add_to_ring_element_89_98( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *self, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *rhs) { for (size_t i = (size_t)0U; @@ -6793,14 +6793,14 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - K= 2 */ -static KRML_MUSTINLINE void compute_As_plus_e_2d( +static KRML_MUSTINLINE void compute_As_plus_e_6a( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 (*matrix_A)[2U], libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *s_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *error_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 ret[2U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 result[2U]; KRML_MAYBE_FOR2(i, (size_t)0U, (size_t)2U, (size_t)1U, - result[i] = ZERO_89_9f();); + result[i] = ZERO_89_7d();); for (size_t i0 = (size_t)0U; i0 < Eurydice_slice_len( Eurydice_array_to_slice( @@ -6821,10 +6821,10 @@ static KRML_MUSTINLINE void compute_As_plus_e_2d( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *matrix_element = &row[j]; libcrux_ml_kem_polynomial_PolynomialRingElement_d2 product = - ntt_multiply_89_ce(matrix_element, &s_as_ntt[j]); - add_to_ring_element_89_7e(&result[i1], &product); + ntt_multiply_89_04(matrix_element, &s_as_ntt[j]); + add_to_ring_element_89_98(&result[i1], &product); } - add_standard_error_reduce_89_67(&result[i1], &error_as_ntt[i1]); + add_standard_error_reduce_89_c1(&result[i1], &error_as_ntt[i1]); } memcpy( ret, result, @@ -6843,10 +6843,10 @@ with const generics - ETA1= 3 - ETA1_RANDOMNESS_SIZE= 192 */ -static libcrux_ml_kem_utils_extraction_helper_Keypair512 generate_keypair_9d( +static libcrux_ml_kem_utils_extraction_helper_Keypair512 generate_keypair_51( Eurydice_slice key_generation_seed) { uint8_t hashed[64U]; - cpa_keygen_seed_d8_7c(key_generation_seed, hashed); + cpa_keygen_seed_d8_51(key_generation_seed, hashed); Eurydice_slice_uint8_t_x2 uu____0 = Eurydice_slice_split_at( Eurydice_array_to_slice((size_t)64U, hashed, uint8_t), (size_t)32U, uint8_t, Eurydice_slice_uint8_t_x2); @@ -6854,15 +6854,15 @@ static libcrux_ml_kem_utils_extraction_helper_Keypair512 generate_keypair_9d( Eurydice_slice seed_for_secret_and_error = uu____0.snd; libcrux_ml_kem_polynomial_PolynomialRingElement_d2 A_transpose[2U][2U]; uint8_t ret[34U]; - libcrux_ml_kem_utils_into_padded_array_6d1(seed_for_A0, ret); - sample_matrix_A_b8(ret, true, A_transpose); + libcrux_ml_kem_utils_into_padded_array_421(seed_for_A0, ret); + sample_matrix_A_29(ret, true, A_transpose); uint8_t prf_input[33U]; - libcrux_ml_kem_utils_into_padded_array_6d2(seed_for_secret_and_error, + libcrux_ml_kem_utils_into_padded_array_422(seed_for_secret_and_error, prf_input); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_prf_input0[33U]; memcpy(copy_of_prf_input0, prf_input, (size_t)33U * sizeof(uint8_t)); - tuple_74 uu____2 = sample_vector_cbd_then_ntt_88(copy_of_prf_input0, 0U); + tuple_74 uu____2 = sample_vector_cbd_then_ntt_6e(copy_of_prf_input0, 0U); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 secret_as_ntt[2U]; memcpy( secret_as_ntt, uu____2.fst, @@ -6874,20 +6874,20 @@ static libcrux_ml_kem_utils_extraction_helper_Keypair512 generate_keypair_9d( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 error_as_ntt[2U]; memcpy( error_as_ntt, - sample_vector_cbd_then_ntt_88(copy_of_prf_input, domain_separator).fst, + sample_vector_cbd_then_ntt_6e(copy_of_prf_input, domain_separator).fst, (size_t)2U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 t_as_ntt[2U]; - compute_As_plus_e_2d(A_transpose, secret_as_ntt, error_as_ntt, t_as_ntt); + compute_As_plus_e_6a(A_transpose, secret_as_ntt, error_as_ntt, t_as_ntt); uint8_t seed_for_A[32U]; core_result_Result_00 dst; Eurydice_slice_to_array2(&dst, seed_for_A0, Eurydice_slice, uint8_t[32U]); core_result_unwrap_41_33(dst, seed_for_A); uint8_t public_key_serialized[800U]; - serialize_public_key_d0( + serialize_public_key_77( t_as_ntt, Eurydice_array_to_slice((size_t)32U, seed_for_A, uint8_t), public_key_serialized); uint8_t secret_key_serialized[768U]; - serialize_secret_key_6d(secret_as_ntt, secret_key_serialized); + serialize_secret_key_fd(secret_as_ntt, secret_key_serialized); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_secret_key_serialized[768U]; memcpy(copy_of_secret_key_serialized, secret_key_serialized, @@ -6914,7 +6914,7 @@ with const generics - K= 2 - SERIALIZED_KEY_LEN= 1632 */ -static KRML_MUSTINLINE void serialize_kem_secret_key_d4( +static KRML_MUSTINLINE void serialize_kem_secret_key_f5( Eurydice_slice private_key, Eurydice_slice public_key, Eurydice_slice implicit_rejection_value, uint8_t ret[1632U]) { uint8_t out[1632U] = {0U}; @@ -6940,7 +6940,7 @@ static KRML_MUSTINLINE void serialize_kem_secret_key_d4( Eurydice_slice uu____6 = Eurydice_array_to_subslice2( out, pointer, pointer + LIBCRUX_ML_KEM_CONSTANTS_H_DIGEST_SIZE, uint8_t); uint8_t ret0[32U]; - H_a9_38(public_key, ret0); + H_a9_16(public_key, ret0); Eurydice_slice_copy( uu____6, Eurydice_array_to_slice((size_t)32U, ret0, uint8_t), uint8_t); pointer = pointer + LIBCRUX_ML_KEM_CONSTANTS_H_DIGEST_SIZE; @@ -6977,7 +6977,7 @@ with const generics - ETA1= 3 - ETA1_RANDOMNESS_SIZE= 192 */ -libcrux_ml_kem_types_MlKemKeyPair_cb libcrux_ml_kem_ind_cca_generate_keypair_5d( +libcrux_ml_kem_types_MlKemKeyPair_cb libcrux_ml_kem_ind_cca_generate_keypair_61( uint8_t randomness[64U]) { Eurydice_slice ind_cpa_keypair_randomness = Eurydice_array_to_subslice2( randomness, (size_t)0U, @@ -6987,13 +6987,13 @@ libcrux_ml_kem_types_MlKemKeyPair_cb libcrux_ml_kem_ind_cca_generate_keypair_5d( LIBCRUX_ML_KEM_CONSTANTS_CPA_PKE_KEY_GENERATION_SEED_SIZE, uint8_t, size_t); libcrux_ml_kem_utils_extraction_helper_Keypair512 uu____0 = - generate_keypair_9d(ind_cpa_keypair_randomness); + generate_keypair_51(ind_cpa_keypair_randomness); uint8_t ind_cpa_private_key[768U]; memcpy(ind_cpa_private_key, uu____0.fst, (size_t)768U * sizeof(uint8_t)); uint8_t public_key[800U]; memcpy(public_key, uu____0.snd, (size_t)800U * sizeof(uint8_t)); uint8_t secret_key_serialized[1632U]; - serialize_kem_secret_key_d4( + serialize_kem_secret_key_f5( Eurydice_array_to_slice((size_t)768U, ind_cpa_private_key, uint8_t), Eurydice_array_to_slice((size_t)800U, public_key, uint8_t), implicit_rejection_value, secret_key_serialized); @@ -7002,13 +7002,13 @@ libcrux_ml_kem_types_MlKemKeyPair_cb libcrux_ml_kem_ind_cca_generate_keypair_5d( memcpy(copy_of_secret_key_serialized, secret_key_serialized, (size_t)1632U * sizeof(uint8_t)); libcrux_ml_kem_types_MlKemPrivateKey_5e private_key = - libcrux_ml_kem_types_from_05_89(copy_of_secret_key_serialized); + libcrux_ml_kem_types_from_05_9d(copy_of_secret_key_serialized); libcrux_ml_kem_types_MlKemPrivateKey_5e uu____2 = private_key; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_public_key[800U]; memcpy(copy_of_public_key, public_key, (size_t)800U * sizeof(uint8_t)); - return libcrux_ml_kem_types_from_17_82( - uu____2, libcrux_ml_kem_types_from_b6_96(copy_of_public_key)); + return libcrux_ml_kem_types_from_17_f6( + uu____2, libcrux_ml_kem_types_from_b6_8c(copy_of_public_key)); } /** @@ -7021,7 +7021,7 @@ with types libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics - K= 2 */ -static KRML_MUSTINLINE void entropy_preprocess_d8_c6(Eurydice_slice randomness, +static KRML_MUSTINLINE void entropy_preprocess_d8_e1(Eurydice_slice randomness, uint8_t ret[32U]) { uint8_t out[32U] = {0U}; Eurydice_slice_copy(Eurydice_array_to_slice((size_t)32U, out, uint8_t), @@ -7042,12 +7042,12 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - PUBLIC_KEY_SIZE= 768 - K= 2 */ -static KRML_MUSTINLINE void deserialize_ring_elements_reduced_41( +static KRML_MUSTINLINE void deserialize_ring_elements_reduced_b6( Eurydice_slice public_key, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 ret[2U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 deserialized_pk[2U]; KRML_MAYBE_FOR2(i, (size_t)0U, (size_t)2U, (size_t)1U, - deserialized_pk[i] = ZERO_89_9f();); + deserialized_pk[i] = ZERO_89_7d();); for (size_t i = (size_t)0U; i < Eurydice_slice_len(public_key, uint8_t) / LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT; @@ -7059,7 +7059,7 @@ static KRML_MUSTINLINE void deserialize_ring_elements_reduced_41( LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT, uint8_t); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 uu____0 = - deserialize_to_reduced_ring_element_4d(ring_element); + deserialize_to_reduced_ring_element_d0(ring_element); deserialized_pk[i0] = uu____0; } memcpy( @@ -7073,7 +7073,7 @@ with const generics - K= 2 - LEN= 128 */ -static KRML_MUSTINLINE void PRFxN_e10(uint8_t (*input)[33U], +static KRML_MUSTINLINE void PRFxN_080(uint8_t (*input)[33U], uint8_t ret[2U][128U]) { uint8_t out[2U][128U] = {{0U}}; uint8_t out0[128U] = {0U}; @@ -7108,9 +7108,9 @@ with const generics - K= 2 - LEN= 128 */ -static KRML_MUSTINLINE void PRFxN_a9_9b0(uint8_t (*input)[33U], +static KRML_MUSTINLINE void PRFxN_a9_160(uint8_t (*input)[33U], uint8_t ret[2U][128U]) { - PRFxN_e10(input, ret); + PRFxN_080(input, ret); } /** @@ -7125,10 +7125,10 @@ libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics - ETA2= 2 */ static KRML_MUSTINLINE tuple_74 -sample_ring_element_cbd_ec(uint8_t prf_input[33U], uint8_t domain_separator) { +sample_ring_element_cbd_85(uint8_t prf_input[33U], uint8_t domain_separator) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 error_1[2U]; KRML_MAYBE_FOR2(i, (size_t)0U, (size_t)2U, (size_t)1U, - error_1[i] = ZERO_89_9f();); + error_1[i] = ZERO_89_7d();); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_prf_input[33U]; memcpy(copy_of_prf_input, prf_input, (size_t)33U * sizeof(uint8_t)); @@ -7140,11 +7140,11 @@ sample_ring_element_cbd_ec(uint8_t prf_input[33U], uint8_t domain_separator) { prf_inputs[i0][32U] = domain_separator; domain_separator = (uint32_t)domain_separator + 1U;); uint8_t prf_outputs[2U][128U]; - PRFxN_a9_9b0(prf_inputs, prf_outputs); + PRFxN_a9_160(prf_inputs, prf_outputs); KRML_MAYBE_FOR2( i, (size_t)0U, (size_t)2U, (size_t)1U, size_t i0 = i; libcrux_ml_kem_polynomial_PolynomialRingElement_d2 uu____1 = - sample_from_binomial_distribution_5f0( + sample_from_binomial_distribution_910( Eurydice_array_to_slice((size_t)128U, prf_outputs[i0], uint8_t)); error_1[i0] = uu____1;); /* Passing arrays by value in Rust generates a copy in C */ @@ -7170,9 +7170,9 @@ with const generics - K= 2 - LEN= 128 */ -static KRML_MUSTINLINE void PRF_a9_b00(Eurydice_slice input, +static KRML_MUSTINLINE void PRF_a9_420(Eurydice_slice input, uint8_t ret[128U]) { - PRF_ba0(input, ret); + PRF_d10(input, ret); } /** @@ -7181,18 +7181,18 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - K= 2 */ -static KRML_MUSTINLINE void invert_ntt_montgomery_77( +static KRML_MUSTINLINE void invert_ntt_montgomery_3e( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re) { size_t zeta_i = LIBCRUX_ML_KEM_CONSTANTS_COEFFICIENTS_IN_RING_ELEMENT / (size_t)2U; - invert_ntt_at_layer_1_23(&zeta_i, re); - invert_ntt_at_layer_2_83(&zeta_i, re); - invert_ntt_at_layer_3_38(&zeta_i, re); - invert_ntt_at_layer_4_plus_1a(&zeta_i, re, (size_t)4U); - invert_ntt_at_layer_4_plus_1a(&zeta_i, re, (size_t)5U); - invert_ntt_at_layer_4_plus_1a(&zeta_i, re, (size_t)6U); - invert_ntt_at_layer_4_plus_1a(&zeta_i, re, (size_t)7U); - poly_barrett_reduce_89_ef(re); + invert_ntt_at_layer_1_a5(&zeta_i, re); + invert_ntt_at_layer_2_0a(&zeta_i, re); + invert_ntt_at_layer_3_2b(&zeta_i, re); + invert_ntt_at_layer_4_plus_dd(&zeta_i, re, (size_t)4U); + invert_ntt_at_layer_4_plus_dd(&zeta_i, re, (size_t)5U); + invert_ntt_at_layer_4_plus_dd(&zeta_i, re, (size_t)6U); + invert_ntt_at_layer_4_plus_dd(&zeta_i, re, (size_t)7U); + poly_barrett_reduce_89_f5(re); } /** @@ -7204,14 +7204,14 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - K= 2 */ -static KRML_MUSTINLINE void compute_vector_u_62( +static KRML_MUSTINLINE void compute_vector_u_73( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 (*a_as_ntt)[2U], libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *r_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *error_1, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 ret[2U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 result[2U]; KRML_MAYBE_FOR2(i, (size_t)0U, (size_t)2U, (size_t)1U, - result[i] = ZERO_89_9f();); + result[i] = ZERO_89_7d();); for (size_t i0 = (size_t)0U; i0 < Eurydice_slice_len( Eurydice_array_to_slice( @@ -7231,11 +7231,11 @@ static KRML_MUSTINLINE void compute_vector_u_62( size_t j = i; libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *a_element = &row[j]; libcrux_ml_kem_polynomial_PolynomialRingElement_d2 product = - ntt_multiply_89_ce(a_element, &r_as_ntt[j]); - add_to_ring_element_89_7e(&result[i1], &product); + ntt_multiply_89_04(a_element, &r_as_ntt[j]); + add_to_ring_element_89_98(&result[i1], &product); } - invert_ntt_montgomery_77(&result[i1]); - add_error_reduce_89_82(&result[i1], &error_1[i1]); + invert_ntt_montgomery_3e(&result[i1]); + add_error_reduce_89_69(&result[i1], &error_1[i1]); } memcpy( ret, result, @@ -7252,18 +7252,18 @@ with const generics - K= 2 */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -compute_ring_element_v_96( +compute_ring_element_v_88( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *t_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *r_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *error_2, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *message) { - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 result = ZERO_89_9f(); + libcrux_ml_kem_polynomial_PolynomialRingElement_d2 result = ZERO_89_7d(); KRML_MAYBE_FOR2(i, (size_t)0U, (size_t)2U, (size_t)1U, size_t i0 = i; libcrux_ml_kem_polynomial_PolynomialRingElement_d2 product = - ntt_multiply_89_ce(&t_as_ntt[i0], &r_as_ntt[i0]); - add_to_ring_element_89_7e(&result, &product);); - invert_ntt_montgomery_77(&result); - result = add_message_error_reduce_89_ef(error_2, message, result); + ntt_multiply_89_04(&t_as_ntt[i0], &r_as_ntt[i0]); + add_to_ring_element_89_98(&result, &product);); + invert_ntt_montgomery_3e(&result); + result = add_message_error_reduce_89_c3(error_2, message, result); return result; } @@ -7279,7 +7279,7 @@ with const generics - COMPRESSION_FACTOR= 10 - BLOCK_LEN= 320 */ -static void compress_then_serialize_u_27( +static void compress_then_serialize_u_4b( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 input[2U], Eurydice_slice out) { for (size_t i = (size_t)0U; @@ -7295,7 +7295,7 @@ static void compress_then_serialize_u_27( out, i0 * ((size_t)640U / (size_t)2U), (i0 + (size_t)1U) * ((size_t)640U / (size_t)2U), uint8_t); uint8_t ret[320U]; - compress_then_serialize_ring_element_u_21(&re, ret); + compress_then_serialize_ring_element_u_5b(&re, ret); Eurydice_slice_copy( uu____0, Eurydice_array_to_slice((size_t)320U, ret, uint8_t), uint8_t); } @@ -7318,24 +7318,24 @@ libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -static void encrypt_90(Eurydice_slice public_key, uint8_t message[32U], +static void encrypt_04(Eurydice_slice public_key, uint8_t message[32U], Eurydice_slice randomness, uint8_t ret[768U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 t_as_ntt[2U]; - deserialize_ring_elements_reduced_41( + deserialize_ring_elements_reduced_b6( Eurydice_slice_subslice_to(public_key, (size_t)768U, uint8_t, size_t), t_as_ntt); Eurydice_slice seed = Eurydice_slice_subslice_from(public_key, (size_t)768U, uint8_t, size_t); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 A[2U][2U]; uint8_t ret0[34U]; - libcrux_ml_kem_utils_into_padded_array_6d1(seed, ret0); - sample_matrix_A_b8(ret0, false, A); + libcrux_ml_kem_utils_into_padded_array_421(seed, ret0); + sample_matrix_A_29(ret0, false, A); uint8_t prf_input[33U]; - libcrux_ml_kem_utils_into_padded_array_6d2(randomness, prf_input); + libcrux_ml_kem_utils_into_padded_array_422(randomness, prf_input); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_prf_input0[33U]; memcpy(copy_of_prf_input0, prf_input, (size_t)33U * sizeof(uint8_t)); - tuple_74 uu____1 = sample_vector_cbd_then_ntt_88(copy_of_prf_input0, 0U); + tuple_74 uu____1 = sample_vector_cbd_then_ntt_6e(copy_of_prf_input0, 0U); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 r_as_ntt[2U]; memcpy( r_as_ntt, uu____1.fst, @@ -7345,7 +7345,7 @@ static void encrypt_90(Eurydice_slice public_key, uint8_t message[32U], uint8_t copy_of_prf_input[33U]; memcpy(copy_of_prf_input, prf_input, (size_t)33U * sizeof(uint8_t)); tuple_74 uu____3 = - sample_ring_element_cbd_ec(copy_of_prf_input, domain_separator0); + sample_ring_element_cbd_85(copy_of_prf_input, domain_separator0); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 error_1[2U]; memcpy( error_1, uu____3.fst, @@ -7353,31 +7353,31 @@ static void encrypt_90(Eurydice_slice public_key, uint8_t message[32U], uint8_t domain_separator = uu____3.snd; prf_input[32U] = domain_separator; uint8_t prf_output[128U]; - PRF_a9_b00(Eurydice_array_to_slice((size_t)33U, prf_input, uint8_t), + PRF_a9_420(Eurydice_array_to_slice((size_t)33U, prf_input, uint8_t), prf_output); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 error_2 = - sample_from_binomial_distribution_5f0( + sample_from_binomial_distribution_910( Eurydice_array_to_slice((size_t)128U, prf_output, uint8_t)); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 u[2U]; - compute_vector_u_62(A, r_as_ntt, error_1, u); + compute_vector_u_73(A, r_as_ntt, error_1, u); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_message[32U]; memcpy(copy_of_message, message, (size_t)32U * sizeof(uint8_t)); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 message_as_ring_element = - deserialize_then_decompress_message_f5(copy_of_message); + deserialize_then_decompress_message_4d(copy_of_message); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 v = - compute_ring_element_v_96(t_as_ntt, r_as_ntt, &error_2, + compute_ring_element_v_88(t_as_ntt, r_as_ntt, &error_2, &message_as_ring_element); uint8_t ciphertext[768U] = {0U}; libcrux_ml_kem_polynomial_PolynomialRingElement_d2 uu____5[2U]; memcpy( uu____5, u, (size_t)2U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); - compress_then_serialize_u_27( + compress_then_serialize_u_4b( uu____5, Eurydice_array_to_subslice2(ciphertext, (size_t)0U, (size_t)640U, uint8_t)); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 uu____6 = v; - compress_then_serialize_ring_element_v_15( + compress_then_serialize_ring_element_v_e4( uu____6, Eurydice_array_to_subslice_from((size_t)768U, ciphertext, (size_t)640U, uint8_t, size_t)); memcpy(ret, ciphertext, (size_t)768U * sizeof(uint8_t)); @@ -7394,7 +7394,7 @@ with const generics - K= 2 - CIPHERTEXT_SIZE= 768 */ -static KRML_MUSTINLINE void kdf_d8_42(Eurydice_slice shared_secret, +static KRML_MUSTINLINE void kdf_d8_d2(Eurydice_slice shared_secret, uint8_t ret[32U]) { uint8_t out[32U] = {0U}; Eurydice_slice_copy(Eurydice_array_to_slice((size_t)32U, out, uint8_t), @@ -7421,27 +7421,27 @@ with const generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -tuple_ec libcrux_ml_kem_ind_cca_encapsulate_cf( +tuple_ec libcrux_ml_kem_ind_cca_encapsulate_ae( libcrux_ml_kem_types_MlKemPublicKey_be *public_key, uint8_t randomness[32U]) { uint8_t randomness0[32U]; - entropy_preprocess_d8_c6( + entropy_preprocess_d8_e1( Eurydice_array_to_slice((size_t)32U, randomness, uint8_t), randomness0); uint8_t to_hash[64U]; - libcrux_ml_kem_utils_into_padded_array_6d( + libcrux_ml_kem_utils_into_padded_array_42( Eurydice_array_to_slice((size_t)32U, randomness0, uint8_t), to_hash); Eurydice_slice uu____0 = Eurydice_array_to_subslice_from( (size_t)64U, to_hash, LIBCRUX_ML_KEM_CONSTANTS_H_DIGEST_SIZE, uint8_t, size_t); uint8_t ret[32U]; - H_a9_38(Eurydice_array_to_slice( - (size_t)800U, libcrux_ml_kem_types_as_slice_cb_3d(public_key), + H_a9_16(Eurydice_array_to_slice( + (size_t)800U, libcrux_ml_kem_types_as_slice_cb_a9(public_key), uint8_t), ret); Eurydice_slice_copy( uu____0, Eurydice_array_to_slice((size_t)32U, ret, uint8_t), uint8_t); uint8_t hashed[64U]; - G_a9_5a(Eurydice_array_to_slice((size_t)64U, to_hash, uint8_t), hashed); + G_a9_67(Eurydice_array_to_slice((size_t)64U, to_hash, uint8_t), hashed); Eurydice_slice_uint8_t_x2 uu____1 = Eurydice_slice_split_at( Eurydice_array_to_slice((size_t)64U, hashed, uint8_t), LIBCRUX_ML_KEM_CONSTANTS_SHARED_SECRET_SIZE, uint8_t, @@ -7449,19 +7449,19 @@ tuple_ec libcrux_ml_kem_ind_cca_encapsulate_cf( Eurydice_slice shared_secret = uu____1.fst; Eurydice_slice pseudorandomness = uu____1.snd; Eurydice_slice uu____2 = Eurydice_array_to_slice( - (size_t)800U, libcrux_ml_kem_types_as_slice_cb_3d(public_key), uint8_t); + (size_t)800U, libcrux_ml_kem_types_as_slice_cb_a9(public_key), uint8_t); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness0, (size_t)32U * sizeof(uint8_t)); uint8_t ciphertext[768U]; - encrypt_90(uu____2, copy_of_randomness, pseudorandomness, ciphertext); + encrypt_04(uu____2, copy_of_randomness, pseudorandomness, ciphertext); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_ciphertext[768U]; memcpy(copy_of_ciphertext, ciphertext, (size_t)768U * sizeof(uint8_t)); libcrux_ml_kem_types_MlKemCiphertext_e8 ciphertext0 = - libcrux_ml_kem_types_from_01_33(copy_of_ciphertext); + libcrux_ml_kem_types_from_01_13(copy_of_ciphertext); uint8_t shared_secret_array[32U]; - kdf_d8_42(shared_secret, shared_secret_array); + kdf_d8_d2(shared_secret, shared_secret_array); libcrux_ml_kem_types_MlKemCiphertext_e8 uu____5 = ciphertext0; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_shared_secret_array[32U]; @@ -7482,12 +7482,12 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - K= 2 */ -static KRML_MUSTINLINE void deserialize_secret_key_65( +static KRML_MUSTINLINE void deserialize_secret_key_f1( Eurydice_slice secret_key, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 ret[2U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 secret_as_ntt[2U]; KRML_MAYBE_FOR2(i, (size_t)0U, (size_t)2U, (size_t)1U, - secret_as_ntt[i] = ZERO_89_9f();); + secret_as_ntt[i] = ZERO_89_7d();); for (size_t i = (size_t)0U; i < Eurydice_slice_len(secret_key, uint8_t) / LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT; @@ -7499,7 +7499,7 @@ static KRML_MUSTINLINE void deserialize_secret_key_65( LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT, uint8_t); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 uu____0 = - deserialize_to_uncompressed_ring_element_cb(secret_bytes); + deserialize_to_uncompressed_ring_element_4f(secret_bytes); secret_as_ntt[i0] = uu____0; } memcpy( @@ -7529,12 +7529,12 @@ with const generics - CIPHERTEXT_SIZE= 768 - U_COMPRESSION_FACTOR= 10 */ -static KRML_MUSTINLINE void deserialize_then_decompress_u_22( +static KRML_MUSTINLINE void deserialize_then_decompress_u_83( uint8_t *ciphertext, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 ret[2U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 u_as_ntt[2U]; KRML_MAYBE_FOR2(i, (size_t)0U, (size_t)2U, (size_t)1U, - u_as_ntt[i] = ZERO_89_9f();); + u_as_ntt[i] = ZERO_89_7d();); for (size_t i = (size_t)0U; i < Eurydice_slice_len( Eurydice_array_to_slice((size_t)768U, ciphertext, uint8_t), @@ -7552,8 +7552,8 @@ static KRML_MUSTINLINE void deserialize_then_decompress_u_22( LIBCRUX_ML_KEM_CONSTANTS_COEFFICIENTS_IN_RING_ELEMENT * (size_t)10U / (size_t)8U, uint8_t); - u_as_ntt[i0] = deserialize_then_decompress_ring_element_u_36(u_bytes); - ntt_vector_u_08(&u_as_ntt[i0]); + u_as_ntt[i0] = deserialize_then_decompress_ring_element_u_69(u_bytes); + ntt_vector_u_26(&u_as_ntt[i0]); } memcpy( ret, u_as_ntt, @@ -7573,17 +7573,17 @@ with const generics - K= 2 */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -compute_message_14( +compute_message_7d( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *v, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *secret_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *u_as_ntt) { - libcrux_ml_kem_polynomial_PolynomialRingElement_d2 result = ZERO_89_9f(); + libcrux_ml_kem_polynomial_PolynomialRingElement_d2 result = ZERO_89_7d(); KRML_MAYBE_FOR2(i, (size_t)0U, (size_t)2U, (size_t)1U, size_t i0 = i; libcrux_ml_kem_polynomial_PolynomialRingElement_d2 product = - ntt_multiply_89_ce(&secret_as_ntt[i0], &u_as_ntt[i0]); - add_to_ring_element_89_7e(&result, &product);); - invert_ntt_montgomery_77(&result); - result = subtract_reduce_89_12(v, result); + ntt_multiply_89_04(&secret_as_ntt[i0], &u_as_ntt[i0]); + add_to_ring_element_89_98(&result, &product);); + invert_ntt_montgomery_3e(&result); + result = subtract_reduce_89_ed(v, result); return result; } @@ -7621,18 +7621,18 @@ with const generics - U_COMPRESSION_FACTOR= 10 - V_COMPRESSION_FACTOR= 4 */ -static void decrypt_unpacked_53(IndCpaPrivateKeyUnpacked_d6 *secret_key, +static void decrypt_unpacked_c3(IndCpaPrivateKeyUnpacked_d6 *secret_key, uint8_t *ciphertext, uint8_t ret[32U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 u_as_ntt[2U]; - deserialize_then_decompress_u_22(ciphertext, u_as_ntt); + deserialize_then_decompress_u_83(ciphertext, u_as_ntt); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 v = - deserialize_then_decompress_ring_element_v_e4( + deserialize_then_decompress_ring_element_v_86( Eurydice_array_to_subslice_from((size_t)768U, ciphertext, (size_t)640U, uint8_t, size_t)); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 message = - compute_message_14(&v, secret_key->secret_as_ntt, u_as_ntt); + compute_message_7d(&v, secret_key->secret_as_ntt, u_as_ntt); uint8_t ret0[32U]; - compress_then_serialize_message_45(message, ret0); + compress_then_serialize_message_70(message, ret0); memcpy(ret, ret0, (size_t)32U * sizeof(uint8_t)); } @@ -7646,10 +7646,10 @@ with const generics - U_COMPRESSION_FACTOR= 10 - V_COMPRESSION_FACTOR= 4 */ -static void decrypt_ec(Eurydice_slice secret_key, uint8_t *ciphertext, +static void decrypt_fd(Eurydice_slice secret_key, uint8_t *ciphertext, uint8_t ret[32U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 secret_as_ntt[2U]; - deserialize_secret_key_65(secret_key, secret_as_ntt); + deserialize_secret_key_f1(secret_key, secret_as_ntt); /* Passing arrays by value in Rust generates a copy in C */ libcrux_ml_kem_polynomial_PolynomialRingElement_d2 copy_of_secret_as_ntt[2U]; memcpy( @@ -7660,7 +7660,7 @@ static void decrypt_ec(Eurydice_slice secret_key, uint8_t *ciphertext, secret_key_unpacked.secret_as_ntt, copy_of_secret_as_ntt, (size_t)2U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); uint8_t ret0[32U]; - decrypt_unpacked_53(&secret_key_unpacked, ciphertext, ret0); + decrypt_unpacked_c3(&secret_key_unpacked, ciphertext, ret0); memcpy(ret, ret0, (size_t)32U * sizeof(uint8_t)); } @@ -7674,8 +7674,8 @@ with const generics - K= 2 - LEN= 32 */ -static KRML_MUSTINLINE void PRF_a9_b0(Eurydice_slice input, uint8_t ret[32U]) { - PRF_ba(input, ret); +static KRML_MUSTINLINE void PRF_a9_42(Eurydice_slice input, uint8_t ret[32U]) { + PRF_d1(input, ret); } /** @@ -7700,7 +7700,7 @@ with const generics - ETA2_RANDOMNESS_SIZE= 128 - IMPLICIT_REJECTION_HASH_INPUT_SIZE= 800 */ -void libcrux_ml_kem_ind_cca_decapsulate_a4( +void libcrux_ml_kem_ind_cca_decapsulate_bb( libcrux_ml_kem_types_MlKemPrivateKey_5e *private_key, libcrux_ml_kem_types_MlKemCiphertext_e8 *ciphertext, uint8_t ret[32U]) { Eurydice_slice_uint8_t_x2 uu____0 = Eurydice_slice_split_at( @@ -7718,9 +7718,9 @@ void libcrux_ml_kem_ind_cca_decapsulate_a4( Eurydice_slice ind_cpa_public_key_hash = uu____2.fst; Eurydice_slice implicit_rejection_value = uu____2.snd; uint8_t decrypted[32U]; - decrypt_ec(ind_cpa_secret_key, ciphertext->value, decrypted); + decrypt_fd(ind_cpa_secret_key, ciphertext->value, decrypted); uint8_t to_hash0[64U]; - libcrux_ml_kem_utils_into_padded_array_6d( + libcrux_ml_kem_utils_into_padded_array_42( Eurydice_array_to_slice((size_t)32U, decrypted, uint8_t), to_hash0); Eurydice_slice_copy( Eurydice_array_to_subslice_from( @@ -7728,7 +7728,7 @@ void libcrux_ml_kem_ind_cca_decapsulate_a4( uint8_t, size_t), ind_cpa_public_key_hash, uint8_t); uint8_t hashed[64U]; - G_a9_5a(Eurydice_array_to_slice((size_t)64U, to_hash0, uint8_t), hashed); + G_a9_67(Eurydice_array_to_slice((size_t)64U, to_hash0, uint8_t), hashed); Eurydice_slice_uint8_t_x2 uu____3 = Eurydice_slice_split_at( Eurydice_array_to_slice((size_t)64U, hashed, uint8_t), LIBCRUX_ML_KEM_CONSTANTS_SHARED_SECRET_SIZE, uint8_t, @@ -7736,30 +7736,30 @@ void libcrux_ml_kem_ind_cca_decapsulate_a4( Eurydice_slice shared_secret0 = uu____3.fst; Eurydice_slice pseudorandomness = uu____3.snd; uint8_t to_hash[800U]; - libcrux_ml_kem_utils_into_padded_array_6d0(implicit_rejection_value, to_hash); + libcrux_ml_kem_utils_into_padded_array_420(implicit_rejection_value, to_hash); Eurydice_slice uu____4 = Eurydice_array_to_subslice_from( (size_t)800U, to_hash, LIBCRUX_ML_KEM_CONSTANTS_SHARED_SECRET_SIZE, uint8_t, size_t); - Eurydice_slice_copy(uu____4, libcrux_ml_kem_types_as_ref_00_d8(ciphertext), + Eurydice_slice_copy(uu____4, libcrux_ml_kem_types_as_ref_00_df(ciphertext), uint8_t); uint8_t implicit_rejection_shared_secret0[32U]; - PRF_a9_b0(Eurydice_array_to_slice((size_t)800U, to_hash, uint8_t), + PRF_a9_42(Eurydice_array_to_slice((size_t)800U, to_hash, uint8_t), implicit_rejection_shared_secret0); Eurydice_slice uu____5 = ind_cpa_public_key; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_decrypted[32U]; memcpy(copy_of_decrypted, decrypted, (size_t)32U * sizeof(uint8_t)); uint8_t expected_ciphertext[768U]; - encrypt_90(uu____5, copy_of_decrypted, pseudorandomness, expected_ciphertext); + encrypt_04(uu____5, copy_of_decrypted, pseudorandomness, expected_ciphertext); uint8_t implicit_rejection_shared_secret[32U]; - kdf_d8_42(Eurydice_array_to_slice((size_t)32U, + kdf_d8_d2(Eurydice_array_to_slice((size_t)32U, implicit_rejection_shared_secret0, uint8_t), implicit_rejection_shared_secret); uint8_t shared_secret[32U]; - kdf_d8_42(shared_secret0, shared_secret); + kdf_d8_d2(shared_secret0, shared_secret); uint8_t ret0[32U]; libcrux_ml_kem_constant_time_ops_compare_ciphertexts_select_shared_secret_in_constant_time( - libcrux_ml_kem_types_as_ref_00_d8(ciphertext), + libcrux_ml_kem_types_as_ref_00_df(ciphertext), Eurydice_array_to_slice((size_t)768U, expected_ciphertext, uint8_t), Eurydice_array_to_slice((size_t)32U, shared_secret, uint8_t), Eurydice_array_to_slice((size_t)32U, implicit_rejection_shared_secret, diff --git a/libcrux-ml-kem/c/libcrux_mlkem_avx2.h b/libcrux-ml-kem/c/libcrux_mlkem_avx2.h index 7ec08a99f..ff2b51df5 100644 --- a/libcrux-ml-kem/c/libcrux_mlkem_avx2.h +++ b/libcrux-ml-kem/c/libcrux_mlkem_avx2.h @@ -7,8 +7,8 @@ * Charon: b351338f6a84c7a1afc27433eb0ffdc668b3581d * Eurydice: 7efec1624422fd5e94388ef06b9c76dfe7a48d46 * Karamel: c96fb69d15693284644d6aecaa90afa37e4de8f0 - * F*: 58c915a86a2c07c8eca8d9deafd76cb7a91f0eb7 - * Libcrux: 6ff01fb3c57ff29ecb59bc62d9dc7fd231060cfb + * F*: 5643e656b989aca7629723653a2570c7df6252b9-dirty + * Libcrux: 99498eed461fa03566e0382b445c77bd2af5b59d */ #ifndef __libcrux_mlkem_avx2_H diff --git a/libcrux-ml-kem/c/libcrux_mlkem_portable.c b/libcrux-ml-kem/c/libcrux_mlkem_portable.c index faa720af9..3cb9f2f65 100644 --- a/libcrux-ml-kem/c/libcrux_mlkem_portable.c +++ b/libcrux-ml-kem/c/libcrux_mlkem_portable.c @@ -7,8 +7,8 @@ * Charon: b351338f6a84c7a1afc27433eb0ffdc668b3581d * Eurydice: 7efec1624422fd5e94388ef06b9c76dfe7a48d46 * Karamel: c96fb69d15693284644d6aecaa90afa37e4de8f0 - * F*: 58c915a86a2c07c8eca8d9deafd76cb7a91f0eb7 - * Libcrux: 6ff01fb3c57ff29ecb59bc62d9dc7fd231060cfb + * F*: 5643e656b989aca7629723653a2570c7df6252b9-dirty + * Libcrux: 99498eed461fa03566e0382b445c77bd2af5b59d */ #include "internal/libcrux_mlkem_portable.h" @@ -2241,7 +2241,7 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static libcrux_ml_kem_polynomial_PolynomialRingElement_f0 ZERO_89_c3(void) { +static libcrux_ml_kem_polynomial_PolynomialRingElement_f0 ZERO_89_19(void) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 lit; lit.coefficients[0U] = libcrux_ml_kem_vector_portable_ZERO_0d(); lit.coefficients[1U] = libcrux_ml_kem_vector_portable_ZERO_0d(); @@ -2275,8 +2275,8 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -deserialize_to_reduced_ring_element_45(Eurydice_slice serialized) { - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re = ZERO_89_c3(); +deserialize_to_reduced_ring_element_3f(Eurydice_slice serialized) { + libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re = ZERO_89_19(); for (size_t i = (size_t)0U; i < Eurydice_slice_len(serialized, uint8_t) / (size_t)24U; i++) { size_t i0 = i; @@ -2304,12 +2304,12 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - PUBLIC_KEY_SIZE= 1568 - K= 4 */ -static KRML_MUSTINLINE void deserialize_ring_elements_reduced_4f4( +static KRML_MUSTINLINE void deserialize_ring_elements_reduced_7e4( Eurydice_slice public_key, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 ret[4U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 deserialized_pk[4U]; KRML_MAYBE_FOR4(i, (size_t)0U, (size_t)4U, (size_t)1U, - deserialized_pk[i] = ZERO_89_c3();); + deserialized_pk[i] = ZERO_89_19();); for (size_t i = (size_t)0U; i < Eurydice_slice_len(public_key, uint8_t) / LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT; @@ -2321,7 +2321,7 @@ static KRML_MUSTINLINE void deserialize_ring_elements_reduced_4f4( LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT, uint8_t); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 uu____0 = - deserialize_to_reduced_ring_element_45(ring_element); + deserialize_to_reduced_ring_element_3f(ring_element); deserialized_pk[i0] = uu____0; } memcpy( @@ -2335,7 +2335,7 @@ with const generics - SHIFT_BY= 15 */ static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector -shift_right_b0(libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { +shift_right_0f(libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_ELEMENTS_IN_VECTOR; i++) { size_t i0 = i; @@ -2354,8 +2354,8 @@ with const generics - SHIFT_BY= 15 */ static libcrux_ml_kem_vector_portable_vector_type_PortableVector -shift_right_0d_01(libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { - return shift_right_b0(v); +shift_right_0d_1e(libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { + return shift_right_0f(v); } /** @@ -2365,10 +2365,10 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ static libcrux_ml_kem_vector_portable_vector_type_PortableVector -to_unsigned_representative_84( +to_unsigned_representative_5d( libcrux_ml_kem_vector_portable_vector_type_PortableVector a) { libcrux_ml_kem_vector_portable_vector_type_PortableVector t = - shift_right_0d_01(a); + shift_right_0d_1e(a); libcrux_ml_kem_vector_portable_vector_type_PortableVector fm = libcrux_ml_kem_vector_portable_bitwise_and_with_constant_0d( t, LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_MODULUS); @@ -2381,14 +2381,14 @@ libcrux_ml_kem.serialize.serialize_uncompressed_ring_element with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static KRML_MUSTINLINE void serialize_uncompressed_ring_element_3c( +static KRML_MUSTINLINE void serialize_uncompressed_ring_element_47( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re, uint8_t ret[384U]) { uint8_t serialized[384U] = {0U}; for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { size_t i0 = i; libcrux_ml_kem_vector_portable_vector_type_PortableVector coefficient = - to_unsigned_representative_84(re->coefficients[i0]); + to_unsigned_representative_5d(re->coefficients[i0]); uint8_t bytes[24U]; libcrux_ml_kem_vector_portable_serialize_12_0d(coefficient, bytes); Eurydice_slice uu____0 = Eurydice_array_to_subslice2( @@ -2409,7 +2409,7 @@ with const generics - K= 4 - OUT_LEN= 1536 */ -static KRML_MUSTINLINE void serialize_secret_key_a31( +static KRML_MUSTINLINE void serialize_secret_key_6c1( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *key, uint8_t ret[1536U]) { uint8_t out[1536U] = {0U}; @@ -2427,7 +2427,7 @@ static KRML_MUSTINLINE void serialize_secret_key_a31( (i0 + (size_t)1U) * LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT, uint8_t); uint8_t ret0[384U]; - serialize_uncompressed_ring_element_3c(&re, ret0); + serialize_uncompressed_ring_element_47(&re, ret0); Eurydice_slice_copy( uu____0, Eurydice_array_to_slice((size_t)384U, ret0, uint8_t), uint8_t); } @@ -2445,14 +2445,14 @@ with const generics - RANKED_BYTES_PER_RING_ELEMENT= 1536 - PUBLIC_KEY_SIZE= 1568 */ -static KRML_MUSTINLINE void serialize_public_key_671( +static KRML_MUSTINLINE void serialize_public_key_5d1( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *t_as_ntt, Eurydice_slice seed_for_a, uint8_t ret[1568U]) { uint8_t public_key_serialized[1568U] = {0U}; Eurydice_slice uu____0 = Eurydice_array_to_subslice2( public_key_serialized, (size_t)0U, (size_t)1536U, uint8_t); uint8_t ret0[1536U]; - serialize_secret_key_a31(t_as_ntt, ret0); + serialize_secret_key_6c1(t_as_ntt, ret0); Eurydice_slice_copy( uu____0, Eurydice_array_to_slice((size_t)1536U, ret0, uint8_t), uint8_t); Eurydice_slice_copy( @@ -2477,15 +2477,15 @@ with const generics - RANKED_BYTES_PER_RING_ELEMENT= 1536 - PUBLIC_KEY_SIZE= 1568 */ -bool libcrux_ml_kem_ind_cca_validate_public_key_b71(uint8_t *public_key) { +bool libcrux_ml_kem_ind_cca_validate_public_key_7b1(uint8_t *public_key) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 deserialized_pk[4U]; - deserialize_ring_elements_reduced_4f4( + deserialize_ring_elements_reduced_7e4( Eurydice_array_to_subslice_to((size_t)1568U, public_key, (size_t)1536U, uint8_t, size_t), deserialized_pk); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *uu____0 = deserialized_pk; uint8_t public_key_serialized[1568U]; - serialize_public_key_671( + serialize_public_key_5d1( uu____0, Eurydice_array_to_subslice_from((size_t)1568U, public_key, (size_t)1536U, uint8_t, size_t), @@ -2503,7 +2503,7 @@ A monomorphic instance of libcrux_ml_kem.hash_functions.portable.H_f1 with const generics - K= 4 */ -static KRML_MUSTINLINE void H_f1_191(Eurydice_slice input, uint8_t ret[32U]) { +static KRML_MUSTINLINE void H_f1_c61(Eurydice_slice input, uint8_t ret[32U]) { libcrux_ml_kem_hash_functions_portable_H(input, ret); } @@ -2522,11 +2522,11 @@ with const generics - SECRET_KEY_SIZE= 3168 - CIPHERTEXT_SIZE= 1568 */ -bool libcrux_ml_kem_ind_cca_validate_private_key_dc( +bool libcrux_ml_kem_ind_cca_validate_private_key_be( libcrux_ml_kem_types_MlKemPrivateKey_95 *private_key, libcrux_ml_kem_mlkem1024_MlKem1024Ciphertext *_ciphertext) { uint8_t t[32U]; - H_f1_191(Eurydice_array_to_subslice2( + H_f1_c61(Eurydice_array_to_subslice2( private_key->value, (size_t)384U * (size_t)4U, (size_t)768U * (size_t)4U + (size_t)32U, uint8_t), t); @@ -2546,7 +2546,7 @@ A monomorphic instance of libcrux_ml_kem.hash_functions.portable.G_f1 with const generics - K= 4 */ -static KRML_MUSTINLINE void G_f1_381(Eurydice_slice input, uint8_t ret[64U]) { +static KRML_MUSTINLINE void G_f1_071(Eurydice_slice input, uint8_t ret[64U]) { libcrux_ml_kem_hash_functions_portable_G(input, ret); } @@ -2560,7 +2560,7 @@ with types libcrux_ml_kem_hash_functions_portable_PortableHash[[$4size_t]] with const generics - K= 4 */ -static KRML_MUSTINLINE void cpa_keygen_seed_d8_72( +static KRML_MUSTINLINE void cpa_keygen_seed_d8_e0( Eurydice_slice key_generation_seed, uint8_t ret[64U]) { uint8_t seed[33U] = {0U}; Eurydice_slice_copy( @@ -2571,7 +2571,7 @@ static KRML_MUSTINLINE void cpa_keygen_seed_d8_72( seed[LIBCRUX_ML_KEM_CONSTANTS_CPA_PKE_KEY_GENERATION_SEED_SIZE] = (uint8_t)(size_t)4U; uint8_t ret0[64U]; - G_f1_381(Eurydice_array_to_slice((size_t)33U, seed, uint8_t), ret0); + G_f1_071(Eurydice_array_to_slice((size_t)33U, seed, uint8_t), ret0); memcpy(ret, ret0, (size_t)64U * sizeof(uint8_t)); } @@ -2582,10 +2582,10 @@ libcrux_ml_kem_hash_functions_portable_PortableHash[[$4size_t]] with const generics - K= 4 */ -static void closure_fc1( +static void closure_8e1( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 ret[4U]) { KRML_MAYBE_FOR4(i, (size_t)0U, (size_t)4U, (size_t)1U, - ret[i] = ZERO_89_c3();); + ret[i] = ZERO_89_19();); } /** @@ -2603,7 +2603,7 @@ libcrux_ml_kem.hash_functions.portable.shake128_init_absorb with const generics - K= 4 */ static KRML_MUSTINLINE PortableHash_d1 -shake128_init_absorb_791(uint8_t input[4U][34U]) { +shake128_init_absorb_371(uint8_t input[4U][34U]) { libcrux_sha3_generic_keccak_KeccakState_48 shake128_state[4U]; KRML_MAYBE_FOR4( i, (size_t)0U, (size_t)4U, (size_t)1U, @@ -2634,11 +2634,11 @@ generics - K= 4 */ static KRML_MUSTINLINE PortableHash_d1 -shake128_init_absorb_f1_771(uint8_t input[4U][34U]) { +shake128_init_absorb_f1_171(uint8_t input[4U][34U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_input[4U][34U]; memcpy(copy_of_input, input, (size_t)4U * sizeof(uint8_t[34U])); - return shake128_init_absorb_791(copy_of_input); + return shake128_init_absorb_371(copy_of_input); } /** @@ -2647,7 +2647,7 @@ libcrux_ml_kem.hash_functions.portable.shake128_squeeze_three_blocks with const generics - K= 4 */ -static KRML_MUSTINLINE void shake128_squeeze_three_blocks_eb1( +static KRML_MUSTINLINE void shake128_squeeze_three_blocks_721( PortableHash_d1 *st, uint8_t ret[4U][504U]) { uint8_t out[4U][504U] = {{0U}}; KRML_MAYBE_FOR4( @@ -2668,9 +2668,9 @@ libcrux_ml_kem.hash_functions.portable.shake128_squeeze_three_blocks_f1 with const generics - K= 4 */ -static KRML_MUSTINLINE void shake128_squeeze_three_blocks_f1_841( +static KRML_MUSTINLINE void shake128_squeeze_three_blocks_f1_751( PortableHash_d1 *self, uint8_t ret[4U][504U]) { - shake128_squeeze_three_blocks_eb1(self, ret); + shake128_squeeze_three_blocks_721(self, ret); } /** @@ -2721,7 +2721,7 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 4 - N= 504 */ -static KRML_MUSTINLINE bool sample_from_uniform_distribution_next_173( +static KRML_MUSTINLINE bool sample_from_uniform_distribution_next_9b3( uint8_t randomness[4U][504U], size_t *sampled_coefficients, int16_t (*out)[272U]) { KRML_MAYBE_FOR4( @@ -2759,7 +2759,7 @@ libcrux_ml_kem.hash_functions.portable.shake128_squeeze_block with const generics - K= 4 */ -static KRML_MUSTINLINE void shake128_squeeze_block_3b1(PortableHash_d1 *st, +static KRML_MUSTINLINE void shake128_squeeze_block_e61(PortableHash_d1 *st, uint8_t ret[4U][168U]) { uint8_t out[4U][168U] = {{0U}}; KRML_MAYBE_FOR4( @@ -2780,9 +2780,9 @@ libcrux_ml_kem.hash_functions.portable.shake128_squeeze_block_f1 with const generics - K= 4 */ -static KRML_MUSTINLINE void shake128_squeeze_block_f1_8e1( +static KRML_MUSTINLINE void shake128_squeeze_block_f1_481( PortableHash_d1 *self, uint8_t ret[4U][168U]) { - shake128_squeeze_block_3b1(self, ret); + shake128_squeeze_block_e61(self, ret); } /** @@ -2833,7 +2833,7 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 4 - N= 168 */ -static KRML_MUSTINLINE bool sample_from_uniform_distribution_next_174( +static KRML_MUSTINLINE bool sample_from_uniform_distribution_next_9b4( uint8_t randomness[4U][168U], size_t *sampled_coefficients, int16_t (*out)[272U]) { KRML_MAYBE_FOR4( @@ -2876,8 +2876,8 @@ with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -from_i16_array_89_33(Eurydice_slice a) { - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 result = ZERO_89_c3(); +from_i16_array_89_4e(Eurydice_slice a) { + libcrux_ml_kem_polynomial_PolynomialRingElement_f0 result = ZERO_89_19(); for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { size_t i0 = i; @@ -2897,9 +2897,9 @@ libcrux_ml_kem_hash_functions_portable_PortableHash[[$4size_t]] with const generics - K= 4 */ -static libcrux_ml_kem_polynomial_PolynomialRingElement_f0 closure_e41( +static libcrux_ml_kem_polynomial_PolynomialRingElement_f0 closure_971( int16_t s[272U]) { - return from_i16_array_89_33( + return from_i16_array_89_4e( Eurydice_array_to_subslice2(s, (size_t)0U, (size_t)256U, int16_t)); } @@ -2910,7 +2910,7 @@ libcrux_ml_kem_hash_functions_portable_PortableHash[[$4size_t]] with const generics - K= 4 */ -static KRML_MUSTINLINE void sample_from_xof_461( +static KRML_MUSTINLINE void sample_from_xof_2f1( uint8_t seeds[4U][34U], libcrux_ml_kem_polynomial_PolynomialRingElement_f0 ret[4U]) { size_t sampled_coefficients[4U] = {0U}; @@ -2918,25 +2918,25 @@ static KRML_MUSTINLINE void sample_from_xof_461( /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_seeds[4U][34U]; memcpy(copy_of_seeds, seeds, (size_t)4U * sizeof(uint8_t[34U])); - PortableHash_d1 xof_state = shake128_init_absorb_f1_771(copy_of_seeds); + PortableHash_d1 xof_state = shake128_init_absorb_f1_171(copy_of_seeds); uint8_t randomness0[4U][504U]; - shake128_squeeze_three_blocks_f1_841(&xof_state, randomness0); + shake128_squeeze_three_blocks_f1_751(&xof_state, randomness0); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness0[4U][504U]; memcpy(copy_of_randomness0, randomness0, (size_t)4U * sizeof(uint8_t[504U])); - bool done = sample_from_uniform_distribution_next_173( + bool done = sample_from_uniform_distribution_next_9b3( copy_of_randomness0, sampled_coefficients, out); while (true) { if (done) { break; } else { uint8_t randomness[4U][168U]; - shake128_squeeze_block_f1_8e1(&xof_state, randomness); + shake128_squeeze_block_f1_481(&xof_state, randomness); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[4U][168U]; memcpy(copy_of_randomness, randomness, (size_t)4U * sizeof(uint8_t[168U])); - done = sample_from_uniform_distribution_next_174( + done = sample_from_uniform_distribution_next_9b4( copy_of_randomness, sampled_coefficients, out); } } @@ -2945,7 +2945,7 @@ static KRML_MUSTINLINE void sample_from_xof_461( memcpy(copy_of_out, out, (size_t)4U * sizeof(int16_t[272U])); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 ret0[4U]; KRML_MAYBE_FOR4(i, (size_t)0U, (size_t)4U, (size_t)1U, - ret0[i] = closure_e41(copy_of_out[i]);); + ret0[i] = closure_971(copy_of_out[i]);); memcpy( ret, ret0, (size_t)4U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); @@ -2958,12 +2958,12 @@ libcrux_ml_kem_hash_functions_portable_PortableHash[[$4size_t]] with const generics - K= 4 */ -static KRML_MUSTINLINE void sample_matrix_A_e71( +static KRML_MUSTINLINE void sample_matrix_A_3c1( uint8_t seed[34U], bool transpose, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 ret[4U][4U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 A_transpose[4U][4U]; KRML_MAYBE_FOR4(i, (size_t)0U, (size_t)4U, (size_t)1U, - closure_fc1(A_transpose[i]);); + closure_8e1(A_transpose[i]);); KRML_MAYBE_FOR4( i0, (size_t)0U, (size_t)4U, (size_t)1U, size_t i1 = i0; /* Passing arrays by value in Rust generates a copy in C */ @@ -2978,7 +2978,7 @@ static KRML_MUSTINLINE void sample_matrix_A_e71( uint8_t copy_of_seeds[4U][34U]; memcpy(copy_of_seeds, seeds, (size_t)4U * sizeof(uint8_t[34U])); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 sampled[4U]; - sample_from_xof_461(copy_of_seeds, sampled); + sample_from_xof_2f1(copy_of_seeds, sampled); for (size_t i = (size_t)0U; i < Eurydice_slice_len( Eurydice_array_to_slice( @@ -3018,7 +3018,7 @@ with const generics - K= 4 - LEN= 128 */ -static KRML_MUSTINLINE void PRFxN_1c2(uint8_t (*input)[33U], +static KRML_MUSTINLINE void PRFxN_d52(uint8_t (*input)[33U], uint8_t ret[4U][128U]) { uint8_t out[4U][128U] = {{0U}}; KRML_MAYBE_FOR4( @@ -3039,9 +3039,9 @@ with const generics - K= 4 - LEN= 128 */ -static KRML_MUSTINLINE void PRFxN_f1_d52(uint8_t (*input)[33U], +static KRML_MUSTINLINE void PRFxN_f1_9f2(uint8_t (*input)[33U], uint8_t ret[4U][128U]) { - PRFxN_1c2(input, ret); + PRFxN_d52(input, ret); } /** @@ -3100,7 +3100,7 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -sample_from_binomial_distribution_2_7b(Eurydice_slice randomness) { +sample_from_binomial_distribution_2_f0(Eurydice_slice randomness) { int16_t sampled_i16s[256U] = {0U}; for (size_t i0 = (size_t)0U; i0 < Eurydice_slice_len(randomness, uint8_t) / (size_t)4U; i0++) { @@ -3134,7 +3134,7 @@ sample_from_binomial_distribution_2_7b(Eurydice_slice randomness) { sampled_i16s[(size_t)8U * chunk_number + offset] = outcome_1 - outcome_2; } } - return from_i16_array_89_33( + return from_i16_array_89_4e( Eurydice_array_to_slice((size_t)256U, sampled_i16s, int16_t)); } @@ -3145,7 +3145,7 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -sample_from_binomial_distribution_3_14(Eurydice_slice randomness) { +sample_from_binomial_distribution_3_77(Eurydice_slice randomness) { int16_t sampled_i16s[256U] = {0U}; for (size_t i0 = (size_t)0U; i0 < Eurydice_slice_len(randomness, uint8_t) / (size_t)3U; i0++) { @@ -3178,7 +3178,7 @@ sample_from_binomial_distribution_3_14(Eurydice_slice randomness) { sampled_i16s[(size_t)4U * chunk_number + offset] = outcome_1 - outcome_2; } } - return from_i16_array_89_33( + return from_i16_array_89_4e( Eurydice_array_to_slice((size_t)256U, sampled_i16s, int16_t)); } @@ -3189,8 +3189,8 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - ETA= 2 */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -sample_from_binomial_distribution_ca(Eurydice_slice randomness) { - return sample_from_binomial_distribution_2_7b(randomness); +sample_from_binomial_distribution_63(Eurydice_slice randomness) { + return sample_from_binomial_distribution_2_f0(randomness); } /** @@ -3199,7 +3199,7 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static KRML_MUSTINLINE void ntt_at_layer_7_60( +static KRML_MUSTINLINE void ntt_at_layer_7_ca( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re) { size_t step = LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT / (size_t)2U; for (size_t i = (size_t)0U; i < step; i++) { @@ -3227,7 +3227,7 @@ with const generics */ static libcrux_ml_kem_vector_portable_vector_type_PortableVector -montgomery_multiply_fe_05( +montgomery_multiply_fe_b1( libcrux_ml_kem_vector_portable_vector_type_PortableVector v, int16_t fer) { return libcrux_ml_kem_vector_portable_montgomery_multiply_by_constant_0d(v, fer); @@ -3241,12 +3241,12 @@ with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector_x2 - ntt_layer_int_vec_step_88( + ntt_layer_int_vec_step_96( libcrux_ml_kem_vector_portable_vector_type_PortableVector a, libcrux_ml_kem_vector_portable_vector_type_PortableVector b, int16_t zeta_r) { libcrux_ml_kem_vector_portable_vector_type_PortableVector t = - montgomery_multiply_fe_05(b, zeta_r); + montgomery_multiply_fe_b1(b, zeta_r); b = libcrux_ml_kem_vector_portable_sub_0d(a, &t); a = libcrux_ml_kem_vector_portable_add_0d(a, &t); return ( @@ -3260,7 +3260,7 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static KRML_MUSTINLINE void ntt_at_layer_4_plus_8c( +static KRML_MUSTINLINE void ntt_at_layer_4_plus_05( size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re, size_t layer) { size_t step = (size_t)1U << (uint32_t)layer; @@ -3273,7 +3273,7 @@ static KRML_MUSTINLINE void ntt_at_layer_4_plus_8c( for (size_t i = offset_vec; i < offset_vec + step_vec; i++) { size_t j = i; libcrux_ml_kem_vector_portable_vector_type_PortableVector_x2 uu____0 = - ntt_layer_int_vec_step_88( + ntt_layer_int_vec_step_96( re->coefficients[j], re->coefficients[j + step_vec], libcrux_ml_kem_polynomial_ZETAS_TIMES_MONTGOMERY_R[zeta_i[0U]]); libcrux_ml_kem_vector_portable_vector_type_PortableVector x = uu____0.fst; @@ -3290,7 +3290,7 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static KRML_MUSTINLINE void ntt_at_layer_3_34( +static KRML_MUSTINLINE void ntt_at_layer_3_38( size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re) { KRML_MAYBE_FOR16( i, (size_t)0U, (size_t)16U, (size_t)1U, size_t round = i; @@ -3308,7 +3308,7 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static KRML_MUSTINLINE void ntt_at_layer_2_26( +static KRML_MUSTINLINE void ntt_at_layer_2_6d( size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re) { KRML_MAYBE_FOR16( i, (size_t)0U, (size_t)16U, (size_t)1U, size_t round = i; @@ -3328,7 +3328,7 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static KRML_MUSTINLINE void ntt_at_layer_1_3c( +static KRML_MUSTINLINE void ntt_at_layer_1_0b( size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re) { KRML_MAYBE_FOR16( i, (size_t)0U, (size_t)16U, (size_t)1U, size_t round = i; @@ -3356,7 +3356,7 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static KRML_MUSTINLINE void poly_barrett_reduce_89_d8( +static KRML_MUSTINLINE void poly_barrett_reduce_89_62( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *self) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { @@ -3374,17 +3374,17 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static KRML_MUSTINLINE void ntt_binomially_sampled_ring_element_63( +static KRML_MUSTINLINE void ntt_binomially_sampled_ring_element_c4( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re) { - ntt_at_layer_7_60(re); + ntt_at_layer_7_ca(re); size_t zeta_i = (size_t)1U; - ntt_at_layer_4_plus_8c(&zeta_i, re, (size_t)6U); - ntt_at_layer_4_plus_8c(&zeta_i, re, (size_t)5U); - ntt_at_layer_4_plus_8c(&zeta_i, re, (size_t)4U); - ntt_at_layer_3_34(&zeta_i, re); - ntt_at_layer_2_26(&zeta_i, re); - ntt_at_layer_1_3c(&zeta_i, re); - poly_barrett_reduce_89_d8(re); + ntt_at_layer_4_plus_05(&zeta_i, re, (size_t)6U); + ntt_at_layer_4_plus_05(&zeta_i, re, (size_t)5U); + ntt_at_layer_4_plus_05(&zeta_i, re, (size_t)4U); + ntt_at_layer_3_38(&zeta_i, re); + ntt_at_layer_2_6d(&zeta_i, re); + ntt_at_layer_1_0b(&zeta_i, re); + poly_barrett_reduce_89_62(re); } /** @@ -3400,11 +3400,11 @@ generics - ETA= 2 - ETA_RANDOMNESS_SIZE= 128 */ -static KRML_MUSTINLINE tuple_710 sample_vector_cbd_then_ntt_781( +static KRML_MUSTINLINE tuple_710 sample_vector_cbd_then_ntt_ce1( uint8_t prf_input[33U], uint8_t domain_separator) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re_as_ntt[4U]; KRML_MAYBE_FOR4(i, (size_t)0U, (size_t)4U, (size_t)1U, - re_as_ntt[i] = ZERO_89_c3();); + re_as_ntt[i] = ZERO_89_19();); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_prf_input[33U]; memcpy(copy_of_prf_input, prf_input, (size_t)33U * sizeof(uint8_t)); @@ -3416,12 +3416,12 @@ static KRML_MUSTINLINE tuple_710 sample_vector_cbd_then_ntt_781( prf_inputs[i0][32U] = domain_separator; domain_separator = (uint32_t)domain_separator + 1U;); uint8_t prf_outputs[4U][128U]; - PRFxN_f1_d52(prf_inputs, prf_outputs); + PRFxN_f1_9f2(prf_inputs, prf_outputs); KRML_MAYBE_FOR4( i, (size_t)0U, (size_t)4U, (size_t)1U, size_t i0 = i; - re_as_ntt[i0] = sample_from_binomial_distribution_ca( + re_as_ntt[i0] = sample_from_binomial_distribution_63( Eurydice_array_to_slice((size_t)128U, prf_outputs[i0], uint8_t)); - ntt_binomially_sampled_ring_element_63(&re_as_ntt[i0]);); + ntt_binomially_sampled_ring_element_c4(&re_as_ntt[i0]);); /* Passing arrays by value in Rust generates a copy in C */ libcrux_ml_kem_polynomial_PolynomialRingElement_f0 copy_of_re_as_ntt[4U]; memcpy( @@ -3473,9 +3473,9 @@ with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -ntt_multiply_89_3b(libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *self, +ntt_multiply_89_58(libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *self, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *rhs) { - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 out = ZERO_89_c3(); + libcrux_ml_kem_polynomial_PolynomialRingElement_f0 out = ZERO_89_19(); for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { size_t i0 = i; @@ -3512,7 +3512,7 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 4 */ -static KRML_MUSTINLINE void add_to_ring_element_89_1e1( +static KRML_MUSTINLINE void add_to_ring_element_89_881( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *self, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *rhs) { for (size_t i = (size_t)0U; @@ -3537,7 +3537,7 @@ with const generics */ static libcrux_ml_kem_vector_portable_vector_type_PortableVector -to_standard_domain_21( +to_standard_domain_97( libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { return libcrux_ml_kem_vector_portable_montgomery_multiply_by_constant_0d( v, LIBCRUX_ML_KEM_VECTOR_TRAITS_MONTGOMERY_R_SQUARED_MOD_FIELD_MODULUS); @@ -3553,14 +3553,14 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static KRML_MUSTINLINE void add_standard_error_reduce_89_64( +static KRML_MUSTINLINE void add_standard_error_reduce_89_82( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *self, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *error) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { size_t j = i; libcrux_ml_kem_vector_portable_vector_type_PortableVector - coefficient_normal_form = to_standard_domain_21(self->coefficients[j]); + coefficient_normal_form = to_standard_domain_97(self->coefficients[j]); libcrux_ml_kem_vector_portable_vector_type_PortableVector uu____0 = libcrux_ml_kem_vector_portable_barrett_reduce_0d( libcrux_ml_kem_vector_portable_add_0d(coefficient_normal_form, @@ -3578,14 +3578,14 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 4 */ -static KRML_MUSTINLINE void compute_As_plus_e_c71( +static KRML_MUSTINLINE void compute_As_plus_e_c81( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 (*matrix_A)[4U], libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *s_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *error_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 ret[4U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 result[4U]; KRML_MAYBE_FOR4(i, (size_t)0U, (size_t)4U, (size_t)1U, - result[i] = ZERO_89_c3();); + result[i] = ZERO_89_19();); for (size_t i0 = (size_t)0U; i0 < Eurydice_slice_len( Eurydice_array_to_slice( @@ -3606,10 +3606,10 @@ static KRML_MUSTINLINE void compute_As_plus_e_c71( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *matrix_element = &row[j]; libcrux_ml_kem_polynomial_PolynomialRingElement_f0 product = - ntt_multiply_89_3b(matrix_element, &s_as_ntt[j]); - add_to_ring_element_89_1e1(&result[i1], &product); + ntt_multiply_89_58(matrix_element, &s_as_ntt[j]); + add_to_ring_element_89_881(&result[i1], &product); } - add_standard_error_reduce_89_64(&result[i1], &error_as_ntt[i1]); + add_standard_error_reduce_89_82(&result[i1], &error_as_ntt[i1]); } memcpy( ret, result, @@ -3628,10 +3628,10 @@ libcrux_ml_kem_variant_MlKem with const generics - ETA1= 2 - ETA1_RANDOMNESS_SIZE= 128 */ -static libcrux_ml_kem_utils_extraction_helper_Keypair1024 generate_keypair_a21( +static libcrux_ml_kem_utils_extraction_helper_Keypair1024 generate_keypair_021( Eurydice_slice key_generation_seed) { uint8_t hashed[64U]; - cpa_keygen_seed_d8_72(key_generation_seed, hashed); + cpa_keygen_seed_d8_e0(key_generation_seed, hashed); Eurydice_slice_uint8_t_x2 uu____0 = Eurydice_slice_split_at( Eurydice_array_to_slice((size_t)64U, hashed, uint8_t), (size_t)32U, uint8_t, Eurydice_slice_uint8_t_x2); @@ -3639,15 +3639,15 @@ static libcrux_ml_kem_utils_extraction_helper_Keypair1024 generate_keypair_a21( Eurydice_slice seed_for_secret_and_error = uu____0.snd; libcrux_ml_kem_polynomial_PolynomialRingElement_f0 A_transpose[4U][4U]; uint8_t ret[34U]; - libcrux_ml_kem_utils_into_padded_array_6d1(seed_for_A0, ret); - sample_matrix_A_e71(ret, true, A_transpose); + libcrux_ml_kem_utils_into_padded_array_421(seed_for_A0, ret); + sample_matrix_A_3c1(ret, true, A_transpose); uint8_t prf_input[33U]; - libcrux_ml_kem_utils_into_padded_array_6d2(seed_for_secret_and_error, + libcrux_ml_kem_utils_into_padded_array_422(seed_for_secret_and_error, prf_input); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_prf_input0[33U]; memcpy(copy_of_prf_input0, prf_input, (size_t)33U * sizeof(uint8_t)); - tuple_710 uu____2 = sample_vector_cbd_then_ntt_781(copy_of_prf_input0, 0U); + tuple_710 uu____2 = sample_vector_cbd_then_ntt_ce1(copy_of_prf_input0, 0U); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 secret_as_ntt[4U]; memcpy( secret_as_ntt, uu____2.fst, @@ -3659,20 +3659,20 @@ static libcrux_ml_kem_utils_extraction_helper_Keypair1024 generate_keypair_a21( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 error_as_ntt[4U]; memcpy( error_as_ntt, - sample_vector_cbd_then_ntt_781(copy_of_prf_input, domain_separator).fst, + sample_vector_cbd_then_ntt_ce1(copy_of_prf_input, domain_separator).fst, (size_t)4U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 t_as_ntt[4U]; - compute_As_plus_e_c71(A_transpose, secret_as_ntt, error_as_ntt, t_as_ntt); + compute_As_plus_e_c81(A_transpose, secret_as_ntt, error_as_ntt, t_as_ntt); uint8_t seed_for_A[32U]; core_result_Result_00 dst; Eurydice_slice_to_array2(&dst, seed_for_A0, Eurydice_slice, uint8_t[32U]); core_result_unwrap_41_33(dst, seed_for_A); uint8_t public_key_serialized[1568U]; - serialize_public_key_671( + serialize_public_key_5d1( t_as_ntt, Eurydice_array_to_slice((size_t)32U, seed_for_A, uint8_t), public_key_serialized); uint8_t secret_key_serialized[1536U]; - serialize_secret_key_a31(secret_as_ntt, secret_key_serialized); + serialize_secret_key_6c1(secret_as_ntt, secret_key_serialized); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_secret_key_serialized[1536U]; memcpy(copy_of_secret_key_serialized, secret_key_serialized, @@ -3699,7 +3699,7 @@ with const generics - K= 4 - SERIALIZED_KEY_LEN= 3168 */ -static KRML_MUSTINLINE void serialize_kem_secret_key_7d( +static KRML_MUSTINLINE void serialize_kem_secret_key_b2( Eurydice_slice private_key, Eurydice_slice public_key, Eurydice_slice implicit_rejection_value, uint8_t ret[3168U]) { uint8_t out[3168U] = {0U}; @@ -3725,7 +3725,7 @@ static KRML_MUSTINLINE void serialize_kem_secret_key_7d( Eurydice_slice uu____6 = Eurydice_array_to_subslice2( out, pointer, pointer + LIBCRUX_ML_KEM_CONSTANTS_H_DIGEST_SIZE, uint8_t); uint8_t ret0[32U]; - H_f1_191(public_key, ret0); + H_f1_c61(public_key, ret0); Eurydice_slice_copy( uu____6, Eurydice_array_to_slice((size_t)32U, ret0, uint8_t), uint8_t); pointer = pointer + LIBCRUX_ML_KEM_CONSTANTS_H_DIGEST_SIZE; @@ -3763,7 +3763,7 @@ libcrux_ml_kem_variant_MlKem with const generics - ETA1_RANDOMNESS_SIZE= 128 */ libcrux_ml_kem_mlkem1024_MlKem1024KeyPair -libcrux_ml_kem_ind_cca_generate_keypair_f61(uint8_t randomness[64U]) { +libcrux_ml_kem_ind_cca_generate_keypair_d41(uint8_t randomness[64U]) { Eurydice_slice ind_cpa_keypair_randomness = Eurydice_array_to_subslice2( randomness, (size_t)0U, LIBCRUX_ML_KEM_CONSTANTS_CPA_PKE_KEY_GENERATION_SEED_SIZE, uint8_t); @@ -3772,13 +3772,13 @@ libcrux_ml_kem_ind_cca_generate_keypair_f61(uint8_t randomness[64U]) { LIBCRUX_ML_KEM_CONSTANTS_CPA_PKE_KEY_GENERATION_SEED_SIZE, uint8_t, size_t); libcrux_ml_kem_utils_extraction_helper_Keypair1024 uu____0 = - generate_keypair_a21(ind_cpa_keypair_randomness); + generate_keypair_021(ind_cpa_keypair_randomness); uint8_t ind_cpa_private_key[1536U]; memcpy(ind_cpa_private_key, uu____0.fst, (size_t)1536U * sizeof(uint8_t)); uint8_t public_key[1568U]; memcpy(public_key, uu____0.snd, (size_t)1568U * sizeof(uint8_t)); uint8_t secret_key_serialized[3168U]; - serialize_kem_secret_key_7d( + serialize_kem_secret_key_b2( Eurydice_array_to_slice((size_t)1536U, ind_cpa_private_key, uint8_t), Eurydice_array_to_slice((size_t)1568U, public_key, uint8_t), implicit_rejection_value, secret_key_serialized); @@ -3787,13 +3787,13 @@ libcrux_ml_kem_ind_cca_generate_keypair_f61(uint8_t randomness[64U]) { memcpy(copy_of_secret_key_serialized, secret_key_serialized, (size_t)3168U * sizeof(uint8_t)); libcrux_ml_kem_types_MlKemPrivateKey_95 private_key = - libcrux_ml_kem_types_from_05_891(copy_of_secret_key_serialized); + libcrux_ml_kem_types_from_05_9d1(copy_of_secret_key_serialized); libcrux_ml_kem_types_MlKemPrivateKey_95 uu____2 = private_key; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_public_key[1568U]; memcpy(copy_of_public_key, public_key, (size_t)1568U * sizeof(uint8_t)); - return libcrux_ml_kem_types_from_17_821( - uu____2, libcrux_ml_kem_types_from_b6_961(copy_of_public_key)); + return libcrux_ml_kem_types_from_17_f61( + uu____2, libcrux_ml_kem_types_from_b6_8c1(copy_of_public_key)); } /** @@ -3806,7 +3806,7 @@ with types libcrux_ml_kem_hash_functions_portable_PortableHash[[$4size_t]] with const generics - K= 4 */ -static KRML_MUSTINLINE void entropy_preprocess_d8_d1(Eurydice_slice randomness, +static KRML_MUSTINLINE void entropy_preprocess_d8_1b(Eurydice_slice randomness, uint8_t ret[32U]) { uint8_t out[32U] = {0U}; Eurydice_slice_copy(Eurydice_array_to_slice((size_t)32U, out, uint8_t), @@ -3827,12 +3827,12 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - PUBLIC_KEY_SIZE= 1536 - K= 4 */ -static KRML_MUSTINLINE void deserialize_ring_elements_reduced_4f3( +static KRML_MUSTINLINE void deserialize_ring_elements_reduced_7e3( Eurydice_slice public_key, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 ret[4U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 deserialized_pk[4U]; KRML_MAYBE_FOR4(i, (size_t)0U, (size_t)4U, (size_t)1U, - deserialized_pk[i] = ZERO_89_c3();); + deserialized_pk[i] = ZERO_89_19();); for (size_t i = (size_t)0U; i < Eurydice_slice_len(public_key, uint8_t) / LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT; @@ -3844,7 +3844,7 @@ static KRML_MUSTINLINE void deserialize_ring_elements_reduced_4f3( LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT, uint8_t); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 uu____0 = - deserialize_to_reduced_ring_element_45(ring_element); + deserialize_to_reduced_ring_element_3f(ring_element); deserialized_pk[i0] = uu____0; } memcpy( @@ -3865,10 +3865,10 @@ generics - ETA2= 2 */ static KRML_MUSTINLINE tuple_710 -sample_ring_element_cbd_a81(uint8_t prf_input[33U], uint8_t domain_separator) { +sample_ring_element_cbd_3a1(uint8_t prf_input[33U], uint8_t domain_separator) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 error_1[4U]; KRML_MAYBE_FOR4(i, (size_t)0U, (size_t)4U, (size_t)1U, - error_1[i] = ZERO_89_c3();); + error_1[i] = ZERO_89_19();); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_prf_input[33U]; memcpy(copy_of_prf_input, prf_input, (size_t)33U * sizeof(uint8_t)); @@ -3880,11 +3880,11 @@ sample_ring_element_cbd_a81(uint8_t prf_input[33U], uint8_t domain_separator) { prf_inputs[i0][32U] = domain_separator; domain_separator = (uint32_t)domain_separator + 1U;); uint8_t prf_outputs[4U][128U]; - PRFxN_f1_d52(prf_inputs, prf_outputs); + PRFxN_f1_9f2(prf_inputs, prf_outputs); KRML_MAYBE_FOR4( i, (size_t)0U, (size_t)4U, (size_t)1U, size_t i0 = i; libcrux_ml_kem_polynomial_PolynomialRingElement_f0 uu____1 = - sample_from_binomial_distribution_ca( + sample_from_binomial_distribution_63( Eurydice_array_to_slice((size_t)128U, prf_outputs[i0], uint8_t)); error_1[i0] = uu____1;); /* Passing arrays by value in Rust generates a copy in C */ @@ -3905,7 +3905,7 @@ A monomorphic instance of libcrux_ml_kem.hash_functions.portable.PRF with const generics - LEN= 128 */ -static KRML_MUSTINLINE void PRF_7c0(Eurydice_slice input, uint8_t ret[128U]) { +static KRML_MUSTINLINE void PRF_440(Eurydice_slice input, uint8_t ret[128U]) { uint8_t digest[128U] = {0U}; libcrux_sha3_portable_shake256( Eurydice_array_to_slice((size_t)128U, digest, uint8_t), input); @@ -3922,9 +3922,9 @@ with const generics - K= 4 - LEN= 128 */ -static KRML_MUSTINLINE void PRF_f1_2e4(Eurydice_slice input, +static KRML_MUSTINLINE void PRF_f1_9d4(Eurydice_slice input, uint8_t ret[128U]) { - PRF_7c0(input, ret); + PRF_440(input, ret); } /** @@ -3933,7 +3933,7 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static KRML_MUSTINLINE void invert_ntt_at_layer_1_4b( +static KRML_MUSTINLINE void invert_ntt_at_layer_1_ca( size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re) { KRML_MAYBE_FOR16( i, (size_t)0U, (size_t)16U, (size_t)1U, size_t round = i; @@ -3957,7 +3957,7 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static KRML_MUSTINLINE void invert_ntt_at_layer_2_2b( +static KRML_MUSTINLINE void invert_ntt_at_layer_2_06( size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re) { KRML_MAYBE_FOR16( i, (size_t)0U, (size_t)16U, (size_t)1U, size_t round = i; @@ -3977,7 +3977,7 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static KRML_MUSTINLINE void invert_ntt_at_layer_3_97( +static KRML_MUSTINLINE void invert_ntt_at_layer_3_0d( size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re) { KRML_MAYBE_FOR16( i, (size_t)0U, (size_t)16U, (size_t)1U, size_t round = i; @@ -3997,7 +3997,7 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector_x2 - inv_ntt_layer_int_vec_step_reduce_aa( + inv_ntt_layer_int_vec_step_reduce_df( libcrux_ml_kem_vector_portable_vector_type_PortableVector a, libcrux_ml_kem_vector_portable_vector_type_PortableVector b, int16_t zeta_r) { @@ -4005,7 +4005,7 @@ static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_sub_0d(b, &a); a = libcrux_ml_kem_vector_portable_barrett_reduce_0d( libcrux_ml_kem_vector_portable_add_0d(a, &b)); - b = montgomery_multiply_fe_05(a_minus_b, zeta_r); + b = montgomery_multiply_fe_b1(a_minus_b, zeta_r); return ( CLITERAL(libcrux_ml_kem_vector_portable_vector_type_PortableVector_x2){ .fst = a, .snd = b}); @@ -4017,7 +4017,7 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static KRML_MUSTINLINE void invert_ntt_at_layer_4_plus_04( +static KRML_MUSTINLINE void invert_ntt_at_layer_4_plus_07( size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re, size_t layer) { size_t step = (size_t)1U << (uint32_t)layer; @@ -4032,7 +4032,7 @@ static KRML_MUSTINLINE void invert_ntt_at_layer_4_plus_04( for (size_t i = offset_vec; i < offset_vec + step_vec; i++) { size_t j = i; libcrux_ml_kem_vector_portable_vector_type_PortableVector_x2 uu____0 = - inv_ntt_layer_int_vec_step_reduce_aa( + inv_ntt_layer_int_vec_step_reduce_df( re->coefficients[j], re->coefficients[j + step_vec], libcrux_ml_kem_polynomial_ZETAS_TIMES_MONTGOMERY_R[zeta_i[0U]]); libcrux_ml_kem_vector_portable_vector_type_PortableVector x = uu____0.fst; @@ -4049,18 +4049,18 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 4 */ -static KRML_MUSTINLINE void invert_ntt_montgomery_c91( +static KRML_MUSTINLINE void invert_ntt_montgomery_471( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re) { size_t zeta_i = LIBCRUX_ML_KEM_CONSTANTS_COEFFICIENTS_IN_RING_ELEMENT / (size_t)2U; - invert_ntt_at_layer_1_4b(&zeta_i, re); - invert_ntt_at_layer_2_2b(&zeta_i, re); - invert_ntt_at_layer_3_97(&zeta_i, re); - invert_ntt_at_layer_4_plus_04(&zeta_i, re, (size_t)4U); - invert_ntt_at_layer_4_plus_04(&zeta_i, re, (size_t)5U); - invert_ntt_at_layer_4_plus_04(&zeta_i, re, (size_t)6U); - invert_ntt_at_layer_4_plus_04(&zeta_i, re, (size_t)7U); - poly_barrett_reduce_89_d8(re); + invert_ntt_at_layer_1_ca(&zeta_i, re); + invert_ntt_at_layer_2_06(&zeta_i, re); + invert_ntt_at_layer_3_0d(&zeta_i, re); + invert_ntt_at_layer_4_plus_07(&zeta_i, re, (size_t)4U); + invert_ntt_at_layer_4_plus_07(&zeta_i, re, (size_t)5U); + invert_ntt_at_layer_4_plus_07(&zeta_i, re, (size_t)6U); + invert_ntt_at_layer_4_plus_07(&zeta_i, re, (size_t)7U); + poly_barrett_reduce_89_62(re); } /** @@ -4073,7 +4073,7 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static KRML_MUSTINLINE void add_error_reduce_89_5d( +static KRML_MUSTINLINE void add_error_reduce_89_20( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *self, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *error) { for (size_t i = (size_t)0U; @@ -4100,14 +4100,14 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 4 */ -static KRML_MUSTINLINE void compute_vector_u_931( +static KRML_MUSTINLINE void compute_vector_u_771( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 (*a_as_ntt)[4U], libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *r_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *error_1, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 ret[4U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 result[4U]; KRML_MAYBE_FOR4(i, (size_t)0U, (size_t)4U, (size_t)1U, - result[i] = ZERO_89_c3();); + result[i] = ZERO_89_19();); for (size_t i0 = (size_t)0U; i0 < Eurydice_slice_len( Eurydice_array_to_slice( @@ -4127,11 +4127,11 @@ static KRML_MUSTINLINE void compute_vector_u_931( size_t j = i; libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *a_element = &row[j]; libcrux_ml_kem_polynomial_PolynomialRingElement_f0 product = - ntt_multiply_89_3b(a_element, &r_as_ntt[j]); - add_to_ring_element_89_1e1(&result[i1], &product); + ntt_multiply_89_58(a_element, &r_as_ntt[j]); + add_to_ring_element_89_881(&result[i1], &product); } - invert_ntt_montgomery_c91(&result[i1]); - add_error_reduce_89_5d(&result[i1], &error_1[i1]); + invert_ntt_montgomery_471(&result[i1]); + add_error_reduce_89_20(&result[i1], &error_1[i1]); } memcpy( ret, result, @@ -4145,7 +4145,7 @@ with const generics */ static libcrux_ml_kem_vector_portable_vector_type_PortableVector -decompress_1_3e(libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { +decompress_1_75(libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { libcrux_ml_kem_vector_portable_vector_type_PortableVector uu____0 = libcrux_ml_kem_vector_portable_ZERO_0d(); return libcrux_ml_kem_vector_portable_bitwise_and_with_constant_0d( @@ -4159,8 +4159,8 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -deserialize_then_decompress_message_f7(uint8_t serialized[32U]) { - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re = ZERO_89_c3(); +deserialize_then_decompress_message_94(uint8_t serialized[32U]) { + libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re = ZERO_89_19(); KRML_MAYBE_FOR16( i, (size_t)0U, (size_t)16U, (size_t)1U, size_t i0 = i; libcrux_ml_kem_vector_portable_vector_type_PortableVector @@ -4170,7 +4170,7 @@ deserialize_then_decompress_message_f7(uint8_t serialized[32U]) { (size_t)2U * i0 + (size_t)2U, uint8_t)); libcrux_ml_kem_vector_portable_vector_type_PortableVector uu____0 = - decompress_1_3e(coefficient_compressed); + decompress_1_75(coefficient_compressed); re.coefficients[i0] = uu____0;); return re; } @@ -4186,7 +4186,7 @@ with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -add_message_error_reduce_89_c4( +add_message_error_reduce_89_57( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *self, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *message, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 result) { @@ -4219,18 +4219,18 @@ with const generics - K= 4 */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -compute_ring_element_v_541( +compute_ring_element_v_fe1( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *t_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *r_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *error_2, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *message) { - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 result = ZERO_89_c3(); + libcrux_ml_kem_polynomial_PolynomialRingElement_f0 result = ZERO_89_19(); KRML_MAYBE_FOR4(i, (size_t)0U, (size_t)4U, (size_t)1U, size_t i0 = i; libcrux_ml_kem_polynomial_PolynomialRingElement_f0 product = - ntt_multiply_89_3b(&t_as_ntt[i0], &r_as_ntt[i0]); - add_to_ring_element_89_1e1(&result, &product);); - invert_ntt_montgomery_c91(&result); - result = add_message_error_reduce_89_c4(error_2, message, result); + ntt_multiply_89_58(&t_as_ntt[i0], &r_as_ntt[i0]); + add_to_ring_element_89_881(&result, &product);); + invert_ntt_montgomery_471(&result); + result = add_message_error_reduce_89_57(error_2, message, result); return result; } @@ -4240,7 +4240,7 @@ with const generics - COEFFICIENT_BITS= 10 */ static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector -compress_dc(libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { +compress_53(libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_ELEMENTS_IN_VECTOR; i++) { size_t i0 = i; @@ -4261,9 +4261,9 @@ A monomorphic instance of libcrux_ml_kem.vector.portable.compress_0d with const generics - COEFFICIENT_BITS= 10 */ -static libcrux_ml_kem_vector_portable_vector_type_PortableVector compress_0d_96( +static libcrux_ml_kem_vector_portable_vector_type_PortableVector compress_0d_fd( libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { - return compress_dc(v); + return compress_53(v); } /** @@ -4272,7 +4272,7 @@ with const generics - COEFFICIENT_BITS= 11 */ static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector -compress_dc0(libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { +compress_530(libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_ELEMENTS_IN_VECTOR; i++) { size_t i0 = i; @@ -4294,8 +4294,8 @@ with const generics - COEFFICIENT_BITS= 11 */ static libcrux_ml_kem_vector_portable_vector_type_PortableVector -compress_0d_960(libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { - return compress_dc0(v); +compress_0d_fd0(libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { + return compress_530(v); } /** @@ -4304,14 +4304,14 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - OUT_LEN= 352 */ -static KRML_MUSTINLINE void compress_then_serialize_11_ef0( +static KRML_MUSTINLINE void compress_then_serialize_11_6f0( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re, uint8_t ret[352U]) { uint8_t serialized[352U] = {0U}; for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { size_t i0 = i; libcrux_ml_kem_vector_portable_vector_type_PortableVector coefficient = - compress_0d_960(to_unsigned_representative_84(re->coefficients[i0])); + compress_0d_fd0(to_unsigned_representative_5d(re->coefficients[i0])); uint8_t bytes[22U]; libcrux_ml_kem_vector_portable_serialize_11_0d(coefficient, bytes); Eurydice_slice uu____0 = Eurydice_array_to_subslice2( @@ -4329,10 +4329,10 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - COMPRESSION_FACTOR= 11 - OUT_LEN= 352 */ -static KRML_MUSTINLINE void compress_then_serialize_ring_element_u_2e0( +static KRML_MUSTINLINE void compress_then_serialize_ring_element_u_4e0( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re, uint8_t ret[352U]) { uint8_t uu____0[352U]; - compress_then_serialize_11_ef0(re, uu____0); + compress_then_serialize_11_6f0(re, uu____0); memcpy(ret, uu____0, (size_t)352U * sizeof(uint8_t)); } @@ -4348,7 +4348,7 @@ with const generics - COMPRESSION_FACTOR= 11 - BLOCK_LEN= 352 */ -static void compress_then_serialize_u_281( +static void compress_then_serialize_u_861( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 input[4U], Eurydice_slice out) { for (size_t i = (size_t)0U; @@ -4364,7 +4364,7 @@ static void compress_then_serialize_u_281( out, i0 * ((size_t)1408U / (size_t)4U), (i0 + (size_t)1U) * ((size_t)1408U / (size_t)4U), uint8_t); uint8_t ret[352U]; - compress_then_serialize_ring_element_u_2e0(&re, ret); + compress_then_serialize_ring_element_u_4e0(&re, ret); Eurydice_slice_copy( uu____0, Eurydice_array_to_slice((size_t)352U, ret, uint8_t), uint8_t); } @@ -4376,7 +4376,7 @@ with const generics - COEFFICIENT_BITS= 4 */ static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector -compress_dc1(libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { +compress_531(libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_ELEMENTS_IN_VECTOR; i++) { size_t i0 = i; @@ -4398,8 +4398,8 @@ with const generics - COEFFICIENT_BITS= 4 */ static libcrux_ml_kem_vector_portable_vector_type_PortableVector -compress_0d_961(libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { - return compress_dc1(v); +compress_0d_fd1(libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { + return compress_531(v); } /** @@ -4408,14 +4408,14 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static KRML_MUSTINLINE void compress_then_serialize_4_80( +static KRML_MUSTINLINE void compress_then_serialize_4_97( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re, Eurydice_slice serialized) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { size_t i0 = i; libcrux_ml_kem_vector_portable_vector_type_PortableVector coefficient = - compress_0d_961(to_unsigned_representative_84(re.coefficients[i0])); + compress_0d_fd1(to_unsigned_representative_5d(re.coefficients[i0])); uint8_t bytes[8U]; libcrux_ml_kem_vector_portable_serialize_4_0d(coefficient, bytes); Eurydice_slice_copy( @@ -4431,7 +4431,7 @@ with const generics - COEFFICIENT_BITS= 5 */ static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector -compress_dc2(libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { +compress_532(libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_ELEMENTS_IN_VECTOR; i++) { size_t i0 = i; @@ -4453,8 +4453,8 @@ with const generics - COEFFICIENT_BITS= 5 */ static libcrux_ml_kem_vector_portable_vector_type_PortableVector -compress_0d_962(libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { - return compress_dc2(v); +compress_0d_fd2(libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { + return compress_532(v); } /** @@ -4463,14 +4463,14 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static KRML_MUSTINLINE void compress_then_serialize_5_3c( +static KRML_MUSTINLINE void compress_then_serialize_5_0a( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re, Eurydice_slice serialized) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { size_t i0 = i; libcrux_ml_kem_vector_portable_vector_type_PortableVector coefficients = - compress_0d_962(to_unsigned_representative_84(re.coefficients[i0])); + compress_0d_fd2(to_unsigned_representative_5d(re.coefficients[i0])); uint8_t bytes[10U]; libcrux_ml_kem_vector_portable_serialize_5_0d(coefficients, bytes); Eurydice_slice_copy( @@ -4487,9 +4487,9 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - COMPRESSION_FACTOR= 5 - OUT_LEN= 160 */ -static KRML_MUSTINLINE void compress_then_serialize_ring_element_v_650( +static KRML_MUSTINLINE void compress_then_serialize_ring_element_v_800( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re, Eurydice_slice out) { - compress_then_serialize_5_3c(re, out); + compress_then_serialize_5_0a(re, out); } /** @@ -4510,24 +4510,24 @@ generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -static void encrypt_7b1(Eurydice_slice public_key, uint8_t message[32U], +static void encrypt_8c1(Eurydice_slice public_key, uint8_t message[32U], Eurydice_slice randomness, uint8_t ret[1568U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 t_as_ntt[4U]; - deserialize_ring_elements_reduced_4f3( + deserialize_ring_elements_reduced_7e3( Eurydice_slice_subslice_to(public_key, (size_t)1536U, uint8_t, size_t), t_as_ntt); Eurydice_slice seed = Eurydice_slice_subslice_from(public_key, (size_t)1536U, uint8_t, size_t); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 A[4U][4U]; uint8_t ret0[34U]; - libcrux_ml_kem_utils_into_padded_array_6d1(seed, ret0); - sample_matrix_A_e71(ret0, false, A); + libcrux_ml_kem_utils_into_padded_array_421(seed, ret0); + sample_matrix_A_3c1(ret0, false, A); uint8_t prf_input[33U]; - libcrux_ml_kem_utils_into_padded_array_6d2(randomness, prf_input); + libcrux_ml_kem_utils_into_padded_array_422(randomness, prf_input); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_prf_input0[33U]; memcpy(copy_of_prf_input0, prf_input, (size_t)33U * sizeof(uint8_t)); - tuple_710 uu____1 = sample_vector_cbd_then_ntt_781(copy_of_prf_input0, 0U); + tuple_710 uu____1 = sample_vector_cbd_then_ntt_ce1(copy_of_prf_input0, 0U); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 r_as_ntt[4U]; memcpy( r_as_ntt, uu____1.fst, @@ -4537,7 +4537,7 @@ static void encrypt_7b1(Eurydice_slice public_key, uint8_t message[32U], uint8_t copy_of_prf_input[33U]; memcpy(copy_of_prf_input, prf_input, (size_t)33U * sizeof(uint8_t)); tuple_710 uu____3 = - sample_ring_element_cbd_a81(copy_of_prf_input, domain_separator0); + sample_ring_element_cbd_3a1(copy_of_prf_input, domain_separator0); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 error_1[4U]; memcpy( error_1, uu____3.fst, @@ -4545,31 +4545,31 @@ static void encrypt_7b1(Eurydice_slice public_key, uint8_t message[32U], uint8_t domain_separator = uu____3.snd; prf_input[32U] = domain_separator; uint8_t prf_output[128U]; - PRF_f1_2e4(Eurydice_array_to_slice((size_t)33U, prf_input, uint8_t), + PRF_f1_9d4(Eurydice_array_to_slice((size_t)33U, prf_input, uint8_t), prf_output); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 error_2 = - sample_from_binomial_distribution_ca( + sample_from_binomial_distribution_63( Eurydice_array_to_slice((size_t)128U, prf_output, uint8_t)); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 u[4U]; - compute_vector_u_931(A, r_as_ntt, error_1, u); + compute_vector_u_771(A, r_as_ntt, error_1, u); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_message[32U]; memcpy(copy_of_message, message, (size_t)32U * sizeof(uint8_t)); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 message_as_ring_element = - deserialize_then_decompress_message_f7(copy_of_message); + deserialize_then_decompress_message_94(copy_of_message); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 v = - compute_ring_element_v_541(t_as_ntt, r_as_ntt, &error_2, + compute_ring_element_v_fe1(t_as_ntt, r_as_ntt, &error_2, &message_as_ring_element); uint8_t ciphertext[1568U] = {0U}; libcrux_ml_kem_polynomial_PolynomialRingElement_f0 uu____5[4U]; memcpy( uu____5, u, (size_t)4U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); - compress_then_serialize_u_281( + compress_then_serialize_u_861( uu____5, Eurydice_array_to_subslice2(ciphertext, (size_t)0U, (size_t)1408U, uint8_t)); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 uu____6 = v; - compress_then_serialize_ring_element_v_650( + compress_then_serialize_ring_element_v_800( uu____6, Eurydice_array_to_subslice_from((size_t)1568U, ciphertext, (size_t)1408U, uint8_t, size_t)); memcpy(ret, ciphertext, (size_t)1568U * sizeof(uint8_t)); @@ -4586,7 +4586,7 @@ with const generics - K= 4 - CIPHERTEXT_SIZE= 1568 */ -static KRML_MUSTINLINE void kdf_d8_93(Eurydice_slice shared_secret, +static KRML_MUSTINLINE void kdf_d8_d9(Eurydice_slice shared_secret, uint8_t ret[32U]) { uint8_t out[32U] = {0U}; Eurydice_slice_copy(Eurydice_array_to_slice((size_t)32U, out, uint8_t), @@ -4613,27 +4613,27 @@ libcrux_ml_kem_variant_MlKem with const generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -tuple_21 libcrux_ml_kem_ind_cca_encapsulate_eb1( +tuple_21 libcrux_ml_kem_ind_cca_encapsulate_f41( libcrux_ml_kem_types_MlKemPublicKey_1f *public_key, uint8_t randomness[32U]) { uint8_t randomness0[32U]; - entropy_preprocess_d8_d1( + entropy_preprocess_d8_1b( Eurydice_array_to_slice((size_t)32U, randomness, uint8_t), randomness0); uint8_t to_hash[64U]; - libcrux_ml_kem_utils_into_padded_array_6d( + libcrux_ml_kem_utils_into_padded_array_42( Eurydice_array_to_slice((size_t)32U, randomness0, uint8_t), to_hash); Eurydice_slice uu____0 = Eurydice_array_to_subslice_from( (size_t)64U, to_hash, LIBCRUX_ML_KEM_CONSTANTS_H_DIGEST_SIZE, uint8_t, size_t); uint8_t ret[32U]; - H_f1_191(Eurydice_array_to_slice( - (size_t)1568U, libcrux_ml_kem_types_as_slice_cb_3d1(public_key), + H_f1_c61(Eurydice_array_to_slice( + (size_t)1568U, libcrux_ml_kem_types_as_slice_cb_a91(public_key), uint8_t), ret); Eurydice_slice_copy( uu____0, Eurydice_array_to_slice((size_t)32U, ret, uint8_t), uint8_t); uint8_t hashed[64U]; - G_f1_381(Eurydice_array_to_slice((size_t)64U, to_hash, uint8_t), hashed); + G_f1_071(Eurydice_array_to_slice((size_t)64U, to_hash, uint8_t), hashed); Eurydice_slice_uint8_t_x2 uu____1 = Eurydice_slice_split_at( Eurydice_array_to_slice((size_t)64U, hashed, uint8_t), LIBCRUX_ML_KEM_CONSTANTS_SHARED_SECRET_SIZE, uint8_t, @@ -4641,19 +4641,19 @@ tuple_21 libcrux_ml_kem_ind_cca_encapsulate_eb1( Eurydice_slice shared_secret = uu____1.fst; Eurydice_slice pseudorandomness = uu____1.snd; Eurydice_slice uu____2 = Eurydice_array_to_slice( - (size_t)1568U, libcrux_ml_kem_types_as_slice_cb_3d1(public_key), uint8_t); + (size_t)1568U, libcrux_ml_kem_types_as_slice_cb_a91(public_key), uint8_t); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness0, (size_t)32U * sizeof(uint8_t)); uint8_t ciphertext[1568U]; - encrypt_7b1(uu____2, copy_of_randomness, pseudorandomness, ciphertext); + encrypt_8c1(uu____2, copy_of_randomness, pseudorandomness, ciphertext); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_ciphertext[1568U]; memcpy(copy_of_ciphertext, ciphertext, (size_t)1568U * sizeof(uint8_t)); libcrux_ml_kem_mlkem1024_MlKem1024Ciphertext ciphertext0 = - libcrux_ml_kem_types_from_01_331(copy_of_ciphertext); + libcrux_ml_kem_types_from_01_131(copy_of_ciphertext); uint8_t shared_secret_array[32U]; - kdf_d8_93(shared_secret, shared_secret_array); + kdf_d8_d9(shared_secret, shared_secret_array); libcrux_ml_kem_mlkem1024_MlKem1024Ciphertext uu____5 = ciphertext0; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_shared_secret_array[32U]; @@ -4672,8 +4672,8 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -deserialize_to_uncompressed_ring_element_27(Eurydice_slice serialized) { - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re = ZERO_89_c3(); +deserialize_to_uncompressed_ring_element_79(Eurydice_slice serialized) { + libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re = ZERO_89_19(); for (size_t i = (size_t)0U; i < Eurydice_slice_len(serialized, uint8_t) / (size_t)24U; i++) { size_t i0 = i; @@ -4695,12 +4695,12 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 4 */ -static KRML_MUSTINLINE void deserialize_secret_key_7b1( +static KRML_MUSTINLINE void deserialize_secret_key_301( Eurydice_slice secret_key, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 ret[4U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 secret_as_ntt[4U]; KRML_MAYBE_FOR4(i, (size_t)0U, (size_t)4U, (size_t)1U, - secret_as_ntt[i] = ZERO_89_c3();); + secret_as_ntt[i] = ZERO_89_19();); for (size_t i = (size_t)0U; i < Eurydice_slice_len(secret_key, uint8_t) / LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT; @@ -4712,7 +4712,7 @@ static KRML_MUSTINLINE void deserialize_secret_key_7b1( LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT, uint8_t); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 uu____0 = - deserialize_to_uncompressed_ring_element_27(secret_bytes); + deserialize_to_uncompressed_ring_element_79(secret_bytes); secret_as_ntt[i0] = uu____0; } memcpy( @@ -4737,7 +4737,7 @@ const generics - COEFFICIENT_BITS= 10 */ static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector -decompress_ciphertext_coefficient_84( +decompress_ciphertext_coefficient_86( libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_ELEMENTS_IN_VECTOR; i++) { @@ -4762,9 +4762,9 @@ generics - COEFFICIENT_BITS= 10 */ static libcrux_ml_kem_vector_portable_vector_type_PortableVector -decompress_ciphertext_coefficient_0d_b3( +decompress_ciphertext_coefficient_0d_4c( libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { - return decompress_ciphertext_coefficient_84(v); + return decompress_ciphertext_coefficient_86(v); } /** @@ -4774,8 +4774,8 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -deserialize_then_decompress_10_50(Eurydice_slice serialized) { - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re = ZERO_89_c3(); +deserialize_then_decompress_10_4c(Eurydice_slice serialized) { + libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re = ZERO_89_19(); for (size_t i = (size_t)0U; i < Eurydice_slice_len(serialized, uint8_t) / (size_t)20U; i++) { size_t i0 = i; @@ -4784,7 +4784,7 @@ deserialize_then_decompress_10_50(Eurydice_slice serialized) { libcrux_ml_kem_vector_portable_vector_type_PortableVector coefficient = libcrux_ml_kem_vector_portable_deserialize_10_0d(bytes); libcrux_ml_kem_vector_portable_vector_type_PortableVector uu____0 = - decompress_ciphertext_coefficient_0d_b3(coefficient); + decompress_ciphertext_coefficient_0d_4c(coefficient); re.coefficients[i0] = uu____0; } return re; @@ -4797,7 +4797,7 @@ const generics - COEFFICIENT_BITS= 11 */ static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector -decompress_ciphertext_coefficient_840( +decompress_ciphertext_coefficient_860( libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_ELEMENTS_IN_VECTOR; i++) { @@ -4822,9 +4822,9 @@ generics - COEFFICIENT_BITS= 11 */ static libcrux_ml_kem_vector_portable_vector_type_PortableVector -decompress_ciphertext_coefficient_0d_b30( +decompress_ciphertext_coefficient_0d_4c0( libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { - return decompress_ciphertext_coefficient_840(v); + return decompress_ciphertext_coefficient_860(v); } /** @@ -4834,8 +4834,8 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -deserialize_then_decompress_11_1f(Eurydice_slice serialized) { - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re = ZERO_89_c3(); +deserialize_then_decompress_11_c3(Eurydice_slice serialized) { + libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re = ZERO_89_19(); for (size_t i = (size_t)0U; i < Eurydice_slice_len(serialized, uint8_t) / (size_t)22U; i++) { size_t i0 = i; @@ -4844,7 +4844,7 @@ deserialize_then_decompress_11_1f(Eurydice_slice serialized) { libcrux_ml_kem_vector_portable_vector_type_PortableVector coefficient = libcrux_ml_kem_vector_portable_deserialize_11_0d(bytes); libcrux_ml_kem_vector_portable_vector_type_PortableVector uu____0 = - decompress_ciphertext_coefficient_0d_b30(coefficient); + decompress_ciphertext_coefficient_0d_4c0(coefficient); re.coefficients[i0] = uu____0; } return re; @@ -4857,8 +4857,8 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - COMPRESSION_FACTOR= 11 */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -deserialize_then_decompress_ring_element_u_c20(Eurydice_slice serialized) { - return deserialize_then_decompress_11_1f(serialized); +deserialize_then_decompress_ring_element_u_770(Eurydice_slice serialized) { + return deserialize_then_decompress_11_c3(serialized); } /** @@ -4867,17 +4867,17 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - VECTOR_U_COMPRESSION_FACTOR= 11 */ -static KRML_MUSTINLINE void ntt_vector_u_6f0( +static KRML_MUSTINLINE void ntt_vector_u_340( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re) { size_t zeta_i = (size_t)0U; - ntt_at_layer_4_plus_8c(&zeta_i, re, (size_t)7U); - ntt_at_layer_4_plus_8c(&zeta_i, re, (size_t)6U); - ntt_at_layer_4_plus_8c(&zeta_i, re, (size_t)5U); - ntt_at_layer_4_plus_8c(&zeta_i, re, (size_t)4U); - ntt_at_layer_3_34(&zeta_i, re); - ntt_at_layer_2_26(&zeta_i, re); - ntt_at_layer_1_3c(&zeta_i, re); - poly_barrett_reduce_89_d8(re); + ntt_at_layer_4_plus_05(&zeta_i, re, (size_t)7U); + ntt_at_layer_4_plus_05(&zeta_i, re, (size_t)6U); + ntt_at_layer_4_plus_05(&zeta_i, re, (size_t)5U); + ntt_at_layer_4_plus_05(&zeta_i, re, (size_t)4U); + ntt_at_layer_3_38(&zeta_i, re); + ntt_at_layer_2_6d(&zeta_i, re); + ntt_at_layer_1_0b(&zeta_i, re); + poly_barrett_reduce_89_62(re); } /** @@ -4892,12 +4892,12 @@ with const generics - CIPHERTEXT_SIZE= 1568 - U_COMPRESSION_FACTOR= 11 */ -static KRML_MUSTINLINE void deserialize_then_decompress_u_1a1( +static KRML_MUSTINLINE void deserialize_then_decompress_u_321( uint8_t *ciphertext, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 ret[4U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 u_as_ntt[4U]; KRML_MAYBE_FOR4(i, (size_t)0U, (size_t)4U, (size_t)1U, - u_as_ntt[i] = ZERO_89_c3();); + u_as_ntt[i] = ZERO_89_19();); for (size_t i = (size_t)0U; i < Eurydice_slice_len( Eurydice_array_to_slice((size_t)1568U, ciphertext, uint8_t), @@ -4915,8 +4915,8 @@ static KRML_MUSTINLINE void deserialize_then_decompress_u_1a1( LIBCRUX_ML_KEM_CONSTANTS_COEFFICIENTS_IN_RING_ELEMENT * (size_t)11U / (size_t)8U, uint8_t); - u_as_ntt[i0] = deserialize_then_decompress_ring_element_u_c20(u_bytes); - ntt_vector_u_6f0(&u_as_ntt[i0]); + u_as_ntt[i0] = deserialize_then_decompress_ring_element_u_770(u_bytes); + ntt_vector_u_340(&u_as_ntt[i0]); } memcpy( ret, u_as_ntt, @@ -4930,7 +4930,7 @@ const generics - COEFFICIENT_BITS= 4 */ static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector -decompress_ciphertext_coefficient_841( +decompress_ciphertext_coefficient_861( libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_ELEMENTS_IN_VECTOR; i++) { @@ -4955,9 +4955,9 @@ generics - COEFFICIENT_BITS= 4 */ static libcrux_ml_kem_vector_portable_vector_type_PortableVector -decompress_ciphertext_coefficient_0d_b31( +decompress_ciphertext_coefficient_0d_4c1( libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { - return decompress_ciphertext_coefficient_841(v); + return decompress_ciphertext_coefficient_861(v); } /** @@ -4967,8 +4967,8 @@ with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -deserialize_then_decompress_4_94(Eurydice_slice serialized) { - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re = ZERO_89_c3(); +deserialize_then_decompress_4_ad(Eurydice_slice serialized) { + libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re = ZERO_89_19(); for (size_t i = (size_t)0U; i < Eurydice_slice_len(serialized, uint8_t) / (size_t)8U; i++) { size_t i0 = i; @@ -4977,7 +4977,7 @@ deserialize_then_decompress_4_94(Eurydice_slice serialized) { libcrux_ml_kem_vector_portable_vector_type_PortableVector coefficient = libcrux_ml_kem_vector_portable_deserialize_4_0d(bytes); libcrux_ml_kem_vector_portable_vector_type_PortableVector uu____0 = - decompress_ciphertext_coefficient_0d_b31(coefficient); + decompress_ciphertext_coefficient_0d_4c1(coefficient); re.coefficients[i0] = uu____0; } return re; @@ -4990,7 +4990,7 @@ const generics - COEFFICIENT_BITS= 5 */ static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector -decompress_ciphertext_coefficient_842( +decompress_ciphertext_coefficient_862( libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_ELEMENTS_IN_VECTOR; i++) { @@ -5015,9 +5015,9 @@ generics - COEFFICIENT_BITS= 5 */ static libcrux_ml_kem_vector_portable_vector_type_PortableVector -decompress_ciphertext_coefficient_0d_b32( +decompress_ciphertext_coefficient_0d_4c2( libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { - return decompress_ciphertext_coefficient_842(v); + return decompress_ciphertext_coefficient_862(v); } /** @@ -5027,8 +5027,8 @@ with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -deserialize_then_decompress_5_100(Eurydice_slice serialized) { - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re = ZERO_89_c3(); +deserialize_then_decompress_5_3f(Eurydice_slice serialized) { + libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re = ZERO_89_19(); for (size_t i = (size_t)0U; i < Eurydice_slice_len(serialized, uint8_t) / (size_t)10U; i++) { size_t i0 = i; @@ -5037,7 +5037,7 @@ deserialize_then_decompress_5_100(Eurydice_slice serialized) { re.coefficients[i0] = libcrux_ml_kem_vector_portable_deserialize_5_0d(bytes); libcrux_ml_kem_vector_portable_vector_type_PortableVector uu____1 = - decompress_ciphertext_coefficient_0d_b32(re.coefficients[i0]); + decompress_ciphertext_coefficient_0d_4c2(re.coefficients[i0]); re.coefficients[i0] = uu____1; } return re; @@ -5050,8 +5050,8 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - COMPRESSION_FACTOR= 5 */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -deserialize_then_decompress_ring_element_v_930(Eurydice_slice serialized) { - return deserialize_then_decompress_5_100(serialized); +deserialize_then_decompress_ring_element_v_0d0(Eurydice_slice serialized) { + return deserialize_then_decompress_5_3f(serialized); } /** @@ -5065,7 +5065,7 @@ with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -subtract_reduce_89_61(libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *self, +subtract_reduce_89_ee(libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *self, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 b) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { @@ -5096,17 +5096,17 @@ with const generics - K= 4 */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -compute_message_c91( +compute_message_291( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *v, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *secret_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *u_as_ntt) { - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 result = ZERO_89_c3(); + libcrux_ml_kem_polynomial_PolynomialRingElement_f0 result = ZERO_89_19(); KRML_MAYBE_FOR4(i, (size_t)0U, (size_t)4U, (size_t)1U, size_t i0 = i; libcrux_ml_kem_polynomial_PolynomialRingElement_f0 product = - ntt_multiply_89_3b(&secret_as_ntt[i0], &u_as_ntt[i0]); - add_to_ring_element_89_1e1(&result, &product);); - invert_ntt_montgomery_c91(&result); - result = subtract_reduce_89_61(v, result); + ntt_multiply_89_58(&secret_as_ntt[i0], &u_as_ntt[i0]); + add_to_ring_element_89_881(&result, &product);); + invert_ntt_montgomery_471(&result); + result = subtract_reduce_89_ee(v, result); return result; } @@ -5116,13 +5116,13 @@ libcrux_ml_kem.serialize.compress_then_serialize_message with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static KRML_MUSTINLINE void compress_then_serialize_message_d4( +static KRML_MUSTINLINE void compress_then_serialize_message_62( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re, uint8_t ret[32U]) { uint8_t serialized[32U] = {0U}; KRML_MAYBE_FOR16( i, (size_t)0U, (size_t)16U, (size_t)1U, size_t i0 = i; libcrux_ml_kem_vector_portable_vector_type_PortableVector coefficient = - to_unsigned_representative_84(re.coefficients[i0]); + to_unsigned_representative_5d(re.coefficients[i0]); libcrux_ml_kem_vector_portable_vector_type_PortableVector coefficient_compressed = libcrux_ml_kem_vector_portable_compress_1_0d(coefficient); @@ -5170,18 +5170,18 @@ with const generics - U_COMPRESSION_FACTOR= 11 - V_COMPRESSION_FACTOR= 5 */ -static void decrypt_unpacked_6b1(IndCpaPrivateKeyUnpacked_42 *secret_key, +static void decrypt_unpacked_3c1(IndCpaPrivateKeyUnpacked_42 *secret_key, uint8_t *ciphertext, uint8_t ret[32U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 u_as_ntt[4U]; - deserialize_then_decompress_u_1a1(ciphertext, u_as_ntt); + deserialize_then_decompress_u_321(ciphertext, u_as_ntt); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 v = - deserialize_then_decompress_ring_element_v_930( + deserialize_then_decompress_ring_element_v_0d0( Eurydice_array_to_subslice_from((size_t)1568U, ciphertext, (size_t)1408U, uint8_t, size_t)); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 message = - compute_message_c91(&v, secret_key->secret_as_ntt, u_as_ntt); + compute_message_291(&v, secret_key->secret_as_ntt, u_as_ntt); uint8_t ret0[32U]; - compress_then_serialize_message_d4(message, ret0); + compress_then_serialize_message_62(message, ret0); memcpy(ret, ret0, (size_t)32U * sizeof(uint8_t)); } @@ -5195,10 +5195,10 @@ with const generics - U_COMPRESSION_FACTOR= 11 - V_COMPRESSION_FACTOR= 5 */ -static void decrypt_121(Eurydice_slice secret_key, uint8_t *ciphertext, +static void decrypt_d31(Eurydice_slice secret_key, uint8_t *ciphertext, uint8_t ret[32U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 secret_as_ntt[4U]; - deserialize_secret_key_7b1(secret_key, secret_as_ntt); + deserialize_secret_key_301(secret_key, secret_as_ntt); /* Passing arrays by value in Rust generates a copy in C */ libcrux_ml_kem_polynomial_PolynomialRingElement_f0 copy_of_secret_as_ntt[4U]; memcpy( @@ -5209,7 +5209,7 @@ static void decrypt_121(Eurydice_slice secret_key, uint8_t *ciphertext, secret_key_unpacked.secret_as_ntt, copy_of_secret_as_ntt, (size_t)4U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); uint8_t ret0[32U]; - decrypt_unpacked_6b1(&secret_key_unpacked, ciphertext, ret0); + decrypt_unpacked_3c1(&secret_key_unpacked, ciphertext, ret0); memcpy(ret, ret0, (size_t)32U * sizeof(uint8_t)); } @@ -5218,7 +5218,7 @@ A monomorphic instance of libcrux_ml_kem.hash_functions.portable.PRF with const generics - LEN= 32 */ -static KRML_MUSTINLINE void PRF_7c(Eurydice_slice input, uint8_t ret[32U]) { +static KRML_MUSTINLINE void PRF_44(Eurydice_slice input, uint8_t ret[32U]) { uint8_t digest[32U] = {0U}; libcrux_sha3_portable_shake256( Eurydice_array_to_slice((size_t)32U, digest, uint8_t), input); @@ -5235,8 +5235,8 @@ with const generics - K= 4 - LEN= 32 */ -static KRML_MUSTINLINE void PRF_f1_2e3(Eurydice_slice input, uint8_t ret[32U]) { - PRF_7c(input, ret); +static KRML_MUSTINLINE void PRF_f1_9d3(Eurydice_slice input, uint8_t ret[32U]) { + PRF_44(input, ret); } /** @@ -5261,7 +5261,7 @@ libcrux_ml_kem_variant_MlKem with const generics - ETA2_RANDOMNESS_SIZE= 128 - IMPLICIT_REJECTION_HASH_INPUT_SIZE= 1600 */ -void libcrux_ml_kem_ind_cca_decapsulate_1f1( +void libcrux_ml_kem_ind_cca_decapsulate_641( libcrux_ml_kem_types_MlKemPrivateKey_95 *private_key, libcrux_ml_kem_mlkem1024_MlKem1024Ciphertext *ciphertext, uint8_t ret[32U]) { @@ -5280,9 +5280,9 @@ void libcrux_ml_kem_ind_cca_decapsulate_1f1( Eurydice_slice ind_cpa_public_key_hash = uu____2.fst; Eurydice_slice implicit_rejection_value = uu____2.snd; uint8_t decrypted[32U]; - decrypt_121(ind_cpa_secret_key, ciphertext->value, decrypted); + decrypt_d31(ind_cpa_secret_key, ciphertext->value, decrypted); uint8_t to_hash0[64U]; - libcrux_ml_kem_utils_into_padded_array_6d( + libcrux_ml_kem_utils_into_padded_array_42( Eurydice_array_to_slice((size_t)32U, decrypted, uint8_t), to_hash0); Eurydice_slice_copy( Eurydice_array_to_subslice_from( @@ -5290,7 +5290,7 @@ void libcrux_ml_kem_ind_cca_decapsulate_1f1( uint8_t, size_t), ind_cpa_public_key_hash, uint8_t); uint8_t hashed[64U]; - G_f1_381(Eurydice_array_to_slice((size_t)64U, to_hash0, uint8_t), hashed); + G_f1_071(Eurydice_array_to_slice((size_t)64U, to_hash0, uint8_t), hashed); Eurydice_slice_uint8_t_x2 uu____3 = Eurydice_slice_split_at( Eurydice_array_to_slice((size_t)64U, hashed, uint8_t), LIBCRUX_ML_KEM_CONSTANTS_SHARED_SECRET_SIZE, uint8_t, @@ -5298,31 +5298,31 @@ void libcrux_ml_kem_ind_cca_decapsulate_1f1( Eurydice_slice shared_secret0 = uu____3.fst; Eurydice_slice pseudorandomness = uu____3.snd; uint8_t to_hash[1600U]; - libcrux_ml_kem_utils_into_padded_array_6d4(implicit_rejection_value, to_hash); + libcrux_ml_kem_utils_into_padded_array_424(implicit_rejection_value, to_hash); Eurydice_slice uu____4 = Eurydice_array_to_subslice_from( (size_t)1600U, to_hash, LIBCRUX_ML_KEM_CONSTANTS_SHARED_SECRET_SIZE, uint8_t, size_t); - Eurydice_slice_copy(uu____4, libcrux_ml_kem_types_as_ref_00_d81(ciphertext), + Eurydice_slice_copy(uu____4, libcrux_ml_kem_types_as_ref_00_df1(ciphertext), uint8_t); uint8_t implicit_rejection_shared_secret0[32U]; - PRF_f1_2e3(Eurydice_array_to_slice((size_t)1600U, to_hash, uint8_t), + PRF_f1_9d3(Eurydice_array_to_slice((size_t)1600U, to_hash, uint8_t), implicit_rejection_shared_secret0); Eurydice_slice uu____5 = ind_cpa_public_key; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_decrypted[32U]; memcpy(copy_of_decrypted, decrypted, (size_t)32U * sizeof(uint8_t)); uint8_t expected_ciphertext[1568U]; - encrypt_7b1(uu____5, copy_of_decrypted, pseudorandomness, + encrypt_8c1(uu____5, copy_of_decrypted, pseudorandomness, expected_ciphertext); uint8_t implicit_rejection_shared_secret[32U]; - kdf_d8_93(Eurydice_array_to_slice((size_t)32U, + kdf_d8_d9(Eurydice_array_to_slice((size_t)32U, implicit_rejection_shared_secret0, uint8_t), implicit_rejection_shared_secret); uint8_t shared_secret[32U]; - kdf_d8_93(shared_secret0, shared_secret); + kdf_d8_d9(shared_secret0, shared_secret); uint8_t ret0[32U]; libcrux_ml_kem_constant_time_ops_compare_ciphertexts_select_shared_secret_in_constant_time( - libcrux_ml_kem_types_as_ref_00_d81(ciphertext), + libcrux_ml_kem_types_as_ref_00_df1(ciphertext), Eurydice_array_to_slice((size_t)1568U, expected_ciphertext, uint8_t), Eurydice_array_to_slice((size_t)32U, shared_secret, uint8_t), Eurydice_array_to_slice((size_t)32U, implicit_rejection_shared_secret, @@ -5344,12 +5344,12 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - PUBLIC_KEY_SIZE= 800 - K= 2 */ -static KRML_MUSTINLINE void deserialize_ring_elements_reduced_4f2( +static KRML_MUSTINLINE void deserialize_ring_elements_reduced_7e2( Eurydice_slice public_key, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 ret[2U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 deserialized_pk[2U]; KRML_MAYBE_FOR2(i, (size_t)0U, (size_t)2U, (size_t)1U, - deserialized_pk[i] = ZERO_89_c3();); + deserialized_pk[i] = ZERO_89_19();); for (size_t i = (size_t)0U; i < Eurydice_slice_len(public_key, uint8_t) / LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT; @@ -5361,7 +5361,7 @@ static KRML_MUSTINLINE void deserialize_ring_elements_reduced_4f2( LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT, uint8_t); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 uu____0 = - deserialize_to_reduced_ring_element_45(ring_element); + deserialize_to_reduced_ring_element_3f(ring_element); deserialized_pk[i0] = uu____0; } memcpy( @@ -5379,7 +5379,7 @@ with const generics - K= 2 - OUT_LEN= 768 */ -static KRML_MUSTINLINE void serialize_secret_key_a30( +static KRML_MUSTINLINE void serialize_secret_key_6c0( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *key, uint8_t ret[768U]) { uint8_t out[768U] = {0U}; @@ -5397,7 +5397,7 @@ static KRML_MUSTINLINE void serialize_secret_key_a30( (i0 + (size_t)1U) * LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT, uint8_t); uint8_t ret0[384U]; - serialize_uncompressed_ring_element_3c(&re, ret0); + serialize_uncompressed_ring_element_47(&re, ret0); Eurydice_slice_copy( uu____0, Eurydice_array_to_slice((size_t)384U, ret0, uint8_t), uint8_t); } @@ -5415,14 +5415,14 @@ with const generics - RANKED_BYTES_PER_RING_ELEMENT= 768 - PUBLIC_KEY_SIZE= 800 */ -static KRML_MUSTINLINE void serialize_public_key_670( +static KRML_MUSTINLINE void serialize_public_key_5d0( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *t_as_ntt, Eurydice_slice seed_for_a, uint8_t ret[800U]) { uint8_t public_key_serialized[800U] = {0U}; Eurydice_slice uu____0 = Eurydice_array_to_subslice2( public_key_serialized, (size_t)0U, (size_t)768U, uint8_t); uint8_t ret0[768U]; - serialize_secret_key_a30(t_as_ntt, ret0); + serialize_secret_key_6c0(t_as_ntt, ret0); Eurydice_slice_copy( uu____0, Eurydice_array_to_slice((size_t)768U, ret0, uint8_t), uint8_t); Eurydice_slice_copy( @@ -5447,15 +5447,15 @@ with const generics - RANKED_BYTES_PER_RING_ELEMENT= 768 - PUBLIC_KEY_SIZE= 800 */ -bool libcrux_ml_kem_ind_cca_validate_public_key_b70(uint8_t *public_key) { +bool libcrux_ml_kem_ind_cca_validate_public_key_7b0(uint8_t *public_key) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 deserialized_pk[2U]; - deserialize_ring_elements_reduced_4f2( + deserialize_ring_elements_reduced_7e2( Eurydice_array_to_subslice_to((size_t)800U, public_key, (size_t)768U, uint8_t, size_t), deserialized_pk); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *uu____0 = deserialized_pk; uint8_t public_key_serialized[800U]; - serialize_public_key_670( + serialize_public_key_5d0( uu____0, Eurydice_array_to_subslice_from((size_t)800U, public_key, (size_t)768U, uint8_t, size_t), @@ -5473,7 +5473,7 @@ A monomorphic instance of libcrux_ml_kem.hash_functions.portable.H_f1 with const generics - K= 2 */ -static KRML_MUSTINLINE void H_f1_190(Eurydice_slice input, uint8_t ret[32U]) { +static KRML_MUSTINLINE void H_f1_c60(Eurydice_slice input, uint8_t ret[32U]) { libcrux_ml_kem_hash_functions_portable_H(input, ret); } @@ -5492,11 +5492,11 @@ with const generics - SECRET_KEY_SIZE= 1632 - CIPHERTEXT_SIZE= 768 */ -bool libcrux_ml_kem_ind_cca_validate_private_key_03( +bool libcrux_ml_kem_ind_cca_validate_private_key_db( libcrux_ml_kem_types_MlKemPrivateKey_5e *private_key, libcrux_ml_kem_types_MlKemCiphertext_e8 *_ciphertext) { uint8_t t[32U]; - H_f1_190(Eurydice_array_to_subslice2( + H_f1_c60(Eurydice_array_to_subslice2( private_key->value, (size_t)384U * (size_t)2U, (size_t)768U * (size_t)2U + (size_t)32U, uint8_t), t); @@ -5516,7 +5516,7 @@ A monomorphic instance of libcrux_ml_kem.hash_functions.portable.G_f1 with const generics - K= 2 */ -static KRML_MUSTINLINE void G_f1_380(Eurydice_slice input, uint8_t ret[64U]) { +static KRML_MUSTINLINE void G_f1_070(Eurydice_slice input, uint8_t ret[64U]) { libcrux_ml_kem_hash_functions_portable_G(input, ret); } @@ -5530,7 +5530,7 @@ with types libcrux_ml_kem_hash_functions_portable_PortableHash[[$2size_t]] with const generics - K= 2 */ -static KRML_MUSTINLINE void cpa_keygen_seed_d8_4d( +static KRML_MUSTINLINE void cpa_keygen_seed_d8_e8( Eurydice_slice key_generation_seed, uint8_t ret[64U]) { uint8_t seed[33U] = {0U}; Eurydice_slice_copy( @@ -5541,7 +5541,7 @@ static KRML_MUSTINLINE void cpa_keygen_seed_d8_4d( seed[LIBCRUX_ML_KEM_CONSTANTS_CPA_PKE_KEY_GENERATION_SEED_SIZE] = (uint8_t)(size_t)2U; uint8_t ret0[64U]; - G_f1_380(Eurydice_array_to_slice((size_t)33U, seed, uint8_t), ret0); + G_f1_070(Eurydice_array_to_slice((size_t)33U, seed, uint8_t), ret0); memcpy(ret, ret0, (size_t)64U * sizeof(uint8_t)); } @@ -5552,10 +5552,10 @@ libcrux_ml_kem_hash_functions_portable_PortableHash[[$2size_t]] with const generics - K= 2 */ -static void closure_fc0( +static void closure_8e0( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 ret[2U]) { KRML_MAYBE_FOR2(i, (size_t)0U, (size_t)2U, (size_t)1U, - ret[i] = ZERO_89_c3();); + ret[i] = ZERO_89_19();); } /** @@ -5573,7 +5573,7 @@ libcrux_ml_kem.hash_functions.portable.shake128_init_absorb with const generics - K= 2 */ static KRML_MUSTINLINE PortableHash_8b -shake128_init_absorb_790(uint8_t input[2U][34U]) { +shake128_init_absorb_370(uint8_t input[2U][34U]) { libcrux_sha3_generic_keccak_KeccakState_48 shake128_state[2U]; KRML_MAYBE_FOR2( i, (size_t)0U, (size_t)2U, (size_t)1U, @@ -5604,11 +5604,11 @@ generics - K= 2 */ static KRML_MUSTINLINE PortableHash_8b -shake128_init_absorb_f1_770(uint8_t input[2U][34U]) { +shake128_init_absorb_f1_170(uint8_t input[2U][34U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_input[2U][34U]; memcpy(copy_of_input, input, (size_t)2U * sizeof(uint8_t[34U])); - return shake128_init_absorb_790(copy_of_input); + return shake128_init_absorb_370(copy_of_input); } /** @@ -5617,7 +5617,7 @@ libcrux_ml_kem.hash_functions.portable.shake128_squeeze_three_blocks with const generics - K= 2 */ -static KRML_MUSTINLINE void shake128_squeeze_three_blocks_eb0( +static KRML_MUSTINLINE void shake128_squeeze_three_blocks_720( PortableHash_8b *st, uint8_t ret[2U][504U]) { uint8_t out[2U][504U] = {{0U}}; KRML_MAYBE_FOR2( @@ -5638,9 +5638,9 @@ libcrux_ml_kem.hash_functions.portable.shake128_squeeze_three_blocks_f1 with const generics - K= 2 */ -static KRML_MUSTINLINE void shake128_squeeze_three_blocks_f1_840( +static KRML_MUSTINLINE void shake128_squeeze_three_blocks_f1_750( PortableHash_8b *self, uint8_t ret[2U][504U]) { - shake128_squeeze_three_blocks_eb0(self, ret); + shake128_squeeze_three_blocks_720(self, ret); } /** @@ -5691,7 +5691,7 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 2 - N= 504 */ -static KRML_MUSTINLINE bool sample_from_uniform_distribution_next_171( +static KRML_MUSTINLINE bool sample_from_uniform_distribution_next_9b1( uint8_t randomness[2U][504U], size_t *sampled_coefficients, int16_t (*out)[272U]) { KRML_MAYBE_FOR2( @@ -5729,7 +5729,7 @@ libcrux_ml_kem.hash_functions.portable.shake128_squeeze_block with const generics - K= 2 */ -static KRML_MUSTINLINE void shake128_squeeze_block_3b0(PortableHash_8b *st, +static KRML_MUSTINLINE void shake128_squeeze_block_e60(PortableHash_8b *st, uint8_t ret[2U][168U]) { uint8_t out[2U][168U] = {{0U}}; KRML_MAYBE_FOR2( @@ -5750,9 +5750,9 @@ libcrux_ml_kem.hash_functions.portable.shake128_squeeze_block_f1 with const generics - K= 2 */ -static KRML_MUSTINLINE void shake128_squeeze_block_f1_8e0( +static KRML_MUSTINLINE void shake128_squeeze_block_f1_480( PortableHash_8b *self, uint8_t ret[2U][168U]) { - shake128_squeeze_block_3b0(self, ret); + shake128_squeeze_block_e60(self, ret); } /** @@ -5803,7 +5803,7 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 2 - N= 168 */ -static KRML_MUSTINLINE bool sample_from_uniform_distribution_next_172( +static KRML_MUSTINLINE bool sample_from_uniform_distribution_next_9b2( uint8_t randomness[2U][168U], size_t *sampled_coefficients, int16_t (*out)[272U]) { KRML_MAYBE_FOR2( @@ -5842,9 +5842,9 @@ libcrux_ml_kem_hash_functions_portable_PortableHash[[$2size_t]] with const generics - K= 2 */ -static libcrux_ml_kem_polynomial_PolynomialRingElement_f0 closure_e40( +static libcrux_ml_kem_polynomial_PolynomialRingElement_f0 closure_970( int16_t s[272U]) { - return from_i16_array_89_33( + return from_i16_array_89_4e( Eurydice_array_to_subslice2(s, (size_t)0U, (size_t)256U, int16_t)); } @@ -5855,7 +5855,7 @@ libcrux_ml_kem_hash_functions_portable_PortableHash[[$2size_t]] with const generics - K= 2 */ -static KRML_MUSTINLINE void sample_from_xof_460( +static KRML_MUSTINLINE void sample_from_xof_2f0( uint8_t seeds[2U][34U], libcrux_ml_kem_polynomial_PolynomialRingElement_f0 ret[2U]) { size_t sampled_coefficients[2U] = {0U}; @@ -5863,25 +5863,25 @@ static KRML_MUSTINLINE void sample_from_xof_460( /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_seeds[2U][34U]; memcpy(copy_of_seeds, seeds, (size_t)2U * sizeof(uint8_t[34U])); - PortableHash_8b xof_state = shake128_init_absorb_f1_770(copy_of_seeds); + PortableHash_8b xof_state = shake128_init_absorb_f1_170(copy_of_seeds); uint8_t randomness0[2U][504U]; - shake128_squeeze_three_blocks_f1_840(&xof_state, randomness0); + shake128_squeeze_three_blocks_f1_750(&xof_state, randomness0); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness0[2U][504U]; memcpy(copy_of_randomness0, randomness0, (size_t)2U * sizeof(uint8_t[504U])); - bool done = sample_from_uniform_distribution_next_171( + bool done = sample_from_uniform_distribution_next_9b1( copy_of_randomness0, sampled_coefficients, out); while (true) { if (done) { break; } else { uint8_t randomness[2U][168U]; - shake128_squeeze_block_f1_8e0(&xof_state, randomness); + shake128_squeeze_block_f1_480(&xof_state, randomness); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[2U][168U]; memcpy(copy_of_randomness, randomness, (size_t)2U * sizeof(uint8_t[168U])); - done = sample_from_uniform_distribution_next_172( + done = sample_from_uniform_distribution_next_9b2( copy_of_randomness, sampled_coefficients, out); } } @@ -5890,7 +5890,7 @@ static KRML_MUSTINLINE void sample_from_xof_460( memcpy(copy_of_out, out, (size_t)2U * sizeof(int16_t[272U])); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 ret0[2U]; KRML_MAYBE_FOR2(i, (size_t)0U, (size_t)2U, (size_t)1U, - ret0[i] = closure_e40(copy_of_out[i]);); + ret0[i] = closure_970(copy_of_out[i]);); memcpy( ret, ret0, (size_t)2U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); @@ -5903,12 +5903,12 @@ libcrux_ml_kem_hash_functions_portable_PortableHash[[$2size_t]] with const generics - K= 2 */ -static KRML_MUSTINLINE void sample_matrix_A_e70( +static KRML_MUSTINLINE void sample_matrix_A_3c0( uint8_t seed[34U], bool transpose, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 ret[2U][2U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 A_transpose[2U][2U]; KRML_MAYBE_FOR2(i, (size_t)0U, (size_t)2U, (size_t)1U, - closure_fc0(A_transpose[i]);); + closure_8e0(A_transpose[i]);); KRML_MAYBE_FOR2( i0, (size_t)0U, (size_t)2U, (size_t)1U, size_t i1 = i0; /* Passing arrays by value in Rust generates a copy in C */ @@ -5923,7 +5923,7 @@ static KRML_MUSTINLINE void sample_matrix_A_e70( uint8_t copy_of_seeds[2U][34U]; memcpy(copy_of_seeds, seeds, (size_t)2U * sizeof(uint8_t[34U])); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 sampled[2U]; - sample_from_xof_460(copy_of_seeds, sampled); + sample_from_xof_2f0(copy_of_seeds, sampled); for (size_t i = (size_t)0U; i < Eurydice_slice_len( Eurydice_array_to_slice( @@ -5963,7 +5963,7 @@ with const generics - K= 2 - LEN= 192 */ -static KRML_MUSTINLINE void PRFxN_1c0(uint8_t (*input)[33U], +static KRML_MUSTINLINE void PRFxN_d50(uint8_t (*input)[33U], uint8_t ret[2U][192U]) { uint8_t out[2U][192U] = {{0U}}; KRML_MAYBE_FOR2( @@ -5984,9 +5984,9 @@ with const generics - K= 2 - LEN= 192 */ -static KRML_MUSTINLINE void PRFxN_f1_d50(uint8_t (*input)[33U], +static KRML_MUSTINLINE void PRFxN_f1_9f0(uint8_t (*input)[33U], uint8_t ret[2U][192U]) { - PRFxN_1c0(input, ret); + PRFxN_d50(input, ret); } /** @@ -5996,8 +5996,8 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - ETA= 3 */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -sample_from_binomial_distribution_ca0(Eurydice_slice randomness) { - return sample_from_binomial_distribution_3_14(randomness); +sample_from_binomial_distribution_630(Eurydice_slice randomness) { + return sample_from_binomial_distribution_3_77(randomness); } /** @@ -6013,11 +6013,11 @@ generics - ETA= 3 - ETA_RANDOMNESS_SIZE= 192 */ -static KRML_MUSTINLINE tuple_740 sample_vector_cbd_then_ntt_780( +static KRML_MUSTINLINE tuple_740 sample_vector_cbd_then_ntt_ce0( uint8_t prf_input[33U], uint8_t domain_separator) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re_as_ntt[2U]; KRML_MAYBE_FOR2(i, (size_t)0U, (size_t)2U, (size_t)1U, - re_as_ntt[i] = ZERO_89_c3();); + re_as_ntt[i] = ZERO_89_19();); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_prf_input[33U]; memcpy(copy_of_prf_input, prf_input, (size_t)33U * sizeof(uint8_t)); @@ -6029,12 +6029,12 @@ static KRML_MUSTINLINE tuple_740 sample_vector_cbd_then_ntt_780( prf_inputs[i0][32U] = domain_separator; domain_separator = (uint32_t)domain_separator + 1U;); uint8_t prf_outputs[2U][192U]; - PRFxN_f1_d50(prf_inputs, prf_outputs); + PRFxN_f1_9f0(prf_inputs, prf_outputs); KRML_MAYBE_FOR2( i, (size_t)0U, (size_t)2U, (size_t)1U, size_t i0 = i; - re_as_ntt[i0] = sample_from_binomial_distribution_ca0( + re_as_ntt[i0] = sample_from_binomial_distribution_630( Eurydice_array_to_slice((size_t)192U, prf_outputs[i0], uint8_t)); - ntt_binomially_sampled_ring_element_63(&re_as_ntt[i0]);); + ntt_binomially_sampled_ring_element_c4(&re_as_ntt[i0]);); /* Passing arrays by value in Rust generates a copy in C */ libcrux_ml_kem_polynomial_PolynomialRingElement_f0 copy_of_re_as_ntt[2U]; memcpy( @@ -6062,7 +6062,7 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 2 */ -static KRML_MUSTINLINE void add_to_ring_element_89_1e0( +static KRML_MUSTINLINE void add_to_ring_element_89_880( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *self, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *rhs) { for (size_t i = (size_t)0U; @@ -6089,14 +6089,14 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 2 */ -static KRML_MUSTINLINE void compute_As_plus_e_c70( +static KRML_MUSTINLINE void compute_As_plus_e_c80( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 (*matrix_A)[2U], libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *s_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *error_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 ret[2U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 result[2U]; KRML_MAYBE_FOR2(i, (size_t)0U, (size_t)2U, (size_t)1U, - result[i] = ZERO_89_c3();); + result[i] = ZERO_89_19();); for (size_t i0 = (size_t)0U; i0 < Eurydice_slice_len( Eurydice_array_to_slice( @@ -6117,10 +6117,10 @@ static KRML_MUSTINLINE void compute_As_plus_e_c70( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *matrix_element = &row[j]; libcrux_ml_kem_polynomial_PolynomialRingElement_f0 product = - ntt_multiply_89_3b(matrix_element, &s_as_ntt[j]); - add_to_ring_element_89_1e0(&result[i1], &product); + ntt_multiply_89_58(matrix_element, &s_as_ntt[j]); + add_to_ring_element_89_880(&result[i1], &product); } - add_standard_error_reduce_89_64(&result[i1], &error_as_ntt[i1]); + add_standard_error_reduce_89_82(&result[i1], &error_as_ntt[i1]); } memcpy( ret, result, @@ -6139,10 +6139,10 @@ libcrux_ml_kem_variant_MlKem with const generics - ETA1= 3 - ETA1_RANDOMNESS_SIZE= 192 */ -static libcrux_ml_kem_utils_extraction_helper_Keypair512 generate_keypair_a20( +static libcrux_ml_kem_utils_extraction_helper_Keypair512 generate_keypair_020( Eurydice_slice key_generation_seed) { uint8_t hashed[64U]; - cpa_keygen_seed_d8_4d(key_generation_seed, hashed); + cpa_keygen_seed_d8_e8(key_generation_seed, hashed); Eurydice_slice_uint8_t_x2 uu____0 = Eurydice_slice_split_at( Eurydice_array_to_slice((size_t)64U, hashed, uint8_t), (size_t)32U, uint8_t, Eurydice_slice_uint8_t_x2); @@ -6150,15 +6150,15 @@ static libcrux_ml_kem_utils_extraction_helper_Keypair512 generate_keypair_a20( Eurydice_slice seed_for_secret_and_error = uu____0.snd; libcrux_ml_kem_polynomial_PolynomialRingElement_f0 A_transpose[2U][2U]; uint8_t ret[34U]; - libcrux_ml_kem_utils_into_padded_array_6d1(seed_for_A0, ret); - sample_matrix_A_e70(ret, true, A_transpose); + libcrux_ml_kem_utils_into_padded_array_421(seed_for_A0, ret); + sample_matrix_A_3c0(ret, true, A_transpose); uint8_t prf_input[33U]; - libcrux_ml_kem_utils_into_padded_array_6d2(seed_for_secret_and_error, + libcrux_ml_kem_utils_into_padded_array_422(seed_for_secret_and_error, prf_input); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_prf_input0[33U]; memcpy(copy_of_prf_input0, prf_input, (size_t)33U * sizeof(uint8_t)); - tuple_740 uu____2 = sample_vector_cbd_then_ntt_780(copy_of_prf_input0, 0U); + tuple_740 uu____2 = sample_vector_cbd_then_ntt_ce0(copy_of_prf_input0, 0U); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 secret_as_ntt[2U]; memcpy( secret_as_ntt, uu____2.fst, @@ -6170,20 +6170,20 @@ static libcrux_ml_kem_utils_extraction_helper_Keypair512 generate_keypair_a20( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 error_as_ntt[2U]; memcpy( error_as_ntt, - sample_vector_cbd_then_ntt_780(copy_of_prf_input, domain_separator).fst, + sample_vector_cbd_then_ntt_ce0(copy_of_prf_input, domain_separator).fst, (size_t)2U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 t_as_ntt[2U]; - compute_As_plus_e_c70(A_transpose, secret_as_ntt, error_as_ntt, t_as_ntt); + compute_As_plus_e_c80(A_transpose, secret_as_ntt, error_as_ntt, t_as_ntt); uint8_t seed_for_A[32U]; core_result_Result_00 dst; Eurydice_slice_to_array2(&dst, seed_for_A0, Eurydice_slice, uint8_t[32U]); core_result_unwrap_41_33(dst, seed_for_A); uint8_t public_key_serialized[800U]; - serialize_public_key_670( + serialize_public_key_5d0( t_as_ntt, Eurydice_array_to_slice((size_t)32U, seed_for_A, uint8_t), public_key_serialized); uint8_t secret_key_serialized[768U]; - serialize_secret_key_a30(secret_as_ntt, secret_key_serialized); + serialize_secret_key_6c0(secret_as_ntt, secret_key_serialized); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_secret_key_serialized[768U]; memcpy(copy_of_secret_key_serialized, secret_key_serialized, @@ -6210,7 +6210,7 @@ with const generics - K= 2 - SERIALIZED_KEY_LEN= 1632 */ -static KRML_MUSTINLINE void serialize_kem_secret_key_19( +static KRML_MUSTINLINE void serialize_kem_secret_key_a8( Eurydice_slice private_key, Eurydice_slice public_key, Eurydice_slice implicit_rejection_value, uint8_t ret[1632U]) { uint8_t out[1632U] = {0U}; @@ -6236,7 +6236,7 @@ static KRML_MUSTINLINE void serialize_kem_secret_key_19( Eurydice_slice uu____6 = Eurydice_array_to_subslice2( out, pointer, pointer + LIBCRUX_ML_KEM_CONSTANTS_H_DIGEST_SIZE, uint8_t); uint8_t ret0[32U]; - H_f1_190(public_key, ret0); + H_f1_c60(public_key, ret0); Eurydice_slice_copy( uu____6, Eurydice_array_to_slice((size_t)32U, ret0, uint8_t), uint8_t); pointer = pointer + LIBCRUX_ML_KEM_CONSTANTS_H_DIGEST_SIZE; @@ -6274,7 +6274,7 @@ libcrux_ml_kem_variant_MlKem with const generics - ETA1_RANDOMNESS_SIZE= 192 */ libcrux_ml_kem_types_MlKemKeyPair_cb -libcrux_ml_kem_ind_cca_generate_keypair_f60(uint8_t randomness[64U]) { +libcrux_ml_kem_ind_cca_generate_keypair_d40(uint8_t randomness[64U]) { Eurydice_slice ind_cpa_keypair_randomness = Eurydice_array_to_subslice2( randomness, (size_t)0U, LIBCRUX_ML_KEM_CONSTANTS_CPA_PKE_KEY_GENERATION_SEED_SIZE, uint8_t); @@ -6283,13 +6283,13 @@ libcrux_ml_kem_ind_cca_generate_keypair_f60(uint8_t randomness[64U]) { LIBCRUX_ML_KEM_CONSTANTS_CPA_PKE_KEY_GENERATION_SEED_SIZE, uint8_t, size_t); libcrux_ml_kem_utils_extraction_helper_Keypair512 uu____0 = - generate_keypair_a20(ind_cpa_keypair_randomness); + generate_keypair_020(ind_cpa_keypair_randomness); uint8_t ind_cpa_private_key[768U]; memcpy(ind_cpa_private_key, uu____0.fst, (size_t)768U * sizeof(uint8_t)); uint8_t public_key[800U]; memcpy(public_key, uu____0.snd, (size_t)800U * sizeof(uint8_t)); uint8_t secret_key_serialized[1632U]; - serialize_kem_secret_key_19( + serialize_kem_secret_key_a8( Eurydice_array_to_slice((size_t)768U, ind_cpa_private_key, uint8_t), Eurydice_array_to_slice((size_t)800U, public_key, uint8_t), implicit_rejection_value, secret_key_serialized); @@ -6298,13 +6298,13 @@ libcrux_ml_kem_ind_cca_generate_keypair_f60(uint8_t randomness[64U]) { memcpy(copy_of_secret_key_serialized, secret_key_serialized, (size_t)1632U * sizeof(uint8_t)); libcrux_ml_kem_types_MlKemPrivateKey_5e private_key = - libcrux_ml_kem_types_from_05_89(copy_of_secret_key_serialized); + libcrux_ml_kem_types_from_05_9d(copy_of_secret_key_serialized); libcrux_ml_kem_types_MlKemPrivateKey_5e uu____2 = private_key; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_public_key[800U]; memcpy(copy_of_public_key, public_key, (size_t)800U * sizeof(uint8_t)); - return libcrux_ml_kem_types_from_17_82( - uu____2, libcrux_ml_kem_types_from_b6_96(copy_of_public_key)); + return libcrux_ml_kem_types_from_17_f6( + uu____2, libcrux_ml_kem_types_from_b6_8c(copy_of_public_key)); } /** @@ -6317,7 +6317,7 @@ with types libcrux_ml_kem_hash_functions_portable_PortableHash[[$2size_t]] with const generics - K= 2 */ -static KRML_MUSTINLINE void entropy_preprocess_d8_6c(Eurydice_slice randomness, +static KRML_MUSTINLINE void entropy_preprocess_d8_3c(Eurydice_slice randomness, uint8_t ret[32U]) { uint8_t out[32U] = {0U}; Eurydice_slice_copy(Eurydice_array_to_slice((size_t)32U, out, uint8_t), @@ -6338,12 +6338,12 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - PUBLIC_KEY_SIZE= 768 - K= 2 */ -static KRML_MUSTINLINE void deserialize_ring_elements_reduced_4f1( +static KRML_MUSTINLINE void deserialize_ring_elements_reduced_7e1( Eurydice_slice public_key, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 ret[2U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 deserialized_pk[2U]; KRML_MAYBE_FOR2(i, (size_t)0U, (size_t)2U, (size_t)1U, - deserialized_pk[i] = ZERO_89_c3();); + deserialized_pk[i] = ZERO_89_19();); for (size_t i = (size_t)0U; i < Eurydice_slice_len(public_key, uint8_t) / LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT; @@ -6355,7 +6355,7 @@ static KRML_MUSTINLINE void deserialize_ring_elements_reduced_4f1( LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT, uint8_t); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 uu____0 = - deserialize_to_reduced_ring_element_45(ring_element); + deserialize_to_reduced_ring_element_3f(ring_element); deserialized_pk[i0] = uu____0; } memcpy( @@ -6369,7 +6369,7 @@ with const generics - K= 2 - LEN= 128 */ -static KRML_MUSTINLINE void PRFxN_1c1(uint8_t (*input)[33U], +static KRML_MUSTINLINE void PRFxN_d51(uint8_t (*input)[33U], uint8_t ret[2U][128U]) { uint8_t out[2U][128U] = {{0U}}; KRML_MAYBE_FOR2( @@ -6390,9 +6390,9 @@ with const generics - K= 2 - LEN= 128 */ -static KRML_MUSTINLINE void PRFxN_f1_d51(uint8_t (*input)[33U], +static KRML_MUSTINLINE void PRFxN_f1_9f1(uint8_t (*input)[33U], uint8_t ret[2U][128U]) { - PRFxN_1c1(input, ret); + PRFxN_d51(input, ret); } /** @@ -6408,10 +6408,10 @@ generics - ETA2= 2 */ static KRML_MUSTINLINE tuple_740 -sample_ring_element_cbd_a80(uint8_t prf_input[33U], uint8_t domain_separator) { +sample_ring_element_cbd_3a0(uint8_t prf_input[33U], uint8_t domain_separator) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 error_1[2U]; KRML_MAYBE_FOR2(i, (size_t)0U, (size_t)2U, (size_t)1U, - error_1[i] = ZERO_89_c3();); + error_1[i] = ZERO_89_19();); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_prf_input[33U]; memcpy(copy_of_prf_input, prf_input, (size_t)33U * sizeof(uint8_t)); @@ -6423,11 +6423,11 @@ sample_ring_element_cbd_a80(uint8_t prf_input[33U], uint8_t domain_separator) { prf_inputs[i0][32U] = domain_separator; domain_separator = (uint32_t)domain_separator + 1U;); uint8_t prf_outputs[2U][128U]; - PRFxN_f1_d51(prf_inputs, prf_outputs); + PRFxN_f1_9f1(prf_inputs, prf_outputs); KRML_MAYBE_FOR2( i, (size_t)0U, (size_t)2U, (size_t)1U, size_t i0 = i; libcrux_ml_kem_polynomial_PolynomialRingElement_f0 uu____1 = - sample_from_binomial_distribution_ca( + sample_from_binomial_distribution_63( Eurydice_array_to_slice((size_t)128U, prf_outputs[i0], uint8_t)); error_1[i0] = uu____1;); /* Passing arrays by value in Rust generates a copy in C */ @@ -6453,9 +6453,9 @@ with const generics - K= 2 - LEN= 128 */ -static KRML_MUSTINLINE void PRF_f1_2e2(Eurydice_slice input, +static KRML_MUSTINLINE void PRF_f1_9d2(Eurydice_slice input, uint8_t ret[128U]) { - PRF_7c0(input, ret); + PRF_440(input, ret); } /** @@ -6464,18 +6464,18 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 2 */ -static KRML_MUSTINLINE void invert_ntt_montgomery_c90( +static KRML_MUSTINLINE void invert_ntt_montgomery_470( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re) { size_t zeta_i = LIBCRUX_ML_KEM_CONSTANTS_COEFFICIENTS_IN_RING_ELEMENT / (size_t)2U; - invert_ntt_at_layer_1_4b(&zeta_i, re); - invert_ntt_at_layer_2_2b(&zeta_i, re); - invert_ntt_at_layer_3_97(&zeta_i, re); - invert_ntt_at_layer_4_plus_04(&zeta_i, re, (size_t)4U); - invert_ntt_at_layer_4_plus_04(&zeta_i, re, (size_t)5U); - invert_ntt_at_layer_4_plus_04(&zeta_i, re, (size_t)6U); - invert_ntt_at_layer_4_plus_04(&zeta_i, re, (size_t)7U); - poly_barrett_reduce_89_d8(re); + invert_ntt_at_layer_1_ca(&zeta_i, re); + invert_ntt_at_layer_2_06(&zeta_i, re); + invert_ntt_at_layer_3_0d(&zeta_i, re); + invert_ntt_at_layer_4_plus_07(&zeta_i, re, (size_t)4U); + invert_ntt_at_layer_4_plus_07(&zeta_i, re, (size_t)5U); + invert_ntt_at_layer_4_plus_07(&zeta_i, re, (size_t)6U); + invert_ntt_at_layer_4_plus_07(&zeta_i, re, (size_t)7U); + poly_barrett_reduce_89_62(re); } /** @@ -6487,14 +6487,14 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 2 */ -static KRML_MUSTINLINE void compute_vector_u_930( +static KRML_MUSTINLINE void compute_vector_u_770( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 (*a_as_ntt)[2U], libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *r_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *error_1, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 ret[2U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 result[2U]; KRML_MAYBE_FOR2(i, (size_t)0U, (size_t)2U, (size_t)1U, - result[i] = ZERO_89_c3();); + result[i] = ZERO_89_19();); for (size_t i0 = (size_t)0U; i0 < Eurydice_slice_len( Eurydice_array_to_slice( @@ -6514,11 +6514,11 @@ static KRML_MUSTINLINE void compute_vector_u_930( size_t j = i; libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *a_element = &row[j]; libcrux_ml_kem_polynomial_PolynomialRingElement_f0 product = - ntt_multiply_89_3b(a_element, &r_as_ntt[j]); - add_to_ring_element_89_1e0(&result[i1], &product); + ntt_multiply_89_58(a_element, &r_as_ntt[j]); + add_to_ring_element_89_880(&result[i1], &product); } - invert_ntt_montgomery_c90(&result[i1]); - add_error_reduce_89_5d(&result[i1], &error_1[i1]); + invert_ntt_montgomery_470(&result[i1]); + add_error_reduce_89_20(&result[i1], &error_1[i1]); } memcpy( ret, result, @@ -6535,18 +6535,18 @@ with const generics - K= 2 */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -compute_ring_element_v_540( +compute_ring_element_v_fe0( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *t_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *r_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *error_2, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *message) { - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 result = ZERO_89_c3(); + libcrux_ml_kem_polynomial_PolynomialRingElement_f0 result = ZERO_89_19(); KRML_MAYBE_FOR2(i, (size_t)0U, (size_t)2U, (size_t)1U, size_t i0 = i; libcrux_ml_kem_polynomial_PolynomialRingElement_f0 product = - ntt_multiply_89_3b(&t_as_ntt[i0], &r_as_ntt[i0]); - add_to_ring_element_89_1e0(&result, &product);); - invert_ntt_montgomery_c90(&result); - result = add_message_error_reduce_89_c4(error_2, message, result); + ntt_multiply_89_58(&t_as_ntt[i0], &r_as_ntt[i0]); + add_to_ring_element_89_880(&result, &product);); + invert_ntt_montgomery_470(&result); + result = add_message_error_reduce_89_57(error_2, message, result); return result; } @@ -6556,14 +6556,14 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - OUT_LEN= 320 */ -static KRML_MUSTINLINE void compress_then_serialize_10_88( +static KRML_MUSTINLINE void compress_then_serialize_10_f3( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re, uint8_t ret[320U]) { uint8_t serialized[320U] = {0U}; for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { size_t i0 = i; libcrux_ml_kem_vector_portable_vector_type_PortableVector coefficient = - compress_0d_96(to_unsigned_representative_84(re->coefficients[i0])); + compress_0d_fd(to_unsigned_representative_5d(re->coefficients[i0])); uint8_t bytes[20U]; libcrux_ml_kem_vector_portable_serialize_10_0d(coefficient, bytes); Eurydice_slice uu____0 = Eurydice_array_to_subslice2( @@ -6581,10 +6581,10 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - COMPRESSION_FACTOR= 10 - OUT_LEN= 320 */ -static KRML_MUSTINLINE void compress_then_serialize_ring_element_u_2e( +static KRML_MUSTINLINE void compress_then_serialize_ring_element_u_4e( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re, uint8_t ret[320U]) { uint8_t uu____0[320U]; - compress_then_serialize_10_88(re, uu____0); + compress_then_serialize_10_f3(re, uu____0); memcpy(ret, uu____0, (size_t)320U * sizeof(uint8_t)); } @@ -6600,7 +6600,7 @@ with const generics - COMPRESSION_FACTOR= 10 - BLOCK_LEN= 320 */ -static void compress_then_serialize_u_280( +static void compress_then_serialize_u_860( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 input[2U], Eurydice_slice out) { for (size_t i = (size_t)0U; @@ -6616,7 +6616,7 @@ static void compress_then_serialize_u_280( out, i0 * ((size_t)640U / (size_t)2U), (i0 + (size_t)1U) * ((size_t)640U / (size_t)2U), uint8_t); uint8_t ret[320U]; - compress_then_serialize_ring_element_u_2e(&re, ret); + compress_then_serialize_ring_element_u_4e(&re, ret); Eurydice_slice_copy( uu____0, Eurydice_array_to_slice((size_t)320U, ret, uint8_t), uint8_t); } @@ -6629,9 +6629,9 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - COMPRESSION_FACTOR= 4 - OUT_LEN= 128 */ -static KRML_MUSTINLINE void compress_then_serialize_ring_element_v_65( +static KRML_MUSTINLINE void compress_then_serialize_ring_element_v_80( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re, Eurydice_slice out) { - compress_then_serialize_4_80(re, out); + compress_then_serialize_4_97(re, out); } /** @@ -6652,24 +6652,24 @@ generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -static void encrypt_7b0(Eurydice_slice public_key, uint8_t message[32U], +static void encrypt_8c0(Eurydice_slice public_key, uint8_t message[32U], Eurydice_slice randomness, uint8_t ret[768U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 t_as_ntt[2U]; - deserialize_ring_elements_reduced_4f1( + deserialize_ring_elements_reduced_7e1( Eurydice_slice_subslice_to(public_key, (size_t)768U, uint8_t, size_t), t_as_ntt); Eurydice_slice seed = Eurydice_slice_subslice_from(public_key, (size_t)768U, uint8_t, size_t); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 A[2U][2U]; uint8_t ret0[34U]; - libcrux_ml_kem_utils_into_padded_array_6d1(seed, ret0); - sample_matrix_A_e70(ret0, false, A); + libcrux_ml_kem_utils_into_padded_array_421(seed, ret0); + sample_matrix_A_3c0(ret0, false, A); uint8_t prf_input[33U]; - libcrux_ml_kem_utils_into_padded_array_6d2(randomness, prf_input); + libcrux_ml_kem_utils_into_padded_array_422(randomness, prf_input); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_prf_input0[33U]; memcpy(copy_of_prf_input0, prf_input, (size_t)33U * sizeof(uint8_t)); - tuple_740 uu____1 = sample_vector_cbd_then_ntt_780(copy_of_prf_input0, 0U); + tuple_740 uu____1 = sample_vector_cbd_then_ntt_ce0(copy_of_prf_input0, 0U); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 r_as_ntt[2U]; memcpy( r_as_ntt, uu____1.fst, @@ -6679,7 +6679,7 @@ static void encrypt_7b0(Eurydice_slice public_key, uint8_t message[32U], uint8_t copy_of_prf_input[33U]; memcpy(copy_of_prf_input, prf_input, (size_t)33U * sizeof(uint8_t)); tuple_740 uu____3 = - sample_ring_element_cbd_a80(copy_of_prf_input, domain_separator0); + sample_ring_element_cbd_3a0(copy_of_prf_input, domain_separator0); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 error_1[2U]; memcpy( error_1, uu____3.fst, @@ -6687,31 +6687,31 @@ static void encrypt_7b0(Eurydice_slice public_key, uint8_t message[32U], uint8_t domain_separator = uu____3.snd; prf_input[32U] = domain_separator; uint8_t prf_output[128U]; - PRF_f1_2e2(Eurydice_array_to_slice((size_t)33U, prf_input, uint8_t), + PRF_f1_9d2(Eurydice_array_to_slice((size_t)33U, prf_input, uint8_t), prf_output); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 error_2 = - sample_from_binomial_distribution_ca( + sample_from_binomial_distribution_63( Eurydice_array_to_slice((size_t)128U, prf_output, uint8_t)); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 u[2U]; - compute_vector_u_930(A, r_as_ntt, error_1, u); + compute_vector_u_770(A, r_as_ntt, error_1, u); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_message[32U]; memcpy(copy_of_message, message, (size_t)32U * sizeof(uint8_t)); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 message_as_ring_element = - deserialize_then_decompress_message_f7(copy_of_message); + deserialize_then_decompress_message_94(copy_of_message); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 v = - compute_ring_element_v_540(t_as_ntt, r_as_ntt, &error_2, + compute_ring_element_v_fe0(t_as_ntt, r_as_ntt, &error_2, &message_as_ring_element); uint8_t ciphertext[768U] = {0U}; libcrux_ml_kem_polynomial_PolynomialRingElement_f0 uu____5[2U]; memcpy( uu____5, u, (size_t)2U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); - compress_then_serialize_u_280( + compress_then_serialize_u_860( uu____5, Eurydice_array_to_subslice2(ciphertext, (size_t)0U, (size_t)640U, uint8_t)); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 uu____6 = v; - compress_then_serialize_ring_element_v_65( + compress_then_serialize_ring_element_v_80( uu____6, Eurydice_array_to_subslice_from((size_t)768U, ciphertext, (size_t)640U, uint8_t, size_t)); memcpy(ret, ciphertext, (size_t)768U * sizeof(uint8_t)); @@ -6728,7 +6728,7 @@ with const generics - K= 2 - CIPHERTEXT_SIZE= 768 */ -static KRML_MUSTINLINE void kdf_d8_32(Eurydice_slice shared_secret, +static KRML_MUSTINLINE void kdf_d8_44(Eurydice_slice shared_secret, uint8_t ret[32U]) { uint8_t out[32U] = {0U}; Eurydice_slice_copy(Eurydice_array_to_slice((size_t)32U, out, uint8_t), @@ -6755,27 +6755,27 @@ libcrux_ml_kem_variant_MlKem with const generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -tuple_ec libcrux_ml_kem_ind_cca_encapsulate_eb0( +tuple_ec libcrux_ml_kem_ind_cca_encapsulate_f40( libcrux_ml_kem_types_MlKemPublicKey_be *public_key, uint8_t randomness[32U]) { uint8_t randomness0[32U]; - entropy_preprocess_d8_6c( + entropy_preprocess_d8_3c( Eurydice_array_to_slice((size_t)32U, randomness, uint8_t), randomness0); uint8_t to_hash[64U]; - libcrux_ml_kem_utils_into_padded_array_6d( + libcrux_ml_kem_utils_into_padded_array_42( Eurydice_array_to_slice((size_t)32U, randomness0, uint8_t), to_hash); Eurydice_slice uu____0 = Eurydice_array_to_subslice_from( (size_t)64U, to_hash, LIBCRUX_ML_KEM_CONSTANTS_H_DIGEST_SIZE, uint8_t, size_t); uint8_t ret[32U]; - H_f1_190(Eurydice_array_to_slice( - (size_t)800U, libcrux_ml_kem_types_as_slice_cb_3d(public_key), + H_f1_c60(Eurydice_array_to_slice( + (size_t)800U, libcrux_ml_kem_types_as_slice_cb_a9(public_key), uint8_t), ret); Eurydice_slice_copy( uu____0, Eurydice_array_to_slice((size_t)32U, ret, uint8_t), uint8_t); uint8_t hashed[64U]; - G_f1_380(Eurydice_array_to_slice((size_t)64U, to_hash, uint8_t), hashed); + G_f1_070(Eurydice_array_to_slice((size_t)64U, to_hash, uint8_t), hashed); Eurydice_slice_uint8_t_x2 uu____1 = Eurydice_slice_split_at( Eurydice_array_to_slice((size_t)64U, hashed, uint8_t), LIBCRUX_ML_KEM_CONSTANTS_SHARED_SECRET_SIZE, uint8_t, @@ -6783,19 +6783,19 @@ tuple_ec libcrux_ml_kem_ind_cca_encapsulate_eb0( Eurydice_slice shared_secret = uu____1.fst; Eurydice_slice pseudorandomness = uu____1.snd; Eurydice_slice uu____2 = Eurydice_array_to_slice( - (size_t)800U, libcrux_ml_kem_types_as_slice_cb_3d(public_key), uint8_t); + (size_t)800U, libcrux_ml_kem_types_as_slice_cb_a9(public_key), uint8_t); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness0, (size_t)32U * sizeof(uint8_t)); uint8_t ciphertext[768U]; - encrypt_7b0(uu____2, copy_of_randomness, pseudorandomness, ciphertext); + encrypt_8c0(uu____2, copy_of_randomness, pseudorandomness, ciphertext); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_ciphertext[768U]; memcpy(copy_of_ciphertext, ciphertext, (size_t)768U * sizeof(uint8_t)); libcrux_ml_kem_types_MlKemCiphertext_e8 ciphertext0 = - libcrux_ml_kem_types_from_01_33(copy_of_ciphertext); + libcrux_ml_kem_types_from_01_13(copy_of_ciphertext); uint8_t shared_secret_array[32U]; - kdf_d8_32(shared_secret, shared_secret_array); + kdf_d8_44(shared_secret, shared_secret_array); libcrux_ml_kem_types_MlKemCiphertext_e8 uu____5 = ciphertext0; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_shared_secret_array[32U]; @@ -6816,12 +6816,12 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 2 */ -static KRML_MUSTINLINE void deserialize_secret_key_7b0( +static KRML_MUSTINLINE void deserialize_secret_key_300( Eurydice_slice secret_key, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 ret[2U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 secret_as_ntt[2U]; KRML_MAYBE_FOR2(i, (size_t)0U, (size_t)2U, (size_t)1U, - secret_as_ntt[i] = ZERO_89_c3();); + secret_as_ntt[i] = ZERO_89_19();); for (size_t i = (size_t)0U; i < Eurydice_slice_len(secret_key, uint8_t) / LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT; @@ -6833,7 +6833,7 @@ static KRML_MUSTINLINE void deserialize_secret_key_7b0( LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT, uint8_t); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 uu____0 = - deserialize_to_uncompressed_ring_element_27(secret_bytes); + deserialize_to_uncompressed_ring_element_79(secret_bytes); secret_as_ntt[i0] = uu____0; } memcpy( @@ -6858,8 +6858,8 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - COMPRESSION_FACTOR= 10 */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -deserialize_then_decompress_ring_element_u_c2(Eurydice_slice serialized) { - return deserialize_then_decompress_10_50(serialized); +deserialize_then_decompress_ring_element_u_77(Eurydice_slice serialized) { + return deserialize_then_decompress_10_4c(serialized); } /** @@ -6868,17 +6868,17 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - VECTOR_U_COMPRESSION_FACTOR= 10 */ -static KRML_MUSTINLINE void ntt_vector_u_6f( +static KRML_MUSTINLINE void ntt_vector_u_34( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re) { size_t zeta_i = (size_t)0U; - ntt_at_layer_4_plus_8c(&zeta_i, re, (size_t)7U); - ntt_at_layer_4_plus_8c(&zeta_i, re, (size_t)6U); - ntt_at_layer_4_plus_8c(&zeta_i, re, (size_t)5U); - ntt_at_layer_4_plus_8c(&zeta_i, re, (size_t)4U); - ntt_at_layer_3_34(&zeta_i, re); - ntt_at_layer_2_26(&zeta_i, re); - ntt_at_layer_1_3c(&zeta_i, re); - poly_barrett_reduce_89_d8(re); + ntt_at_layer_4_plus_05(&zeta_i, re, (size_t)7U); + ntt_at_layer_4_plus_05(&zeta_i, re, (size_t)6U); + ntt_at_layer_4_plus_05(&zeta_i, re, (size_t)5U); + ntt_at_layer_4_plus_05(&zeta_i, re, (size_t)4U); + ntt_at_layer_3_38(&zeta_i, re); + ntt_at_layer_2_6d(&zeta_i, re); + ntt_at_layer_1_0b(&zeta_i, re); + poly_barrett_reduce_89_62(re); } /** @@ -6893,12 +6893,12 @@ with const generics - CIPHERTEXT_SIZE= 768 - U_COMPRESSION_FACTOR= 10 */ -static KRML_MUSTINLINE void deserialize_then_decompress_u_1a0( +static KRML_MUSTINLINE void deserialize_then_decompress_u_320( uint8_t *ciphertext, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 ret[2U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 u_as_ntt[2U]; KRML_MAYBE_FOR2(i, (size_t)0U, (size_t)2U, (size_t)1U, - u_as_ntt[i] = ZERO_89_c3();); + u_as_ntt[i] = ZERO_89_19();); for (size_t i = (size_t)0U; i < Eurydice_slice_len( Eurydice_array_to_slice((size_t)768U, ciphertext, uint8_t), @@ -6916,8 +6916,8 @@ static KRML_MUSTINLINE void deserialize_then_decompress_u_1a0( LIBCRUX_ML_KEM_CONSTANTS_COEFFICIENTS_IN_RING_ELEMENT * (size_t)10U / (size_t)8U, uint8_t); - u_as_ntt[i0] = deserialize_then_decompress_ring_element_u_c2(u_bytes); - ntt_vector_u_6f(&u_as_ntt[i0]); + u_as_ntt[i0] = deserialize_then_decompress_ring_element_u_77(u_bytes); + ntt_vector_u_34(&u_as_ntt[i0]); } memcpy( ret, u_as_ntt, @@ -6931,8 +6931,8 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - COMPRESSION_FACTOR= 4 */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -deserialize_then_decompress_ring_element_v_93(Eurydice_slice serialized) { - return deserialize_then_decompress_4_94(serialized); +deserialize_then_decompress_ring_element_v_0d(Eurydice_slice serialized) { + return deserialize_then_decompress_4_ad(serialized); } /** @@ -6948,17 +6948,17 @@ with const generics - K= 2 */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -compute_message_c90( +compute_message_290( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *v, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *secret_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *u_as_ntt) { - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 result = ZERO_89_c3(); + libcrux_ml_kem_polynomial_PolynomialRingElement_f0 result = ZERO_89_19(); KRML_MAYBE_FOR2(i, (size_t)0U, (size_t)2U, (size_t)1U, size_t i0 = i; libcrux_ml_kem_polynomial_PolynomialRingElement_f0 product = - ntt_multiply_89_3b(&secret_as_ntt[i0], &u_as_ntt[i0]); - add_to_ring_element_89_1e0(&result, &product);); - invert_ntt_montgomery_c90(&result); - result = subtract_reduce_89_61(v, result); + ntt_multiply_89_58(&secret_as_ntt[i0], &u_as_ntt[i0]); + add_to_ring_element_89_880(&result, &product);); + invert_ntt_montgomery_470(&result); + result = subtract_reduce_89_ee(v, result); return result; } @@ -6996,18 +6996,18 @@ with const generics - U_COMPRESSION_FACTOR= 10 - V_COMPRESSION_FACTOR= 4 */ -static void decrypt_unpacked_6b0(IndCpaPrivateKeyUnpacked_ae *secret_key, +static void decrypt_unpacked_3c0(IndCpaPrivateKeyUnpacked_ae *secret_key, uint8_t *ciphertext, uint8_t ret[32U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 u_as_ntt[2U]; - deserialize_then_decompress_u_1a0(ciphertext, u_as_ntt); + deserialize_then_decompress_u_320(ciphertext, u_as_ntt); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 v = - deserialize_then_decompress_ring_element_v_93( + deserialize_then_decompress_ring_element_v_0d( Eurydice_array_to_subslice_from((size_t)768U, ciphertext, (size_t)640U, uint8_t, size_t)); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 message = - compute_message_c90(&v, secret_key->secret_as_ntt, u_as_ntt); + compute_message_290(&v, secret_key->secret_as_ntt, u_as_ntt); uint8_t ret0[32U]; - compress_then_serialize_message_d4(message, ret0); + compress_then_serialize_message_62(message, ret0); memcpy(ret, ret0, (size_t)32U * sizeof(uint8_t)); } @@ -7021,10 +7021,10 @@ with const generics - U_COMPRESSION_FACTOR= 10 - V_COMPRESSION_FACTOR= 4 */ -static void decrypt_120(Eurydice_slice secret_key, uint8_t *ciphertext, +static void decrypt_d30(Eurydice_slice secret_key, uint8_t *ciphertext, uint8_t ret[32U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 secret_as_ntt[2U]; - deserialize_secret_key_7b0(secret_key, secret_as_ntt); + deserialize_secret_key_300(secret_key, secret_as_ntt); /* Passing arrays by value in Rust generates a copy in C */ libcrux_ml_kem_polynomial_PolynomialRingElement_f0 copy_of_secret_as_ntt[2U]; memcpy( @@ -7035,7 +7035,7 @@ static void decrypt_120(Eurydice_slice secret_key, uint8_t *ciphertext, secret_key_unpacked.secret_as_ntt, copy_of_secret_as_ntt, (size_t)2U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); uint8_t ret0[32U]; - decrypt_unpacked_6b0(&secret_key_unpacked, ciphertext, ret0); + decrypt_unpacked_3c0(&secret_key_unpacked, ciphertext, ret0); memcpy(ret, ret0, (size_t)32U * sizeof(uint8_t)); } @@ -7049,8 +7049,8 @@ with const generics - K= 2 - LEN= 32 */ -static KRML_MUSTINLINE void PRF_f1_2e1(Eurydice_slice input, uint8_t ret[32U]) { - PRF_7c(input, ret); +static KRML_MUSTINLINE void PRF_f1_9d1(Eurydice_slice input, uint8_t ret[32U]) { + PRF_44(input, ret); } /** @@ -7075,7 +7075,7 @@ libcrux_ml_kem_variant_MlKem with const generics - ETA2_RANDOMNESS_SIZE= 128 - IMPLICIT_REJECTION_HASH_INPUT_SIZE= 800 */ -void libcrux_ml_kem_ind_cca_decapsulate_1f0( +void libcrux_ml_kem_ind_cca_decapsulate_640( libcrux_ml_kem_types_MlKemPrivateKey_5e *private_key, libcrux_ml_kem_types_MlKemCiphertext_e8 *ciphertext, uint8_t ret[32U]) { Eurydice_slice_uint8_t_x2 uu____0 = Eurydice_slice_split_at( @@ -7093,9 +7093,9 @@ void libcrux_ml_kem_ind_cca_decapsulate_1f0( Eurydice_slice ind_cpa_public_key_hash = uu____2.fst; Eurydice_slice implicit_rejection_value = uu____2.snd; uint8_t decrypted[32U]; - decrypt_120(ind_cpa_secret_key, ciphertext->value, decrypted); + decrypt_d30(ind_cpa_secret_key, ciphertext->value, decrypted); uint8_t to_hash0[64U]; - libcrux_ml_kem_utils_into_padded_array_6d( + libcrux_ml_kem_utils_into_padded_array_42( Eurydice_array_to_slice((size_t)32U, decrypted, uint8_t), to_hash0); Eurydice_slice_copy( Eurydice_array_to_subslice_from( @@ -7103,7 +7103,7 @@ void libcrux_ml_kem_ind_cca_decapsulate_1f0( uint8_t, size_t), ind_cpa_public_key_hash, uint8_t); uint8_t hashed[64U]; - G_f1_380(Eurydice_array_to_slice((size_t)64U, to_hash0, uint8_t), hashed); + G_f1_070(Eurydice_array_to_slice((size_t)64U, to_hash0, uint8_t), hashed); Eurydice_slice_uint8_t_x2 uu____3 = Eurydice_slice_split_at( Eurydice_array_to_slice((size_t)64U, hashed, uint8_t), LIBCRUX_ML_KEM_CONSTANTS_SHARED_SECRET_SIZE, uint8_t, @@ -7111,31 +7111,31 @@ void libcrux_ml_kem_ind_cca_decapsulate_1f0( Eurydice_slice shared_secret0 = uu____3.fst; Eurydice_slice pseudorandomness = uu____3.snd; uint8_t to_hash[800U]; - libcrux_ml_kem_utils_into_padded_array_6d0(implicit_rejection_value, to_hash); + libcrux_ml_kem_utils_into_padded_array_420(implicit_rejection_value, to_hash); Eurydice_slice uu____4 = Eurydice_array_to_subslice_from( (size_t)800U, to_hash, LIBCRUX_ML_KEM_CONSTANTS_SHARED_SECRET_SIZE, uint8_t, size_t); - Eurydice_slice_copy(uu____4, libcrux_ml_kem_types_as_ref_00_d8(ciphertext), + Eurydice_slice_copy(uu____4, libcrux_ml_kem_types_as_ref_00_df(ciphertext), uint8_t); uint8_t implicit_rejection_shared_secret0[32U]; - PRF_f1_2e1(Eurydice_array_to_slice((size_t)800U, to_hash, uint8_t), + PRF_f1_9d1(Eurydice_array_to_slice((size_t)800U, to_hash, uint8_t), implicit_rejection_shared_secret0); Eurydice_slice uu____5 = ind_cpa_public_key; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_decrypted[32U]; memcpy(copy_of_decrypted, decrypted, (size_t)32U * sizeof(uint8_t)); uint8_t expected_ciphertext[768U]; - encrypt_7b0(uu____5, copy_of_decrypted, pseudorandomness, + encrypt_8c0(uu____5, copy_of_decrypted, pseudorandomness, expected_ciphertext); uint8_t implicit_rejection_shared_secret[32U]; - kdf_d8_32(Eurydice_array_to_slice((size_t)32U, + kdf_d8_44(Eurydice_array_to_slice((size_t)32U, implicit_rejection_shared_secret0, uint8_t), implicit_rejection_shared_secret); uint8_t shared_secret[32U]; - kdf_d8_32(shared_secret0, shared_secret); + kdf_d8_44(shared_secret0, shared_secret); uint8_t ret0[32U]; libcrux_ml_kem_constant_time_ops_compare_ciphertexts_select_shared_secret_in_constant_time( - libcrux_ml_kem_types_as_ref_00_d8(ciphertext), + libcrux_ml_kem_types_as_ref_00_df(ciphertext), Eurydice_array_to_slice((size_t)768U, expected_ciphertext, uint8_t), Eurydice_array_to_slice((size_t)32U, shared_secret, uint8_t), Eurydice_array_to_slice((size_t)32U, implicit_rejection_shared_secret, @@ -7157,12 +7157,12 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - PUBLIC_KEY_SIZE= 1184 - K= 3 */ -static KRML_MUSTINLINE void deserialize_ring_elements_reduced_4f0( +static KRML_MUSTINLINE void deserialize_ring_elements_reduced_7e0( Eurydice_slice public_key, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 ret[3U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 deserialized_pk[3U]; KRML_MAYBE_FOR3(i, (size_t)0U, (size_t)3U, (size_t)1U, - deserialized_pk[i] = ZERO_89_c3();); + deserialized_pk[i] = ZERO_89_19();); for (size_t i = (size_t)0U; i < Eurydice_slice_len(public_key, uint8_t) / LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT; @@ -7174,7 +7174,7 @@ static KRML_MUSTINLINE void deserialize_ring_elements_reduced_4f0( LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT, uint8_t); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 uu____0 = - deserialize_to_reduced_ring_element_45(ring_element); + deserialize_to_reduced_ring_element_3f(ring_element); deserialized_pk[i0] = uu____0; } memcpy( @@ -7192,7 +7192,7 @@ with const generics - K= 3 - OUT_LEN= 1152 */ -static KRML_MUSTINLINE void serialize_secret_key_a3( +static KRML_MUSTINLINE void serialize_secret_key_6c( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *key, uint8_t ret[1152U]) { uint8_t out[1152U] = {0U}; @@ -7210,7 +7210,7 @@ static KRML_MUSTINLINE void serialize_secret_key_a3( (i0 + (size_t)1U) * LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT, uint8_t); uint8_t ret0[384U]; - serialize_uncompressed_ring_element_3c(&re, ret0); + serialize_uncompressed_ring_element_47(&re, ret0); Eurydice_slice_copy( uu____0, Eurydice_array_to_slice((size_t)384U, ret0, uint8_t), uint8_t); } @@ -7228,14 +7228,14 @@ with const generics - RANKED_BYTES_PER_RING_ELEMENT= 1152 - PUBLIC_KEY_SIZE= 1184 */ -static KRML_MUSTINLINE void serialize_public_key_67( +static KRML_MUSTINLINE void serialize_public_key_5d( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *t_as_ntt, Eurydice_slice seed_for_a, uint8_t ret[1184U]) { uint8_t public_key_serialized[1184U] = {0U}; Eurydice_slice uu____0 = Eurydice_array_to_subslice2( public_key_serialized, (size_t)0U, (size_t)1152U, uint8_t); uint8_t ret0[1152U]; - serialize_secret_key_a3(t_as_ntt, ret0); + serialize_secret_key_6c(t_as_ntt, ret0); Eurydice_slice_copy( uu____0, Eurydice_array_to_slice((size_t)1152U, ret0, uint8_t), uint8_t); Eurydice_slice_copy( @@ -7260,15 +7260,15 @@ with const generics - RANKED_BYTES_PER_RING_ELEMENT= 1152 - PUBLIC_KEY_SIZE= 1184 */ -bool libcrux_ml_kem_ind_cca_validate_public_key_b7(uint8_t *public_key) { +bool libcrux_ml_kem_ind_cca_validate_public_key_7b(uint8_t *public_key) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 deserialized_pk[3U]; - deserialize_ring_elements_reduced_4f0( + deserialize_ring_elements_reduced_7e0( Eurydice_array_to_subslice_to((size_t)1184U, public_key, (size_t)1152U, uint8_t, size_t), deserialized_pk); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *uu____0 = deserialized_pk; uint8_t public_key_serialized[1184U]; - serialize_public_key_67( + serialize_public_key_5d( uu____0, Eurydice_array_to_subslice_from((size_t)1184U, public_key, (size_t)1152U, uint8_t, size_t), @@ -7286,7 +7286,7 @@ A monomorphic instance of libcrux_ml_kem.hash_functions.portable.H_f1 with const generics - K= 3 */ -static KRML_MUSTINLINE void H_f1_19(Eurydice_slice input, uint8_t ret[32U]) { +static KRML_MUSTINLINE void H_f1_c6(Eurydice_slice input, uint8_t ret[32U]) { libcrux_ml_kem_hash_functions_portable_H(input, ret); } @@ -7305,11 +7305,11 @@ with const generics - SECRET_KEY_SIZE= 2400 - CIPHERTEXT_SIZE= 1088 */ -bool libcrux_ml_kem_ind_cca_validate_private_key_05( +bool libcrux_ml_kem_ind_cca_validate_private_key_c7( libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *_ciphertext) { uint8_t t[32U]; - H_f1_19(Eurydice_array_to_subslice2( + H_f1_c6(Eurydice_array_to_subslice2( private_key->value, (size_t)384U * (size_t)3U, (size_t)768U * (size_t)3U + (size_t)32U, uint8_t), t); @@ -7329,7 +7329,7 @@ A monomorphic instance of libcrux_ml_kem.hash_functions.portable.G_f1 with const generics - K= 3 */ -static KRML_MUSTINLINE void G_f1_38(Eurydice_slice input, uint8_t ret[64U]) { +static KRML_MUSTINLINE void G_f1_07(Eurydice_slice input, uint8_t ret[64U]) { libcrux_ml_kem_hash_functions_portable_G(input, ret); } @@ -7343,7 +7343,7 @@ with types libcrux_ml_kem_hash_functions_portable_PortableHash[[$3size_t]] with const generics - K= 3 */ -static KRML_MUSTINLINE void cpa_keygen_seed_d8_b0( +static KRML_MUSTINLINE void cpa_keygen_seed_d8_0a( Eurydice_slice key_generation_seed, uint8_t ret[64U]) { uint8_t seed[33U] = {0U}; Eurydice_slice_copy( @@ -7354,7 +7354,7 @@ static KRML_MUSTINLINE void cpa_keygen_seed_d8_b0( seed[LIBCRUX_ML_KEM_CONSTANTS_CPA_PKE_KEY_GENERATION_SEED_SIZE] = (uint8_t)(size_t)3U; uint8_t ret0[64U]; - G_f1_38(Eurydice_array_to_slice((size_t)33U, seed, uint8_t), ret0); + G_f1_07(Eurydice_array_to_slice((size_t)33U, seed, uint8_t), ret0); memcpy(ret, ret0, (size_t)64U * sizeof(uint8_t)); } @@ -7365,10 +7365,10 @@ libcrux_ml_kem_hash_functions_portable_PortableHash[[$3size_t]] with const generics - K= 3 */ -static void closure_fc( +static void closure_8e( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 ret[3U]) { KRML_MAYBE_FOR3(i, (size_t)0U, (size_t)3U, (size_t)1U, - ret[i] = ZERO_89_c3();); + ret[i] = ZERO_89_19();); } /** @@ -7386,7 +7386,7 @@ libcrux_ml_kem.hash_functions.portable.shake128_init_absorb with const generics - K= 3 */ static KRML_MUSTINLINE PortableHash_58 -shake128_init_absorb_79(uint8_t input[3U][34U]) { +shake128_init_absorb_37(uint8_t input[3U][34U]) { libcrux_sha3_generic_keccak_KeccakState_48 shake128_state[3U]; KRML_MAYBE_FOR3( i, (size_t)0U, (size_t)3U, (size_t)1U, @@ -7417,11 +7417,11 @@ generics - K= 3 */ static KRML_MUSTINLINE PortableHash_58 -shake128_init_absorb_f1_77(uint8_t input[3U][34U]) { +shake128_init_absorb_f1_17(uint8_t input[3U][34U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_input[3U][34U]; memcpy(copy_of_input, input, (size_t)3U * sizeof(uint8_t[34U])); - return shake128_init_absorb_79(copy_of_input); + return shake128_init_absorb_37(copy_of_input); } /** @@ -7430,7 +7430,7 @@ libcrux_ml_kem.hash_functions.portable.shake128_squeeze_three_blocks with const generics - K= 3 */ -static KRML_MUSTINLINE void shake128_squeeze_three_blocks_eb( +static KRML_MUSTINLINE void shake128_squeeze_three_blocks_72( PortableHash_58 *st, uint8_t ret[3U][504U]) { uint8_t out[3U][504U] = {{0U}}; KRML_MAYBE_FOR3( @@ -7451,9 +7451,9 @@ libcrux_ml_kem.hash_functions.portable.shake128_squeeze_three_blocks_f1 with const generics - K= 3 */ -static KRML_MUSTINLINE void shake128_squeeze_three_blocks_f1_84( +static KRML_MUSTINLINE void shake128_squeeze_three_blocks_f1_75( PortableHash_58 *self, uint8_t ret[3U][504U]) { - shake128_squeeze_three_blocks_eb(self, ret); + shake128_squeeze_three_blocks_72(self, ret); } /** @@ -7504,7 +7504,7 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 3 - N= 504 */ -static KRML_MUSTINLINE bool sample_from_uniform_distribution_next_17( +static KRML_MUSTINLINE bool sample_from_uniform_distribution_next_9b( uint8_t randomness[3U][504U], size_t *sampled_coefficients, int16_t (*out)[272U]) { KRML_MAYBE_FOR3( @@ -7542,7 +7542,7 @@ libcrux_ml_kem.hash_functions.portable.shake128_squeeze_block with const generics - K= 3 */ -static KRML_MUSTINLINE void shake128_squeeze_block_3b(PortableHash_58 *st, +static KRML_MUSTINLINE void shake128_squeeze_block_e6(PortableHash_58 *st, uint8_t ret[3U][168U]) { uint8_t out[3U][168U] = {{0U}}; KRML_MAYBE_FOR3( @@ -7563,9 +7563,9 @@ libcrux_ml_kem.hash_functions.portable.shake128_squeeze_block_f1 with const generics - K= 3 */ -static KRML_MUSTINLINE void shake128_squeeze_block_f1_8e( +static KRML_MUSTINLINE void shake128_squeeze_block_f1_48( PortableHash_58 *self, uint8_t ret[3U][168U]) { - shake128_squeeze_block_3b(self, ret); + shake128_squeeze_block_e6(self, ret); } /** @@ -7616,7 +7616,7 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 3 - N= 168 */ -static KRML_MUSTINLINE bool sample_from_uniform_distribution_next_170( +static KRML_MUSTINLINE bool sample_from_uniform_distribution_next_9b0( uint8_t randomness[3U][168U], size_t *sampled_coefficients, int16_t (*out)[272U]) { KRML_MAYBE_FOR3( @@ -7655,9 +7655,9 @@ libcrux_ml_kem_hash_functions_portable_PortableHash[[$3size_t]] with const generics - K= 3 */ -static libcrux_ml_kem_polynomial_PolynomialRingElement_f0 closure_e4( +static libcrux_ml_kem_polynomial_PolynomialRingElement_f0 closure_97( int16_t s[272U]) { - return from_i16_array_89_33( + return from_i16_array_89_4e( Eurydice_array_to_subslice2(s, (size_t)0U, (size_t)256U, int16_t)); } @@ -7668,7 +7668,7 @@ libcrux_ml_kem_hash_functions_portable_PortableHash[[$3size_t]] with const generics - K= 3 */ -static KRML_MUSTINLINE void sample_from_xof_46( +static KRML_MUSTINLINE void sample_from_xof_2f( uint8_t seeds[3U][34U], libcrux_ml_kem_polynomial_PolynomialRingElement_f0 ret[3U]) { size_t sampled_coefficients[3U] = {0U}; @@ -7676,25 +7676,25 @@ static KRML_MUSTINLINE void sample_from_xof_46( /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_seeds[3U][34U]; memcpy(copy_of_seeds, seeds, (size_t)3U * sizeof(uint8_t[34U])); - PortableHash_58 xof_state = shake128_init_absorb_f1_77(copy_of_seeds); + PortableHash_58 xof_state = shake128_init_absorb_f1_17(copy_of_seeds); uint8_t randomness0[3U][504U]; - shake128_squeeze_three_blocks_f1_84(&xof_state, randomness0); + shake128_squeeze_three_blocks_f1_75(&xof_state, randomness0); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness0[3U][504U]; memcpy(copy_of_randomness0, randomness0, (size_t)3U * sizeof(uint8_t[504U])); - bool done = sample_from_uniform_distribution_next_17( + bool done = sample_from_uniform_distribution_next_9b( copy_of_randomness0, sampled_coefficients, out); while (true) { if (done) { break; } else { uint8_t randomness[3U][168U]; - shake128_squeeze_block_f1_8e(&xof_state, randomness); + shake128_squeeze_block_f1_48(&xof_state, randomness); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[3U][168U]; memcpy(copy_of_randomness, randomness, (size_t)3U * sizeof(uint8_t[168U])); - done = sample_from_uniform_distribution_next_170( + done = sample_from_uniform_distribution_next_9b0( copy_of_randomness, sampled_coefficients, out); } } @@ -7703,7 +7703,7 @@ static KRML_MUSTINLINE void sample_from_xof_46( memcpy(copy_of_out, out, (size_t)3U * sizeof(int16_t[272U])); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 ret0[3U]; KRML_MAYBE_FOR3(i, (size_t)0U, (size_t)3U, (size_t)1U, - ret0[i] = closure_e4(copy_of_out[i]);); + ret0[i] = closure_97(copy_of_out[i]);); memcpy( ret, ret0, (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); @@ -7716,12 +7716,12 @@ libcrux_ml_kem_hash_functions_portable_PortableHash[[$3size_t]] with const generics - K= 3 */ -static KRML_MUSTINLINE void sample_matrix_A_e7( +static KRML_MUSTINLINE void sample_matrix_A_3c( uint8_t seed[34U], bool transpose, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 ret[3U][3U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 A_transpose[3U][3U]; KRML_MAYBE_FOR3(i, (size_t)0U, (size_t)3U, (size_t)1U, - closure_fc(A_transpose[i]);); + closure_8e(A_transpose[i]);); KRML_MAYBE_FOR3( i0, (size_t)0U, (size_t)3U, (size_t)1U, size_t i1 = i0; /* Passing arrays by value in Rust generates a copy in C */ @@ -7736,7 +7736,7 @@ static KRML_MUSTINLINE void sample_matrix_A_e7( uint8_t copy_of_seeds[3U][34U]; memcpy(copy_of_seeds, seeds, (size_t)3U * sizeof(uint8_t[34U])); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 sampled[3U]; - sample_from_xof_46(copy_of_seeds, sampled); + sample_from_xof_2f(copy_of_seeds, sampled); for (size_t i = (size_t)0U; i < Eurydice_slice_len( Eurydice_array_to_slice( @@ -7776,7 +7776,7 @@ with const generics - K= 3 - LEN= 128 */ -static KRML_MUSTINLINE void PRFxN_1c(uint8_t (*input)[33U], +static KRML_MUSTINLINE void PRFxN_d5(uint8_t (*input)[33U], uint8_t ret[3U][128U]) { uint8_t out[3U][128U] = {{0U}}; KRML_MAYBE_FOR3( @@ -7797,9 +7797,9 @@ with const generics - K= 3 - LEN= 128 */ -static KRML_MUSTINLINE void PRFxN_f1_d5(uint8_t (*input)[33U], +static KRML_MUSTINLINE void PRFxN_f1_9f(uint8_t (*input)[33U], uint8_t ret[3U][128U]) { - PRFxN_1c(input, ret); + PRFxN_d5(input, ret); } /** @@ -7815,11 +7815,11 @@ generics - ETA= 2 - ETA_RANDOMNESS_SIZE= 128 */ -static KRML_MUSTINLINE tuple_b0 sample_vector_cbd_then_ntt_78( +static KRML_MUSTINLINE tuple_b0 sample_vector_cbd_then_ntt_ce( uint8_t prf_input[33U], uint8_t domain_separator) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re_as_ntt[3U]; KRML_MAYBE_FOR3(i, (size_t)0U, (size_t)3U, (size_t)1U, - re_as_ntt[i] = ZERO_89_c3();); + re_as_ntt[i] = ZERO_89_19();); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_prf_input[33U]; memcpy(copy_of_prf_input, prf_input, (size_t)33U * sizeof(uint8_t)); @@ -7831,12 +7831,12 @@ static KRML_MUSTINLINE tuple_b0 sample_vector_cbd_then_ntt_78( prf_inputs[i0][32U] = domain_separator; domain_separator = (uint32_t)domain_separator + 1U;); uint8_t prf_outputs[3U][128U]; - PRFxN_f1_d5(prf_inputs, prf_outputs); + PRFxN_f1_9f(prf_inputs, prf_outputs); KRML_MAYBE_FOR3( i, (size_t)0U, (size_t)3U, (size_t)1U, size_t i0 = i; - re_as_ntt[i0] = sample_from_binomial_distribution_ca( + re_as_ntt[i0] = sample_from_binomial_distribution_63( Eurydice_array_to_slice((size_t)128U, prf_outputs[i0], uint8_t)); - ntt_binomially_sampled_ring_element_63(&re_as_ntt[i0]);); + ntt_binomially_sampled_ring_element_c4(&re_as_ntt[i0]);); /* Passing arrays by value in Rust generates a copy in C */ libcrux_ml_kem_polynomial_PolynomialRingElement_f0 copy_of_re_as_ntt[3U]; memcpy( @@ -7864,7 +7864,7 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 3 */ -static KRML_MUSTINLINE void add_to_ring_element_89_1e( +static KRML_MUSTINLINE void add_to_ring_element_89_88( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *self, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *rhs) { for (size_t i = (size_t)0U; @@ -7891,14 +7891,14 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 3 */ -static KRML_MUSTINLINE void compute_As_plus_e_c7( +static KRML_MUSTINLINE void compute_As_plus_e_c8( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 (*matrix_A)[3U], libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *s_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *error_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 ret[3U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 result[3U]; KRML_MAYBE_FOR3(i, (size_t)0U, (size_t)3U, (size_t)1U, - result[i] = ZERO_89_c3();); + result[i] = ZERO_89_19();); for (size_t i0 = (size_t)0U; i0 < Eurydice_slice_len( Eurydice_array_to_slice( @@ -7919,10 +7919,10 @@ static KRML_MUSTINLINE void compute_As_plus_e_c7( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *matrix_element = &row[j]; libcrux_ml_kem_polynomial_PolynomialRingElement_f0 product = - ntt_multiply_89_3b(matrix_element, &s_as_ntt[j]); - add_to_ring_element_89_1e(&result[i1], &product); + ntt_multiply_89_58(matrix_element, &s_as_ntt[j]); + add_to_ring_element_89_88(&result[i1], &product); } - add_standard_error_reduce_89_64(&result[i1], &error_as_ntt[i1]); + add_standard_error_reduce_89_82(&result[i1], &error_as_ntt[i1]); } memcpy( ret, result, @@ -7941,10 +7941,10 @@ libcrux_ml_kem_variant_MlKem with const generics - ETA1= 2 - ETA1_RANDOMNESS_SIZE= 128 */ -static libcrux_ml_kem_utils_extraction_helper_Keypair768 generate_keypair_a2( +static libcrux_ml_kem_utils_extraction_helper_Keypair768 generate_keypair_02( Eurydice_slice key_generation_seed) { uint8_t hashed[64U]; - cpa_keygen_seed_d8_b0(key_generation_seed, hashed); + cpa_keygen_seed_d8_0a(key_generation_seed, hashed); Eurydice_slice_uint8_t_x2 uu____0 = Eurydice_slice_split_at( Eurydice_array_to_slice((size_t)64U, hashed, uint8_t), (size_t)32U, uint8_t, Eurydice_slice_uint8_t_x2); @@ -7952,15 +7952,15 @@ static libcrux_ml_kem_utils_extraction_helper_Keypair768 generate_keypair_a2( Eurydice_slice seed_for_secret_and_error = uu____0.snd; libcrux_ml_kem_polynomial_PolynomialRingElement_f0 A_transpose[3U][3U]; uint8_t ret[34U]; - libcrux_ml_kem_utils_into_padded_array_6d1(seed_for_A0, ret); - sample_matrix_A_e7(ret, true, A_transpose); + libcrux_ml_kem_utils_into_padded_array_421(seed_for_A0, ret); + sample_matrix_A_3c(ret, true, A_transpose); uint8_t prf_input[33U]; - libcrux_ml_kem_utils_into_padded_array_6d2(seed_for_secret_and_error, + libcrux_ml_kem_utils_into_padded_array_422(seed_for_secret_and_error, prf_input); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_prf_input0[33U]; memcpy(copy_of_prf_input0, prf_input, (size_t)33U * sizeof(uint8_t)); - tuple_b0 uu____2 = sample_vector_cbd_then_ntt_78(copy_of_prf_input0, 0U); + tuple_b0 uu____2 = sample_vector_cbd_then_ntt_ce(copy_of_prf_input0, 0U); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 secret_as_ntt[3U]; memcpy( secret_as_ntt, uu____2.fst, @@ -7972,20 +7972,20 @@ static libcrux_ml_kem_utils_extraction_helper_Keypair768 generate_keypair_a2( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 error_as_ntt[3U]; memcpy( error_as_ntt, - sample_vector_cbd_then_ntt_78(copy_of_prf_input, domain_separator).fst, + sample_vector_cbd_then_ntt_ce(copy_of_prf_input, domain_separator).fst, (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 t_as_ntt[3U]; - compute_As_plus_e_c7(A_transpose, secret_as_ntt, error_as_ntt, t_as_ntt); + compute_As_plus_e_c8(A_transpose, secret_as_ntt, error_as_ntt, t_as_ntt); uint8_t seed_for_A[32U]; core_result_Result_00 dst; Eurydice_slice_to_array2(&dst, seed_for_A0, Eurydice_slice, uint8_t[32U]); core_result_unwrap_41_33(dst, seed_for_A); uint8_t public_key_serialized[1184U]; - serialize_public_key_67( + serialize_public_key_5d( t_as_ntt, Eurydice_array_to_slice((size_t)32U, seed_for_A, uint8_t), public_key_serialized); uint8_t secret_key_serialized[1152U]; - serialize_secret_key_a3(secret_as_ntt, secret_key_serialized); + serialize_secret_key_6c(secret_as_ntt, secret_key_serialized); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_secret_key_serialized[1152U]; memcpy(copy_of_secret_key_serialized, secret_key_serialized, @@ -8012,7 +8012,7 @@ with const generics - K= 3 - SERIALIZED_KEY_LEN= 2400 */ -static KRML_MUSTINLINE void serialize_kem_secret_key_5d( +static KRML_MUSTINLINE void serialize_kem_secret_key_5a( Eurydice_slice private_key, Eurydice_slice public_key, Eurydice_slice implicit_rejection_value, uint8_t ret[2400U]) { uint8_t out[2400U] = {0U}; @@ -8038,7 +8038,7 @@ static KRML_MUSTINLINE void serialize_kem_secret_key_5d( Eurydice_slice uu____6 = Eurydice_array_to_subslice2( out, pointer, pointer + LIBCRUX_ML_KEM_CONSTANTS_H_DIGEST_SIZE, uint8_t); uint8_t ret0[32U]; - H_f1_19(public_key, ret0); + H_f1_c6(public_key, ret0); Eurydice_slice_copy( uu____6, Eurydice_array_to_slice((size_t)32U, ret0, uint8_t), uint8_t); pointer = pointer + LIBCRUX_ML_KEM_CONSTANTS_H_DIGEST_SIZE; @@ -8076,7 +8076,7 @@ libcrux_ml_kem_variant_MlKem with const generics - ETA1_RANDOMNESS_SIZE= 128 */ libcrux_ml_kem_mlkem768_MlKem768KeyPair -libcrux_ml_kem_ind_cca_generate_keypair_f6(uint8_t randomness[64U]) { +libcrux_ml_kem_ind_cca_generate_keypair_d4(uint8_t randomness[64U]) { Eurydice_slice ind_cpa_keypair_randomness = Eurydice_array_to_subslice2( randomness, (size_t)0U, LIBCRUX_ML_KEM_CONSTANTS_CPA_PKE_KEY_GENERATION_SEED_SIZE, uint8_t); @@ -8085,13 +8085,13 @@ libcrux_ml_kem_ind_cca_generate_keypair_f6(uint8_t randomness[64U]) { LIBCRUX_ML_KEM_CONSTANTS_CPA_PKE_KEY_GENERATION_SEED_SIZE, uint8_t, size_t); libcrux_ml_kem_utils_extraction_helper_Keypair768 uu____0 = - generate_keypair_a2(ind_cpa_keypair_randomness); + generate_keypair_02(ind_cpa_keypair_randomness); uint8_t ind_cpa_private_key[1152U]; memcpy(ind_cpa_private_key, uu____0.fst, (size_t)1152U * sizeof(uint8_t)); uint8_t public_key[1184U]; memcpy(public_key, uu____0.snd, (size_t)1184U * sizeof(uint8_t)); uint8_t secret_key_serialized[2400U]; - serialize_kem_secret_key_5d( + serialize_kem_secret_key_5a( Eurydice_array_to_slice((size_t)1152U, ind_cpa_private_key, uint8_t), Eurydice_array_to_slice((size_t)1184U, public_key, uint8_t), implicit_rejection_value, secret_key_serialized); @@ -8100,13 +8100,13 @@ libcrux_ml_kem_ind_cca_generate_keypair_f6(uint8_t randomness[64U]) { memcpy(copy_of_secret_key_serialized, secret_key_serialized, (size_t)2400U * sizeof(uint8_t)); libcrux_ml_kem_types_MlKemPrivateKey_55 private_key = - libcrux_ml_kem_types_from_05_890(copy_of_secret_key_serialized); + libcrux_ml_kem_types_from_05_9d0(copy_of_secret_key_serialized); libcrux_ml_kem_types_MlKemPrivateKey_55 uu____2 = private_key; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_public_key[1184U]; memcpy(copy_of_public_key, public_key, (size_t)1184U * sizeof(uint8_t)); - return libcrux_ml_kem_types_from_17_820( - uu____2, libcrux_ml_kem_types_from_b6_960(copy_of_public_key)); + return libcrux_ml_kem_types_from_17_f60( + uu____2, libcrux_ml_kem_types_from_b6_8c0(copy_of_public_key)); } /** @@ -8119,7 +8119,7 @@ with types libcrux_ml_kem_hash_functions_portable_PortableHash[[$3size_t]] with const generics - K= 3 */ -static KRML_MUSTINLINE void entropy_preprocess_d8_9f(Eurydice_slice randomness, +static KRML_MUSTINLINE void entropy_preprocess_d8_2b(Eurydice_slice randomness, uint8_t ret[32U]) { uint8_t out[32U] = {0U}; Eurydice_slice_copy(Eurydice_array_to_slice((size_t)32U, out, uint8_t), @@ -8140,12 +8140,12 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - PUBLIC_KEY_SIZE= 1152 - K= 3 */ -static KRML_MUSTINLINE void deserialize_ring_elements_reduced_4f( +static KRML_MUSTINLINE void deserialize_ring_elements_reduced_7e( Eurydice_slice public_key, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 ret[3U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 deserialized_pk[3U]; KRML_MAYBE_FOR3(i, (size_t)0U, (size_t)3U, (size_t)1U, - deserialized_pk[i] = ZERO_89_c3();); + deserialized_pk[i] = ZERO_89_19();); for (size_t i = (size_t)0U; i < Eurydice_slice_len(public_key, uint8_t) / LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT; @@ -8157,7 +8157,7 @@ static KRML_MUSTINLINE void deserialize_ring_elements_reduced_4f( LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT, uint8_t); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 uu____0 = - deserialize_to_reduced_ring_element_45(ring_element); + deserialize_to_reduced_ring_element_3f(ring_element); deserialized_pk[i0] = uu____0; } memcpy( @@ -8178,10 +8178,10 @@ generics - ETA2= 2 */ static KRML_MUSTINLINE tuple_b0 -sample_ring_element_cbd_a8(uint8_t prf_input[33U], uint8_t domain_separator) { +sample_ring_element_cbd_3a(uint8_t prf_input[33U], uint8_t domain_separator) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 error_1[3U]; KRML_MAYBE_FOR3(i, (size_t)0U, (size_t)3U, (size_t)1U, - error_1[i] = ZERO_89_c3();); + error_1[i] = ZERO_89_19();); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_prf_input[33U]; memcpy(copy_of_prf_input, prf_input, (size_t)33U * sizeof(uint8_t)); @@ -8193,11 +8193,11 @@ sample_ring_element_cbd_a8(uint8_t prf_input[33U], uint8_t domain_separator) { prf_inputs[i0][32U] = domain_separator; domain_separator = (uint32_t)domain_separator + 1U;); uint8_t prf_outputs[3U][128U]; - PRFxN_f1_d5(prf_inputs, prf_outputs); + PRFxN_f1_9f(prf_inputs, prf_outputs); KRML_MAYBE_FOR3( i, (size_t)0U, (size_t)3U, (size_t)1U, size_t i0 = i; libcrux_ml_kem_polynomial_PolynomialRingElement_f0 uu____1 = - sample_from_binomial_distribution_ca( + sample_from_binomial_distribution_63( Eurydice_array_to_slice((size_t)128U, prf_outputs[i0], uint8_t)); error_1[i0] = uu____1;); /* Passing arrays by value in Rust generates a copy in C */ @@ -8223,9 +8223,9 @@ with const generics - K= 3 - LEN= 128 */ -static KRML_MUSTINLINE void PRF_f1_2e0(Eurydice_slice input, +static KRML_MUSTINLINE void PRF_f1_9d0(Eurydice_slice input, uint8_t ret[128U]) { - PRF_7c0(input, ret); + PRF_440(input, ret); } /** @@ -8234,18 +8234,18 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 3 */ -static KRML_MUSTINLINE void invert_ntt_montgomery_c9( +static KRML_MUSTINLINE void invert_ntt_montgomery_47( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re) { size_t zeta_i = LIBCRUX_ML_KEM_CONSTANTS_COEFFICIENTS_IN_RING_ELEMENT / (size_t)2U; - invert_ntt_at_layer_1_4b(&zeta_i, re); - invert_ntt_at_layer_2_2b(&zeta_i, re); - invert_ntt_at_layer_3_97(&zeta_i, re); - invert_ntt_at_layer_4_plus_04(&zeta_i, re, (size_t)4U); - invert_ntt_at_layer_4_plus_04(&zeta_i, re, (size_t)5U); - invert_ntt_at_layer_4_plus_04(&zeta_i, re, (size_t)6U); - invert_ntt_at_layer_4_plus_04(&zeta_i, re, (size_t)7U); - poly_barrett_reduce_89_d8(re); + invert_ntt_at_layer_1_ca(&zeta_i, re); + invert_ntt_at_layer_2_06(&zeta_i, re); + invert_ntt_at_layer_3_0d(&zeta_i, re); + invert_ntt_at_layer_4_plus_07(&zeta_i, re, (size_t)4U); + invert_ntt_at_layer_4_plus_07(&zeta_i, re, (size_t)5U); + invert_ntt_at_layer_4_plus_07(&zeta_i, re, (size_t)6U); + invert_ntt_at_layer_4_plus_07(&zeta_i, re, (size_t)7U); + poly_barrett_reduce_89_62(re); } /** @@ -8257,14 +8257,14 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 3 */ -static KRML_MUSTINLINE void compute_vector_u_93( +static KRML_MUSTINLINE void compute_vector_u_77( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 (*a_as_ntt)[3U], libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *r_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *error_1, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 ret[3U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 result[3U]; KRML_MAYBE_FOR3(i, (size_t)0U, (size_t)3U, (size_t)1U, - result[i] = ZERO_89_c3();); + result[i] = ZERO_89_19();); for (size_t i0 = (size_t)0U; i0 < Eurydice_slice_len( Eurydice_array_to_slice( @@ -8284,11 +8284,11 @@ static KRML_MUSTINLINE void compute_vector_u_93( size_t j = i; libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *a_element = &row[j]; libcrux_ml_kem_polynomial_PolynomialRingElement_f0 product = - ntt_multiply_89_3b(a_element, &r_as_ntt[j]); - add_to_ring_element_89_1e(&result[i1], &product); + ntt_multiply_89_58(a_element, &r_as_ntt[j]); + add_to_ring_element_89_88(&result[i1], &product); } - invert_ntt_montgomery_c9(&result[i1]); - add_error_reduce_89_5d(&result[i1], &error_1[i1]); + invert_ntt_montgomery_47(&result[i1]); + add_error_reduce_89_20(&result[i1], &error_1[i1]); } memcpy( ret, result, @@ -8305,18 +8305,18 @@ with const generics - K= 3 */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -compute_ring_element_v_54( +compute_ring_element_v_fe( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *t_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *r_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *error_2, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *message) { - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 result = ZERO_89_c3(); + libcrux_ml_kem_polynomial_PolynomialRingElement_f0 result = ZERO_89_19(); KRML_MAYBE_FOR3(i, (size_t)0U, (size_t)3U, (size_t)1U, size_t i0 = i; libcrux_ml_kem_polynomial_PolynomialRingElement_f0 product = - ntt_multiply_89_3b(&t_as_ntt[i0], &r_as_ntt[i0]); - add_to_ring_element_89_1e(&result, &product);); - invert_ntt_montgomery_c9(&result); - result = add_message_error_reduce_89_c4(error_2, message, result); + ntt_multiply_89_58(&t_as_ntt[i0], &r_as_ntt[i0]); + add_to_ring_element_89_88(&result, &product);); + invert_ntt_montgomery_47(&result); + result = add_message_error_reduce_89_57(error_2, message, result); return result; } @@ -8332,7 +8332,7 @@ with const generics - COMPRESSION_FACTOR= 10 - BLOCK_LEN= 320 */ -static void compress_then_serialize_u_28( +static void compress_then_serialize_u_86( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 input[3U], Eurydice_slice out) { for (size_t i = (size_t)0U; @@ -8348,7 +8348,7 @@ static void compress_then_serialize_u_28( out, i0 * ((size_t)960U / (size_t)3U), (i0 + (size_t)1U) * ((size_t)960U / (size_t)3U), uint8_t); uint8_t ret[320U]; - compress_then_serialize_ring_element_u_2e(&re, ret); + compress_then_serialize_ring_element_u_4e(&re, ret); Eurydice_slice_copy( uu____0, Eurydice_array_to_slice((size_t)320U, ret, uint8_t), uint8_t); } @@ -8372,24 +8372,24 @@ generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -static void encrypt_7b(Eurydice_slice public_key, uint8_t message[32U], +static void encrypt_8c(Eurydice_slice public_key, uint8_t message[32U], Eurydice_slice randomness, uint8_t ret[1088U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 t_as_ntt[3U]; - deserialize_ring_elements_reduced_4f( + deserialize_ring_elements_reduced_7e( Eurydice_slice_subslice_to(public_key, (size_t)1152U, uint8_t, size_t), t_as_ntt); Eurydice_slice seed = Eurydice_slice_subslice_from(public_key, (size_t)1152U, uint8_t, size_t); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 A[3U][3U]; uint8_t ret0[34U]; - libcrux_ml_kem_utils_into_padded_array_6d1(seed, ret0); - sample_matrix_A_e7(ret0, false, A); + libcrux_ml_kem_utils_into_padded_array_421(seed, ret0); + sample_matrix_A_3c(ret0, false, A); uint8_t prf_input[33U]; - libcrux_ml_kem_utils_into_padded_array_6d2(randomness, prf_input); + libcrux_ml_kem_utils_into_padded_array_422(randomness, prf_input); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_prf_input0[33U]; memcpy(copy_of_prf_input0, prf_input, (size_t)33U * sizeof(uint8_t)); - tuple_b0 uu____1 = sample_vector_cbd_then_ntt_78(copy_of_prf_input0, 0U); + tuple_b0 uu____1 = sample_vector_cbd_then_ntt_ce(copy_of_prf_input0, 0U); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 r_as_ntt[3U]; memcpy( r_as_ntt, uu____1.fst, @@ -8399,7 +8399,7 @@ static void encrypt_7b(Eurydice_slice public_key, uint8_t message[32U], uint8_t copy_of_prf_input[33U]; memcpy(copy_of_prf_input, prf_input, (size_t)33U * sizeof(uint8_t)); tuple_b0 uu____3 = - sample_ring_element_cbd_a8(copy_of_prf_input, domain_separator0); + sample_ring_element_cbd_3a(copy_of_prf_input, domain_separator0); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 error_1[3U]; memcpy( error_1, uu____3.fst, @@ -8407,31 +8407,31 @@ static void encrypt_7b(Eurydice_slice public_key, uint8_t message[32U], uint8_t domain_separator = uu____3.snd; prf_input[32U] = domain_separator; uint8_t prf_output[128U]; - PRF_f1_2e0(Eurydice_array_to_slice((size_t)33U, prf_input, uint8_t), + PRF_f1_9d0(Eurydice_array_to_slice((size_t)33U, prf_input, uint8_t), prf_output); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 error_2 = - sample_from_binomial_distribution_ca( + sample_from_binomial_distribution_63( Eurydice_array_to_slice((size_t)128U, prf_output, uint8_t)); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 u[3U]; - compute_vector_u_93(A, r_as_ntt, error_1, u); + compute_vector_u_77(A, r_as_ntt, error_1, u); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_message[32U]; memcpy(copy_of_message, message, (size_t)32U * sizeof(uint8_t)); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 message_as_ring_element = - deserialize_then_decompress_message_f7(copy_of_message); + deserialize_then_decompress_message_94(copy_of_message); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 v = - compute_ring_element_v_54(t_as_ntt, r_as_ntt, &error_2, + compute_ring_element_v_fe(t_as_ntt, r_as_ntt, &error_2, &message_as_ring_element); uint8_t ciphertext[1088U] = {0U}; libcrux_ml_kem_polynomial_PolynomialRingElement_f0 uu____5[3U]; memcpy( uu____5, u, (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); - compress_then_serialize_u_28( + compress_then_serialize_u_86( uu____5, Eurydice_array_to_subslice2(ciphertext, (size_t)0U, (size_t)960U, uint8_t)); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 uu____6 = v; - compress_then_serialize_ring_element_v_65( + compress_then_serialize_ring_element_v_80( uu____6, Eurydice_array_to_subslice_from((size_t)1088U, ciphertext, (size_t)960U, uint8_t, size_t)); memcpy(ret, ciphertext, (size_t)1088U * sizeof(uint8_t)); @@ -8448,7 +8448,7 @@ with const generics - K= 3 - CIPHERTEXT_SIZE= 1088 */ -static KRML_MUSTINLINE void kdf_d8_c5(Eurydice_slice shared_secret, +static KRML_MUSTINLINE void kdf_d8_97(Eurydice_slice shared_secret, uint8_t ret[32U]) { uint8_t out[32U] = {0U}; Eurydice_slice_copy(Eurydice_array_to_slice((size_t)32U, out, uint8_t), @@ -8475,27 +8475,27 @@ libcrux_ml_kem_variant_MlKem with const generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -tuple_3c libcrux_ml_kem_ind_cca_encapsulate_eb( +tuple_3c libcrux_ml_kem_ind_cca_encapsulate_f4( libcrux_ml_kem_types_MlKemPublicKey_15 *public_key, uint8_t randomness[32U]) { uint8_t randomness0[32U]; - entropy_preprocess_d8_9f( + entropy_preprocess_d8_2b( Eurydice_array_to_slice((size_t)32U, randomness, uint8_t), randomness0); uint8_t to_hash[64U]; - libcrux_ml_kem_utils_into_padded_array_6d( + libcrux_ml_kem_utils_into_padded_array_42( Eurydice_array_to_slice((size_t)32U, randomness0, uint8_t), to_hash); Eurydice_slice uu____0 = Eurydice_array_to_subslice_from( (size_t)64U, to_hash, LIBCRUX_ML_KEM_CONSTANTS_H_DIGEST_SIZE, uint8_t, size_t); uint8_t ret[32U]; - H_f1_19(Eurydice_array_to_slice( - (size_t)1184U, libcrux_ml_kem_types_as_slice_cb_3d0(public_key), + H_f1_c6(Eurydice_array_to_slice( + (size_t)1184U, libcrux_ml_kem_types_as_slice_cb_a90(public_key), uint8_t), ret); Eurydice_slice_copy( uu____0, Eurydice_array_to_slice((size_t)32U, ret, uint8_t), uint8_t); uint8_t hashed[64U]; - G_f1_38(Eurydice_array_to_slice((size_t)64U, to_hash, uint8_t), hashed); + G_f1_07(Eurydice_array_to_slice((size_t)64U, to_hash, uint8_t), hashed); Eurydice_slice_uint8_t_x2 uu____1 = Eurydice_slice_split_at( Eurydice_array_to_slice((size_t)64U, hashed, uint8_t), LIBCRUX_ML_KEM_CONSTANTS_SHARED_SECRET_SIZE, uint8_t, @@ -8503,19 +8503,19 @@ tuple_3c libcrux_ml_kem_ind_cca_encapsulate_eb( Eurydice_slice shared_secret = uu____1.fst; Eurydice_slice pseudorandomness = uu____1.snd; Eurydice_slice uu____2 = Eurydice_array_to_slice( - (size_t)1184U, libcrux_ml_kem_types_as_slice_cb_3d0(public_key), uint8_t); + (size_t)1184U, libcrux_ml_kem_types_as_slice_cb_a90(public_key), uint8_t); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness0, (size_t)32U * sizeof(uint8_t)); uint8_t ciphertext[1088U]; - encrypt_7b(uu____2, copy_of_randomness, pseudorandomness, ciphertext); + encrypt_8c(uu____2, copy_of_randomness, pseudorandomness, ciphertext); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_ciphertext[1088U]; memcpy(copy_of_ciphertext, ciphertext, (size_t)1088U * sizeof(uint8_t)); libcrux_ml_kem_mlkem768_MlKem768Ciphertext ciphertext0 = - libcrux_ml_kem_types_from_01_330(copy_of_ciphertext); + libcrux_ml_kem_types_from_01_130(copy_of_ciphertext); uint8_t shared_secret_array[32U]; - kdf_d8_c5(shared_secret, shared_secret_array); + kdf_d8_97(shared_secret, shared_secret_array); libcrux_ml_kem_mlkem768_MlKem768Ciphertext uu____5 = ciphertext0; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_shared_secret_array[32U]; @@ -8536,12 +8536,12 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 3 */ -static KRML_MUSTINLINE void deserialize_secret_key_7b( +static KRML_MUSTINLINE void deserialize_secret_key_30( Eurydice_slice secret_key, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 ret[3U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 secret_as_ntt[3U]; KRML_MAYBE_FOR3(i, (size_t)0U, (size_t)3U, (size_t)1U, - secret_as_ntt[i] = ZERO_89_c3();); + secret_as_ntt[i] = ZERO_89_19();); for (size_t i = (size_t)0U; i < Eurydice_slice_len(secret_key, uint8_t) / LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT; @@ -8553,7 +8553,7 @@ static KRML_MUSTINLINE void deserialize_secret_key_7b( LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT, uint8_t); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 uu____0 = - deserialize_to_uncompressed_ring_element_27(secret_bytes); + deserialize_to_uncompressed_ring_element_79(secret_bytes); secret_as_ntt[i0] = uu____0; } memcpy( @@ -8583,12 +8583,12 @@ with const generics - CIPHERTEXT_SIZE= 1088 - U_COMPRESSION_FACTOR= 10 */ -static KRML_MUSTINLINE void deserialize_then_decompress_u_1a( +static KRML_MUSTINLINE void deserialize_then_decompress_u_32( uint8_t *ciphertext, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 ret[3U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 u_as_ntt[3U]; KRML_MAYBE_FOR3(i, (size_t)0U, (size_t)3U, (size_t)1U, - u_as_ntt[i] = ZERO_89_c3();); + u_as_ntt[i] = ZERO_89_19();); for (size_t i = (size_t)0U; i < Eurydice_slice_len( Eurydice_array_to_slice((size_t)1088U, ciphertext, uint8_t), @@ -8606,8 +8606,8 @@ static KRML_MUSTINLINE void deserialize_then_decompress_u_1a( LIBCRUX_ML_KEM_CONSTANTS_COEFFICIENTS_IN_RING_ELEMENT * (size_t)10U / (size_t)8U, uint8_t); - u_as_ntt[i0] = deserialize_then_decompress_ring_element_u_c2(u_bytes); - ntt_vector_u_6f(&u_as_ntt[i0]); + u_as_ntt[i0] = deserialize_then_decompress_ring_element_u_77(u_bytes); + ntt_vector_u_34(&u_as_ntt[i0]); } memcpy( ret, u_as_ntt, @@ -8627,17 +8627,17 @@ with const generics - K= 3 */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -compute_message_c9( +compute_message_29( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *v, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *secret_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *u_as_ntt) { - libcrux_ml_kem_polynomial_PolynomialRingElement_f0 result = ZERO_89_c3(); + libcrux_ml_kem_polynomial_PolynomialRingElement_f0 result = ZERO_89_19(); KRML_MAYBE_FOR3(i, (size_t)0U, (size_t)3U, (size_t)1U, size_t i0 = i; libcrux_ml_kem_polynomial_PolynomialRingElement_f0 product = - ntt_multiply_89_3b(&secret_as_ntt[i0], &u_as_ntt[i0]); - add_to_ring_element_89_1e(&result, &product);); - invert_ntt_montgomery_c9(&result); - result = subtract_reduce_89_61(v, result); + ntt_multiply_89_58(&secret_as_ntt[i0], &u_as_ntt[i0]); + add_to_ring_element_89_88(&result, &product);); + invert_ntt_montgomery_47(&result); + result = subtract_reduce_89_ee(v, result); return result; } @@ -8675,18 +8675,18 @@ with const generics - U_COMPRESSION_FACTOR= 10 - V_COMPRESSION_FACTOR= 4 */ -static void decrypt_unpacked_6b(IndCpaPrivateKeyUnpacked_f8 *secret_key, +static void decrypt_unpacked_3c(IndCpaPrivateKeyUnpacked_f8 *secret_key, uint8_t *ciphertext, uint8_t ret[32U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 u_as_ntt[3U]; - deserialize_then_decompress_u_1a(ciphertext, u_as_ntt); + deserialize_then_decompress_u_32(ciphertext, u_as_ntt); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 v = - deserialize_then_decompress_ring_element_v_93( + deserialize_then_decompress_ring_element_v_0d( Eurydice_array_to_subslice_from((size_t)1088U, ciphertext, (size_t)960U, uint8_t, size_t)); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 message = - compute_message_c9(&v, secret_key->secret_as_ntt, u_as_ntt); + compute_message_29(&v, secret_key->secret_as_ntt, u_as_ntt); uint8_t ret0[32U]; - compress_then_serialize_message_d4(message, ret0); + compress_then_serialize_message_62(message, ret0); memcpy(ret, ret0, (size_t)32U * sizeof(uint8_t)); } @@ -8700,10 +8700,10 @@ with const generics - U_COMPRESSION_FACTOR= 10 - V_COMPRESSION_FACTOR= 4 */ -static void decrypt_12(Eurydice_slice secret_key, uint8_t *ciphertext, +static void decrypt_d3(Eurydice_slice secret_key, uint8_t *ciphertext, uint8_t ret[32U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 secret_as_ntt[3U]; - deserialize_secret_key_7b(secret_key, secret_as_ntt); + deserialize_secret_key_30(secret_key, secret_as_ntt); /* Passing arrays by value in Rust generates a copy in C */ libcrux_ml_kem_polynomial_PolynomialRingElement_f0 copy_of_secret_as_ntt[3U]; memcpy( @@ -8714,7 +8714,7 @@ static void decrypt_12(Eurydice_slice secret_key, uint8_t *ciphertext, secret_key_unpacked.secret_as_ntt, copy_of_secret_as_ntt, (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); uint8_t ret0[32U]; - decrypt_unpacked_6b(&secret_key_unpacked, ciphertext, ret0); + decrypt_unpacked_3c(&secret_key_unpacked, ciphertext, ret0); memcpy(ret, ret0, (size_t)32U * sizeof(uint8_t)); } @@ -8728,8 +8728,8 @@ with const generics - K= 3 - LEN= 32 */ -static KRML_MUSTINLINE void PRF_f1_2e(Eurydice_slice input, uint8_t ret[32U]) { - PRF_7c(input, ret); +static KRML_MUSTINLINE void PRF_f1_9d(Eurydice_slice input, uint8_t ret[32U]) { + PRF_44(input, ret); } /** @@ -8754,7 +8754,7 @@ libcrux_ml_kem_variant_MlKem with const generics - ETA2_RANDOMNESS_SIZE= 128 - IMPLICIT_REJECTION_HASH_INPUT_SIZE= 1120 */ -void libcrux_ml_kem_ind_cca_decapsulate_1f( +void libcrux_ml_kem_ind_cca_decapsulate_64( libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext, uint8_t ret[32U]) { Eurydice_slice_uint8_t_x2 uu____0 = Eurydice_slice_split_at( @@ -8772,9 +8772,9 @@ void libcrux_ml_kem_ind_cca_decapsulate_1f( Eurydice_slice ind_cpa_public_key_hash = uu____2.fst; Eurydice_slice implicit_rejection_value = uu____2.snd; uint8_t decrypted[32U]; - decrypt_12(ind_cpa_secret_key, ciphertext->value, decrypted); + decrypt_d3(ind_cpa_secret_key, ciphertext->value, decrypted); uint8_t to_hash0[64U]; - libcrux_ml_kem_utils_into_padded_array_6d( + libcrux_ml_kem_utils_into_padded_array_42( Eurydice_array_to_slice((size_t)32U, decrypted, uint8_t), to_hash0); Eurydice_slice_copy( Eurydice_array_to_subslice_from( @@ -8782,7 +8782,7 @@ void libcrux_ml_kem_ind_cca_decapsulate_1f( uint8_t, size_t), ind_cpa_public_key_hash, uint8_t); uint8_t hashed[64U]; - G_f1_38(Eurydice_array_to_slice((size_t)64U, to_hash0, uint8_t), hashed); + G_f1_07(Eurydice_array_to_slice((size_t)64U, to_hash0, uint8_t), hashed); Eurydice_slice_uint8_t_x2 uu____3 = Eurydice_slice_split_at( Eurydice_array_to_slice((size_t)64U, hashed, uint8_t), LIBCRUX_ML_KEM_CONSTANTS_SHARED_SECRET_SIZE, uint8_t, @@ -8790,30 +8790,30 @@ void libcrux_ml_kem_ind_cca_decapsulate_1f( Eurydice_slice shared_secret0 = uu____3.fst; Eurydice_slice pseudorandomness = uu____3.snd; uint8_t to_hash[1120U]; - libcrux_ml_kem_utils_into_padded_array_6d3(implicit_rejection_value, to_hash); + libcrux_ml_kem_utils_into_padded_array_423(implicit_rejection_value, to_hash); Eurydice_slice uu____4 = Eurydice_array_to_subslice_from( (size_t)1120U, to_hash, LIBCRUX_ML_KEM_CONSTANTS_SHARED_SECRET_SIZE, uint8_t, size_t); - Eurydice_slice_copy(uu____4, libcrux_ml_kem_types_as_ref_00_d80(ciphertext), + Eurydice_slice_copy(uu____4, libcrux_ml_kem_types_as_ref_00_df0(ciphertext), uint8_t); uint8_t implicit_rejection_shared_secret0[32U]; - PRF_f1_2e(Eurydice_array_to_slice((size_t)1120U, to_hash, uint8_t), + PRF_f1_9d(Eurydice_array_to_slice((size_t)1120U, to_hash, uint8_t), implicit_rejection_shared_secret0); Eurydice_slice uu____5 = ind_cpa_public_key; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_decrypted[32U]; memcpy(copy_of_decrypted, decrypted, (size_t)32U * sizeof(uint8_t)); uint8_t expected_ciphertext[1088U]; - encrypt_7b(uu____5, copy_of_decrypted, pseudorandomness, expected_ciphertext); + encrypt_8c(uu____5, copy_of_decrypted, pseudorandomness, expected_ciphertext); uint8_t implicit_rejection_shared_secret[32U]; - kdf_d8_c5(Eurydice_array_to_slice((size_t)32U, + kdf_d8_97(Eurydice_array_to_slice((size_t)32U, implicit_rejection_shared_secret0, uint8_t), implicit_rejection_shared_secret); uint8_t shared_secret[32U]; - kdf_d8_c5(shared_secret0, shared_secret); + kdf_d8_97(shared_secret0, shared_secret); uint8_t ret0[32U]; libcrux_ml_kem_constant_time_ops_compare_ciphertexts_select_shared_secret_in_constant_time( - libcrux_ml_kem_types_as_ref_00_d80(ciphertext), + libcrux_ml_kem_types_as_ref_00_df0(ciphertext), Eurydice_array_to_slice((size_t)1088U, expected_ciphertext, uint8_t), Eurydice_array_to_slice((size_t)32U, shared_secret, uint8_t), Eurydice_array_to_slice((size_t)32U, implicit_rejection_shared_secret, diff --git a/libcrux-ml-kem/c/libcrux_mlkem_portable.h b/libcrux-ml-kem/c/libcrux_mlkem_portable.h index b4c959005..4d36ef4e3 100644 --- a/libcrux-ml-kem/c/libcrux_mlkem_portable.h +++ b/libcrux-ml-kem/c/libcrux_mlkem_portable.h @@ -7,8 +7,8 @@ * Charon: b351338f6a84c7a1afc27433eb0ffdc668b3581d * Eurydice: 7efec1624422fd5e94388ef06b9c76dfe7a48d46 * Karamel: c96fb69d15693284644d6aecaa90afa37e4de8f0 - * F*: 58c915a86a2c07c8eca8d9deafd76cb7a91f0eb7 - * Libcrux: 6ff01fb3c57ff29ecb59bc62d9dc7fd231060cfb + * F*: 5643e656b989aca7629723653a2570c7df6252b9-dirty + * Libcrux: 99498eed461fa03566e0382b445c77bd2af5b59d */ #ifndef __libcrux_mlkem_portable_H diff --git a/libcrux-ml-kem/c/libcrux_sha3.h b/libcrux-ml-kem/c/libcrux_sha3.h index 4bcceb017..cf6b129b4 100644 --- a/libcrux-ml-kem/c/libcrux_sha3.h +++ b/libcrux-ml-kem/c/libcrux_sha3.h @@ -7,8 +7,8 @@ * Charon: b351338f6a84c7a1afc27433eb0ffdc668b3581d * Eurydice: 7efec1624422fd5e94388ef06b9c76dfe7a48d46 * Karamel: c96fb69d15693284644d6aecaa90afa37e4de8f0 - * F*: 58c915a86a2c07c8eca8d9deafd76cb7a91f0eb7 - * Libcrux: 6ff01fb3c57ff29ecb59bc62d9dc7fd231060cfb + * F*: 5643e656b989aca7629723653a2570c7df6252b9-dirty + * Libcrux: 99498eed461fa03566e0382b445c77bd2af5b59d */ #ifndef __libcrux_sha3_H diff --git a/libcrux-ml-kem/c/libcrux_sha3_avx2.c b/libcrux-ml-kem/c/libcrux_sha3_avx2.c index cfd2105cc..dcdb81b02 100644 --- a/libcrux-ml-kem/c/libcrux_sha3_avx2.c +++ b/libcrux-ml-kem/c/libcrux_sha3_avx2.c @@ -7,8 +7,8 @@ * Charon: b351338f6a84c7a1afc27433eb0ffdc668b3581d * Eurydice: 7efec1624422fd5e94388ef06b9c76dfe7a48d46 * Karamel: c96fb69d15693284644d6aecaa90afa37e4de8f0 - * F*: 58c915a86a2c07c8eca8d9deafd76cb7a91f0eb7 - * Libcrux: 6ff01fb3c57ff29ecb59bc62d9dc7fd231060cfb + * F*: 5643e656b989aca7629723653a2570c7df6252b9-dirty + * Libcrux: 99498eed461fa03566e0382b445c77bd2af5b59d */ #include "internal/libcrux_sha3_avx2.h" diff --git a/libcrux-ml-kem/c/libcrux_sha3_avx2.h b/libcrux-ml-kem/c/libcrux_sha3_avx2.h index c93360697..d028ae5d8 100644 --- a/libcrux-ml-kem/c/libcrux_sha3_avx2.h +++ b/libcrux-ml-kem/c/libcrux_sha3_avx2.h @@ -7,8 +7,8 @@ * Charon: b351338f6a84c7a1afc27433eb0ffdc668b3581d * Eurydice: 7efec1624422fd5e94388ef06b9c76dfe7a48d46 * Karamel: c96fb69d15693284644d6aecaa90afa37e4de8f0 - * F*: 58c915a86a2c07c8eca8d9deafd76cb7a91f0eb7 - * Libcrux: 6ff01fb3c57ff29ecb59bc62d9dc7fd231060cfb + * F*: 5643e656b989aca7629723653a2570c7df6252b9-dirty + * Libcrux: 99498eed461fa03566e0382b445c77bd2af5b59d */ #ifndef __libcrux_sha3_avx2_H diff --git a/libcrux-ml-kem/c/libcrux_sha3_internal.h b/libcrux-ml-kem/c/libcrux_sha3_internal.h index 1ccedc9f5..49a02e9f6 100644 --- a/libcrux-ml-kem/c/libcrux_sha3_internal.h +++ b/libcrux-ml-kem/c/libcrux_sha3_internal.h @@ -7,8 +7,8 @@ * Charon: b351338f6a84c7a1afc27433eb0ffdc668b3581d * Eurydice: 7efec1624422fd5e94388ef06b9c76dfe7a48d46 * Karamel: c96fb69d15693284644d6aecaa90afa37e4de8f0 - * F*: 58c915a86a2c07c8eca8d9deafd76cb7a91f0eb7 - * Libcrux: 6ff01fb3c57ff29ecb59bc62d9dc7fd231060cfb + * F*: 5643e656b989aca7629723653a2570c7df6252b9-dirty + * Libcrux: 99498eed461fa03566e0382b445c77bd2af5b59d */ #ifndef __libcrux_sha3_internal_H diff --git a/libcrux-ml-kem/c/libcrux_sha3_neon.c b/libcrux-ml-kem/c/libcrux_sha3_neon.c index 131e8cf4a..2d2e97511 100644 --- a/libcrux-ml-kem/c/libcrux_sha3_neon.c +++ b/libcrux-ml-kem/c/libcrux_sha3_neon.c @@ -7,8 +7,8 @@ * Charon: b351338f6a84c7a1afc27433eb0ffdc668b3581d * Eurydice: 7efec1624422fd5e94388ef06b9c76dfe7a48d46 * Karamel: c96fb69d15693284644d6aecaa90afa37e4de8f0 - * F*: 58c915a86a2c07c8eca8d9deafd76cb7a91f0eb7 - * Libcrux: 6ff01fb3c57ff29ecb59bc62d9dc7fd231060cfb + * F*: 5643e656b989aca7629723653a2570c7df6252b9-dirty + * Libcrux: 99498eed461fa03566e0382b445c77bd2af5b59d */ #include "libcrux_sha3_neon.h" @@ -71,7 +71,7 @@ KRML_MUSTINLINE void libcrux_sha3_neon_x2_shake256(Eurydice_slice input0, Initialise the `KeccakState2`. */ KRML_MUSTINLINE libcrux_sha3_neon_x2_incremental_KeccakState -libcrux_sha3_neon_x2_incremental_shake128_init(void) { +libcrux_sha3_neon_x2_incremental_init(void) { KRML_HOST_EPRINTF("KaRaMeL abort at %s:%d\n%s\n", __FILE__, __LINE__, "panic!"); KRML_HOST_EXIT(255U); @@ -113,3 +113,50 @@ libcrux_sha3_neon_x2_incremental_shake128_squeeze_next_block( "panic!"); KRML_HOST_EXIT(255U); } + +/** + Squeeze five blocks +*/ +KRML_MUSTINLINE void +libcrux_sha3_neon_x2_incremental_shake128_squeeze_first_five_blocks( + libcrux_sha3_neon_x2_incremental_KeccakState *s, Eurydice_slice out0, + Eurydice_slice out1) { + KRML_HOST_EPRINTF("KaRaMeL abort at %s:%d\n%s\n", __FILE__, __LINE__, + "panic!"); + KRML_HOST_EXIT(255U); +} + +/** + Shake256 absorb `data0` and `data1` in the [`KeccakState`] `s`. +*/ +KRML_MUSTINLINE void libcrux_sha3_neon_x2_incremental_shake256_absorb_final( + libcrux_sha3_neon_x2_incremental_KeccakState *s, Eurydice_slice data0, + Eurydice_slice data1) { + KRML_HOST_EPRINTF("KaRaMeL abort at %s:%d\n%s\n", __FILE__, __LINE__, + "panic!"); + KRML_HOST_EXIT(255U); +} + +/** + Squeeze block +*/ +KRML_MUSTINLINE void +libcrux_sha3_neon_x2_incremental_shake256_squeeze_first_block( + libcrux_sha3_neon_x2_incremental_KeccakState *s, Eurydice_slice out0, + Eurydice_slice out1) { + KRML_HOST_EPRINTF("KaRaMeL abort at %s:%d\n%s\n", __FILE__, __LINE__, + "panic!"); + KRML_HOST_EXIT(255U); +} + +/** + Squeeze next block +*/ +KRML_MUSTINLINE void +libcrux_sha3_neon_x2_incremental_shake256_squeeze_next_block( + libcrux_sha3_neon_x2_incremental_KeccakState *s, Eurydice_slice out0, + Eurydice_slice out1) { + KRML_HOST_EPRINTF("KaRaMeL abort at %s:%d\n%s\n", __FILE__, __LINE__, + "panic!"); + KRML_HOST_EXIT(255U); +} diff --git a/libcrux-ml-kem/c/libcrux_sha3_neon.h b/libcrux-ml-kem/c/libcrux_sha3_neon.h index 8d2bd1f90..b5d8fcc13 100644 --- a/libcrux-ml-kem/c/libcrux_sha3_neon.h +++ b/libcrux-ml-kem/c/libcrux_sha3_neon.h @@ -7,8 +7,8 @@ * Charon: b351338f6a84c7a1afc27433eb0ffdc668b3581d * Eurydice: 7efec1624422fd5e94388ef06b9c76dfe7a48d46 * Karamel: c96fb69d15693284644d6aecaa90afa37e4de8f0 - * F*: 58c915a86a2c07c8eca8d9deafd76cb7a91f0eb7 - * Libcrux: 6ff01fb3c57ff29ecb59bc62d9dc7fd231060cfb + * F*: 5643e656b989aca7629723653a2570c7df6252b9-dirty + * Libcrux: 99498eed461fa03566e0382b445c77bd2af5b59d */ #ifndef __libcrux_sha3_neon_H @@ -58,7 +58,7 @@ typedef struct libcrux_sha3_neon_x2_incremental_KeccakState_s { Initialise the `KeccakState2`. */ libcrux_sha3_neon_x2_incremental_KeccakState -libcrux_sha3_neon_x2_incremental_shake128_init(void); +libcrux_sha3_neon_x2_incremental_init(void); /** Shake128 absorb `data0` and `data1` in the [`KeccakState`] `s`. @@ -83,6 +83,34 @@ void libcrux_sha3_neon_x2_incremental_shake128_squeeze_next_block( libcrux_sha3_neon_x2_incremental_KeccakState *s, Eurydice_slice out0, Eurydice_slice out1); +/** + Squeeze five blocks +*/ +void libcrux_sha3_neon_x2_incremental_shake128_squeeze_first_five_blocks( + libcrux_sha3_neon_x2_incremental_KeccakState *s, Eurydice_slice out0, + Eurydice_slice out1); + +/** + Shake256 absorb `data0` and `data1` in the [`KeccakState`] `s`. +*/ +void libcrux_sha3_neon_x2_incremental_shake256_absorb_final( + libcrux_sha3_neon_x2_incremental_KeccakState *s, Eurydice_slice data0, + Eurydice_slice data1); + +/** + Squeeze block +*/ +void libcrux_sha3_neon_x2_incremental_shake256_squeeze_first_block( + libcrux_sha3_neon_x2_incremental_KeccakState *s, Eurydice_slice out0, + Eurydice_slice out1); + +/** + Squeeze next block +*/ +void libcrux_sha3_neon_x2_incremental_shake256_squeeze_next_block( + libcrux_sha3_neon_x2_incremental_KeccakState *s, Eurydice_slice out0, + Eurydice_slice out1); + #if defined(__cplusplus) } #endif diff --git a/libcrux-ml-kem/cg/code_gen.txt b/libcrux-ml-kem/cg/code_gen.txt index 8d7869cc3..dde362958 100644 --- a/libcrux-ml-kem/cg/code_gen.txt +++ b/libcrux-ml-kem/cg/code_gen.txt @@ -2,5 +2,5 @@ This code was generated with the following revisions: Charon: b351338f6a84c7a1afc27433eb0ffdc668b3581d Eurydice: 7efec1624422fd5e94388ef06b9c76dfe7a48d46 Karamel: c96fb69d15693284644d6aecaa90afa37e4de8f0 -F*: a32b316e521fa4f239b610ec8f1d15e78d62cbe8-dirty -Libcrux: 3676fd514a5df7dc5dd8382e2c18dfffa42488dd +F*: 5643e656b989aca7629723653a2570c7df6252b9-dirty +Libcrux: 99498eed461fa03566e0382b445c77bd2af5b59d diff --git a/libcrux-ml-kem/cg/libcrux_core.h b/libcrux-ml-kem/cg/libcrux_core.h index 358fd5d9e..be9bbe04a 100644 --- a/libcrux-ml-kem/cg/libcrux_core.h +++ b/libcrux-ml-kem/cg/libcrux_core.h @@ -7,8 +7,8 @@ * Charon: b351338f6a84c7a1afc27433eb0ffdc668b3581d * Eurydice: 7efec1624422fd5e94388ef06b9c76dfe7a48d46 * Karamel: c96fb69d15693284644d6aecaa90afa37e4de8f0 - * F*: a32b316e521fa4f239b610ec8f1d15e78d62cbe8-dirty - * Libcrux: 3676fd514a5df7dc5dd8382e2c18dfffa42488dd + * F*: 5643e656b989aca7629723653a2570c7df6252b9-dirty + * Libcrux: 99498eed461fa03566e0382b445c77bd2af5b59d */ #ifndef __libcrux_core_H @@ -202,7 +202,7 @@ A monomorphic instance of libcrux_ml_kem.types.as_slice_d4 with const generics - SIZE= 1088 */ -static inline uint8_t *libcrux_ml_kem_types_as_slice_d4_b2( +static inline uint8_t *libcrux_ml_kem_types_as_slice_d4_aa( libcrux_ml_kem_mlkem768_MlKem768Ciphertext *self) { return self->value; } @@ -226,7 +226,7 @@ with const generics - SIZE= 1184 */ static inline libcrux_ml_kem_types_MlKemPublicKey_15 -libcrux_ml_kem_types_from_b6_96(uint8_t value[1184U]) { +libcrux_ml_kem_types_from_b6_8c(uint8_t value[1184U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_value[1184U]; memcpy(copy_of_value, value, (size_t)1184U * sizeof(uint8_t)); @@ -263,7 +263,7 @@ with const generics - PUBLIC_KEY_SIZE= 1184 */ static inline libcrux_ml_kem_mlkem768_MlKem768KeyPair -libcrux_ml_kem_types_from_17_82(libcrux_ml_kem_types_MlKemPrivateKey_55 sk, +libcrux_ml_kem_types_from_17_f6(libcrux_ml_kem_types_MlKemPrivateKey_55 sk, libcrux_ml_kem_types_MlKemPublicKey_15 pk) { return ( CLITERAL(libcrux_ml_kem_mlkem768_MlKem768KeyPair){.sk = sk, .pk = pk}); @@ -279,7 +279,7 @@ with const generics - SIZE= 2400 */ static inline libcrux_ml_kem_types_MlKemPrivateKey_55 -libcrux_ml_kem_types_from_05_89(uint8_t value[2400U]) { +libcrux_ml_kem_types_from_05_9d(uint8_t value[2400U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_value[2400U]; memcpy(copy_of_value, value, (size_t)2400U * sizeof(uint8_t)); @@ -342,7 +342,7 @@ with const generics - SIZE= 1088 */ static inline libcrux_ml_kem_mlkem768_MlKem768Ciphertext -libcrux_ml_kem_types_from_01_e9(uint8_t value[1088U]) { +libcrux_ml_kem_types_from_01_e5(uint8_t value[1088U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_value[1088U]; memcpy(copy_of_value, value, (size_t)1088U * sizeof(uint8_t)); @@ -362,7 +362,7 @@ A monomorphic instance of libcrux_ml_kem.types.as_slice_cb with const generics - SIZE= 1184 */ -static inline uint8_t *libcrux_ml_kem_types_as_slice_cb_07( +static inline uint8_t *libcrux_ml_kem_types_as_slice_cb_00( libcrux_ml_kem_types_MlKemPublicKey_15 *self) { return self->value; } @@ -375,7 +375,7 @@ A monomorphic instance of libcrux_ml_kem.utils.into_padded_array with const generics - LEN= 33 */ -static KRML_MUSTINLINE void libcrux_ml_kem_utils_into_padded_array_6d2( +static KRML_MUSTINLINE void libcrux_ml_kem_utils_into_padded_array_422( Eurydice_slice slice, uint8_t ret[33U]) { uint8_t out[33U] = {0U}; uint8_t *uu____0 = out; @@ -394,7 +394,7 @@ A monomorphic instance of libcrux_ml_kem.utils.into_padded_array with const generics - LEN= 34 */ -static KRML_MUSTINLINE void libcrux_ml_kem_utils_into_padded_array_6d1( +static KRML_MUSTINLINE void libcrux_ml_kem_utils_into_padded_array_421( Eurydice_slice slice, uint8_t ret[34U]) { uint8_t out[34U] = {0U}; uint8_t *uu____0 = out; @@ -414,7 +414,7 @@ A monomorphic instance of libcrux_ml_kem.types.as_ref_00 with const generics - SIZE= 1088 */ -static inline Eurydice_slice libcrux_ml_kem_types_as_ref_00_d6( +static inline Eurydice_slice libcrux_ml_kem_types_as_ref_00_cf( libcrux_ml_kem_mlkem768_MlKem768Ciphertext *self) { return Eurydice_array_to_slice((size_t)1088U, self->value, uint8_t); } @@ -427,7 +427,7 @@ A monomorphic instance of libcrux_ml_kem.utils.into_padded_array with const generics - LEN= 1120 */ -static KRML_MUSTINLINE void libcrux_ml_kem_utils_into_padded_array_6d0( +static KRML_MUSTINLINE void libcrux_ml_kem_utils_into_padded_array_420( Eurydice_slice slice, uint8_t ret[1120U]) { uint8_t out[1120U] = {0U}; uint8_t *uu____0 = out; @@ -446,7 +446,7 @@ A monomorphic instance of libcrux_ml_kem.utils.into_padded_array with const generics - LEN= 64 */ -static KRML_MUSTINLINE void libcrux_ml_kem_utils_into_padded_array_6d( +static KRML_MUSTINLINE void libcrux_ml_kem_utils_into_padded_array_42( Eurydice_slice slice, uint8_t ret[64U]) { uint8_t out[64U] = {0U}; uint8_t *uu____0 = out; diff --git a/libcrux-ml-kem/cg/libcrux_ct_ops.h b/libcrux-ml-kem/cg/libcrux_ct_ops.h index 689fdc58c..be005d67c 100644 --- a/libcrux-ml-kem/cg/libcrux_ct_ops.h +++ b/libcrux-ml-kem/cg/libcrux_ct_ops.h @@ -7,8 +7,8 @@ * Charon: b351338f6a84c7a1afc27433eb0ffdc668b3581d * Eurydice: 7efec1624422fd5e94388ef06b9c76dfe7a48d46 * Karamel: c96fb69d15693284644d6aecaa90afa37e4de8f0 - * F*: a32b316e521fa4f239b610ec8f1d15e78d62cbe8-dirty - * Libcrux: 3676fd514a5df7dc5dd8382e2c18dfffa42488dd + * F*: 5643e656b989aca7629723653a2570c7df6252b9-dirty + * Libcrux: 99498eed461fa03566e0382b445c77bd2af5b59d */ #ifndef __libcrux_ct_ops_H diff --git a/libcrux-ml-kem/cg/libcrux_mlkem768_avx2.h b/libcrux-ml-kem/cg/libcrux_mlkem768_avx2.h index d85b1d40c..9935422a8 100644 --- a/libcrux-ml-kem/cg/libcrux_mlkem768_avx2.h +++ b/libcrux-ml-kem/cg/libcrux_mlkem768_avx2.h @@ -7,8 +7,8 @@ * Charon: b351338f6a84c7a1afc27433eb0ffdc668b3581d * Eurydice: 7efec1624422fd5e94388ef06b9c76dfe7a48d46 * Karamel: c96fb69d15693284644d6aecaa90afa37e4de8f0 - * F*: a32b316e521fa4f239b610ec8f1d15e78d62cbe8-dirty - * Libcrux: 3676fd514a5df7dc5dd8382e2c18dfffa42488dd + * F*: 5643e656b989aca7629723653a2570c7df6252b9-dirty + * Libcrux: 99498eed461fa03566e0382b445c77bd2af5b59d */ #ifndef __libcrux_mlkem768_avx2_H @@ -1211,7 +1211,7 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static inline libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -libcrux_ml_kem_polynomial_ZERO_89_9f(void) { +libcrux_ml_kem_polynomial_ZERO_89_7d(void) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 lit; lit.coefficients[0U] = libcrux_ml_kem_vector_avx2_ZERO_ea(); lit.coefficients[1U] = libcrux_ml_kem_vector_avx2_ZERO_ea(); @@ -1240,8 +1240,8 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static inline libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -libcrux_ml_kem_ind_cpa_deserialize_secret_key_closure_24(size_t _) { - return libcrux_ml_kem_polynomial_ZERO_89_9f(); +libcrux_ml_kem_ind_cpa_deserialize_secret_key_closure_5c(size_t _) { + return libcrux_ml_kem_polynomial_ZERO_89_7d(); } /** @@ -1252,10 +1252,10 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -libcrux_ml_kem_serialize_deserialize_to_uncompressed_ring_element_a9( +libcrux_ml_kem_serialize_deserialize_to_uncompressed_ring_element_13( Eurydice_slice serialized) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 re = - libcrux_ml_kem_polynomial_ZERO_89_9f(); + libcrux_ml_kem_polynomial_ZERO_89_7d(); for (size_t i = (size_t)0U; i < Eurydice_slice_len(serialized, uint8_t) / (size_t)24U; i++) { size_t i0 = i; @@ -1276,12 +1276,12 @@ with const generics - K= 3 */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_ml_kem_ind_cpa_deserialize_secret_key_40( +static KRML_MUSTINLINE void libcrux_ml_kem_ind_cpa_deserialize_secret_key_71( Eurydice_slice secret_key, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 ret[3U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 secret_as_ntt[3U]; for (size_t i = (size_t)0U; i < (size_t)3U; i++) { - secret_as_ntt[i] = libcrux_ml_kem_polynomial_ZERO_89_9f(); + secret_as_ntt[i] = libcrux_ml_kem_polynomial_ZERO_89_7d(); } for (size_t i = (size_t)0U; i < Eurydice_slice_len(secret_key, uint8_t) / @@ -1294,7 +1294,7 @@ static KRML_MUSTINLINE void libcrux_ml_kem_ind_cpa_deserialize_secret_key_40( LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT, uint8_t); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 uu____0 = - libcrux_ml_kem_serialize_deserialize_to_uncompressed_ring_element_a9( + libcrux_ml_kem_serialize_deserialize_to_uncompressed_ring_element_13( secret_bytes); secret_as_ntt[i0] = uu____0; } @@ -1323,8 +1323,8 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static inline libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -libcrux_ml_kem_ind_cpa_deserialize_then_decompress_u_closure_4f(size_t _) { - return libcrux_ml_kem_polynomial_ZERO_89_9f(); +libcrux_ml_kem_ind_cpa_deserialize_then_decompress_u_closure_1c(size_t _) { + return libcrux_ml_kem_polynomial_ZERO_89_7d(); } /** @@ -1335,7 +1335,7 @@ generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE __m256i -libcrux_ml_kem_vector_avx2_compress_decompress_ciphertext_coefficient_2b( +libcrux_ml_kem_vector_avx2_compress_decompress_ciphertext_coefficient_fa( __m256i vector) { __m256i field_modulus = libcrux_intrinsics_avx2_mm256_set1_epi32( (int32_t)LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_MODULUS); @@ -1387,9 +1387,9 @@ generics */ KRML_ATTRIBUTE_TARGET("avx2") static inline __m256i -libcrux_ml_kem_vector_avx2_decompress_ciphertext_coefficient_ea_4c( +libcrux_ml_kem_vector_avx2_decompress_ciphertext_coefficient_ea_94( __m256i vector) { - return libcrux_ml_kem_vector_avx2_compress_decompress_ciphertext_coefficient_2b( + return libcrux_ml_kem_vector_avx2_compress_decompress_ciphertext_coefficient_fa( vector); } @@ -1401,10 +1401,10 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -libcrux_ml_kem_serialize_deserialize_then_decompress_10_26( +libcrux_ml_kem_serialize_deserialize_then_decompress_10_39( Eurydice_slice serialized) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 re = - libcrux_ml_kem_polynomial_ZERO_89_9f(); + libcrux_ml_kem_polynomial_ZERO_89_7d(); for (size_t i = (size_t)0U; i < Eurydice_slice_len(serialized, uint8_t) / (size_t)20U; i++) { size_t i0 = i; @@ -1412,7 +1412,7 @@ libcrux_ml_kem_serialize_deserialize_then_decompress_10_26( serialized, i0 * (size_t)20U, i0 * (size_t)20U + (size_t)20U, uint8_t); __m256i coefficient = libcrux_ml_kem_vector_avx2_deserialize_10_ea(bytes); re.coefficients[i0] = - libcrux_ml_kem_vector_avx2_decompress_ciphertext_coefficient_ea_4c( + libcrux_ml_kem_vector_avx2_decompress_ciphertext_coefficient_ea_94( coefficient); } return re; @@ -1426,7 +1426,7 @@ generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE __m256i -libcrux_ml_kem_vector_avx2_compress_decompress_ciphertext_coefficient_2b0( +libcrux_ml_kem_vector_avx2_compress_decompress_ciphertext_coefficient_fa0( __m256i vector) { __m256i field_modulus = libcrux_intrinsics_avx2_mm256_set1_epi32( (int32_t)LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_MODULUS); @@ -1478,9 +1478,9 @@ generics */ KRML_ATTRIBUTE_TARGET("avx2") static inline __m256i -libcrux_ml_kem_vector_avx2_decompress_ciphertext_coefficient_ea_4c0( +libcrux_ml_kem_vector_avx2_decompress_ciphertext_coefficient_ea_940( __m256i vector) { - return libcrux_ml_kem_vector_avx2_compress_decompress_ciphertext_coefficient_2b0( + return libcrux_ml_kem_vector_avx2_compress_decompress_ciphertext_coefficient_fa0( vector); } @@ -1492,10 +1492,10 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -libcrux_ml_kem_serialize_deserialize_then_decompress_11_e6( +libcrux_ml_kem_serialize_deserialize_then_decompress_11_e1( Eurydice_slice serialized) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 re = - libcrux_ml_kem_polynomial_ZERO_89_9f(); + libcrux_ml_kem_polynomial_ZERO_89_7d(); for (size_t i = (size_t)0U; i < Eurydice_slice_len(serialized, uint8_t) / (size_t)22U; i++) { size_t i0 = i; @@ -1503,7 +1503,7 @@ libcrux_ml_kem_serialize_deserialize_then_decompress_11_e6( serialized, i0 * (size_t)22U, i0 * (size_t)22U + (size_t)22U, uint8_t); __m256i coefficient = libcrux_ml_kem_vector_avx2_deserialize_11_ea(bytes); re.coefficients[i0] = - libcrux_ml_kem_vector_avx2_decompress_ciphertext_coefficient_ea_4c0( + libcrux_ml_kem_vector_avx2_decompress_ciphertext_coefficient_ea_940( coefficient); } return re; @@ -1517,9 +1517,9 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -libcrux_ml_kem_serialize_deserialize_then_decompress_ring_element_u_68( +libcrux_ml_kem_serialize_deserialize_then_decompress_ring_element_u_6c( Eurydice_slice serialized) { - return libcrux_ml_kem_serialize_deserialize_then_decompress_10_26(serialized); + return libcrux_ml_kem_serialize_deserialize_then_decompress_10_39(serialized); } typedef struct libcrux_ml_kem_vector_avx2_SIMD256Vector_x2_s { @@ -1534,7 +1534,7 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") -static inline __m256i libcrux_ml_kem_vector_traits_montgomery_multiply_fe_e8( +static inline __m256i libcrux_ml_kem_vector_traits_montgomery_multiply_fe_a6( __m256i v, int16_t fer) { return libcrux_ml_kem_vector_avx2_montgomery_multiply_by_constant_ea(v, fer); } @@ -1547,9 +1547,9 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE libcrux_ml_kem_vector_avx2_SIMD256Vector_x2 -libcrux_ml_kem_ntt_ntt_layer_int_vec_step_6c(__m256i a, __m256i b, +libcrux_ml_kem_ntt_ntt_layer_int_vec_step_0d(__m256i a, __m256i b, int16_t zeta_r) { - __m256i t = libcrux_ml_kem_vector_traits_montgomery_multiply_fe_e8(b, zeta_r); + __m256i t = libcrux_ml_kem_vector_traits_montgomery_multiply_fe_a6(b, zeta_r); b = libcrux_ml_kem_vector_avx2_sub_ea(a, &t); a = libcrux_ml_kem_vector_avx2_add_ea(a, &t); return (CLITERAL(libcrux_ml_kem_vector_avx2_SIMD256Vector_x2){.fst = a, @@ -1563,7 +1563,7 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_ml_kem_ntt_ntt_at_layer_4_plus_46( +static KRML_MUSTINLINE void libcrux_ml_kem_ntt_ntt_at_layer_4_plus_a5( size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re, size_t layer, size_t _initial_coefficient_bound) { size_t step = (size_t)1U << (uint32_t)layer; @@ -1576,7 +1576,7 @@ static KRML_MUSTINLINE void libcrux_ml_kem_ntt_ntt_at_layer_4_plus_46( for (size_t i = offset_vec; i < offset_vec + step_vec; i++) { size_t j = i; libcrux_ml_kem_vector_avx2_SIMD256Vector_x2 uu____0 = - libcrux_ml_kem_ntt_ntt_layer_int_vec_step_6c( + libcrux_ml_kem_ntt_ntt_layer_int_vec_step_0d( re->coefficients[j], re->coefficients[j + step_vec], libcrux_ml_kem_polynomial_ZETAS_TIMES_MONTGOMERY_R[zeta_i[0U]]); __m256i x = uu____0.fst; @@ -1594,7 +1594,7 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_ml_kem_ntt_ntt_at_layer_3_3d( +static KRML_MUSTINLINE void libcrux_ml_kem_ntt_ntt_at_layer_3_46( size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re, size_t _layer, size_t _initial_coefficient_bound) { for (size_t i = (size_t)0U; i < (size_t)16U; i++) { @@ -1613,7 +1613,7 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_ml_kem_ntt_ntt_at_layer_2_16( +static KRML_MUSTINLINE void libcrux_ml_kem_ntt_ntt_at_layer_2_53( size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re, size_t _layer, size_t _initial_coefficient_bound) { for (size_t i = (size_t)0U; i < (size_t)16U; i++) { @@ -1635,7 +1635,7 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_ml_kem_ntt_ntt_at_layer_1_8f( +static KRML_MUSTINLINE void libcrux_ml_kem_ntt_ntt_at_layer_1_f7( size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re, size_t _layer, size_t _initial_coefficient_bound) { for (size_t i = (size_t)0U; i < (size_t)16U; i++) { @@ -1665,7 +1665,7 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_ml_kem_polynomial_poly_barrett_reduce_89_ef( +static KRML_MUSTINLINE void libcrux_ml_kem_polynomial_poly_barrett_reduce_89_f5( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *self) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { @@ -1682,21 +1682,21 @@ with const generics - VECTOR_U_COMPRESSION_FACTOR= 10 */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_ml_kem_ntt_ntt_vector_u_b8( +static KRML_MUSTINLINE void libcrux_ml_kem_ntt_ntt_vector_u_61( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re) { size_t zeta_i = (size_t)0U; - libcrux_ml_kem_ntt_ntt_at_layer_4_plus_46(&zeta_i, re, (size_t)7U, + libcrux_ml_kem_ntt_ntt_at_layer_4_plus_a5(&zeta_i, re, (size_t)7U, (size_t)3328U); - libcrux_ml_kem_ntt_ntt_at_layer_4_plus_46(&zeta_i, re, (size_t)6U, + libcrux_ml_kem_ntt_ntt_at_layer_4_plus_a5(&zeta_i, re, (size_t)6U, (size_t)3328U); - libcrux_ml_kem_ntt_ntt_at_layer_4_plus_46(&zeta_i, re, (size_t)5U, + libcrux_ml_kem_ntt_ntt_at_layer_4_plus_a5(&zeta_i, re, (size_t)5U, (size_t)3328U); - libcrux_ml_kem_ntt_ntt_at_layer_4_plus_46(&zeta_i, re, (size_t)4U, + libcrux_ml_kem_ntt_ntt_at_layer_4_plus_a5(&zeta_i, re, (size_t)4U, (size_t)3328U); - libcrux_ml_kem_ntt_ntt_at_layer_3_3d(&zeta_i, re, (size_t)3U, (size_t)3328U); - libcrux_ml_kem_ntt_ntt_at_layer_2_16(&zeta_i, re, (size_t)2U, (size_t)3328U); - libcrux_ml_kem_ntt_ntt_at_layer_1_8f(&zeta_i, re, (size_t)1U, (size_t)3328U); - libcrux_ml_kem_polynomial_poly_barrett_reduce_89_ef(re); + libcrux_ml_kem_ntt_ntt_at_layer_3_46(&zeta_i, re, (size_t)3U, (size_t)3328U); + libcrux_ml_kem_ntt_ntt_at_layer_2_53(&zeta_i, re, (size_t)2U, (size_t)3328U); + libcrux_ml_kem_ntt_ntt_at_layer_1_f7(&zeta_i, re, (size_t)1U, (size_t)3328U); + libcrux_ml_kem_polynomial_poly_barrett_reduce_89_f5(re); } /** @@ -1713,12 +1713,12 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE void -libcrux_ml_kem_ind_cpa_deserialize_then_decompress_u_e2( +libcrux_ml_kem_ind_cpa_deserialize_then_decompress_u_e1( uint8_t *ciphertext, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 ret[3U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 u_as_ntt[3U]; for (size_t i = (size_t)0U; i < (size_t)3U; i++) { - u_as_ntt[i] = libcrux_ml_kem_polynomial_ZERO_89_9f(); + u_as_ntt[i] = libcrux_ml_kem_polynomial_ZERO_89_7d(); } for (size_t i = (size_t)0U; i < Eurydice_slice_len( @@ -1738,9 +1738,9 @@ libcrux_ml_kem_ind_cpa_deserialize_then_decompress_u_e2( (size_t)10U / (size_t)8U, uint8_t); u_as_ntt[i0] = - libcrux_ml_kem_serialize_deserialize_then_decompress_ring_element_u_68( + libcrux_ml_kem_serialize_deserialize_then_decompress_ring_element_u_6c( u_bytes); - libcrux_ml_kem_ntt_ntt_vector_u_b8(&u_as_ntt[i0]); + libcrux_ml_kem_ntt_ntt_vector_u_61(&u_as_ntt[i0]); } memcpy( ret, u_as_ntt, @@ -1755,7 +1755,7 @@ generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE __m256i -libcrux_ml_kem_vector_avx2_compress_decompress_ciphertext_coefficient_2b1( +libcrux_ml_kem_vector_avx2_compress_decompress_ciphertext_coefficient_fa1( __m256i vector) { __m256i field_modulus = libcrux_intrinsics_avx2_mm256_set1_epi32( (int32_t)LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_MODULUS); @@ -1807,9 +1807,9 @@ generics */ KRML_ATTRIBUTE_TARGET("avx2") static inline __m256i -libcrux_ml_kem_vector_avx2_decompress_ciphertext_coefficient_ea_4c1( +libcrux_ml_kem_vector_avx2_decompress_ciphertext_coefficient_ea_941( __m256i vector) { - return libcrux_ml_kem_vector_avx2_compress_decompress_ciphertext_coefficient_2b1( + return libcrux_ml_kem_vector_avx2_compress_decompress_ciphertext_coefficient_fa1( vector); } @@ -1821,10 +1821,10 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -libcrux_ml_kem_serialize_deserialize_then_decompress_4_61( +libcrux_ml_kem_serialize_deserialize_then_decompress_4_37( Eurydice_slice serialized) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 re = - libcrux_ml_kem_polynomial_ZERO_89_9f(); + libcrux_ml_kem_polynomial_ZERO_89_7d(); for (size_t i = (size_t)0U; i < Eurydice_slice_len(serialized, uint8_t) / (size_t)8U; i++) { size_t i0 = i; @@ -1832,7 +1832,7 @@ libcrux_ml_kem_serialize_deserialize_then_decompress_4_61( serialized, i0 * (size_t)8U, i0 * (size_t)8U + (size_t)8U, uint8_t); __m256i coefficient = libcrux_ml_kem_vector_avx2_deserialize_4_ea(bytes); re.coefficients[i0] = - libcrux_ml_kem_vector_avx2_decompress_ciphertext_coefficient_ea_4c1( + libcrux_ml_kem_vector_avx2_decompress_ciphertext_coefficient_ea_941( coefficient); } return re; @@ -1846,7 +1846,7 @@ generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE __m256i -libcrux_ml_kem_vector_avx2_compress_decompress_ciphertext_coefficient_2b2( +libcrux_ml_kem_vector_avx2_compress_decompress_ciphertext_coefficient_fa2( __m256i vector) { __m256i field_modulus = libcrux_intrinsics_avx2_mm256_set1_epi32( (int32_t)LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_MODULUS); @@ -1898,9 +1898,9 @@ generics */ KRML_ATTRIBUTE_TARGET("avx2") static inline __m256i -libcrux_ml_kem_vector_avx2_decompress_ciphertext_coefficient_ea_4c2( +libcrux_ml_kem_vector_avx2_decompress_ciphertext_coefficient_ea_942( __m256i vector) { - return libcrux_ml_kem_vector_avx2_compress_decompress_ciphertext_coefficient_2b2( + return libcrux_ml_kem_vector_avx2_compress_decompress_ciphertext_coefficient_fa2( vector); } @@ -1912,10 +1912,10 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -libcrux_ml_kem_serialize_deserialize_then_decompress_5_d4( +libcrux_ml_kem_serialize_deserialize_then_decompress_5_9f( Eurydice_slice serialized) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 re = - libcrux_ml_kem_polynomial_ZERO_89_9f(); + libcrux_ml_kem_polynomial_ZERO_89_7d(); for (size_t i = (size_t)0U; i < Eurydice_slice_len(serialized, uint8_t) / (size_t)10U; i++) { size_t i0 = i; @@ -1923,7 +1923,7 @@ libcrux_ml_kem_serialize_deserialize_then_decompress_5_d4( serialized, i0 * (size_t)10U, i0 * (size_t)10U + (size_t)10U, uint8_t); re.coefficients[i0] = libcrux_ml_kem_vector_avx2_deserialize_5_ea(bytes); re.coefficients[i0] = - libcrux_ml_kem_vector_avx2_decompress_ciphertext_coefficient_ea_4c2( + libcrux_ml_kem_vector_avx2_decompress_ciphertext_coefficient_ea_942( re.coefficients[i0]); } return re; @@ -1937,9 +1937,9 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -libcrux_ml_kem_serialize_deserialize_then_decompress_ring_element_v_f2( +libcrux_ml_kem_serialize_deserialize_then_decompress_ring_element_v_69( Eurydice_slice serialized) { - return libcrux_ml_kem_serialize_deserialize_then_decompress_4_61(serialized); + return libcrux_ml_kem_serialize_deserialize_then_decompress_4_37(serialized); } /** @@ -1981,11 +1981,11 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -libcrux_ml_kem_polynomial_ntt_multiply_89_ce( +libcrux_ml_kem_polynomial_ntt_multiply_89_04( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *self, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *rhs) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 out = - libcrux_ml_kem_polynomial_ZERO_89_9f(); + libcrux_ml_kem_polynomial_ZERO_89_7d(); for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { size_t i0 = i; @@ -2021,7 +2021,7 @@ with const generics - K= 3 */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_ml_kem_polynomial_add_to_ring_element_89_7e( +static KRML_MUSTINLINE void libcrux_ml_kem_polynomial_add_to_ring_element_89_98( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *self, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *rhs) { for (size_t i = (size_t)0U; @@ -2042,7 +2042,7 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_1_56( +static KRML_MUSTINLINE void libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_1_bc( size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re, size_t _layer) { for (size_t i = (size_t)0U; i < (size_t)16U; i++) { @@ -2069,7 +2069,7 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_2_db( +static KRML_MUSTINLINE void libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_2_b2( size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re, size_t _layer) { for (size_t i = (size_t)0U; i < (size_t)16U; i++) { @@ -2092,7 +2092,7 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_3_db( +static KRML_MUSTINLINE void libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_3_f2( size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re, size_t _layer) { for (size_t i = (size_t)0U; i < (size_t)16U; i++) { @@ -2113,13 +2113,13 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE libcrux_ml_kem_vector_avx2_SIMD256Vector_x2 -libcrux_ml_kem_invert_ntt_inv_ntt_layer_int_vec_step_reduce_d9(__m256i a, +libcrux_ml_kem_invert_ntt_inv_ntt_layer_int_vec_step_reduce_05(__m256i a, __m256i b, int16_t zeta_r) { __m256i a_minus_b = libcrux_ml_kem_vector_avx2_sub_ea(b, &a); a = libcrux_ml_kem_vector_avx2_barrett_reduce_ea( libcrux_ml_kem_vector_avx2_add_ea(a, &b)); - b = libcrux_ml_kem_vector_traits_montgomery_multiply_fe_e8(a_minus_b, zeta_r); + b = libcrux_ml_kem_vector_traits_montgomery_multiply_fe_a6(a_minus_b, zeta_r); return (CLITERAL(libcrux_ml_kem_vector_avx2_SIMD256Vector_x2){.fst = a, .snd = b}); } @@ -2132,7 +2132,7 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE void -libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_4_plus_32( +libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_4_plus_1a( size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re, size_t layer) { size_t step = (size_t)1U << (uint32_t)layer; @@ -2147,7 +2147,7 @@ libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_4_plus_32( for (size_t i = offset_vec; i < offset_vec + step_vec; i++) { size_t j = i; libcrux_ml_kem_vector_avx2_SIMD256Vector_x2 uu____0 = - libcrux_ml_kem_invert_ntt_inv_ntt_layer_int_vec_step_reduce_d9( + libcrux_ml_kem_invert_ntt_inv_ntt_layer_int_vec_step_reduce_05( re->coefficients[j], re->coefficients[j + step_vec], libcrux_ml_kem_polynomial_ZETAS_TIMES_MONTGOMERY_R[zeta_i[0U]]); __m256i x = uu____0.fst; @@ -2165,22 +2165,22 @@ with const generics - K= 3 */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_ml_kem_invert_ntt_invert_ntt_montgomery_d2( +static KRML_MUSTINLINE void libcrux_ml_kem_invert_ntt_invert_ntt_montgomery_3a( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re) { size_t zeta_i = LIBCRUX_ML_KEM_CONSTANTS_COEFFICIENTS_IN_RING_ELEMENT / (size_t)2U; - libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_1_56(&zeta_i, re, (size_t)1U); - libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_2_db(&zeta_i, re, (size_t)2U); - libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_3_db(&zeta_i, re, (size_t)3U); - libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_4_plus_32(&zeta_i, re, + libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_1_bc(&zeta_i, re, (size_t)1U); + libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_2_b2(&zeta_i, re, (size_t)2U); + libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_3_f2(&zeta_i, re, (size_t)3U); + libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_4_plus_1a(&zeta_i, re, (size_t)4U); - libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_4_plus_32(&zeta_i, re, + libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_4_plus_1a(&zeta_i, re, (size_t)5U); - libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_4_plus_32(&zeta_i, re, + libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_4_plus_1a(&zeta_i, re, (size_t)6U); - libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_4_plus_32(&zeta_i, re, + libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_4_plus_1a(&zeta_i, re, (size_t)7U); - libcrux_ml_kem_polynomial_poly_barrett_reduce_89_ef(re); + libcrux_ml_kem_polynomial_poly_barrett_reduce_89_f5(re); } /** @@ -2195,7 +2195,7 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -libcrux_ml_kem_polynomial_subtract_reduce_89_22( +libcrux_ml_kem_polynomial_subtract_reduce_89_b7( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *self, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 b) { for (size_t i = (size_t)0U; @@ -2225,21 +2225,21 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -libcrux_ml_kem_matrix_compute_message_fd( +libcrux_ml_kem_matrix_compute_message_d3( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *v, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *secret_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *u_as_ntt) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 result = - libcrux_ml_kem_polynomial_ZERO_89_9f(); + libcrux_ml_kem_polynomial_ZERO_89_7d(); for (size_t i = (size_t)0U; i < (size_t)3U; i++) { size_t i0 = i; libcrux_ml_kem_polynomial_PolynomialRingElement_d2 product = - libcrux_ml_kem_polynomial_ntt_multiply_89_ce(&secret_as_ntt[i0], + libcrux_ml_kem_polynomial_ntt_multiply_89_04(&secret_as_ntt[i0], &u_as_ntt[i0]); - libcrux_ml_kem_polynomial_add_to_ring_element_89_7e(&result, &product); + libcrux_ml_kem_polynomial_add_to_ring_element_89_98(&result, &product); } - libcrux_ml_kem_invert_ntt_invert_ntt_montgomery_d2(&result); - result = libcrux_ml_kem_polynomial_subtract_reduce_89_22(v, result); + libcrux_ml_kem_invert_ntt_invert_ntt_montgomery_3a(&result); + result = libcrux_ml_kem_polynomial_subtract_reduce_89_b7(v, result); return result; } @@ -2250,7 +2250,7 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE __m256i -libcrux_ml_kem_vector_avx2_arithmetic_shift_right_b1(__m256i vector) { +libcrux_ml_kem_vector_avx2_arithmetic_shift_right_6a(__m256i vector) { return libcrux_intrinsics_avx2_mm256_srai_epi16((int32_t)15, vector, __m256i); } @@ -2264,9 +2264,9 @@ with const generics - SHIFT_BY= 15 */ KRML_ATTRIBUTE_TARGET("avx2") -static inline __m256i libcrux_ml_kem_vector_avx2_shift_right_ea_47( +static inline __m256i libcrux_ml_kem_vector_avx2_shift_right_ea_02( __m256i vector) { - return libcrux_ml_kem_vector_avx2_arithmetic_shift_right_b1(vector); + return libcrux_ml_kem_vector_avx2_arithmetic_shift_right_6a(vector); } /** @@ -2277,8 +2277,8 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static inline __m256i -libcrux_ml_kem_vector_traits_to_unsigned_representative_9b(__m256i a) { - __m256i t = libcrux_ml_kem_vector_avx2_shift_right_ea_47(a); +libcrux_ml_kem_vector_traits_to_unsigned_representative_38(__m256i a) { + __m256i t = libcrux_ml_kem_vector_avx2_shift_right_ea_02(a); __m256i fm = libcrux_ml_kem_vector_avx2_bitwise_and_with_constant_ea( t, LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_MODULUS); return libcrux_ml_kem_vector_avx2_add_ea(a, &fm); @@ -2292,13 +2292,13 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE void -libcrux_ml_kem_serialize_compress_then_serialize_message_77( +libcrux_ml_kem_serialize_compress_then_serialize_message_d7( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 re, uint8_t ret[32U]) { uint8_t serialized[32U] = {0U}; for (size_t i = (size_t)0U; i < (size_t)16U; i++) { size_t i0 = i; __m256i coefficient = - libcrux_ml_kem_vector_traits_to_unsigned_representative_9b( + libcrux_ml_kem_vector_traits_to_unsigned_representative_38( re.coefficients[i0]); __m256i coefficient_compressed = libcrux_ml_kem_vector_avx2_compress_1_ea(coefficient); @@ -2347,20 +2347,20 @@ with const generics - V_COMPRESSION_FACTOR= 4 */ KRML_ATTRIBUTE_TARGET("avx2") -static inline void libcrux_ml_kem_ind_cpa_decrypt_unpacked_70( +static inline void libcrux_ml_kem_ind_cpa_decrypt_unpacked_31( libcrux_ml_kem_ind_cpa_unpacked_IndCpaPrivateKeyUnpacked_a0 *secret_key, uint8_t *ciphertext, uint8_t ret[32U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 u_as_ntt[3U]; - libcrux_ml_kem_ind_cpa_deserialize_then_decompress_u_e2(ciphertext, u_as_ntt); + libcrux_ml_kem_ind_cpa_deserialize_then_decompress_u_e1(ciphertext, u_as_ntt); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 v = - libcrux_ml_kem_serialize_deserialize_then_decompress_ring_element_v_f2( + libcrux_ml_kem_serialize_deserialize_then_decompress_ring_element_v_69( Eurydice_array_to_subslice_from((size_t)1088U, ciphertext, (size_t)960U, uint8_t, size_t)); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 message = - libcrux_ml_kem_matrix_compute_message_fd(&v, secret_key->secret_as_ntt, + libcrux_ml_kem_matrix_compute_message_d3(&v, secret_key->secret_as_ntt, u_as_ntt); uint8_t ret0[32U]; - libcrux_ml_kem_serialize_compress_then_serialize_message_77(message, ret0); + libcrux_ml_kem_serialize_compress_then_serialize_message_d7(message, ret0); memcpy(ret, ret0, (size_t)32U * sizeof(uint8_t)); } @@ -2375,11 +2375,11 @@ with const generics - V_COMPRESSION_FACTOR= 4 */ KRML_ATTRIBUTE_TARGET("avx2") -static inline void libcrux_ml_kem_ind_cpa_decrypt_df(Eurydice_slice secret_key, +static inline void libcrux_ml_kem_ind_cpa_decrypt_95(Eurydice_slice secret_key, uint8_t *ciphertext, uint8_t ret[32U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 secret_as_ntt[3U]; - libcrux_ml_kem_ind_cpa_deserialize_secret_key_40(secret_key, secret_as_ntt); + libcrux_ml_kem_ind_cpa_deserialize_secret_key_71(secret_key, secret_as_ntt); /* Passing arrays by value in Rust generates a copy in C */ libcrux_ml_kem_polynomial_PolynomialRingElement_d2 copy_of_secret_as_ntt[3U]; memcpy( @@ -2391,7 +2391,7 @@ static inline void libcrux_ml_kem_ind_cpa_decrypt_df(Eurydice_slice secret_key, secret_key_unpacked.secret_as_ntt, copy_of_secret_as_ntt, (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); uint8_t ret0[32U]; - libcrux_ml_kem_ind_cpa_decrypt_unpacked_70(&secret_key_unpacked, ciphertext, + libcrux_ml_kem_ind_cpa_decrypt_unpacked_31(&secret_key_unpacked, ciphertext, ret0); memcpy(ret, ret0, (size_t)32U * sizeof(uint8_t)); } @@ -2406,7 +2406,7 @@ with const generics - K= 3 */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_ml_kem_hash_functions_avx2_G_a9_5a( +static KRML_MUSTINLINE void libcrux_ml_kem_hash_functions_avx2_G_a9_67( Eurydice_slice input, uint8_t ret[64U]) { libcrux_ml_kem_hash_functions_avx2_G(input, ret); } @@ -2417,7 +2417,7 @@ with const generics - LEN= 32 */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_ml_kem_hash_functions_avx2_PRF_ba( +static KRML_MUSTINLINE void libcrux_ml_kem_hash_functions_avx2_PRF_d1( Eurydice_slice input, uint8_t ret[32U]) { uint8_t digest[32U] = {0U}; libcrux_sha3_portable_shake256( @@ -2436,9 +2436,9 @@ with const generics - LEN= 32 */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_ml_kem_hash_functions_avx2_PRF_a9_b0( +static KRML_MUSTINLINE void libcrux_ml_kem_hash_functions_avx2_PRF_a9_42( Eurydice_slice input, uint8_t ret[32U]) { - libcrux_ml_kem_hash_functions_avx2_PRF_ba(input, ret); + libcrux_ml_kem_hash_functions_avx2_PRF_d1(input, ret); } /** @@ -2450,9 +2450,9 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static inline libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_closure_1c( +libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_closure_d4( size_t _i) { - return libcrux_ml_kem_polynomial_ZERO_89_9f(); + return libcrux_ml_kem_polynomial_ZERO_89_7d(); } /** @@ -2469,10 +2469,10 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -libcrux_ml_kem_serialize_deserialize_to_reduced_ring_element_8e( +libcrux_ml_kem_serialize_deserialize_to_reduced_ring_element_bc( Eurydice_slice serialized) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 re = - libcrux_ml_kem_polynomial_ZERO_89_9f(); + libcrux_ml_kem_polynomial_ZERO_89_7d(); for (size_t i = (size_t)0U; i < Eurydice_slice_len(serialized, uint8_t) / (size_t)24U; i++) { size_t i0 = i; @@ -2500,12 +2500,12 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE void -libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_ef( +libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_2d( Eurydice_slice public_key, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 ret[3U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 deserialized_pk[3U]; for (size_t i = (size_t)0U; i < (size_t)3U; i++) { - deserialized_pk[i] = libcrux_ml_kem_polynomial_ZERO_89_9f(); + deserialized_pk[i] = libcrux_ml_kem_polynomial_ZERO_89_7d(); } for (size_t i = (size_t)0U; i < Eurydice_slice_len(public_key, uint8_t) / @@ -2518,7 +2518,7 @@ libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_ef( LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT, uint8_t); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 uu____0 = - libcrux_ml_kem_serialize_deserialize_to_reduced_ring_element_8e( + libcrux_ml_kem_serialize_deserialize_to_reduced_ring_element_bc( ring_element); deserialized_pk[i0] = uu____0; } @@ -2535,8 +2535,8 @@ libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static inline libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -libcrux_ml_kem_matrix_sample_matrix_A_closure_closure_65(size_t _j) { - return libcrux_ml_kem_polynomial_ZERO_89_9f(); +libcrux_ml_kem_matrix_sample_matrix_A_closure_closure_3d(size_t _j) { + return libcrux_ml_kem_polynomial_ZERO_89_7d(); } /** @@ -2546,10 +2546,10 @@ libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics - K= 3 */ KRML_ATTRIBUTE_TARGET("avx2") -static inline void libcrux_ml_kem_matrix_sample_matrix_A_closure_d0( +static inline void libcrux_ml_kem_matrix_sample_matrix_A_closure_64( size_t _i, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 ret[3U]) { for (size_t i = (size_t)0U; i < (size_t)3U; i++) { - ret[i] = libcrux_ml_kem_polynomial_ZERO_89_9f(); + ret[i] = libcrux_ml_kem_polynomial_ZERO_89_7d(); } } @@ -2563,7 +2563,7 @@ libcrux_ml_kem.hash_functions.avx2.shake128_init_absorb with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE libcrux_sha3_avx2_x4_incremental_KeccakState -libcrux_ml_kem_hash_functions_avx2_shake128_init_absorb_e5( +libcrux_ml_kem_hash_functions_avx2_shake128_init_absorb_2a( uint8_t input[3U][34U]) { libcrux_sha3_generic_keccak_KeccakState_29 state = libcrux_sha3_avx2_x4_incremental_init(); @@ -2586,12 +2586,12 @@ libcrux_ml_kem.hash_functions.avx2.shake128_init_absorb_a9 with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE libcrux_sha3_avx2_x4_incremental_KeccakState -libcrux_ml_kem_hash_functions_avx2_shake128_init_absorb_a9_30( +libcrux_ml_kem_hash_functions_avx2_shake128_init_absorb_a9_1c( uint8_t input[3U][34U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_input[3U][34U]; memcpy(copy_of_input, input, (size_t)3U * sizeof(uint8_t[34U])); - return libcrux_ml_kem_hash_functions_avx2_shake128_init_absorb_e5( + return libcrux_ml_kem_hash_functions_avx2_shake128_init_absorb_2a( copy_of_input); } @@ -2603,7 +2603,7 @@ generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE void -libcrux_ml_kem_hash_functions_avx2_shake128_squeeze_three_blocks_62( +libcrux_ml_kem_hash_functions_avx2_shake128_squeeze_three_blocks_0c( libcrux_sha3_avx2_x4_incremental_KeccakState *st, uint8_t ret[3U][504U]) { uint8_t out[3U][504U] = {{0U}}; uint8_t out0[504U] = {0U}; @@ -2639,9 +2639,9 @@ generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE void -libcrux_ml_kem_hash_functions_avx2_shake128_squeeze_three_blocks_a9_a1( +libcrux_ml_kem_hash_functions_avx2_shake128_squeeze_three_blocks_a9_2e( libcrux_sha3_avx2_x4_incremental_KeccakState *self, uint8_t ret[3U][504U]) { - libcrux_ml_kem_hash_functions_avx2_shake128_squeeze_three_blocks_62(self, + libcrux_ml_kem_hash_functions_avx2_shake128_squeeze_three_blocks_0c(self, ret); } @@ -2695,7 +2695,7 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE bool -libcrux_ml_kem_sampling_sample_from_uniform_distribution_next_9a( +libcrux_ml_kem_sampling_sample_from_uniform_distribution_next_6b( uint8_t randomness[3U][504U], size_t *sampled_coefficients, int16_t (*out)[272U]) { for (size_t i0 = (size_t)0U; i0 < (size_t)3U; i0++) { @@ -2737,7 +2737,7 @@ libcrux_ml_kem.hash_functions.avx2.shake128_squeeze_block with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE void -libcrux_ml_kem_hash_functions_avx2_shake128_squeeze_block_58( +libcrux_ml_kem_hash_functions_avx2_shake128_squeeze_block_4a( libcrux_sha3_avx2_x4_incremental_KeccakState *st, uint8_t ret[3U][168U]) { uint8_t out[3U][168U] = {{0U}}; uint8_t out0[168U] = {0U}; @@ -2772,9 +2772,9 @@ libcrux_ml_kem.hash_functions.avx2.shake128_squeeze_block_a9 with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE void -libcrux_ml_kem_hash_functions_avx2_shake128_squeeze_block_a9_93( +libcrux_ml_kem_hash_functions_avx2_shake128_squeeze_block_a9_1d( libcrux_sha3_avx2_x4_incremental_KeccakState *self, uint8_t ret[3U][168U]) { - libcrux_ml_kem_hash_functions_avx2_shake128_squeeze_block_58(self, ret); + libcrux_ml_kem_hash_functions_avx2_shake128_squeeze_block_4a(self, ret); } /** @@ -2827,7 +2827,7 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE bool -libcrux_ml_kem_sampling_sample_from_uniform_distribution_next_9a0( +libcrux_ml_kem_sampling_sample_from_uniform_distribution_next_6b0( uint8_t randomness[3U][168U], size_t *sampled_coefficients, int16_t (*out)[272U]) { for (size_t i0 = (size_t)0U; i0 < (size_t)3U; i0++) { @@ -2874,9 +2874,9 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -libcrux_ml_kem_polynomial_from_i16_array_89_94(Eurydice_slice a) { +libcrux_ml_kem_polynomial_from_i16_array_89_82(Eurydice_slice a) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 result = - libcrux_ml_kem_polynomial_ZERO_89_9f(); + libcrux_ml_kem_polynomial_ZERO_89_7d(); for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { size_t i0 = i; @@ -2895,8 +2895,8 @@ libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static inline libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -libcrux_ml_kem_sampling_sample_from_xof_closure_a5(int16_t s[272U]) { - return libcrux_ml_kem_polynomial_from_i16_array_89_94( +libcrux_ml_kem_sampling_sample_from_xof_closure_86(int16_t s[272U]) { + return libcrux_ml_kem_polynomial_from_i16_array_89_82( Eurydice_array_to_subslice2(s, (size_t)0U, (size_t)256U, int16_t)); } @@ -2907,7 +2907,7 @@ libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics - K= 3 */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_ml_kem_sampling_sample_from_xof_16( +static KRML_MUSTINLINE void libcrux_ml_kem_sampling_sample_from_xof_6c( uint8_t seeds[3U][34U], libcrux_ml_kem_polynomial_PolynomialRingElement_d2 ret[3U]) { size_t sampled_coefficients[3U] = {0U}; @@ -2916,28 +2916,28 @@ static KRML_MUSTINLINE void libcrux_ml_kem_sampling_sample_from_xof_16( uint8_t copy_of_seeds[3U][34U]; memcpy(copy_of_seeds, seeds, (size_t)3U * sizeof(uint8_t[34U])); libcrux_sha3_avx2_x4_incremental_KeccakState xof_state = - libcrux_ml_kem_hash_functions_avx2_shake128_init_absorb_a9_30( + libcrux_ml_kem_hash_functions_avx2_shake128_init_absorb_a9_1c( copy_of_seeds); uint8_t randomness0[3U][504U]; - libcrux_ml_kem_hash_functions_avx2_shake128_squeeze_three_blocks_a9_a1( + libcrux_ml_kem_hash_functions_avx2_shake128_squeeze_three_blocks_a9_2e( &xof_state, randomness0); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness0[3U][504U]; memcpy(copy_of_randomness0, randomness0, (size_t)3U * sizeof(uint8_t[504U])); - bool done = libcrux_ml_kem_sampling_sample_from_uniform_distribution_next_9a( + bool done = libcrux_ml_kem_sampling_sample_from_uniform_distribution_next_6b( copy_of_randomness0, sampled_coefficients, out); while (true) { if (done) { break; } else { uint8_t randomness[3U][168U]; - libcrux_ml_kem_hash_functions_avx2_shake128_squeeze_block_a9_93( + libcrux_ml_kem_hash_functions_avx2_shake128_squeeze_block_a9_1d( &xof_state, randomness); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[3U][168U]; memcpy(copy_of_randomness, randomness, (size_t)3U * sizeof(uint8_t[168U])); - done = libcrux_ml_kem_sampling_sample_from_uniform_distribution_next_9a0( + done = libcrux_ml_kem_sampling_sample_from_uniform_distribution_next_6b0( copy_of_randomness, sampled_coefficients, out); } } @@ -2947,7 +2947,7 @@ static KRML_MUSTINLINE void libcrux_ml_kem_sampling_sample_from_xof_16( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 ret0[3U]; for (size_t i = (size_t)0U; i < (size_t)3U; i++) { ret0[i] = - libcrux_ml_kem_sampling_sample_from_xof_closure_a5(copy_of_out[i]); + libcrux_ml_kem_sampling_sample_from_xof_closure_86(copy_of_out[i]); } memcpy( ret, ret0, @@ -2961,12 +2961,12 @@ libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics - K= 3 */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_ml_kem_matrix_sample_matrix_A_b8( +static KRML_MUSTINLINE void libcrux_ml_kem_matrix_sample_matrix_A_29( uint8_t seed[34U], bool transpose, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 ret[3U][3U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 A_transpose[3U][3U]; for (size_t i = (size_t)0U; i < (size_t)3U; i++) { - libcrux_ml_kem_matrix_sample_matrix_A_closure_d0(i, A_transpose[i]); + libcrux_ml_kem_matrix_sample_matrix_A_closure_64(i, A_transpose[i]); } for (size_t i0 = (size_t)0U; i0 < (size_t)3U; i0++) { size_t i1 = i0; @@ -2986,7 +2986,7 @@ static KRML_MUSTINLINE void libcrux_ml_kem_matrix_sample_matrix_A_b8( uint8_t copy_of_seeds[3U][34U]; memcpy(copy_of_seeds, seeds, (size_t)3U * sizeof(uint8_t[34U])); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 sampled[3U]; - libcrux_ml_kem_sampling_sample_from_xof_16(copy_of_seeds, sampled); + libcrux_ml_kem_sampling_sample_from_xof_6c(copy_of_seeds, sampled); for (size_t i = (size_t)0U; i < Eurydice_slice_len( Eurydice_array_to_slice( @@ -3030,8 +3030,8 @@ libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static inline libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_closure_68(size_t _i) { - return libcrux_ml_kem_polynomial_ZERO_89_9f(); +libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_closure_1f(size_t _i) { + return libcrux_ml_kem_polynomial_ZERO_89_7d(); } /** @@ -3041,7 +3041,7 @@ with const generics - LEN= 128 */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_ml_kem_hash_functions_avx2_PRFxN_e1( +static KRML_MUSTINLINE void libcrux_ml_kem_hash_functions_avx2_PRFxN_08( uint8_t (*input)[33U], uint8_t ret[3U][128U]) { uint8_t out[3U][128U] = {{0U}}; uint8_t out0[128U] = {0U}; @@ -3080,9 +3080,9 @@ with const generics - LEN= 128 */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_ml_kem_hash_functions_avx2_PRFxN_a9_9b( +static KRML_MUSTINLINE void libcrux_ml_kem_hash_functions_avx2_PRFxN_a9_16( uint8_t (*input)[33U], uint8_t ret[3U][128U]) { - libcrux_ml_kem_hash_functions_avx2_PRFxN_e1(input, ret); + libcrux_ml_kem_hash_functions_avx2_PRFxN_08(input, ret); } /** @@ -3142,7 +3142,7 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -libcrux_ml_kem_sampling_sample_from_binomial_distribution_2_13( +libcrux_ml_kem_sampling_sample_from_binomial_distribution_2_f2( Eurydice_slice randomness) { int16_t sampled_i16s[256U] = {0U}; for (size_t i0 = (size_t)0U; @@ -3177,7 +3177,7 @@ libcrux_ml_kem_sampling_sample_from_binomial_distribution_2_13( sampled_i16s[(size_t)8U * chunk_number + offset] = outcome_1 - outcome_2; } } - return libcrux_ml_kem_polynomial_from_i16_array_89_94( + return libcrux_ml_kem_polynomial_from_i16_array_89_82( Eurydice_array_to_slice((size_t)256U, sampled_i16s, int16_t)); } @@ -3189,7 +3189,7 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -libcrux_ml_kem_sampling_sample_from_binomial_distribution_3_12( +libcrux_ml_kem_sampling_sample_from_binomial_distribution_3_75( Eurydice_slice randomness) { int16_t sampled_i16s[256U] = {0U}; for (size_t i0 = (size_t)0U; @@ -3223,7 +3223,7 @@ libcrux_ml_kem_sampling_sample_from_binomial_distribution_3_12( sampled_i16s[(size_t)4U * chunk_number + offset] = outcome_1 - outcome_2; } } - return libcrux_ml_kem_polynomial_from_i16_array_89_94( + return libcrux_ml_kem_polynomial_from_i16_array_89_82( Eurydice_array_to_slice((size_t)256U, sampled_i16s, int16_t)); } @@ -3235,9 +3235,9 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -libcrux_ml_kem_sampling_sample_from_binomial_distribution_5f( +libcrux_ml_kem_sampling_sample_from_binomial_distribution_91( Eurydice_slice randomness) { - return libcrux_ml_kem_sampling_sample_from_binomial_distribution_2_13( + return libcrux_ml_kem_sampling_sample_from_binomial_distribution_2_f2( randomness); } @@ -3248,7 +3248,7 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_ml_kem_ntt_ntt_at_layer_7_34( +static KRML_MUSTINLINE void libcrux_ml_kem_ntt_ntt_at_layer_7_2f( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re) { size_t step = LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT / (size_t)2U; for (size_t i = (size_t)0U; i < step; i++) { @@ -3270,20 +3270,20 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE void -libcrux_ml_kem_ntt_ntt_binomially_sampled_ring_element_58( +libcrux_ml_kem_ntt_ntt_binomially_sampled_ring_element_e1( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re) { - libcrux_ml_kem_ntt_ntt_at_layer_7_34(re); + libcrux_ml_kem_ntt_ntt_at_layer_7_2f(re); size_t zeta_i = (size_t)1U; - libcrux_ml_kem_ntt_ntt_at_layer_4_plus_46(&zeta_i, re, (size_t)6U, + libcrux_ml_kem_ntt_ntt_at_layer_4_plus_a5(&zeta_i, re, (size_t)6U, (size_t)3U); - libcrux_ml_kem_ntt_ntt_at_layer_4_plus_46(&zeta_i, re, (size_t)5U, + libcrux_ml_kem_ntt_ntt_at_layer_4_plus_a5(&zeta_i, re, (size_t)5U, (size_t)3U); - libcrux_ml_kem_ntt_ntt_at_layer_4_plus_46(&zeta_i, re, (size_t)4U, + libcrux_ml_kem_ntt_ntt_at_layer_4_plus_a5(&zeta_i, re, (size_t)4U, (size_t)3U); - libcrux_ml_kem_ntt_ntt_at_layer_3_3d(&zeta_i, re, (size_t)3U, (size_t)3U); - libcrux_ml_kem_ntt_ntt_at_layer_2_16(&zeta_i, re, (size_t)2U, (size_t)3U); - libcrux_ml_kem_ntt_ntt_at_layer_1_8f(&zeta_i, re, (size_t)1U, (size_t)3U); - libcrux_ml_kem_polynomial_poly_barrett_reduce_89_ef(re); + libcrux_ml_kem_ntt_ntt_at_layer_3_46(&zeta_i, re, (size_t)3U, (size_t)3U); + libcrux_ml_kem_ntt_ntt_at_layer_2_53(&zeta_i, re, (size_t)2U, (size_t)3U); + libcrux_ml_kem_ntt_ntt_at_layer_1_f7(&zeta_i, re, (size_t)1U, (size_t)3U); + libcrux_ml_kem_polynomial_poly_barrett_reduce_89_f5(re); } /** @@ -3300,11 +3300,11 @@ libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE tuple_b00 -libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_88(uint8_t prf_input[33U], +libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_6e(uint8_t prf_input[33U], uint8_t domain_separator) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 re_as_ntt[3U]; for (size_t i = (size_t)0U; i < (size_t)3U; i++) { - re_as_ntt[i] = libcrux_ml_kem_polynomial_ZERO_89_9f(); + re_as_ntt[i] = libcrux_ml_kem_polynomial_ZERO_89_7d(); } /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_prf_input[33U]; @@ -3319,13 +3319,13 @@ libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_88(uint8_t prf_input[33U], domain_separator = (uint32_t)domain_separator + 1U; } uint8_t prf_outputs[3U][128U]; - libcrux_ml_kem_hash_functions_avx2_PRFxN_a9_9b(prf_inputs, prf_outputs); + libcrux_ml_kem_hash_functions_avx2_PRFxN_a9_16(prf_inputs, prf_outputs); for (size_t i = (size_t)0U; i < (size_t)3U; i++) { size_t i0 = i; re_as_ntt[i0] = - libcrux_ml_kem_sampling_sample_from_binomial_distribution_5f( + libcrux_ml_kem_sampling_sample_from_binomial_distribution_91( Eurydice_array_to_slice((size_t)128U, prf_outputs[i0], uint8_t)); - libcrux_ml_kem_ntt_ntt_binomially_sampled_ring_element_58(&re_as_ntt[i0]); + libcrux_ml_kem_ntt_ntt_binomially_sampled_ring_element_e1(&re_as_ntt[i0]); } /* Passing arrays by value in Rust generates a copy in C */ libcrux_ml_kem_polynomial_PolynomialRingElement_d2 copy_of_re_as_ntt[3U]; @@ -3350,8 +3350,8 @@ libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static inline libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -libcrux_ml_kem_ind_cpa_sample_ring_element_cbd_closure_9c(size_t _i) { - return libcrux_ml_kem_polynomial_ZERO_89_9f(); +libcrux_ml_kem_ind_cpa_sample_ring_element_cbd_closure_c4(size_t _i) { + return libcrux_ml_kem_polynomial_ZERO_89_7d(); } /** @@ -3367,11 +3367,11 @@ libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE tuple_b00 -libcrux_ml_kem_ind_cpa_sample_ring_element_cbd_e4(uint8_t prf_input[33U], +libcrux_ml_kem_ind_cpa_sample_ring_element_cbd_99(uint8_t prf_input[33U], uint8_t domain_separator) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 error_1[3U]; for (size_t i = (size_t)0U; i < (size_t)3U; i++) { - error_1[i] = libcrux_ml_kem_polynomial_ZERO_89_9f(); + error_1[i] = libcrux_ml_kem_polynomial_ZERO_89_7d(); } /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_prf_input[33U]; @@ -3386,11 +3386,11 @@ libcrux_ml_kem_ind_cpa_sample_ring_element_cbd_e4(uint8_t prf_input[33U], domain_separator = (uint32_t)domain_separator + 1U; } uint8_t prf_outputs[3U][128U]; - libcrux_ml_kem_hash_functions_avx2_PRFxN_a9_9b(prf_inputs, prf_outputs); + libcrux_ml_kem_hash_functions_avx2_PRFxN_a9_16(prf_inputs, prf_outputs); for (size_t i = (size_t)0U; i < (size_t)3U; i++) { size_t i0 = i; libcrux_ml_kem_polynomial_PolynomialRingElement_d2 uu____1 = - libcrux_ml_kem_sampling_sample_from_binomial_distribution_5f( + libcrux_ml_kem_sampling_sample_from_binomial_distribution_91( Eurydice_array_to_slice((size_t)128U, prf_outputs[i0], uint8_t)); error_1[i0] = uu____1; } @@ -3413,7 +3413,7 @@ with const generics - LEN= 128 */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_ml_kem_hash_functions_avx2_PRF_ba0( +static KRML_MUSTINLINE void libcrux_ml_kem_hash_functions_avx2_PRF_d10( Eurydice_slice input, uint8_t ret[128U]) { uint8_t digest[128U] = {0U}; libcrux_sha3_portable_shake256( @@ -3432,9 +3432,9 @@ with const generics - LEN= 128 */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_ml_kem_hash_functions_avx2_PRF_a9_b00( +static KRML_MUSTINLINE void libcrux_ml_kem_hash_functions_avx2_PRF_a9_420( Eurydice_slice input, uint8_t ret[128U]) { - libcrux_ml_kem_hash_functions_avx2_PRF_ba0(input, ret); + libcrux_ml_kem_hash_functions_avx2_PRF_d10(input, ret); } /** @@ -3445,8 +3445,8 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static inline libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -libcrux_ml_kem_matrix_compute_vector_u_closure_5d(size_t _i) { - return libcrux_ml_kem_polynomial_ZERO_89_9f(); +libcrux_ml_kem_matrix_compute_vector_u_closure_60(size_t _i) { + return libcrux_ml_kem_polynomial_ZERO_89_7d(); } /** @@ -3460,7 +3460,7 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_ml_kem_polynomial_add_error_reduce_89_8f( +static KRML_MUSTINLINE void libcrux_ml_kem_polynomial_add_error_reduce_89_5d( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *self, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *error) { for (size_t i = (size_t)0U; @@ -3485,14 +3485,14 @@ with const generics - K= 3 */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_ml_kem_matrix_compute_vector_u_12( +static KRML_MUSTINLINE void libcrux_ml_kem_matrix_compute_vector_u_9c( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 (*a_as_ntt)[3U], libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *r_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *error_1, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 ret[3U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 result[3U]; for (size_t i = (size_t)0U; i < (size_t)3U; i++) { - result[i] = libcrux_ml_kem_polynomial_ZERO_89_9f(); + result[i] = libcrux_ml_kem_polynomial_ZERO_89_7d(); } for (size_t i0 = (size_t)0U; i0 < Eurydice_slice_len( @@ -3513,12 +3513,12 @@ static KRML_MUSTINLINE void libcrux_ml_kem_matrix_compute_vector_u_12( size_t j = i; libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *a_element = &row[j]; libcrux_ml_kem_polynomial_PolynomialRingElement_d2 product = - libcrux_ml_kem_polynomial_ntt_multiply_89_ce(a_element, &r_as_ntt[j]); - libcrux_ml_kem_polynomial_add_to_ring_element_89_7e(&result[i1], + libcrux_ml_kem_polynomial_ntt_multiply_89_04(a_element, &r_as_ntt[j]); + libcrux_ml_kem_polynomial_add_to_ring_element_89_98(&result[i1], &product); } - libcrux_ml_kem_invert_ntt_invert_ntt_montgomery_d2(&result[i1]); - libcrux_ml_kem_polynomial_add_error_reduce_89_8f(&result[i1], &error_1[i1]); + libcrux_ml_kem_invert_ntt_invert_ntt_montgomery_3a(&result[i1]); + libcrux_ml_kem_polynomial_add_error_reduce_89_5d(&result[i1], &error_1[i1]); } memcpy( ret, result, @@ -3532,7 +3532,7 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") -static inline __m256i libcrux_ml_kem_vector_traits_decompress_1_56(__m256i v) { +static inline __m256i libcrux_ml_kem_vector_traits_decompress_1_a5(__m256i v) { return libcrux_ml_kem_vector_avx2_bitwise_and_with_constant_ea( libcrux_ml_kem_vector_avx2_sub_ea(libcrux_ml_kem_vector_avx2_ZERO_ea(), &v), @@ -3547,10 +3547,10 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -libcrux_ml_kem_serialize_deserialize_then_decompress_message_ef( +libcrux_ml_kem_serialize_deserialize_then_decompress_message_c3( uint8_t serialized[32U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 re = - libcrux_ml_kem_polynomial_ZERO_89_9f(); + libcrux_ml_kem_polynomial_ZERO_89_7d(); for (size_t i = (size_t)0U; i < (size_t)16U; i++) { size_t i0 = i; __m256i coefficient_compressed = @@ -3558,7 +3558,7 @@ libcrux_ml_kem_serialize_deserialize_then_decompress_message_ef( Eurydice_array_to_subslice2(serialized, (size_t)2U * i0, (size_t)2U * i0 + (size_t)2U, uint8_t)); re.coefficients[i0] = - libcrux_ml_kem_vector_traits_decompress_1_56(coefficient_compressed); + libcrux_ml_kem_vector_traits_decompress_1_a5(coefficient_compressed); } return re; } @@ -3575,7 +3575,7 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -libcrux_ml_kem_polynomial_add_message_error_reduce_89_d9( +libcrux_ml_kem_polynomial_add_message_error_reduce_89_d3( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *self, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *message, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 result) { @@ -3606,22 +3606,22 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -libcrux_ml_kem_matrix_compute_ring_element_v_fb( +libcrux_ml_kem_matrix_compute_ring_element_v_b7( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *t_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *r_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *error_2, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *message) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 result = - libcrux_ml_kem_polynomial_ZERO_89_9f(); + libcrux_ml_kem_polynomial_ZERO_89_7d(); for (size_t i = (size_t)0U; i < (size_t)3U; i++) { size_t i0 = i; libcrux_ml_kem_polynomial_PolynomialRingElement_d2 product = - libcrux_ml_kem_polynomial_ntt_multiply_89_ce(&t_as_ntt[i0], + libcrux_ml_kem_polynomial_ntt_multiply_89_04(&t_as_ntt[i0], &r_as_ntt[i0]); - libcrux_ml_kem_polynomial_add_to_ring_element_89_7e(&result, &product); + libcrux_ml_kem_polynomial_add_to_ring_element_89_98(&result, &product); } - libcrux_ml_kem_invert_ntt_invert_ntt_montgomery_d2(&result); - result = libcrux_ml_kem_polynomial_add_message_error_reduce_89_d9( + libcrux_ml_kem_invert_ntt_invert_ntt_montgomery_3a(&result); + result = libcrux_ml_kem_polynomial_add_message_error_reduce_89_d3( error_2, message, result); return result; } @@ -3634,7 +3634,7 @@ generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE __m256i -libcrux_ml_kem_vector_avx2_compress_compress_ciphertext_coefficient_08( +libcrux_ml_kem_vector_avx2_compress_compress_ciphertext_coefficient_d8( __m256i vector) { __m256i field_modulus_halved = libcrux_intrinsics_avx2_mm256_set1_epi32( ((int32_t)LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_MODULUS - (int32_t)1) / @@ -3689,9 +3689,9 @@ with const generics - COEFFICIENT_BITS= 10 */ KRML_ATTRIBUTE_TARGET("avx2") -static inline __m256i libcrux_ml_kem_vector_avx2_compress_ea_97( +static inline __m256i libcrux_ml_kem_vector_avx2_compress_ea_31( __m256i vector) { - return libcrux_ml_kem_vector_avx2_compress_compress_ciphertext_coefficient_08( + return libcrux_ml_kem_vector_avx2_compress_compress_ciphertext_coefficient_d8( vector); } @@ -3703,14 +3703,14 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE void -libcrux_ml_kem_serialize_compress_then_serialize_10_9c( +libcrux_ml_kem_serialize_compress_then_serialize_10_8b( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re, uint8_t ret[320U]) { uint8_t serialized[320U] = {0U}; for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { size_t i0 = i; - __m256i coefficient = libcrux_ml_kem_vector_avx2_compress_ea_97( - libcrux_ml_kem_vector_traits_to_unsigned_representative_9b( + __m256i coefficient = libcrux_ml_kem_vector_avx2_compress_ea_31( + libcrux_ml_kem_vector_traits_to_unsigned_representative_38( re->coefficients[i0])); uint8_t bytes[20U]; libcrux_ml_kem_vector_avx2_serialize_10_ea(coefficient, bytes); @@ -3730,7 +3730,7 @@ generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE __m256i -libcrux_ml_kem_vector_avx2_compress_compress_ciphertext_coefficient_080( +libcrux_ml_kem_vector_avx2_compress_compress_ciphertext_coefficient_d80( __m256i vector) { __m256i field_modulus_halved = libcrux_intrinsics_avx2_mm256_set1_epi32( ((int32_t)LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_MODULUS - (int32_t)1) / @@ -3785,9 +3785,9 @@ with const generics - COEFFICIENT_BITS= 11 */ KRML_ATTRIBUTE_TARGET("avx2") -static inline __m256i libcrux_ml_kem_vector_avx2_compress_ea_970( +static inline __m256i libcrux_ml_kem_vector_avx2_compress_ea_310( __m256i vector) { - return libcrux_ml_kem_vector_avx2_compress_compress_ciphertext_coefficient_080( + return libcrux_ml_kem_vector_avx2_compress_compress_ciphertext_coefficient_d80( vector); } @@ -3799,14 +3799,14 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE void -libcrux_ml_kem_serialize_compress_then_serialize_11_ba( +libcrux_ml_kem_serialize_compress_then_serialize_11_0c( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re, uint8_t ret[320U]) { uint8_t serialized[320U] = {0U}; for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { size_t i0 = i; - __m256i coefficient = libcrux_ml_kem_vector_avx2_compress_ea_970( - libcrux_ml_kem_vector_traits_to_unsigned_representative_9b( + __m256i coefficient = libcrux_ml_kem_vector_avx2_compress_ea_310( + libcrux_ml_kem_vector_traits_to_unsigned_representative_38( re->coefficients[i0])); uint8_t bytes[22U]; libcrux_ml_kem_vector_avx2_serialize_11_ea(coefficient, bytes); @@ -3827,10 +3827,10 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE void -libcrux_ml_kem_serialize_compress_then_serialize_ring_element_u_36( +libcrux_ml_kem_serialize_compress_then_serialize_ring_element_u_23( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re, uint8_t ret[320U]) { uint8_t uu____0[320U]; - libcrux_ml_kem_serialize_compress_then_serialize_10_9c(re, uu____0); + libcrux_ml_kem_serialize_compress_then_serialize_10_8b(re, uu____0); memcpy(ret, uu____0, (size_t)320U * sizeof(uint8_t)); } @@ -3847,7 +3847,7 @@ with const generics - BLOCK_LEN= 320 */ KRML_ATTRIBUTE_TARGET("avx2") -static inline void libcrux_ml_kem_ind_cpa_compress_then_serialize_u_ff( +static inline void libcrux_ml_kem_ind_cpa_compress_then_serialize_u_f2( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 input[3U], Eurydice_slice out) { for (size_t i = (size_t)0U; @@ -3863,7 +3863,7 @@ static inline void libcrux_ml_kem_ind_cpa_compress_then_serialize_u_ff( out, i0 * ((size_t)960U / (size_t)3U), (i0 + (size_t)1U) * ((size_t)960U / (size_t)3U), uint8_t); uint8_t ret[320U]; - libcrux_ml_kem_serialize_compress_then_serialize_ring_element_u_36(&re, + libcrux_ml_kem_serialize_compress_then_serialize_ring_element_u_23(&re, ret); Eurydice_slice_copy( uu____0, Eurydice_array_to_slice((size_t)320U, ret, uint8_t), uint8_t); @@ -3878,7 +3878,7 @@ generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE __m256i -libcrux_ml_kem_vector_avx2_compress_compress_ciphertext_coefficient_081( +libcrux_ml_kem_vector_avx2_compress_compress_ciphertext_coefficient_d81( __m256i vector) { __m256i field_modulus_halved = libcrux_intrinsics_avx2_mm256_set1_epi32( ((int32_t)LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_MODULUS - (int32_t)1) / @@ -3933,9 +3933,9 @@ with const generics - COEFFICIENT_BITS= 4 */ KRML_ATTRIBUTE_TARGET("avx2") -static inline __m256i libcrux_ml_kem_vector_avx2_compress_ea_971( +static inline __m256i libcrux_ml_kem_vector_avx2_compress_ea_311( __m256i vector) { - return libcrux_ml_kem_vector_avx2_compress_compress_ciphertext_coefficient_081( + return libcrux_ml_kem_vector_avx2_compress_compress_ciphertext_coefficient_d81( vector); } @@ -3947,14 +3947,14 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE void -libcrux_ml_kem_serialize_compress_then_serialize_4_dd( +libcrux_ml_kem_serialize_compress_then_serialize_4_38( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 re, Eurydice_slice serialized) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { size_t i0 = i; - __m256i coefficient = libcrux_ml_kem_vector_avx2_compress_ea_971( - libcrux_ml_kem_vector_traits_to_unsigned_representative_9b( + __m256i coefficient = libcrux_ml_kem_vector_avx2_compress_ea_311( + libcrux_ml_kem_vector_traits_to_unsigned_representative_38( re.coefficients[i0])); uint8_t bytes[8U]; libcrux_ml_kem_vector_avx2_serialize_4_ea(coefficient, bytes); @@ -3973,7 +3973,7 @@ generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE __m256i -libcrux_ml_kem_vector_avx2_compress_compress_ciphertext_coefficient_082( +libcrux_ml_kem_vector_avx2_compress_compress_ciphertext_coefficient_d82( __m256i vector) { __m256i field_modulus_halved = libcrux_intrinsics_avx2_mm256_set1_epi32( ((int32_t)LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_MODULUS - (int32_t)1) / @@ -4028,9 +4028,9 @@ with const generics - COEFFICIENT_BITS= 5 */ KRML_ATTRIBUTE_TARGET("avx2") -static inline __m256i libcrux_ml_kem_vector_avx2_compress_ea_972( +static inline __m256i libcrux_ml_kem_vector_avx2_compress_ea_312( __m256i vector) { - return libcrux_ml_kem_vector_avx2_compress_compress_ciphertext_coefficient_082( + return libcrux_ml_kem_vector_avx2_compress_compress_ciphertext_coefficient_d82( vector); } @@ -4042,14 +4042,14 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE void -libcrux_ml_kem_serialize_compress_then_serialize_5_22( +libcrux_ml_kem_serialize_compress_then_serialize_5_64( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 re, Eurydice_slice serialized) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { size_t i0 = i; - __m256i coefficients = libcrux_ml_kem_vector_avx2_compress_ea_972( - libcrux_ml_kem_vector_traits_to_unsigned_representative_9b( + __m256i coefficients = libcrux_ml_kem_vector_avx2_compress_ea_312( + libcrux_ml_kem_vector_traits_to_unsigned_representative_38( re.coefficients[i0])); uint8_t bytes[10U]; libcrux_ml_kem_vector_avx2_serialize_5_ea(coefficients, bytes); @@ -4069,9 +4069,9 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE void -libcrux_ml_kem_serialize_compress_then_serialize_ring_element_v_76( +libcrux_ml_kem_serialize_compress_then_serialize_ring_element_v_4a( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 re, Eurydice_slice out) { - libcrux_ml_kem_serialize_compress_then_serialize_4_dd(re, out); + libcrux_ml_kem_serialize_compress_then_serialize_4_38(re, out); } /** @@ -4092,26 +4092,26 @@ libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics - ETA2_RANDOMNESS_SIZE= 128 */ KRML_ATTRIBUTE_TARGET("avx2") -static inline void libcrux_ml_kem_ind_cpa_encrypt_a4(Eurydice_slice public_key, +static inline void libcrux_ml_kem_ind_cpa_encrypt_a6(Eurydice_slice public_key, uint8_t message[32U], Eurydice_slice randomness, uint8_t ret[1088U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 t_as_ntt[3U]; - libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_ef( + libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_2d( Eurydice_slice_subslice_to(public_key, (size_t)1152U, uint8_t, size_t), t_as_ntt); Eurydice_slice seed = Eurydice_slice_subslice_from(public_key, (size_t)1152U, uint8_t, size_t); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 A[3U][3U]; uint8_t ret0[34U]; - libcrux_ml_kem_utils_into_padded_array_6d1(seed, ret0); - libcrux_ml_kem_matrix_sample_matrix_A_b8(ret0, false, A); + libcrux_ml_kem_utils_into_padded_array_421(seed, ret0); + libcrux_ml_kem_matrix_sample_matrix_A_29(ret0, false, A); uint8_t prf_input[33U]; - libcrux_ml_kem_utils_into_padded_array_6d2(randomness, prf_input); + libcrux_ml_kem_utils_into_padded_array_422(randomness, prf_input); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_prf_input0[33U]; memcpy(copy_of_prf_input0, prf_input, (size_t)33U * sizeof(uint8_t)); - tuple_b00 uu____1 = libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_88( + tuple_b00 uu____1 = libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_6e( copy_of_prf_input0, 0U); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 r_as_ntt[3U]; memcpy( @@ -4121,7 +4121,7 @@ static inline void libcrux_ml_kem_ind_cpa_encrypt_a4(Eurydice_slice public_key, /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_prf_input[33U]; memcpy(copy_of_prf_input, prf_input, (size_t)33U * sizeof(uint8_t)); - tuple_b00 uu____3 = libcrux_ml_kem_ind_cpa_sample_ring_element_cbd_e4( + tuple_b00 uu____3 = libcrux_ml_kem_ind_cpa_sample_ring_element_cbd_99( copy_of_prf_input, domain_separator0); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 error_1[3U]; memcpy( @@ -4130,32 +4130,32 @@ static inline void libcrux_ml_kem_ind_cpa_encrypt_a4(Eurydice_slice public_key, uint8_t domain_separator = uu____3.snd; prf_input[32U] = domain_separator; uint8_t prf_output[128U]; - libcrux_ml_kem_hash_functions_avx2_PRF_a9_b00( + libcrux_ml_kem_hash_functions_avx2_PRF_a9_420( Eurydice_array_to_slice((size_t)33U, prf_input, uint8_t), prf_output); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 error_2 = - libcrux_ml_kem_sampling_sample_from_binomial_distribution_5f( + libcrux_ml_kem_sampling_sample_from_binomial_distribution_91( Eurydice_array_to_slice((size_t)128U, prf_output, uint8_t)); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 u[3U]; - libcrux_ml_kem_matrix_compute_vector_u_12(A, r_as_ntt, error_1, u); + libcrux_ml_kem_matrix_compute_vector_u_9c(A, r_as_ntt, error_1, u); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_message[32U]; memcpy(copy_of_message, message, (size_t)32U * sizeof(uint8_t)); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 message_as_ring_element = - libcrux_ml_kem_serialize_deserialize_then_decompress_message_ef( + libcrux_ml_kem_serialize_deserialize_then_decompress_message_c3( copy_of_message); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 v = - libcrux_ml_kem_matrix_compute_ring_element_v_fb( + libcrux_ml_kem_matrix_compute_ring_element_v_b7( t_as_ntt, r_as_ntt, &error_2, &message_as_ring_element); uint8_t ciphertext[1088U] = {0U}; libcrux_ml_kem_polynomial_PolynomialRingElement_d2 uu____5[3U]; memcpy( uu____5, u, (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); - libcrux_ml_kem_ind_cpa_compress_then_serialize_u_ff( + libcrux_ml_kem_ind_cpa_compress_then_serialize_u_f2( uu____5, Eurydice_array_to_subslice2(ciphertext, (size_t)0U, (size_t)960U, uint8_t)); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 uu____6 = v; - libcrux_ml_kem_serialize_compress_then_serialize_ring_element_v_76( + libcrux_ml_kem_serialize_compress_then_serialize_ring_element_v_4a( uu____6, Eurydice_array_to_subslice_from((size_t)1088U, ciphertext, (size_t)960U, uint8_t, size_t)); memcpy(ret, ciphertext, (size_t)1088U * sizeof(uint8_t)); @@ -4173,7 +4173,7 @@ with const generics - CIPHERTEXT_SIZE= 1088 */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_ml_kem_variant_kdf_d8_42( +static KRML_MUSTINLINE void libcrux_ml_kem_variant_kdf_d8_d2( Eurydice_slice shared_secret, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *_, uint8_t ret[32U]) { uint8_t out[32U] = {0U}; @@ -4205,7 +4205,7 @@ with const generics - IMPLICIT_REJECTION_HASH_INPUT_SIZE= 1120 */ KRML_ATTRIBUTE_TARGET("avx2") -static inline void libcrux_ml_kem_ind_cca_decapsulate_98( +static inline void libcrux_ml_kem_ind_cca_decapsulate_3c( libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext, uint8_t ret[32U]) { Eurydice_slice_uint8_t_x2 uu____0 = Eurydice_slice_split_at( @@ -4223,10 +4223,10 @@ static inline void libcrux_ml_kem_ind_cca_decapsulate_98( Eurydice_slice ind_cpa_public_key_hash = uu____2.fst; Eurydice_slice implicit_rejection_value = uu____2.snd; uint8_t decrypted[32U]; - libcrux_ml_kem_ind_cpa_decrypt_df(ind_cpa_secret_key, ciphertext->value, + libcrux_ml_kem_ind_cpa_decrypt_95(ind_cpa_secret_key, ciphertext->value, decrypted); uint8_t to_hash0[64U]; - libcrux_ml_kem_utils_into_padded_array_6d( + libcrux_ml_kem_utils_into_padded_array_42( Eurydice_array_to_slice((size_t)32U, decrypted, uint8_t), to_hash0); Eurydice_slice_copy( Eurydice_array_to_subslice_from( @@ -4234,7 +4234,7 @@ static inline void libcrux_ml_kem_ind_cca_decapsulate_98( uint8_t, size_t), ind_cpa_public_key_hash, uint8_t); uint8_t hashed[64U]; - libcrux_ml_kem_hash_functions_avx2_G_a9_5a( + libcrux_ml_kem_hash_functions_avx2_G_a9_67( Eurydice_array_to_slice((size_t)64U, to_hash0, uint8_t), hashed); Eurydice_slice_uint8_t_x2 uu____3 = Eurydice_slice_split_at( Eurydice_array_to_slice((size_t)64U, hashed, uint8_t), @@ -4243,14 +4243,14 @@ static inline void libcrux_ml_kem_ind_cca_decapsulate_98( Eurydice_slice shared_secret0 = uu____3.fst; Eurydice_slice pseudorandomness = uu____3.snd; uint8_t to_hash[1120U]; - libcrux_ml_kem_utils_into_padded_array_6d0(implicit_rejection_value, to_hash); + libcrux_ml_kem_utils_into_padded_array_420(implicit_rejection_value, to_hash); Eurydice_slice uu____4 = Eurydice_array_to_subslice_from( (size_t)1120U, to_hash, LIBCRUX_ML_KEM_CONSTANTS_SHARED_SECRET_SIZE, uint8_t, size_t); - Eurydice_slice_copy(uu____4, libcrux_ml_kem_types_as_ref_00_d6(ciphertext), + Eurydice_slice_copy(uu____4, libcrux_ml_kem_types_as_ref_00_cf(ciphertext), uint8_t); uint8_t implicit_rejection_shared_secret0[32U]; - libcrux_ml_kem_hash_functions_avx2_PRF_a9_b0( + libcrux_ml_kem_hash_functions_avx2_PRF_a9_42( Eurydice_array_to_slice((size_t)1120U, to_hash, uint8_t), implicit_rejection_shared_secret0); Eurydice_slice uu____5 = ind_cpa_public_key; @@ -4258,18 +4258,18 @@ static inline void libcrux_ml_kem_ind_cca_decapsulate_98( uint8_t copy_of_decrypted[32U]; memcpy(copy_of_decrypted, decrypted, (size_t)32U * sizeof(uint8_t)); uint8_t expected_ciphertext[1088U]; - libcrux_ml_kem_ind_cpa_encrypt_a4(uu____5, copy_of_decrypted, + libcrux_ml_kem_ind_cpa_encrypt_a6(uu____5, copy_of_decrypted, pseudorandomness, expected_ciphertext); uint8_t implicit_rejection_shared_secret[32U]; - libcrux_ml_kem_variant_kdf_d8_42( + libcrux_ml_kem_variant_kdf_d8_d2( Eurydice_array_to_slice((size_t)32U, implicit_rejection_shared_secret0, uint8_t), ciphertext, implicit_rejection_shared_secret); uint8_t shared_secret[32U]; - libcrux_ml_kem_variant_kdf_d8_42(shared_secret0, ciphertext, shared_secret); + libcrux_ml_kem_variant_kdf_d8_d2(shared_secret0, ciphertext, shared_secret); uint8_t ret0[32U]; libcrux_ml_kem_constant_time_ops_compare_ciphertexts_select_shared_secret_in_constant_time( - libcrux_ml_kem_types_as_ref_00_d6(ciphertext), + libcrux_ml_kem_types_as_ref_00_cf(ciphertext), Eurydice_array_to_slice((size_t)1088U, expected_ciphertext, uint8_t), Eurydice_array_to_slice((size_t)32U, shared_secret, uint8_t), Eurydice_array_to_slice((size_t)32U, implicit_rejection_shared_secret, @@ -4302,10 +4302,10 @@ with const generics - IMPLICIT_REJECTION_HASH_INPUT_SIZE= 1120 */ KRML_ATTRIBUTE_TARGET("avx2") -static inline void libcrux_ml_kem_ind_cca_instantiations_avx2_decapsulate_7e( +static inline void libcrux_ml_kem_ind_cca_instantiations_avx2_decapsulate_ea( libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext, uint8_t ret[32U]) { - libcrux_ml_kem_ind_cca_decapsulate_98(private_key, ciphertext, ret); + libcrux_ml_kem_ind_cca_decapsulate_3c(private_key, ciphertext, ret); } /** @@ -4319,7 +4319,7 @@ KRML_ATTRIBUTE_TARGET("avx2") static inline void libcrux_ml_kem_mlkem768_avx2_decapsulate( libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext, uint8_t ret[32U]) { - libcrux_ml_kem_ind_cca_instantiations_avx2_decapsulate_7e(private_key, + libcrux_ml_kem_ind_cca_instantiations_avx2_decapsulate_ea(private_key, ciphertext, ret); } @@ -4334,7 +4334,7 @@ with const generics - K= 3 */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_ml_kem_variant_entropy_preprocess_d8_c6( +static KRML_MUSTINLINE void libcrux_ml_kem_variant_entropy_preprocess_d8_e1( Eurydice_slice randomness, uint8_t ret[32U]) { uint8_t out[32U] = {0U}; Eurydice_slice_copy(Eurydice_array_to_slice((size_t)32U, out, uint8_t), @@ -4352,7 +4352,7 @@ with const generics - K= 3 */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_ml_kem_hash_functions_avx2_H_a9_38( +static KRML_MUSTINLINE void libcrux_ml_kem_hash_functions_avx2_H_a9_16( Eurydice_slice input, uint8_t ret[32U]) { libcrux_ml_kem_hash_functions_avx2_H(input, ret); } @@ -4377,28 +4377,28 @@ with const generics - ETA2_RANDOMNESS_SIZE= 128 */ KRML_ATTRIBUTE_TARGET("avx2") -static inline tuple_3c libcrux_ml_kem_ind_cca_encapsulate_54( +static inline tuple_3c libcrux_ml_kem_ind_cca_encapsulate_44( libcrux_ml_kem_types_MlKemPublicKey_15 *public_key, uint8_t randomness[32U]) { uint8_t randomness0[32U]; - libcrux_ml_kem_variant_entropy_preprocess_d8_c6( + libcrux_ml_kem_variant_entropy_preprocess_d8_e1( Eurydice_array_to_slice((size_t)32U, randomness, uint8_t), randomness0); uint8_t to_hash[64U]; - libcrux_ml_kem_utils_into_padded_array_6d( + libcrux_ml_kem_utils_into_padded_array_42( Eurydice_array_to_slice((size_t)32U, randomness0, uint8_t), to_hash); Eurydice_slice uu____0 = Eurydice_array_to_subslice_from( (size_t)64U, to_hash, LIBCRUX_ML_KEM_CONSTANTS_H_DIGEST_SIZE, uint8_t, size_t); uint8_t ret[32U]; - libcrux_ml_kem_hash_functions_avx2_H_a9_38( + libcrux_ml_kem_hash_functions_avx2_H_a9_16( Eurydice_array_to_slice((size_t)1184U, - libcrux_ml_kem_types_as_slice_cb_07(public_key), + libcrux_ml_kem_types_as_slice_cb_00(public_key), uint8_t), ret); Eurydice_slice_copy( uu____0, Eurydice_array_to_slice((size_t)32U, ret, uint8_t), uint8_t); uint8_t hashed[64U]; - libcrux_ml_kem_hash_functions_avx2_G_a9_5a( + libcrux_ml_kem_hash_functions_avx2_G_a9_67( Eurydice_array_to_slice((size_t)64U, to_hash, uint8_t), hashed); Eurydice_slice_uint8_t_x2 uu____1 = Eurydice_slice_split_at( Eurydice_array_to_slice((size_t)64U, hashed, uint8_t), @@ -4407,20 +4407,20 @@ static inline tuple_3c libcrux_ml_kem_ind_cca_encapsulate_54( Eurydice_slice shared_secret = uu____1.fst; Eurydice_slice pseudorandomness = uu____1.snd; Eurydice_slice uu____2 = Eurydice_array_to_slice( - (size_t)1184U, libcrux_ml_kem_types_as_slice_cb_07(public_key), uint8_t); + (size_t)1184U, libcrux_ml_kem_types_as_slice_cb_00(public_key), uint8_t); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness0, (size_t)32U * sizeof(uint8_t)); uint8_t ciphertext[1088U]; - libcrux_ml_kem_ind_cpa_encrypt_a4(uu____2, copy_of_randomness, + libcrux_ml_kem_ind_cpa_encrypt_a6(uu____2, copy_of_randomness, pseudorandomness, ciphertext); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_ciphertext[1088U]; memcpy(copy_of_ciphertext, ciphertext, (size_t)1088U * sizeof(uint8_t)); libcrux_ml_kem_mlkem768_MlKem768Ciphertext ciphertext0 = - libcrux_ml_kem_types_from_01_e9(copy_of_ciphertext); + libcrux_ml_kem_types_from_01_e5(copy_of_ciphertext); uint8_t shared_secret_array[32U]; - libcrux_ml_kem_variant_kdf_d8_42(shared_secret, &ciphertext0, + libcrux_ml_kem_variant_kdf_d8_d2(shared_secret, &ciphertext0, shared_secret_array); libcrux_ml_kem_mlkem768_MlKem768Ciphertext uu____5 = ciphertext0; /* Passing arrays by value in Rust generates a copy in C */ @@ -4452,14 +4452,14 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static inline tuple_3c -libcrux_ml_kem_ind_cca_instantiations_avx2_encapsulate_f0( +libcrux_ml_kem_ind_cca_instantiations_avx2_encapsulate_a4( libcrux_ml_kem_types_MlKemPublicKey_15 *public_key, uint8_t randomness[32U]) { libcrux_ml_kem_types_MlKemPublicKey_15 *uu____0 = public_key; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness, (size_t)32U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_encapsulate_54(uu____0, copy_of_randomness); + return libcrux_ml_kem_ind_cca_encapsulate_44(uu____0, copy_of_randomness); } /** @@ -4477,7 +4477,7 @@ static inline tuple_3c libcrux_ml_kem_mlkem768_avx2_encapsulate( /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness, (size_t)32U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_instantiations_avx2_encapsulate_f0( + return libcrux_ml_kem_ind_cca_instantiations_avx2_encapsulate_a4( uu____0, copy_of_randomness); } @@ -4492,7 +4492,7 @@ with const generics - K= 3 */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_ml_kem_variant_cpa_keygen_seed_d8_7c( +static KRML_MUSTINLINE void libcrux_ml_kem_variant_cpa_keygen_seed_d8_51( Eurydice_slice key_generation_seed, uint8_t ret[64U]) { uint8_t seed[33U] = {0U}; Eurydice_slice_copy( @@ -4503,7 +4503,7 @@ static KRML_MUSTINLINE void libcrux_ml_kem_variant_cpa_keygen_seed_d8_7c( seed[LIBCRUX_ML_KEM_CONSTANTS_CPA_PKE_KEY_GENERATION_SEED_SIZE] = (uint8_t)(size_t)3U; uint8_t ret0[64U]; - libcrux_ml_kem_hash_functions_avx2_G_a9_5a( + libcrux_ml_kem_hash_functions_avx2_G_a9_67( Eurydice_array_to_slice((size_t)33U, seed, uint8_t), ret0); memcpy(ret, ret0, (size_t)64U * sizeof(uint8_t)); } @@ -4516,8 +4516,8 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static inline libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -libcrux_ml_kem_matrix_compute_As_plus_e_closure_c4(size_t _i) { - return libcrux_ml_kem_polynomial_ZERO_89_9f(); +libcrux_ml_kem_matrix_compute_As_plus_e_closure_99(size_t _i) { + return libcrux_ml_kem_polynomial_ZERO_89_7d(); } /** @@ -4527,7 +4527,7 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") -static inline __m256i libcrux_ml_kem_vector_traits_to_standard_domain_bf( +static inline __m256i libcrux_ml_kem_vector_traits_to_standard_domain_8a( __m256i v) { return libcrux_ml_kem_vector_avx2_montgomery_multiply_by_constant_ea( v, LIBCRUX_ML_KEM_VECTOR_TRAITS_MONTGOMERY_R_SQUARED_MOD_FIELD_MODULUS); @@ -4545,14 +4545,14 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE void -libcrux_ml_kem_polynomial_add_standard_error_reduce_89_67( +libcrux_ml_kem_polynomial_add_standard_error_reduce_89_c1( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *self, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *error) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { size_t j = i; __m256i coefficient_normal_form = - libcrux_ml_kem_vector_traits_to_standard_domain_bf( + libcrux_ml_kem_vector_traits_to_standard_domain_8a( self->coefficients[j]); self->coefficients[j] = libcrux_ml_kem_vector_avx2_barrett_reduce_ea( libcrux_ml_kem_vector_avx2_add_ea(coefficient_normal_form, @@ -4570,14 +4570,14 @@ with const generics - K= 3 */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_ml_kem_matrix_compute_As_plus_e_2d( +static KRML_MUSTINLINE void libcrux_ml_kem_matrix_compute_As_plus_e_6a( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 (*matrix_A)[3U], libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *s_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *error_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 ret[3U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 result[3U]; for (size_t i = (size_t)0U; i < (size_t)3U; i++) { - result[i] = libcrux_ml_kem_polynomial_ZERO_89_9f(); + result[i] = libcrux_ml_kem_polynomial_ZERO_89_7d(); } for (size_t i0 = (size_t)0U; i0 < Eurydice_slice_len( @@ -4599,12 +4599,12 @@ static KRML_MUSTINLINE void libcrux_ml_kem_matrix_compute_As_plus_e_2d( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *matrix_element = &row[j]; libcrux_ml_kem_polynomial_PolynomialRingElement_d2 product = - libcrux_ml_kem_polynomial_ntt_multiply_89_ce(matrix_element, + libcrux_ml_kem_polynomial_ntt_multiply_89_04(matrix_element, &s_as_ntt[j]); - libcrux_ml_kem_polynomial_add_to_ring_element_89_7e(&result[i1], + libcrux_ml_kem_polynomial_add_to_ring_element_89_98(&result[i1], &product); } - libcrux_ml_kem_polynomial_add_standard_error_reduce_89_67( + libcrux_ml_kem_polynomial_add_standard_error_reduce_89_c1( &result[i1], &error_as_ntt[i1]); } memcpy( @@ -4620,14 +4620,14 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE void -libcrux_ml_kem_serialize_serialize_uncompressed_ring_element_b6( +libcrux_ml_kem_serialize_serialize_uncompressed_ring_element_16( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re, uint8_t ret[384U]) { uint8_t serialized[384U] = {0U}; for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { size_t i0 = i; __m256i coefficient = - libcrux_ml_kem_vector_traits_to_unsigned_representative_9b( + libcrux_ml_kem_vector_traits_to_unsigned_representative_38( re->coefficients[i0]); uint8_t bytes[24U]; libcrux_ml_kem_vector_avx2_serialize_12_ea(coefficient, bytes); @@ -4650,7 +4650,7 @@ with const generics - OUT_LEN= 1152 */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_ml_kem_ind_cpa_serialize_secret_key_6d( +static KRML_MUSTINLINE void libcrux_ml_kem_ind_cpa_serialize_secret_key_fd( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *key, uint8_t ret[1152U]) { uint8_t out[1152U] = {0U}; @@ -4668,7 +4668,7 @@ static KRML_MUSTINLINE void libcrux_ml_kem_ind_cpa_serialize_secret_key_6d( (i0 + (size_t)1U) * LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT, uint8_t); uint8_t ret0[384U]; - libcrux_ml_kem_serialize_serialize_uncompressed_ring_element_b6(&re, ret0); + libcrux_ml_kem_serialize_serialize_uncompressed_ring_element_16(&re, ret0); Eurydice_slice_copy( uu____0, Eurydice_array_to_slice((size_t)384U, ret0, uint8_t), uint8_t); } @@ -4687,14 +4687,14 @@ with const generics - PUBLIC_KEY_SIZE= 1184 */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_ml_kem_ind_cpa_serialize_public_key_d0( +static KRML_MUSTINLINE void libcrux_ml_kem_ind_cpa_serialize_public_key_77( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *t_as_ntt, Eurydice_slice seed_for_a, uint8_t ret[1184U]) { uint8_t public_key_serialized[1184U] = {0U}; Eurydice_slice uu____0 = Eurydice_array_to_subslice2( public_key_serialized, (size_t)0U, (size_t)1152U, uint8_t); uint8_t ret0[1152U]; - libcrux_ml_kem_ind_cpa_serialize_secret_key_6d(t_as_ntt, ret0); + libcrux_ml_kem_ind_cpa_serialize_secret_key_fd(t_as_ntt, ret0); Eurydice_slice_copy( uu____0, Eurydice_array_to_slice((size_t)1152U, ret0, uint8_t), uint8_t); Eurydice_slice_copy( @@ -4718,9 +4718,9 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static inline libcrux_ml_kem_utils_extraction_helper_Keypair768 -libcrux_ml_kem_ind_cpa_generate_keypair_9d(Eurydice_slice key_generation_seed) { +libcrux_ml_kem_ind_cpa_generate_keypair_51(Eurydice_slice key_generation_seed) { uint8_t hashed[64U]; - libcrux_ml_kem_variant_cpa_keygen_seed_d8_7c(key_generation_seed, hashed); + libcrux_ml_kem_variant_cpa_keygen_seed_d8_51(key_generation_seed, hashed); Eurydice_slice_uint8_t_x2 uu____0 = Eurydice_slice_split_at( Eurydice_array_to_slice((size_t)64U, hashed, uint8_t), (size_t)32U, uint8_t, Eurydice_slice_uint8_t_x2); @@ -4728,15 +4728,15 @@ libcrux_ml_kem_ind_cpa_generate_keypair_9d(Eurydice_slice key_generation_seed) { Eurydice_slice seed_for_secret_and_error = uu____0.snd; libcrux_ml_kem_polynomial_PolynomialRingElement_d2 A_transpose[3U][3U]; uint8_t ret[34U]; - libcrux_ml_kem_utils_into_padded_array_6d1(seed_for_A0, ret); - libcrux_ml_kem_matrix_sample_matrix_A_b8(ret, true, A_transpose); + libcrux_ml_kem_utils_into_padded_array_421(seed_for_A0, ret); + libcrux_ml_kem_matrix_sample_matrix_A_29(ret, true, A_transpose); uint8_t prf_input[33U]; - libcrux_ml_kem_utils_into_padded_array_6d2(seed_for_secret_and_error, + libcrux_ml_kem_utils_into_padded_array_422(seed_for_secret_and_error, prf_input); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_prf_input0[33U]; memcpy(copy_of_prf_input0, prf_input, (size_t)33U * sizeof(uint8_t)); - tuple_b00 uu____2 = libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_88( + tuple_b00 uu____2 = libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_6e( copy_of_prf_input0, 0U); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 secret_as_ntt[3U]; memcpy( @@ -4749,23 +4749,23 @@ libcrux_ml_kem_ind_cpa_generate_keypair_9d(Eurydice_slice key_generation_seed) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 error_as_ntt[3U]; memcpy( error_as_ntt, - libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_88(copy_of_prf_input, + libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_6e(copy_of_prf_input, domain_separator) .fst, (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 t_as_ntt[3U]; - libcrux_ml_kem_matrix_compute_As_plus_e_2d(A_transpose, secret_as_ntt, + libcrux_ml_kem_matrix_compute_As_plus_e_6a(A_transpose, secret_as_ntt, error_as_ntt, t_as_ntt); uint8_t seed_for_A[32U]; Result_00 dst; Eurydice_slice_to_array2(&dst, seed_for_A0, Eurydice_slice, uint8_t[32U]); unwrap_41_33(dst, seed_for_A); uint8_t public_key_serialized[1184U]; - libcrux_ml_kem_ind_cpa_serialize_public_key_d0( + libcrux_ml_kem_ind_cpa_serialize_public_key_77( t_as_ntt, Eurydice_array_to_slice((size_t)32U, seed_for_A, uint8_t), public_key_serialized); uint8_t secret_key_serialized[1152U]; - libcrux_ml_kem_ind_cpa_serialize_secret_key_6d(secret_as_ntt, + libcrux_ml_kem_ind_cpa_serialize_secret_key_fd(secret_as_ntt, secret_key_serialized); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_secret_key_serialized[1152U]; @@ -4794,7 +4794,7 @@ with const generics - SERIALIZED_KEY_LEN= 2400 */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_ml_kem_ind_cca_serialize_kem_secret_key_d4( +static KRML_MUSTINLINE void libcrux_ml_kem_ind_cca_serialize_kem_secret_key_f5( Eurydice_slice private_key, Eurydice_slice public_key, Eurydice_slice implicit_rejection_value, uint8_t ret[2400U]) { uint8_t out[2400U] = {0U}; @@ -4820,7 +4820,7 @@ static KRML_MUSTINLINE void libcrux_ml_kem_ind_cca_serialize_kem_secret_key_d4( Eurydice_slice uu____6 = Eurydice_array_to_subslice2( out, pointer, pointer + LIBCRUX_ML_KEM_CONSTANTS_H_DIGEST_SIZE, uint8_t); uint8_t ret0[32U]; - libcrux_ml_kem_hash_functions_avx2_H_a9_38(public_key, ret0); + libcrux_ml_kem_hash_functions_avx2_H_a9_16(public_key, ret0); Eurydice_slice_copy( uu____6, Eurydice_array_to_slice((size_t)32U, ret0, uint8_t), uint8_t); pointer = pointer + LIBCRUX_ML_KEM_CONSTANTS_H_DIGEST_SIZE; @@ -4859,7 +4859,7 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static inline libcrux_ml_kem_mlkem768_MlKem768KeyPair -libcrux_ml_kem_ind_cca_generate_keypair_5d(uint8_t randomness[64U]) { +libcrux_ml_kem_ind_cca_generate_keypair_61(uint8_t randomness[64U]) { Eurydice_slice ind_cpa_keypair_randomness = Eurydice_array_to_subslice2( randomness, (size_t)0U, LIBCRUX_ML_KEM_CONSTANTS_CPA_PKE_KEY_GENERATION_SEED_SIZE, uint8_t); @@ -4868,13 +4868,13 @@ libcrux_ml_kem_ind_cca_generate_keypair_5d(uint8_t randomness[64U]) { LIBCRUX_ML_KEM_CONSTANTS_CPA_PKE_KEY_GENERATION_SEED_SIZE, uint8_t, size_t); libcrux_ml_kem_utils_extraction_helper_Keypair768 uu____0 = - libcrux_ml_kem_ind_cpa_generate_keypair_9d(ind_cpa_keypair_randomness); + libcrux_ml_kem_ind_cpa_generate_keypair_51(ind_cpa_keypair_randomness); uint8_t ind_cpa_private_key[1152U]; memcpy(ind_cpa_private_key, uu____0.fst, (size_t)1152U * sizeof(uint8_t)); uint8_t public_key[1184U]; memcpy(public_key, uu____0.snd, (size_t)1184U * sizeof(uint8_t)); uint8_t secret_key_serialized[2400U]; - libcrux_ml_kem_ind_cca_serialize_kem_secret_key_d4( + libcrux_ml_kem_ind_cca_serialize_kem_secret_key_f5( Eurydice_array_to_slice((size_t)1152U, ind_cpa_private_key, uint8_t), Eurydice_array_to_slice((size_t)1184U, public_key, uint8_t), implicit_rejection_value, secret_key_serialized); @@ -4883,13 +4883,13 @@ libcrux_ml_kem_ind_cca_generate_keypair_5d(uint8_t randomness[64U]) { memcpy(copy_of_secret_key_serialized, secret_key_serialized, (size_t)2400U * sizeof(uint8_t)); libcrux_ml_kem_types_MlKemPrivateKey_55 private_key = - libcrux_ml_kem_types_from_05_89(copy_of_secret_key_serialized); + libcrux_ml_kem_types_from_05_9d(copy_of_secret_key_serialized); libcrux_ml_kem_types_MlKemPrivateKey_55 uu____2 = private_key; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_public_key[1184U]; memcpy(copy_of_public_key, public_key, (size_t)1184U * sizeof(uint8_t)); - return libcrux_ml_kem_types_from_17_82( - uu____2, libcrux_ml_kem_types_from_b6_96(copy_of_public_key)); + return libcrux_ml_kem_types_from_17_f6( + uu____2, libcrux_ml_kem_types_from_b6_8c(copy_of_public_key)); } /** @@ -4908,12 +4908,12 @@ libcrux_ml_kem.ind_cca.instantiations.avx2.generate_keypair with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static inline libcrux_ml_kem_mlkem768_MlKem768KeyPair -libcrux_ml_kem_ind_cca_instantiations_avx2_generate_keypair_2a( +libcrux_ml_kem_ind_cca_instantiations_avx2_generate_keypair_6c( uint8_t randomness[64U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[64U]; memcpy(copy_of_randomness, randomness, (size_t)64U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_generate_keypair_5d(copy_of_randomness); + return libcrux_ml_kem_ind_cca_generate_keypair_61(copy_of_randomness); } /** @@ -4925,7 +4925,7 @@ libcrux_ml_kem_mlkem768_avx2_generate_key_pair(uint8_t randomness[64U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[64U]; memcpy(copy_of_randomness, randomness, (size_t)64U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_instantiations_avx2_generate_keypair_2a( + return libcrux_ml_kem_ind_cca_instantiations_avx2_generate_keypair_6c( copy_of_randomness); } @@ -4941,24 +4941,24 @@ with const generics - CIPHERTEXT_SIZE= 1088 */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_ml_kem_variant_kdf_33_fb( +static KRML_MUSTINLINE void libcrux_ml_kem_variant_kdf_33_72( Eurydice_slice shared_secret, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext, uint8_t ret[32U]) { uint8_t kdf_input[64U]; - libcrux_ml_kem_utils_into_padded_array_6d(shared_secret, kdf_input); + libcrux_ml_kem_utils_into_padded_array_42(shared_secret, kdf_input); Eurydice_slice uu____0 = Eurydice_array_to_subslice_from( (size_t)64U, kdf_input, LIBCRUX_ML_KEM_CONSTANTS_H_DIGEST_SIZE, uint8_t, size_t); uint8_t ret0[32U]; - libcrux_ml_kem_hash_functions_avx2_H_a9_38( + libcrux_ml_kem_hash_functions_avx2_H_a9_16( Eurydice_array_to_slice((size_t)1088U, - libcrux_ml_kem_types_as_slice_d4_b2(ciphertext), + libcrux_ml_kem_types_as_slice_d4_aa(ciphertext), uint8_t), ret0); Eurydice_slice_copy( uu____0, Eurydice_array_to_slice((size_t)32U, ret0, uint8_t), uint8_t); uint8_t ret1[32U]; - libcrux_ml_kem_hash_functions_avx2_PRF_a9_b0( + libcrux_ml_kem_hash_functions_avx2_PRF_a9_42( Eurydice_array_to_slice((size_t)64U, kdf_input, uint8_t), ret1); memcpy(ret, ret1, (size_t)32U * sizeof(uint8_t)); } @@ -4986,7 +4986,7 @@ with const generics - IMPLICIT_REJECTION_HASH_INPUT_SIZE= 1120 */ KRML_ATTRIBUTE_TARGET("avx2") -static inline void libcrux_ml_kem_ind_cca_decapsulate_980( +static inline void libcrux_ml_kem_ind_cca_decapsulate_3c0( libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext, uint8_t ret[32U]) { Eurydice_slice_uint8_t_x2 uu____0 = Eurydice_slice_split_at( @@ -5004,10 +5004,10 @@ static inline void libcrux_ml_kem_ind_cca_decapsulate_980( Eurydice_slice ind_cpa_public_key_hash = uu____2.fst; Eurydice_slice implicit_rejection_value = uu____2.snd; uint8_t decrypted[32U]; - libcrux_ml_kem_ind_cpa_decrypt_df(ind_cpa_secret_key, ciphertext->value, + libcrux_ml_kem_ind_cpa_decrypt_95(ind_cpa_secret_key, ciphertext->value, decrypted); uint8_t to_hash0[64U]; - libcrux_ml_kem_utils_into_padded_array_6d( + libcrux_ml_kem_utils_into_padded_array_42( Eurydice_array_to_slice((size_t)32U, decrypted, uint8_t), to_hash0); Eurydice_slice_copy( Eurydice_array_to_subslice_from( @@ -5015,7 +5015,7 @@ static inline void libcrux_ml_kem_ind_cca_decapsulate_980( uint8_t, size_t), ind_cpa_public_key_hash, uint8_t); uint8_t hashed[64U]; - libcrux_ml_kem_hash_functions_avx2_G_a9_5a( + libcrux_ml_kem_hash_functions_avx2_G_a9_67( Eurydice_array_to_slice((size_t)64U, to_hash0, uint8_t), hashed); Eurydice_slice_uint8_t_x2 uu____3 = Eurydice_slice_split_at( Eurydice_array_to_slice((size_t)64U, hashed, uint8_t), @@ -5024,14 +5024,14 @@ static inline void libcrux_ml_kem_ind_cca_decapsulate_980( Eurydice_slice shared_secret0 = uu____3.fst; Eurydice_slice pseudorandomness = uu____3.snd; uint8_t to_hash[1120U]; - libcrux_ml_kem_utils_into_padded_array_6d0(implicit_rejection_value, to_hash); + libcrux_ml_kem_utils_into_padded_array_420(implicit_rejection_value, to_hash); Eurydice_slice uu____4 = Eurydice_array_to_subslice_from( (size_t)1120U, to_hash, LIBCRUX_ML_KEM_CONSTANTS_SHARED_SECRET_SIZE, uint8_t, size_t); - Eurydice_slice_copy(uu____4, libcrux_ml_kem_types_as_ref_00_d6(ciphertext), + Eurydice_slice_copy(uu____4, libcrux_ml_kem_types_as_ref_00_cf(ciphertext), uint8_t); uint8_t implicit_rejection_shared_secret0[32U]; - libcrux_ml_kem_hash_functions_avx2_PRF_a9_b0( + libcrux_ml_kem_hash_functions_avx2_PRF_a9_42( Eurydice_array_to_slice((size_t)1120U, to_hash, uint8_t), implicit_rejection_shared_secret0); Eurydice_slice uu____5 = ind_cpa_public_key; @@ -5039,18 +5039,18 @@ static inline void libcrux_ml_kem_ind_cca_decapsulate_980( uint8_t copy_of_decrypted[32U]; memcpy(copy_of_decrypted, decrypted, (size_t)32U * sizeof(uint8_t)); uint8_t expected_ciphertext[1088U]; - libcrux_ml_kem_ind_cpa_encrypt_a4(uu____5, copy_of_decrypted, + libcrux_ml_kem_ind_cpa_encrypt_a6(uu____5, copy_of_decrypted, pseudorandomness, expected_ciphertext); uint8_t implicit_rejection_shared_secret[32U]; - libcrux_ml_kem_variant_kdf_33_fb( + libcrux_ml_kem_variant_kdf_33_72( Eurydice_array_to_slice((size_t)32U, implicit_rejection_shared_secret0, uint8_t), ciphertext, implicit_rejection_shared_secret); uint8_t shared_secret[32U]; - libcrux_ml_kem_variant_kdf_33_fb(shared_secret0, ciphertext, shared_secret); + libcrux_ml_kem_variant_kdf_33_72(shared_secret0, ciphertext, shared_secret); uint8_t ret0[32U]; libcrux_ml_kem_constant_time_ops_compare_ciphertexts_select_shared_secret_in_constant_time( - libcrux_ml_kem_types_as_ref_00_d6(ciphertext), + libcrux_ml_kem_types_as_ref_00_cf(ciphertext), Eurydice_array_to_slice((size_t)1088U, expected_ciphertext, uint8_t), Eurydice_array_to_slice((size_t)32U, shared_secret, uint8_t), Eurydice_array_to_slice((size_t)32U, implicit_rejection_shared_secret, @@ -5084,10 +5084,10 @@ libcrux_ml_kem.ind_cca.instantiations.avx2.kyber_decapsulate with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static inline void -libcrux_ml_kem_ind_cca_instantiations_avx2_kyber_decapsulate_33( +libcrux_ml_kem_ind_cca_instantiations_avx2_kyber_decapsulate_ed( libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext, uint8_t ret[32U]) { - libcrux_ml_kem_ind_cca_decapsulate_980(private_key, ciphertext, ret); + libcrux_ml_kem_ind_cca_decapsulate_3c0(private_key, ciphertext, ret); } /** @@ -5101,7 +5101,7 @@ KRML_ATTRIBUTE_TARGET("avx2") static inline void libcrux_ml_kem_mlkem768_avx2_kyber_decapsulate( libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext, uint8_t ret[32U]) { - libcrux_ml_kem_ind_cca_instantiations_avx2_kyber_decapsulate_33( + libcrux_ml_kem_ind_cca_instantiations_avx2_kyber_decapsulate_ed( private_key, ciphertext, ret); } @@ -5116,9 +5116,9 @@ with const generics - K= 3 */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_ml_kem_variant_entropy_preprocess_33_89( +static KRML_MUSTINLINE void libcrux_ml_kem_variant_entropy_preprocess_33_7a( Eurydice_slice randomness, uint8_t ret[32U]) { - libcrux_ml_kem_hash_functions_avx2_H_a9_38(randomness, ret); + libcrux_ml_kem_hash_functions_avx2_H_a9_16(randomness, ret); } /** @@ -5141,28 +5141,28 @@ with const generics - ETA2_RANDOMNESS_SIZE= 128 */ KRML_ATTRIBUTE_TARGET("avx2") -static inline tuple_3c libcrux_ml_kem_ind_cca_encapsulate_540( +static inline tuple_3c libcrux_ml_kem_ind_cca_encapsulate_440( libcrux_ml_kem_types_MlKemPublicKey_15 *public_key, uint8_t randomness[32U]) { uint8_t randomness0[32U]; - libcrux_ml_kem_variant_entropy_preprocess_33_89( + libcrux_ml_kem_variant_entropy_preprocess_33_7a( Eurydice_array_to_slice((size_t)32U, randomness, uint8_t), randomness0); uint8_t to_hash[64U]; - libcrux_ml_kem_utils_into_padded_array_6d( + libcrux_ml_kem_utils_into_padded_array_42( Eurydice_array_to_slice((size_t)32U, randomness0, uint8_t), to_hash); Eurydice_slice uu____0 = Eurydice_array_to_subslice_from( (size_t)64U, to_hash, LIBCRUX_ML_KEM_CONSTANTS_H_DIGEST_SIZE, uint8_t, size_t); uint8_t ret[32U]; - libcrux_ml_kem_hash_functions_avx2_H_a9_38( + libcrux_ml_kem_hash_functions_avx2_H_a9_16( Eurydice_array_to_slice((size_t)1184U, - libcrux_ml_kem_types_as_slice_cb_07(public_key), + libcrux_ml_kem_types_as_slice_cb_00(public_key), uint8_t), ret); Eurydice_slice_copy( uu____0, Eurydice_array_to_slice((size_t)32U, ret, uint8_t), uint8_t); uint8_t hashed[64U]; - libcrux_ml_kem_hash_functions_avx2_G_a9_5a( + libcrux_ml_kem_hash_functions_avx2_G_a9_67( Eurydice_array_to_slice((size_t)64U, to_hash, uint8_t), hashed); Eurydice_slice_uint8_t_x2 uu____1 = Eurydice_slice_split_at( Eurydice_array_to_slice((size_t)64U, hashed, uint8_t), @@ -5171,20 +5171,20 @@ static inline tuple_3c libcrux_ml_kem_ind_cca_encapsulate_540( Eurydice_slice shared_secret = uu____1.fst; Eurydice_slice pseudorandomness = uu____1.snd; Eurydice_slice uu____2 = Eurydice_array_to_slice( - (size_t)1184U, libcrux_ml_kem_types_as_slice_cb_07(public_key), uint8_t); + (size_t)1184U, libcrux_ml_kem_types_as_slice_cb_00(public_key), uint8_t); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness0, (size_t)32U * sizeof(uint8_t)); uint8_t ciphertext[1088U]; - libcrux_ml_kem_ind_cpa_encrypt_a4(uu____2, copy_of_randomness, + libcrux_ml_kem_ind_cpa_encrypt_a6(uu____2, copy_of_randomness, pseudorandomness, ciphertext); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_ciphertext[1088U]; memcpy(copy_of_ciphertext, ciphertext, (size_t)1088U * sizeof(uint8_t)); libcrux_ml_kem_mlkem768_MlKem768Ciphertext ciphertext0 = - libcrux_ml_kem_types_from_01_e9(copy_of_ciphertext); + libcrux_ml_kem_types_from_01_e5(copy_of_ciphertext); uint8_t shared_secret_array[32U]; - libcrux_ml_kem_variant_kdf_33_fb(shared_secret, &ciphertext0, + libcrux_ml_kem_variant_kdf_33_72(shared_secret, &ciphertext0, shared_secret_array); libcrux_ml_kem_mlkem768_MlKem768Ciphertext uu____5 = ciphertext0; /* Passing arrays by value in Rust generates a copy in C */ @@ -5219,14 +5219,14 @@ libcrux_ml_kem.ind_cca.instantiations.avx2.kyber_encapsulate with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static inline tuple_3c -libcrux_ml_kem_ind_cca_instantiations_avx2_kyber_encapsulate_2c( +libcrux_ml_kem_ind_cca_instantiations_avx2_kyber_encapsulate_63( libcrux_ml_kem_types_MlKemPublicKey_15 *public_key, uint8_t randomness[32U]) { libcrux_ml_kem_types_MlKemPublicKey_15 *uu____0 = public_key; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness, (size_t)32U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_encapsulate_540(uu____0, copy_of_randomness); + return libcrux_ml_kem_ind_cca_encapsulate_440(uu____0, copy_of_randomness); } /** @@ -5244,7 +5244,7 @@ static inline tuple_3c libcrux_ml_kem_mlkem768_avx2_kyber_encapsulate( /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness, (size_t)32U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_instantiations_avx2_kyber_encapsulate_2c( + return libcrux_ml_kem_ind_cca_instantiations_avx2_kyber_encapsulate_63( uu____0, copy_of_randomness); } @@ -5259,9 +5259,9 @@ with const generics - K= 3 */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_ml_kem_variant_cpa_keygen_seed_33_70( +static KRML_MUSTINLINE void libcrux_ml_kem_variant_cpa_keygen_seed_33_2c( Eurydice_slice key_generation_seed, uint8_t ret[64U]) { - libcrux_ml_kem_hash_functions_avx2_G_a9_5a(key_generation_seed, ret); + libcrux_ml_kem_hash_functions_avx2_G_a9_67(key_generation_seed, ret); } /** @@ -5278,10 +5278,10 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static inline libcrux_ml_kem_utils_extraction_helper_Keypair768 -libcrux_ml_kem_ind_cpa_generate_keypair_9d0( +libcrux_ml_kem_ind_cpa_generate_keypair_510( Eurydice_slice key_generation_seed) { uint8_t hashed[64U]; - libcrux_ml_kem_variant_cpa_keygen_seed_33_70(key_generation_seed, hashed); + libcrux_ml_kem_variant_cpa_keygen_seed_33_2c(key_generation_seed, hashed); Eurydice_slice_uint8_t_x2 uu____0 = Eurydice_slice_split_at( Eurydice_array_to_slice((size_t)64U, hashed, uint8_t), (size_t)32U, uint8_t, Eurydice_slice_uint8_t_x2); @@ -5289,15 +5289,15 @@ libcrux_ml_kem_ind_cpa_generate_keypair_9d0( Eurydice_slice seed_for_secret_and_error = uu____0.snd; libcrux_ml_kem_polynomial_PolynomialRingElement_d2 A_transpose[3U][3U]; uint8_t ret[34U]; - libcrux_ml_kem_utils_into_padded_array_6d1(seed_for_A0, ret); - libcrux_ml_kem_matrix_sample_matrix_A_b8(ret, true, A_transpose); + libcrux_ml_kem_utils_into_padded_array_421(seed_for_A0, ret); + libcrux_ml_kem_matrix_sample_matrix_A_29(ret, true, A_transpose); uint8_t prf_input[33U]; - libcrux_ml_kem_utils_into_padded_array_6d2(seed_for_secret_and_error, + libcrux_ml_kem_utils_into_padded_array_422(seed_for_secret_and_error, prf_input); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_prf_input0[33U]; memcpy(copy_of_prf_input0, prf_input, (size_t)33U * sizeof(uint8_t)); - tuple_b00 uu____2 = libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_88( + tuple_b00 uu____2 = libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_6e( copy_of_prf_input0, 0U); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 secret_as_ntt[3U]; memcpy( @@ -5310,23 +5310,23 @@ libcrux_ml_kem_ind_cpa_generate_keypair_9d0( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 error_as_ntt[3U]; memcpy( error_as_ntt, - libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_88(copy_of_prf_input, + libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_6e(copy_of_prf_input, domain_separator) .fst, (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 t_as_ntt[3U]; - libcrux_ml_kem_matrix_compute_As_plus_e_2d(A_transpose, secret_as_ntt, + libcrux_ml_kem_matrix_compute_As_plus_e_6a(A_transpose, secret_as_ntt, error_as_ntt, t_as_ntt); uint8_t seed_for_A[32U]; Result_00 dst; Eurydice_slice_to_array2(&dst, seed_for_A0, Eurydice_slice, uint8_t[32U]); unwrap_41_33(dst, seed_for_A); uint8_t public_key_serialized[1184U]; - libcrux_ml_kem_ind_cpa_serialize_public_key_d0( + libcrux_ml_kem_ind_cpa_serialize_public_key_77( t_as_ntt, Eurydice_array_to_slice((size_t)32U, seed_for_A, uint8_t), public_key_serialized); uint8_t secret_key_serialized[1152U]; - libcrux_ml_kem_ind_cpa_serialize_secret_key_6d(secret_as_ntt, + libcrux_ml_kem_ind_cpa_serialize_secret_key_fd(secret_as_ntt, secret_key_serialized); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_secret_key_serialized[1152U]; @@ -5367,7 +5367,7 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static inline libcrux_ml_kem_mlkem768_MlKem768KeyPair -libcrux_ml_kem_ind_cca_generate_keypair_5d0(uint8_t randomness[64U]) { +libcrux_ml_kem_ind_cca_generate_keypair_610(uint8_t randomness[64U]) { Eurydice_slice ind_cpa_keypair_randomness = Eurydice_array_to_subslice2( randomness, (size_t)0U, LIBCRUX_ML_KEM_CONSTANTS_CPA_PKE_KEY_GENERATION_SEED_SIZE, uint8_t); @@ -5376,13 +5376,13 @@ libcrux_ml_kem_ind_cca_generate_keypair_5d0(uint8_t randomness[64U]) { LIBCRUX_ML_KEM_CONSTANTS_CPA_PKE_KEY_GENERATION_SEED_SIZE, uint8_t, size_t); libcrux_ml_kem_utils_extraction_helper_Keypair768 uu____0 = - libcrux_ml_kem_ind_cpa_generate_keypair_9d0(ind_cpa_keypair_randomness); + libcrux_ml_kem_ind_cpa_generate_keypair_510(ind_cpa_keypair_randomness); uint8_t ind_cpa_private_key[1152U]; memcpy(ind_cpa_private_key, uu____0.fst, (size_t)1152U * sizeof(uint8_t)); uint8_t public_key[1184U]; memcpy(public_key, uu____0.snd, (size_t)1184U * sizeof(uint8_t)); uint8_t secret_key_serialized[2400U]; - libcrux_ml_kem_ind_cca_serialize_kem_secret_key_d4( + libcrux_ml_kem_ind_cca_serialize_kem_secret_key_f5( Eurydice_array_to_slice((size_t)1152U, ind_cpa_private_key, uint8_t), Eurydice_array_to_slice((size_t)1184U, public_key, uint8_t), implicit_rejection_value, secret_key_serialized); @@ -5391,13 +5391,13 @@ libcrux_ml_kem_ind_cca_generate_keypair_5d0(uint8_t randomness[64U]) { memcpy(copy_of_secret_key_serialized, secret_key_serialized, (size_t)2400U * sizeof(uint8_t)); libcrux_ml_kem_types_MlKemPrivateKey_55 private_key = - libcrux_ml_kem_types_from_05_89(copy_of_secret_key_serialized); + libcrux_ml_kem_types_from_05_9d(copy_of_secret_key_serialized); libcrux_ml_kem_types_MlKemPrivateKey_55 uu____2 = private_key; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_public_key[1184U]; memcpy(copy_of_public_key, public_key, (size_t)1184U * sizeof(uint8_t)); - return libcrux_ml_kem_types_from_17_82( - uu____2, libcrux_ml_kem_types_from_b6_96(copy_of_public_key)); + return libcrux_ml_kem_types_from_17_f6( + uu____2, libcrux_ml_kem_types_from_b6_8c(copy_of_public_key)); } /** @@ -5414,12 +5414,12 @@ generics */ KRML_ATTRIBUTE_TARGET("avx2") static inline libcrux_ml_kem_mlkem768_MlKem768KeyPair -libcrux_ml_kem_ind_cca_instantiations_avx2_kyber_generate_keypair_7e( +libcrux_ml_kem_ind_cca_instantiations_avx2_kyber_generate_keypair_35( uint8_t randomness[64U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[64U]; memcpy(copy_of_randomness, randomness, (size_t)64U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_generate_keypair_5d0(copy_of_randomness); + return libcrux_ml_kem_ind_cca_generate_keypair_610(copy_of_randomness); } /** @@ -5431,7 +5431,7 @@ libcrux_ml_kem_mlkem768_avx2_kyber_generate_key_pair(uint8_t randomness[64U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[64U]; memcpy(copy_of_randomness, randomness, (size_t)64U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_instantiations_avx2_kyber_generate_keypair_7e( + return libcrux_ml_kem_ind_cca_instantiations_avx2_kyber_generate_keypair_35( copy_of_randomness); } @@ -5451,11 +5451,11 @@ with const generics - CIPHERTEXT_SIZE= 1088 */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE bool libcrux_ml_kem_ind_cca_validate_private_key_58( +static KRML_MUSTINLINE bool libcrux_ml_kem_ind_cca_validate_private_key_8e( libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *_ciphertext) { uint8_t t[32U]; - libcrux_ml_kem_hash_functions_avx2_H_a9_38( + libcrux_ml_kem_hash_functions_avx2_H_a9_16( Eurydice_array_to_subslice2(private_key->value, (size_t)384U * (size_t)3U, (size_t)768U * (size_t)3U + (size_t)32U, uint8_t), @@ -5480,10 +5480,10 @@ generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE bool -libcrux_ml_kem_ind_cca_instantiations_avx2_validate_private_key_f4( +libcrux_ml_kem_ind_cca_instantiations_avx2_validate_private_key_09( libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext) { - return libcrux_ml_kem_ind_cca_validate_private_key_58(private_key, + return libcrux_ml_kem_ind_cca_validate_private_key_8e(private_key, ciphertext); } @@ -5496,7 +5496,7 @@ KRML_ATTRIBUTE_TARGET("avx2") static inline bool libcrux_ml_kem_mlkem768_avx2_validate_private_key( libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext) { - return libcrux_ml_kem_ind_cca_instantiations_avx2_validate_private_key_f4( + return libcrux_ml_kem_ind_cca_instantiations_avx2_validate_private_key_09( private_key, ciphertext); } @@ -5509,9 +5509,9 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static inline libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_closure_1c0( +libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_closure_d40( size_t _i) { - return libcrux_ml_kem_polynomial_ZERO_89_9f(); + return libcrux_ml_kem_polynomial_ZERO_89_7d(); } /** @@ -5529,12 +5529,12 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE void -libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_ef0( +libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_2d0( Eurydice_slice public_key, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 ret[3U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 deserialized_pk[3U]; for (size_t i = (size_t)0U; i < (size_t)3U; i++) { - deserialized_pk[i] = libcrux_ml_kem_polynomial_ZERO_89_9f(); + deserialized_pk[i] = libcrux_ml_kem_polynomial_ZERO_89_7d(); } for (size_t i = (size_t)0U; i < Eurydice_slice_len(public_key, uint8_t) / @@ -5547,7 +5547,7 @@ libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_ef0( LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT, uint8_t); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 uu____0 = - libcrux_ml_kem_serialize_deserialize_to_reduced_ring_element_8e( + libcrux_ml_kem_serialize_deserialize_to_reduced_ring_element_bc( ring_element); deserialized_pk[i0] = uu____0; } @@ -5572,16 +5572,16 @@ with const generics - PUBLIC_KEY_SIZE= 1184 */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE bool libcrux_ml_kem_ind_cca_validate_public_key_32( +static KRML_MUSTINLINE bool libcrux_ml_kem_ind_cca_validate_public_key_8e( uint8_t *public_key) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 deserialized_pk[3U]; - libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_ef0( + libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_2d0( Eurydice_array_to_subslice_to((size_t)1184U, public_key, (size_t)1152U, uint8_t, size_t), deserialized_pk); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *uu____0 = deserialized_pk; uint8_t public_key_serialized[1184U]; - libcrux_ml_kem_ind_cpa_serialize_public_key_d0( + libcrux_ml_kem_ind_cpa_serialize_public_key_77( uu____0, Eurydice_array_to_subslice_from((size_t)1184U, public_key, (size_t)1152U, uint8_t, size_t), @@ -5603,9 +5603,9 @@ generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE bool -libcrux_ml_kem_ind_cca_instantiations_avx2_validate_public_key_c2( +libcrux_ml_kem_ind_cca_instantiations_avx2_validate_public_key_87( uint8_t *public_key) { - return libcrux_ml_kem_ind_cca_validate_public_key_32(public_key); + return libcrux_ml_kem_ind_cca_validate_public_key_8e(public_key); } /** @@ -5616,7 +5616,7 @@ libcrux_ml_kem_ind_cca_instantiations_avx2_validate_public_key_c2( KRML_ATTRIBUTE_TARGET("avx2") static inline bool libcrux_ml_kem_mlkem768_avx2_validate_public_key( libcrux_ml_kem_types_MlKemPublicKey_15 *public_key) { - return libcrux_ml_kem_ind_cca_instantiations_avx2_validate_public_key_c2( + return libcrux_ml_kem_ind_cca_instantiations_avx2_validate_public_key_87( public_key->value); } diff --git a/libcrux-ml-kem/cg/libcrux_mlkem768_portable.h b/libcrux-ml-kem/cg/libcrux_mlkem768_portable.h index 180d9ae3f..034a42c5a 100644 --- a/libcrux-ml-kem/cg/libcrux_mlkem768_portable.h +++ b/libcrux-ml-kem/cg/libcrux_mlkem768_portable.h @@ -7,8 +7,8 @@ * Charon: b351338f6a84c7a1afc27433eb0ffdc668b3581d * Eurydice: 7efec1624422fd5e94388ef06b9c76dfe7a48d46 * Karamel: c96fb69d15693284644d6aecaa90afa37e4de8f0 - * F*: a32b316e521fa4f239b610ec8f1d15e78d62cbe8-dirty - * Libcrux: 3676fd514a5df7dc5dd8382e2c18dfffa42488dd + * F*: 5643e656b989aca7629723653a2570c7df6252b9-dirty + * Libcrux: 99498eed461fa03566e0382b445c77bd2af5b59d */ #ifndef __libcrux_mlkem768_portable_H @@ -2426,7 +2426,7 @@ with const generics */ static inline libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -libcrux_ml_kem_polynomial_ZERO_89_c3(void) { +libcrux_ml_kem_polynomial_ZERO_89_19(void) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 lit; lit.coefficients[0U] = libcrux_ml_kem_vector_portable_ZERO_0d(); lit.coefficients[1U] = libcrux_ml_kem_vector_portable_ZERO_0d(); @@ -2454,8 +2454,8 @@ with const generics - K= 3 */ static inline libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -libcrux_ml_kem_ind_cpa_deserialize_secret_key_closure_cd(size_t _) { - return libcrux_ml_kem_polynomial_ZERO_89_c3(); +libcrux_ml_kem_ind_cpa_deserialize_secret_key_closure_fe(size_t _) { + return libcrux_ml_kem_polynomial_ZERO_89_19(); } /** @@ -2465,10 +2465,10 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -libcrux_ml_kem_serialize_deserialize_to_uncompressed_ring_element_85( +libcrux_ml_kem_serialize_deserialize_to_uncompressed_ring_element_8d( Eurydice_slice serialized) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re = - libcrux_ml_kem_polynomial_ZERO_89_c3(); + libcrux_ml_kem_polynomial_ZERO_89_19(); for (size_t i = (size_t)0U; i < Eurydice_slice_len(serialized, uint8_t) / (size_t)24U; i++) { size_t i0 = i; @@ -2490,12 +2490,12 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 3 */ -static KRML_MUSTINLINE void libcrux_ml_kem_ind_cpa_deserialize_secret_key_d7( +static KRML_MUSTINLINE void libcrux_ml_kem_ind_cpa_deserialize_secret_key_34( Eurydice_slice secret_key, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 ret[3U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 secret_as_ntt[3U]; for (size_t i = (size_t)0U; i < (size_t)3U; i++) { - secret_as_ntt[i] = libcrux_ml_kem_polynomial_ZERO_89_c3(); + secret_as_ntt[i] = libcrux_ml_kem_polynomial_ZERO_89_19(); } for (size_t i = (size_t)0U; i < Eurydice_slice_len(secret_key, uint8_t) / @@ -2508,7 +2508,7 @@ static KRML_MUSTINLINE void libcrux_ml_kem_ind_cpa_deserialize_secret_key_d7( LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT, uint8_t); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 uu____0 = - libcrux_ml_kem_serialize_deserialize_to_uncompressed_ring_element_85( + libcrux_ml_kem_serialize_deserialize_to_uncompressed_ring_element_8d( secret_bytes); secret_as_ntt[i0] = uu____0; } @@ -2536,8 +2536,8 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - U_COMPRESSION_FACTOR= 10 */ static inline libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -libcrux_ml_kem_ind_cpa_deserialize_then_decompress_u_closure_6e(size_t _) { - return libcrux_ml_kem_polynomial_ZERO_89_c3(); +libcrux_ml_kem_ind_cpa_deserialize_then_decompress_u_closure_bb(size_t _) { + return libcrux_ml_kem_polynomial_ZERO_89_19(); } /** @@ -2547,7 +2547,7 @@ const generics - COEFFICIENT_BITS= 10 */ static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_portable_compress_decompress_ciphertext_coefficient_84( +libcrux_ml_kem_vector_portable_compress_decompress_ciphertext_coefficient_86( libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_ELEMENTS_IN_VECTOR; i++) { @@ -2572,9 +2572,9 @@ generics - COEFFICIENT_BITS= 10 */ static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_portable_decompress_ciphertext_coefficient_0d_b3( +libcrux_ml_kem_vector_portable_decompress_ciphertext_coefficient_0d_4c( libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { - return libcrux_ml_kem_vector_portable_compress_decompress_ciphertext_coefficient_84( + return libcrux_ml_kem_vector_portable_compress_decompress_ciphertext_coefficient_86( v); } @@ -2585,10 +2585,10 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -libcrux_ml_kem_serialize_deserialize_then_decompress_10_7d( +libcrux_ml_kem_serialize_deserialize_then_decompress_10_59( Eurydice_slice serialized) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re = - libcrux_ml_kem_polynomial_ZERO_89_c3(); + libcrux_ml_kem_polynomial_ZERO_89_19(); for (size_t i = (size_t)0U; i < Eurydice_slice_len(serialized, uint8_t) / (size_t)20U; i++) { size_t i0 = i; @@ -2597,7 +2597,7 @@ libcrux_ml_kem_serialize_deserialize_then_decompress_10_7d( libcrux_ml_kem_vector_portable_vector_type_PortableVector coefficient = libcrux_ml_kem_vector_portable_deserialize_10_0d(bytes); libcrux_ml_kem_vector_portable_vector_type_PortableVector uu____0 = - libcrux_ml_kem_vector_portable_decompress_ciphertext_coefficient_0d_b3( + libcrux_ml_kem_vector_portable_decompress_ciphertext_coefficient_0d_4c( coefficient); re.coefficients[i0] = uu____0; } @@ -2611,7 +2611,7 @@ const generics - COEFFICIENT_BITS= 11 */ static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_portable_compress_decompress_ciphertext_coefficient_840( +libcrux_ml_kem_vector_portable_compress_decompress_ciphertext_coefficient_860( libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_ELEMENTS_IN_VECTOR; i++) { @@ -2636,9 +2636,9 @@ generics - COEFFICIENT_BITS= 11 */ static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_portable_decompress_ciphertext_coefficient_0d_b30( +libcrux_ml_kem_vector_portable_decompress_ciphertext_coefficient_0d_4c0( libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { - return libcrux_ml_kem_vector_portable_compress_decompress_ciphertext_coefficient_840( + return libcrux_ml_kem_vector_portable_compress_decompress_ciphertext_coefficient_860( v); } @@ -2649,10 +2649,10 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -libcrux_ml_kem_serialize_deserialize_then_decompress_11_0d( +libcrux_ml_kem_serialize_deserialize_then_decompress_11_f3( Eurydice_slice serialized) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re = - libcrux_ml_kem_polynomial_ZERO_89_c3(); + libcrux_ml_kem_polynomial_ZERO_89_19(); for (size_t i = (size_t)0U; i < Eurydice_slice_len(serialized, uint8_t) / (size_t)22U; i++) { size_t i0 = i; @@ -2661,7 +2661,7 @@ libcrux_ml_kem_serialize_deserialize_then_decompress_11_0d( libcrux_ml_kem_vector_portable_vector_type_PortableVector coefficient = libcrux_ml_kem_vector_portable_deserialize_11_0d(bytes); libcrux_ml_kem_vector_portable_vector_type_PortableVector uu____0 = - libcrux_ml_kem_vector_portable_decompress_ciphertext_coefficient_0d_b30( + libcrux_ml_kem_vector_portable_decompress_ciphertext_coefficient_0d_4c0( coefficient); re.coefficients[i0] = uu____0; } @@ -2675,9 +2675,9 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - COMPRESSION_FACTOR= 10 */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -libcrux_ml_kem_serialize_deserialize_then_decompress_ring_element_u_45( +libcrux_ml_kem_serialize_deserialize_then_decompress_ring_element_u_ca( Eurydice_slice serialized) { - return libcrux_ml_kem_serialize_deserialize_then_decompress_10_7d(serialized); + return libcrux_ml_kem_serialize_deserialize_then_decompress_10_59(serialized); } typedef struct libcrux_ml_kem_vector_portable_vector_type_PortableVector_x2_s { @@ -2692,7 +2692,7 @@ with const generics */ static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_traits_montgomery_multiply_fe_05( +libcrux_ml_kem_vector_traits_montgomery_multiply_fe_b1( libcrux_ml_kem_vector_portable_vector_type_PortableVector v, int16_t fer) { return libcrux_ml_kem_vector_portable_montgomery_multiply_by_constant_0d(v, fer); @@ -2706,12 +2706,12 @@ with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector_x2 - libcrux_ml_kem_ntt_ntt_layer_int_vec_step_88( + libcrux_ml_kem_ntt_ntt_layer_int_vec_step_96( libcrux_ml_kem_vector_portable_vector_type_PortableVector a, libcrux_ml_kem_vector_portable_vector_type_PortableVector b, int16_t zeta_r) { libcrux_ml_kem_vector_portable_vector_type_PortableVector t = - libcrux_ml_kem_vector_traits_montgomery_multiply_fe_05(b, zeta_r); + libcrux_ml_kem_vector_traits_montgomery_multiply_fe_b1(b, zeta_r); b = libcrux_ml_kem_vector_portable_sub_0d(a, &t); a = libcrux_ml_kem_vector_portable_add_0d(a, &t); return ( @@ -2725,7 +2725,7 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static KRML_MUSTINLINE void libcrux_ml_kem_ntt_ntt_at_layer_4_plus_8c( +static KRML_MUSTINLINE void libcrux_ml_kem_ntt_ntt_at_layer_4_plus_05( size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re, size_t layer, size_t _initial_coefficient_bound) { size_t step = (size_t)1U << (uint32_t)layer; @@ -2738,7 +2738,7 @@ static KRML_MUSTINLINE void libcrux_ml_kem_ntt_ntt_at_layer_4_plus_8c( for (size_t i = offset_vec; i < offset_vec + step_vec; i++) { size_t j = i; libcrux_ml_kem_vector_portable_vector_type_PortableVector_x2 uu____0 = - libcrux_ml_kem_ntt_ntt_layer_int_vec_step_88( + libcrux_ml_kem_ntt_ntt_layer_int_vec_step_96( re->coefficients[j], re->coefficients[j + step_vec], libcrux_ml_kem_polynomial_ZETAS_TIMES_MONTGOMERY_R[zeta_i[0U]]); libcrux_ml_kem_vector_portable_vector_type_PortableVector x = uu____0.fst; @@ -2755,7 +2755,7 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static KRML_MUSTINLINE void libcrux_ml_kem_ntt_ntt_at_layer_3_34( +static KRML_MUSTINLINE void libcrux_ml_kem_ntt_ntt_at_layer_3_38( size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re, size_t _layer, size_t _initial_coefficient_bound) { for (size_t i = (size_t)0U; i < (size_t)16U; i++) { @@ -2775,7 +2775,7 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static KRML_MUSTINLINE void libcrux_ml_kem_ntt_ntt_at_layer_2_26( +static KRML_MUSTINLINE void libcrux_ml_kem_ntt_ntt_at_layer_2_6d( size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re, size_t _layer, size_t _initial_coefficient_bound) { for (size_t i = (size_t)0U; i < (size_t)16U; i++) { @@ -2797,7 +2797,7 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static KRML_MUSTINLINE void libcrux_ml_kem_ntt_ntt_at_layer_1_3c( +static KRML_MUSTINLINE void libcrux_ml_kem_ntt_ntt_at_layer_1_0b( size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re, size_t _layer, size_t _initial_coefficient_bound) { for (size_t i = (size_t)0U; i < (size_t)16U; i++) { @@ -2827,7 +2827,7 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static KRML_MUSTINLINE void libcrux_ml_kem_polynomial_poly_barrett_reduce_89_d8( +static KRML_MUSTINLINE void libcrux_ml_kem_polynomial_poly_barrett_reduce_89_62( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *self) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { @@ -2845,21 +2845,21 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - VECTOR_U_COMPRESSION_FACTOR= 10 */ -static KRML_MUSTINLINE void libcrux_ml_kem_ntt_ntt_vector_u_1c( +static KRML_MUSTINLINE void libcrux_ml_kem_ntt_ntt_vector_u_22( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re) { size_t zeta_i = (size_t)0U; - libcrux_ml_kem_ntt_ntt_at_layer_4_plus_8c(&zeta_i, re, (size_t)7U, + libcrux_ml_kem_ntt_ntt_at_layer_4_plus_05(&zeta_i, re, (size_t)7U, (size_t)3328U); - libcrux_ml_kem_ntt_ntt_at_layer_4_plus_8c(&zeta_i, re, (size_t)6U, + libcrux_ml_kem_ntt_ntt_at_layer_4_plus_05(&zeta_i, re, (size_t)6U, (size_t)3328U); - libcrux_ml_kem_ntt_ntt_at_layer_4_plus_8c(&zeta_i, re, (size_t)5U, + libcrux_ml_kem_ntt_ntt_at_layer_4_plus_05(&zeta_i, re, (size_t)5U, (size_t)3328U); - libcrux_ml_kem_ntt_ntt_at_layer_4_plus_8c(&zeta_i, re, (size_t)4U, + libcrux_ml_kem_ntt_ntt_at_layer_4_plus_05(&zeta_i, re, (size_t)4U, (size_t)3328U); - libcrux_ml_kem_ntt_ntt_at_layer_3_34(&zeta_i, re, (size_t)3U, (size_t)3328U); - libcrux_ml_kem_ntt_ntt_at_layer_2_26(&zeta_i, re, (size_t)2U, (size_t)3328U); - libcrux_ml_kem_ntt_ntt_at_layer_1_3c(&zeta_i, re, (size_t)1U, (size_t)3328U); - libcrux_ml_kem_polynomial_poly_barrett_reduce_89_d8(re); + libcrux_ml_kem_ntt_ntt_at_layer_3_38(&zeta_i, re, (size_t)3U, (size_t)3328U); + libcrux_ml_kem_ntt_ntt_at_layer_2_6d(&zeta_i, re, (size_t)2U, (size_t)3328U); + libcrux_ml_kem_ntt_ntt_at_layer_1_0b(&zeta_i, re, (size_t)1U, (size_t)3328U); + libcrux_ml_kem_polynomial_poly_barrett_reduce_89_62(re); } /** @@ -2875,12 +2875,12 @@ with const generics - U_COMPRESSION_FACTOR= 10 */ static KRML_MUSTINLINE void -libcrux_ml_kem_ind_cpa_deserialize_then_decompress_u_dc( +libcrux_ml_kem_ind_cpa_deserialize_then_decompress_u_56( uint8_t *ciphertext, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 ret[3U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 u_as_ntt[3U]; for (size_t i = (size_t)0U; i < (size_t)3U; i++) { - u_as_ntt[i] = libcrux_ml_kem_polynomial_ZERO_89_c3(); + u_as_ntt[i] = libcrux_ml_kem_polynomial_ZERO_89_19(); } for (size_t i = (size_t)0U; i < Eurydice_slice_len( @@ -2900,9 +2900,9 @@ libcrux_ml_kem_ind_cpa_deserialize_then_decompress_u_dc( (size_t)10U / (size_t)8U, uint8_t); u_as_ntt[i0] = - libcrux_ml_kem_serialize_deserialize_then_decompress_ring_element_u_45( + libcrux_ml_kem_serialize_deserialize_then_decompress_ring_element_u_ca( u_bytes); - libcrux_ml_kem_ntt_ntt_vector_u_1c(&u_as_ntt[i0]); + libcrux_ml_kem_ntt_ntt_vector_u_22(&u_as_ntt[i0]); } memcpy( ret, u_as_ntt, @@ -2916,7 +2916,7 @@ const generics - COEFFICIENT_BITS= 4 */ static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_portable_compress_decompress_ciphertext_coefficient_841( +libcrux_ml_kem_vector_portable_compress_decompress_ciphertext_coefficient_861( libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_ELEMENTS_IN_VECTOR; i++) { @@ -2941,9 +2941,9 @@ generics - COEFFICIENT_BITS= 4 */ static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_portable_decompress_ciphertext_coefficient_0d_b31( +libcrux_ml_kem_vector_portable_decompress_ciphertext_coefficient_0d_4c1( libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { - return libcrux_ml_kem_vector_portable_compress_decompress_ciphertext_coefficient_841( + return libcrux_ml_kem_vector_portable_compress_decompress_ciphertext_coefficient_861( v); } @@ -2954,10 +2954,10 @@ with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -libcrux_ml_kem_serialize_deserialize_then_decompress_4_9c( +libcrux_ml_kem_serialize_deserialize_then_decompress_4_30( Eurydice_slice serialized) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re = - libcrux_ml_kem_polynomial_ZERO_89_c3(); + libcrux_ml_kem_polynomial_ZERO_89_19(); for (size_t i = (size_t)0U; i < Eurydice_slice_len(serialized, uint8_t) / (size_t)8U; i++) { size_t i0 = i; @@ -2966,7 +2966,7 @@ libcrux_ml_kem_serialize_deserialize_then_decompress_4_9c( libcrux_ml_kem_vector_portable_vector_type_PortableVector coefficient = libcrux_ml_kem_vector_portable_deserialize_4_0d(bytes); libcrux_ml_kem_vector_portable_vector_type_PortableVector uu____0 = - libcrux_ml_kem_vector_portable_decompress_ciphertext_coefficient_0d_b31( + libcrux_ml_kem_vector_portable_decompress_ciphertext_coefficient_0d_4c1( coefficient); re.coefficients[i0] = uu____0; } @@ -2980,7 +2980,7 @@ const generics - COEFFICIENT_BITS= 5 */ static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_portable_compress_decompress_ciphertext_coefficient_842( +libcrux_ml_kem_vector_portable_compress_decompress_ciphertext_coefficient_862( libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_ELEMENTS_IN_VECTOR; i++) { @@ -3005,9 +3005,9 @@ generics - COEFFICIENT_BITS= 5 */ static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_portable_decompress_ciphertext_coefficient_0d_b32( +libcrux_ml_kem_vector_portable_decompress_ciphertext_coefficient_0d_4c2( libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { - return libcrux_ml_kem_vector_portable_compress_decompress_ciphertext_coefficient_842( + return libcrux_ml_kem_vector_portable_compress_decompress_ciphertext_coefficient_862( v); } @@ -3018,10 +3018,10 @@ with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -libcrux_ml_kem_serialize_deserialize_then_decompress_5_62( +libcrux_ml_kem_serialize_deserialize_then_decompress_5_d9( Eurydice_slice serialized) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re = - libcrux_ml_kem_polynomial_ZERO_89_c3(); + libcrux_ml_kem_polynomial_ZERO_89_19(); for (size_t i = (size_t)0U; i < Eurydice_slice_len(serialized, uint8_t) / (size_t)10U; i++) { size_t i0 = i; @@ -3030,7 +3030,7 @@ libcrux_ml_kem_serialize_deserialize_then_decompress_5_62( re.coefficients[i0] = libcrux_ml_kem_vector_portable_deserialize_5_0d(bytes); libcrux_ml_kem_vector_portable_vector_type_PortableVector uu____1 = - libcrux_ml_kem_vector_portable_decompress_ciphertext_coefficient_0d_b32( + libcrux_ml_kem_vector_portable_decompress_ciphertext_coefficient_0d_4c2( re.coefficients[i0]); re.coefficients[i0] = uu____1; } @@ -3044,9 +3044,9 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - COMPRESSION_FACTOR= 4 */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -libcrux_ml_kem_serialize_deserialize_then_decompress_ring_element_v_91( +libcrux_ml_kem_serialize_deserialize_then_decompress_ring_element_v_83( Eurydice_slice serialized) { - return libcrux_ml_kem_serialize_deserialize_then_decompress_4_9c(serialized); + return libcrux_ml_kem_serialize_deserialize_then_decompress_4_30(serialized); } /** @@ -3087,11 +3087,11 @@ with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -libcrux_ml_kem_polynomial_ntt_multiply_89_3b( +libcrux_ml_kem_polynomial_ntt_multiply_89_58( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *self, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *rhs) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 out = - libcrux_ml_kem_polynomial_ZERO_89_c3(); + libcrux_ml_kem_polynomial_ZERO_89_19(); for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { size_t i0 = i; @@ -3128,7 +3128,7 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 3 */ -static KRML_MUSTINLINE void libcrux_ml_kem_polynomial_add_to_ring_element_89_1e( +static KRML_MUSTINLINE void libcrux_ml_kem_polynomial_add_to_ring_element_89_88( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *self, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *rhs) { for (size_t i = (size_t)0U; @@ -3152,7 +3152,7 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static KRML_MUSTINLINE void libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_1_38( +static KRML_MUSTINLINE void libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_1_ed( size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re, size_t _layer) { for (size_t i = (size_t)0U; i < (size_t)16U; i++) { @@ -3178,7 +3178,7 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static KRML_MUSTINLINE void libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_2_c4( +static KRML_MUSTINLINE void libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_2_8b( size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re, size_t _layer) { for (size_t i = (size_t)0U; i < (size_t)16U; i++) { @@ -3200,7 +3200,7 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static KRML_MUSTINLINE void libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_3_69( +static KRML_MUSTINLINE void libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_3_e0( size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re, size_t _layer) { for (size_t i = (size_t)0U; i < (size_t)16U; i++) { @@ -3222,7 +3222,7 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector_x2 - libcrux_ml_kem_invert_ntt_inv_ntt_layer_int_vec_step_reduce_ea( + libcrux_ml_kem_invert_ntt_inv_ntt_layer_int_vec_step_reduce_da( libcrux_ml_kem_vector_portable_vector_type_PortableVector a, libcrux_ml_kem_vector_portable_vector_type_PortableVector b, int16_t zeta_r) { @@ -3230,7 +3230,7 @@ static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_sub_0d(b, &a); a = libcrux_ml_kem_vector_portable_barrett_reduce_0d( libcrux_ml_kem_vector_portable_add_0d(a, &b)); - b = libcrux_ml_kem_vector_traits_montgomery_multiply_fe_05(a_minus_b, zeta_r); + b = libcrux_ml_kem_vector_traits_montgomery_multiply_fe_b1(a_minus_b, zeta_r); return ( CLITERAL(libcrux_ml_kem_vector_portable_vector_type_PortableVector_x2){ .fst = a, .snd = b}); @@ -3243,7 +3243,7 @@ with const generics */ static KRML_MUSTINLINE void -libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_4_plus_7b( +libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_4_plus_e3( size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re, size_t layer) { size_t step = (size_t)1U << (uint32_t)layer; @@ -3258,7 +3258,7 @@ libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_4_plus_7b( for (size_t i = offset_vec; i < offset_vec + step_vec; i++) { size_t j = i; libcrux_ml_kem_vector_portable_vector_type_PortableVector_x2 uu____0 = - libcrux_ml_kem_invert_ntt_inv_ntt_layer_int_vec_step_reduce_ea( + libcrux_ml_kem_invert_ntt_inv_ntt_layer_int_vec_step_reduce_da( re->coefficients[j], re->coefficients[j + step_vec], libcrux_ml_kem_polynomial_ZETAS_TIMES_MONTGOMERY_R[zeta_i[0U]]); libcrux_ml_kem_vector_portable_vector_type_PortableVector x = uu____0.fst; @@ -3275,22 +3275,22 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 3 */ -static KRML_MUSTINLINE void libcrux_ml_kem_invert_ntt_invert_ntt_montgomery_ca( +static KRML_MUSTINLINE void libcrux_ml_kem_invert_ntt_invert_ntt_montgomery_d1( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re) { size_t zeta_i = LIBCRUX_ML_KEM_CONSTANTS_COEFFICIENTS_IN_RING_ELEMENT / (size_t)2U; - libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_1_38(&zeta_i, re, (size_t)1U); - libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_2_c4(&zeta_i, re, (size_t)2U); - libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_3_69(&zeta_i, re, (size_t)3U); - libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_4_plus_7b(&zeta_i, re, + libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_1_ed(&zeta_i, re, (size_t)1U); + libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_2_8b(&zeta_i, re, (size_t)2U); + libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_3_e0(&zeta_i, re, (size_t)3U); + libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_4_plus_e3(&zeta_i, re, (size_t)4U); - libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_4_plus_7b(&zeta_i, re, + libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_4_plus_e3(&zeta_i, re, (size_t)5U); - libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_4_plus_7b(&zeta_i, re, + libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_4_plus_e3(&zeta_i, re, (size_t)6U); - libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_4_plus_7b(&zeta_i, re, + libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_4_plus_e3(&zeta_i, re, (size_t)7U); - libcrux_ml_kem_polynomial_poly_barrett_reduce_89_d8(re); + libcrux_ml_kem_polynomial_poly_barrett_reduce_89_62(re); } /** @@ -3304,7 +3304,7 @@ with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -libcrux_ml_kem_polynomial_subtract_reduce_89_ac( +libcrux_ml_kem_polynomial_subtract_reduce_89_ea( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *self, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 b) { for (size_t i = (size_t)0U; @@ -3336,21 +3336,21 @@ with const generics - K= 3 */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -libcrux_ml_kem_matrix_compute_message_83( +libcrux_ml_kem_matrix_compute_message_72( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *v, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *secret_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *u_as_ntt) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 result = - libcrux_ml_kem_polynomial_ZERO_89_c3(); + libcrux_ml_kem_polynomial_ZERO_89_19(); for (size_t i = (size_t)0U; i < (size_t)3U; i++) { size_t i0 = i; libcrux_ml_kem_polynomial_PolynomialRingElement_f0 product = - libcrux_ml_kem_polynomial_ntt_multiply_89_3b(&secret_as_ntt[i0], + libcrux_ml_kem_polynomial_ntt_multiply_89_58(&secret_as_ntt[i0], &u_as_ntt[i0]); - libcrux_ml_kem_polynomial_add_to_ring_element_89_1e(&result, &product); + libcrux_ml_kem_polynomial_add_to_ring_element_89_88(&result, &product); } - libcrux_ml_kem_invert_ntt_invert_ntt_montgomery_ca(&result); - result = libcrux_ml_kem_polynomial_subtract_reduce_89_ac(v, result); + libcrux_ml_kem_invert_ntt_invert_ntt_montgomery_d1(&result); + result = libcrux_ml_kem_polynomial_subtract_reduce_89_ea(v, result); return result; } @@ -3360,7 +3360,7 @@ with const generics - SHIFT_BY= 15 */ static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_portable_arithmetic_shift_right_b0( +libcrux_ml_kem_vector_portable_arithmetic_shift_right_0f( libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_ELEMENTS_IN_VECTOR; i++) { @@ -3380,9 +3380,9 @@ with const generics - SHIFT_BY= 15 */ static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_portable_shift_right_0d_01( +libcrux_ml_kem_vector_portable_shift_right_0d_1e( libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { - return libcrux_ml_kem_vector_portable_arithmetic_shift_right_b0(v); + return libcrux_ml_kem_vector_portable_arithmetic_shift_right_0f(v); } /** @@ -3392,10 +3392,10 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_traits_to_unsigned_representative_84( +libcrux_ml_kem_vector_traits_to_unsigned_representative_5d( libcrux_ml_kem_vector_portable_vector_type_PortableVector a) { libcrux_ml_kem_vector_portable_vector_type_PortableVector t = - libcrux_ml_kem_vector_portable_shift_right_0d_01(a); + libcrux_ml_kem_vector_portable_shift_right_0d_1e(a); libcrux_ml_kem_vector_portable_vector_type_PortableVector fm = libcrux_ml_kem_vector_portable_bitwise_and_with_constant_0d( t, LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_MODULUS); @@ -3409,13 +3409,13 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ static KRML_MUSTINLINE void -libcrux_ml_kem_serialize_compress_then_serialize_message_53( +libcrux_ml_kem_serialize_compress_then_serialize_message_d8( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re, uint8_t ret[32U]) { uint8_t serialized[32U] = {0U}; for (size_t i = (size_t)0U; i < (size_t)16U; i++) { size_t i0 = i; libcrux_ml_kem_vector_portable_vector_type_PortableVector coefficient = - libcrux_ml_kem_vector_traits_to_unsigned_representative_84( + libcrux_ml_kem_vector_traits_to_unsigned_representative_5d( re.coefficients[i0]); libcrux_ml_kem_vector_portable_vector_type_PortableVector coefficient_compressed = @@ -3465,20 +3465,20 @@ with const generics - U_COMPRESSION_FACTOR= 10 - V_COMPRESSION_FACTOR= 4 */ -static inline void libcrux_ml_kem_ind_cpa_decrypt_unpacked_68( +static inline void libcrux_ml_kem_ind_cpa_decrypt_unpacked_1b( libcrux_ml_kem_ind_cpa_unpacked_IndCpaPrivateKeyUnpacked_f8 *secret_key, uint8_t *ciphertext, uint8_t ret[32U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 u_as_ntt[3U]; - libcrux_ml_kem_ind_cpa_deserialize_then_decompress_u_dc(ciphertext, u_as_ntt); + libcrux_ml_kem_ind_cpa_deserialize_then_decompress_u_56(ciphertext, u_as_ntt); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 v = - libcrux_ml_kem_serialize_deserialize_then_decompress_ring_element_v_91( + libcrux_ml_kem_serialize_deserialize_then_decompress_ring_element_v_83( Eurydice_array_to_subslice_from((size_t)1088U, ciphertext, (size_t)960U, uint8_t, size_t)); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 message = - libcrux_ml_kem_matrix_compute_message_83(&v, secret_key->secret_as_ntt, + libcrux_ml_kem_matrix_compute_message_72(&v, secret_key->secret_as_ntt, u_as_ntt); uint8_t ret0[32U]; - libcrux_ml_kem_serialize_compress_then_serialize_message_53(message, ret0); + libcrux_ml_kem_serialize_compress_then_serialize_message_d8(message, ret0); memcpy(ret, ret0, (size_t)32U * sizeof(uint8_t)); } @@ -3492,11 +3492,11 @@ with const generics - U_COMPRESSION_FACTOR= 10 - V_COMPRESSION_FACTOR= 4 */ -static inline void libcrux_ml_kem_ind_cpa_decrypt_0e(Eurydice_slice secret_key, +static inline void libcrux_ml_kem_ind_cpa_decrypt_b1(Eurydice_slice secret_key, uint8_t *ciphertext, uint8_t ret[32U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 secret_as_ntt[3U]; - libcrux_ml_kem_ind_cpa_deserialize_secret_key_d7(secret_key, secret_as_ntt); + libcrux_ml_kem_ind_cpa_deserialize_secret_key_34(secret_key, secret_as_ntt); /* Passing arrays by value in Rust generates a copy in C */ libcrux_ml_kem_polynomial_PolynomialRingElement_f0 copy_of_secret_as_ntt[3U]; memcpy( @@ -3508,7 +3508,7 @@ static inline void libcrux_ml_kem_ind_cpa_decrypt_0e(Eurydice_slice secret_key, secret_key_unpacked.secret_as_ntt, copy_of_secret_as_ntt, (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); uint8_t ret0[32U]; - libcrux_ml_kem_ind_cpa_decrypt_unpacked_68(&secret_key_unpacked, ciphertext, + libcrux_ml_kem_ind_cpa_decrypt_unpacked_1b(&secret_key_unpacked, ciphertext, ret0); memcpy(ret, ret0, (size_t)32U * sizeof(uint8_t)); } @@ -3522,7 +3522,7 @@ A monomorphic instance of libcrux_ml_kem.hash_functions.portable.G_f1 with const generics - K= 3 */ -static KRML_MUSTINLINE void libcrux_ml_kem_hash_functions_portable_G_f1_38( +static KRML_MUSTINLINE void libcrux_ml_kem_hash_functions_portable_G_f1_07( Eurydice_slice input, uint8_t ret[64U]) { libcrux_ml_kem_hash_functions_portable_G(input, ret); } @@ -3532,7 +3532,7 @@ A monomorphic instance of libcrux_ml_kem.hash_functions.portable.PRF with const generics - LEN= 32 */ -static KRML_MUSTINLINE void libcrux_ml_kem_hash_functions_portable_PRF_7c( +static KRML_MUSTINLINE void libcrux_ml_kem_hash_functions_portable_PRF_44( Eurydice_slice input, uint8_t ret[32U]) { uint8_t digest[32U] = {0U}; libcrux_sha3_portable_shake256( @@ -3550,9 +3550,9 @@ with const generics - K= 3 - LEN= 32 */ -static KRML_MUSTINLINE void libcrux_ml_kem_hash_functions_portable_PRF_f1_2e( +static KRML_MUSTINLINE void libcrux_ml_kem_hash_functions_portable_PRF_f1_9d( Eurydice_slice input, uint8_t ret[32U]) { - libcrux_ml_kem_hash_functions_portable_PRF_7c(input, ret); + libcrux_ml_kem_hash_functions_portable_PRF_44(input, ret); } /** @@ -3563,9 +3563,9 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 3 */ static inline libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_closure_05( +libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_closure_fc( size_t _i) { - return libcrux_ml_kem_polynomial_ZERO_89_c3(); + return libcrux_ml_kem_polynomial_ZERO_89_19(); } /** @@ -3581,10 +3581,10 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -libcrux_ml_kem_serialize_deserialize_to_reduced_ring_element_47( +libcrux_ml_kem_serialize_deserialize_to_reduced_ring_element_5e( Eurydice_slice serialized) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re = - libcrux_ml_kem_polynomial_ZERO_89_c3(); + libcrux_ml_kem_polynomial_ZERO_89_19(); for (size_t i = (size_t)0U; i < Eurydice_slice_len(serialized, uint8_t) / (size_t)24U; i++) { size_t i0 = i; @@ -3613,12 +3613,12 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 3 */ static KRML_MUSTINLINE void -libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_20( +libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_60( Eurydice_slice public_key, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 ret[3U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 deserialized_pk[3U]; for (size_t i = (size_t)0U; i < (size_t)3U; i++) { - deserialized_pk[i] = libcrux_ml_kem_polynomial_ZERO_89_c3(); + deserialized_pk[i] = libcrux_ml_kem_polynomial_ZERO_89_19(); } for (size_t i = (size_t)0U; i < Eurydice_slice_len(public_key, uint8_t) / @@ -3631,7 +3631,7 @@ libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_20( LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT, uint8_t); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 uu____0 = - libcrux_ml_kem_serialize_deserialize_to_reduced_ring_element_47( + libcrux_ml_kem_serialize_deserialize_to_reduced_ring_element_5e( ring_element); deserialized_pk[i0] = uu____0; } @@ -3648,8 +3648,8 @@ generics - K= 3 */ static inline libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -libcrux_ml_kem_matrix_sample_matrix_A_closure_closure_81(size_t _j) { - return libcrux_ml_kem_polynomial_ZERO_89_c3(); +libcrux_ml_kem_matrix_sample_matrix_A_closure_closure_25(size_t _j) { + return libcrux_ml_kem_polynomial_ZERO_89_19(); } /** @@ -3659,10 +3659,10 @@ libcrux_ml_kem_hash_functions_portable_PortableHash[[$3size_t]] with const generics - K= 3 */ -static inline void libcrux_ml_kem_matrix_sample_matrix_A_closure_fc( +static inline void libcrux_ml_kem_matrix_sample_matrix_A_closure_8e( size_t _i, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 ret[3U]) { for (size_t i = (size_t)0U; i < (size_t)3U; i++) { - ret[i] = libcrux_ml_kem_polynomial_ZERO_89_c3(); + ret[i] = libcrux_ml_kem_polynomial_ZERO_89_19(); } } @@ -3681,7 +3681,7 @@ libcrux_ml_kem.hash_functions.portable.shake128_init_absorb with const generics - K= 3 */ static KRML_MUSTINLINE libcrux_ml_kem_hash_functions_portable_PortableHash_58 -libcrux_ml_kem_hash_functions_portable_shake128_init_absorb_79( +libcrux_ml_kem_hash_functions_portable_shake128_init_absorb_37( uint8_t input[3U][34U]) { libcrux_sha3_generic_keccak_KeccakState_48 shake128_state[3U]; for (size_t i = (size_t)0U; i < (size_t)3U; i++) { @@ -3714,12 +3714,12 @@ generics - K= 3 */ static KRML_MUSTINLINE libcrux_ml_kem_hash_functions_portable_PortableHash_58 -libcrux_ml_kem_hash_functions_portable_shake128_init_absorb_f1_77( +libcrux_ml_kem_hash_functions_portable_shake128_init_absorb_f1_17( uint8_t input[3U][34U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_input[3U][34U]; memcpy(copy_of_input, input, (size_t)3U * sizeof(uint8_t[34U])); - return libcrux_ml_kem_hash_functions_portable_shake128_init_absorb_79( + return libcrux_ml_kem_hash_functions_portable_shake128_init_absorb_37( copy_of_input); } @@ -3730,7 +3730,7 @@ generics - K= 3 */ static KRML_MUSTINLINE void -libcrux_ml_kem_hash_functions_portable_shake128_squeeze_three_blocks_eb( +libcrux_ml_kem_hash_functions_portable_shake128_squeeze_three_blocks_72( libcrux_ml_kem_hash_functions_portable_PortableHash_58 *st, uint8_t ret[3U][504U]) { uint8_t out[3U][504U] = {{0U}}; @@ -3754,10 +3754,10 @@ const generics - K= 3 */ static KRML_MUSTINLINE void -libcrux_ml_kem_hash_functions_portable_shake128_squeeze_three_blocks_f1_84( +libcrux_ml_kem_hash_functions_portable_shake128_squeeze_three_blocks_f1_75( libcrux_ml_kem_hash_functions_portable_PortableHash_58 *self, uint8_t ret[3U][504U]) { - libcrux_ml_kem_hash_functions_portable_shake128_squeeze_three_blocks_eb(self, + libcrux_ml_kem_hash_functions_portable_shake128_squeeze_three_blocks_72(self, ret); } @@ -3810,7 +3810,7 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - N= 504 */ static KRML_MUSTINLINE bool -libcrux_ml_kem_sampling_sample_from_uniform_distribution_next_17( +libcrux_ml_kem_sampling_sample_from_uniform_distribution_next_9b( uint8_t randomness[3U][504U], size_t *sampled_coefficients, int16_t (*out)[272U]) { for (size_t i0 = (size_t)0U; i0 < (size_t)3U; i0++) { @@ -3852,7 +3852,7 @@ generics - K= 3 */ static KRML_MUSTINLINE void -libcrux_ml_kem_hash_functions_portable_shake128_squeeze_block_3b( +libcrux_ml_kem_hash_functions_portable_shake128_squeeze_block_e6( libcrux_ml_kem_hash_functions_portable_PortableHash_58 *st, uint8_t ret[3U][168U]) { uint8_t out[3U][168U] = {{0U}}; @@ -3876,10 +3876,10 @@ generics - K= 3 */ static KRML_MUSTINLINE void -libcrux_ml_kem_hash_functions_portable_shake128_squeeze_block_f1_8e( +libcrux_ml_kem_hash_functions_portable_shake128_squeeze_block_f1_48( libcrux_ml_kem_hash_functions_portable_PortableHash_58 *self, uint8_t ret[3U][168U]) { - libcrux_ml_kem_hash_functions_portable_shake128_squeeze_block_3b(self, ret); + libcrux_ml_kem_hash_functions_portable_shake128_squeeze_block_e6(self, ret); } /** @@ -3931,7 +3931,7 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - N= 168 */ static KRML_MUSTINLINE bool -libcrux_ml_kem_sampling_sample_from_uniform_distribution_next_170( +libcrux_ml_kem_sampling_sample_from_uniform_distribution_next_9b0( uint8_t randomness[3U][168U], size_t *sampled_coefficients, int16_t (*out)[272U]) { for (size_t i0 = (size_t)0U; i0 < (size_t)3U; i0++) { @@ -3977,9 +3977,9 @@ with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -libcrux_ml_kem_polynomial_from_i16_array_89_33(Eurydice_slice a) { +libcrux_ml_kem_polynomial_from_i16_array_89_4e(Eurydice_slice a) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 result = - libcrux_ml_kem_polynomial_ZERO_89_c3(); + libcrux_ml_kem_polynomial_ZERO_89_19(); for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { size_t i0 = i; @@ -4000,8 +4000,8 @@ generics - K= 3 */ static inline libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -libcrux_ml_kem_sampling_sample_from_xof_closure_e4(int16_t s[272U]) { - return libcrux_ml_kem_polynomial_from_i16_array_89_33( +libcrux_ml_kem_sampling_sample_from_xof_closure_97(int16_t s[272U]) { + return libcrux_ml_kem_polynomial_from_i16_array_89_4e( Eurydice_array_to_subslice2(s, (size_t)0U, (size_t)256U, int16_t)); } @@ -4012,7 +4012,7 @@ libcrux_ml_kem_hash_functions_portable_PortableHash[[$3size_t]] with const generics - K= 3 */ -static KRML_MUSTINLINE void libcrux_ml_kem_sampling_sample_from_xof_46( +static KRML_MUSTINLINE void libcrux_ml_kem_sampling_sample_from_xof_2f( uint8_t seeds[3U][34U], libcrux_ml_kem_polynomial_PolynomialRingElement_f0 ret[3U]) { size_t sampled_coefficients[3U] = {0U}; @@ -4021,28 +4021,28 @@ static KRML_MUSTINLINE void libcrux_ml_kem_sampling_sample_from_xof_46( uint8_t copy_of_seeds[3U][34U]; memcpy(copy_of_seeds, seeds, (size_t)3U * sizeof(uint8_t[34U])); libcrux_ml_kem_hash_functions_portable_PortableHash_58 xof_state = - libcrux_ml_kem_hash_functions_portable_shake128_init_absorb_f1_77( + libcrux_ml_kem_hash_functions_portable_shake128_init_absorb_f1_17( copy_of_seeds); uint8_t randomness0[3U][504U]; - libcrux_ml_kem_hash_functions_portable_shake128_squeeze_three_blocks_f1_84( + libcrux_ml_kem_hash_functions_portable_shake128_squeeze_three_blocks_f1_75( &xof_state, randomness0); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness0[3U][504U]; memcpy(copy_of_randomness0, randomness0, (size_t)3U * sizeof(uint8_t[504U])); - bool done = libcrux_ml_kem_sampling_sample_from_uniform_distribution_next_17( + bool done = libcrux_ml_kem_sampling_sample_from_uniform_distribution_next_9b( copy_of_randomness0, sampled_coefficients, out); while (true) { if (done) { break; } else { uint8_t randomness[3U][168U]; - libcrux_ml_kem_hash_functions_portable_shake128_squeeze_block_f1_8e( + libcrux_ml_kem_hash_functions_portable_shake128_squeeze_block_f1_48( &xof_state, randomness); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[3U][168U]; memcpy(copy_of_randomness, randomness, (size_t)3U * sizeof(uint8_t[168U])); - done = libcrux_ml_kem_sampling_sample_from_uniform_distribution_next_170( + done = libcrux_ml_kem_sampling_sample_from_uniform_distribution_next_9b0( copy_of_randomness, sampled_coefficients, out); } } @@ -4052,7 +4052,7 @@ static KRML_MUSTINLINE void libcrux_ml_kem_sampling_sample_from_xof_46( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 ret0[3U]; for (size_t i = (size_t)0U; i < (size_t)3U; i++) { ret0[i] = - libcrux_ml_kem_sampling_sample_from_xof_closure_e4(copy_of_out[i]); + libcrux_ml_kem_sampling_sample_from_xof_closure_97(copy_of_out[i]); } memcpy( ret, ret0, @@ -4066,12 +4066,12 @@ libcrux_ml_kem_hash_functions_portable_PortableHash[[$3size_t]] with const generics - K= 3 */ -static KRML_MUSTINLINE void libcrux_ml_kem_matrix_sample_matrix_A_e7( +static KRML_MUSTINLINE void libcrux_ml_kem_matrix_sample_matrix_A_3c( uint8_t seed[34U], bool transpose, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 ret[3U][3U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 A_transpose[3U][3U]; for (size_t i = (size_t)0U; i < (size_t)3U; i++) { - libcrux_ml_kem_matrix_sample_matrix_A_closure_fc(i, A_transpose[i]); + libcrux_ml_kem_matrix_sample_matrix_A_closure_8e(i, A_transpose[i]); } for (size_t i0 = (size_t)0U; i0 < (size_t)3U; i0++) { size_t i1 = i0; @@ -4091,7 +4091,7 @@ static KRML_MUSTINLINE void libcrux_ml_kem_matrix_sample_matrix_A_e7( uint8_t copy_of_seeds[3U][34U]; memcpy(copy_of_seeds, seeds, (size_t)3U * sizeof(uint8_t[34U])); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 sampled[3U]; - libcrux_ml_kem_sampling_sample_from_xof_46(copy_of_seeds, sampled); + libcrux_ml_kem_sampling_sample_from_xof_2f(copy_of_seeds, sampled); for (size_t i = (size_t)0U; i < Eurydice_slice_len( Eurydice_array_to_slice( @@ -4135,8 +4135,8 @@ generics - ETA_RANDOMNESS_SIZE= 128 */ static inline libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_closure_99(size_t _i) { - return libcrux_ml_kem_polynomial_ZERO_89_c3(); +libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_closure_0a(size_t _i) { + return libcrux_ml_kem_polynomial_ZERO_89_19(); } /** @@ -4145,7 +4145,7 @@ with const generics - K= 3 - LEN= 128 */ -static KRML_MUSTINLINE void libcrux_ml_kem_hash_functions_portable_PRFxN_1c( +static KRML_MUSTINLINE void libcrux_ml_kem_hash_functions_portable_PRFxN_d5( uint8_t (*input)[33U], uint8_t ret[3U][128U]) { uint8_t out[3U][128U] = {{0U}}; for (size_t i = (size_t)0U; i < (size_t)3U; i++) { @@ -4167,9 +4167,9 @@ with const generics - K= 3 - LEN= 128 */ -static KRML_MUSTINLINE void libcrux_ml_kem_hash_functions_portable_PRFxN_f1_d5( +static KRML_MUSTINLINE void libcrux_ml_kem_hash_functions_portable_PRFxN_f1_9f( uint8_t (*input)[33U], uint8_t ret[3U][128U]) { - libcrux_ml_kem_hash_functions_portable_PRFxN_1c(input, ret); + libcrux_ml_kem_hash_functions_portable_PRFxN_d5(input, ret); } /** @@ -4228,7 +4228,7 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -libcrux_ml_kem_sampling_sample_from_binomial_distribution_2_7b( +libcrux_ml_kem_sampling_sample_from_binomial_distribution_2_f0( Eurydice_slice randomness) { int16_t sampled_i16s[256U] = {0U}; for (size_t i0 = (size_t)0U; @@ -4263,7 +4263,7 @@ libcrux_ml_kem_sampling_sample_from_binomial_distribution_2_7b( sampled_i16s[(size_t)8U * chunk_number + offset] = outcome_1 - outcome_2; } } - return libcrux_ml_kem_polynomial_from_i16_array_89_33( + return libcrux_ml_kem_polynomial_from_i16_array_89_4e( Eurydice_array_to_slice((size_t)256U, sampled_i16s, int16_t)); } @@ -4274,7 +4274,7 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -libcrux_ml_kem_sampling_sample_from_binomial_distribution_3_14( +libcrux_ml_kem_sampling_sample_from_binomial_distribution_3_77( Eurydice_slice randomness) { int16_t sampled_i16s[256U] = {0U}; for (size_t i0 = (size_t)0U; @@ -4308,7 +4308,7 @@ libcrux_ml_kem_sampling_sample_from_binomial_distribution_3_14( sampled_i16s[(size_t)4U * chunk_number + offset] = outcome_1 - outcome_2; } } - return libcrux_ml_kem_polynomial_from_i16_array_89_33( + return libcrux_ml_kem_polynomial_from_i16_array_89_4e( Eurydice_array_to_slice((size_t)256U, sampled_i16s, int16_t)); } @@ -4319,9 +4319,9 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - ETA= 2 */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -libcrux_ml_kem_sampling_sample_from_binomial_distribution_ca( +libcrux_ml_kem_sampling_sample_from_binomial_distribution_63( Eurydice_slice randomness) { - return libcrux_ml_kem_sampling_sample_from_binomial_distribution_2_7b( + return libcrux_ml_kem_sampling_sample_from_binomial_distribution_2_f0( randomness); } @@ -4331,7 +4331,7 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static KRML_MUSTINLINE void libcrux_ml_kem_ntt_ntt_at_layer_7_60( +static KRML_MUSTINLINE void libcrux_ml_kem_ntt_ntt_at_layer_7_ca( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re) { size_t step = LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT / (size_t)2U; for (size_t i = (size_t)0U; i < step; i++) { @@ -4354,20 +4354,20 @@ with const generics */ static KRML_MUSTINLINE void -libcrux_ml_kem_ntt_ntt_binomially_sampled_ring_element_63( +libcrux_ml_kem_ntt_ntt_binomially_sampled_ring_element_c4( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re) { - libcrux_ml_kem_ntt_ntt_at_layer_7_60(re); + libcrux_ml_kem_ntt_ntt_at_layer_7_ca(re); size_t zeta_i = (size_t)1U; - libcrux_ml_kem_ntt_ntt_at_layer_4_plus_8c(&zeta_i, re, (size_t)6U, + libcrux_ml_kem_ntt_ntt_at_layer_4_plus_05(&zeta_i, re, (size_t)6U, (size_t)3U); - libcrux_ml_kem_ntt_ntt_at_layer_4_plus_8c(&zeta_i, re, (size_t)5U, + libcrux_ml_kem_ntt_ntt_at_layer_4_plus_05(&zeta_i, re, (size_t)5U, (size_t)3U); - libcrux_ml_kem_ntt_ntt_at_layer_4_plus_8c(&zeta_i, re, (size_t)4U, + libcrux_ml_kem_ntt_ntt_at_layer_4_plus_05(&zeta_i, re, (size_t)4U, (size_t)3U); - libcrux_ml_kem_ntt_ntt_at_layer_3_34(&zeta_i, re, (size_t)3U, (size_t)3U); - libcrux_ml_kem_ntt_ntt_at_layer_2_26(&zeta_i, re, (size_t)2U, (size_t)3U); - libcrux_ml_kem_ntt_ntt_at_layer_1_3c(&zeta_i, re, (size_t)1U, (size_t)3U); - libcrux_ml_kem_polynomial_poly_barrett_reduce_89_d8(re); + libcrux_ml_kem_ntt_ntt_at_layer_3_38(&zeta_i, re, (size_t)3U, (size_t)3U); + libcrux_ml_kem_ntt_ntt_at_layer_2_6d(&zeta_i, re, (size_t)2U, (size_t)3U); + libcrux_ml_kem_ntt_ntt_at_layer_1_0b(&zeta_i, re, (size_t)1U, (size_t)3U); + libcrux_ml_kem_polynomial_poly_barrett_reduce_89_62(re); } /** @@ -4384,11 +4384,11 @@ generics - ETA_RANDOMNESS_SIZE= 128 */ static KRML_MUSTINLINE tuple_b0 -libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_78(uint8_t prf_input[33U], +libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_ce(uint8_t prf_input[33U], uint8_t domain_separator) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re_as_ntt[3U]; for (size_t i = (size_t)0U; i < (size_t)3U; i++) { - re_as_ntt[i] = libcrux_ml_kem_polynomial_ZERO_89_c3(); + re_as_ntt[i] = libcrux_ml_kem_polynomial_ZERO_89_19(); } /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_prf_input[33U]; @@ -4403,13 +4403,13 @@ libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_78(uint8_t prf_input[33U], domain_separator = (uint32_t)domain_separator + 1U; } uint8_t prf_outputs[3U][128U]; - libcrux_ml_kem_hash_functions_portable_PRFxN_f1_d5(prf_inputs, prf_outputs); + libcrux_ml_kem_hash_functions_portable_PRFxN_f1_9f(prf_inputs, prf_outputs); for (size_t i = (size_t)0U; i < (size_t)3U; i++) { size_t i0 = i; re_as_ntt[i0] = - libcrux_ml_kem_sampling_sample_from_binomial_distribution_ca( + libcrux_ml_kem_sampling_sample_from_binomial_distribution_63( Eurydice_array_to_slice((size_t)128U, prf_outputs[i0], uint8_t)); - libcrux_ml_kem_ntt_ntt_binomially_sampled_ring_element_63(&re_as_ntt[i0]); + libcrux_ml_kem_ntt_ntt_binomially_sampled_ring_element_c4(&re_as_ntt[i0]); } /* Passing arrays by value in Rust generates a copy in C */ libcrux_ml_kem_polynomial_PolynomialRingElement_f0 copy_of_re_as_ntt[3U]; @@ -4434,8 +4434,8 @@ generics - ETA2= 2 */ static inline libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -libcrux_ml_kem_ind_cpa_sample_ring_element_cbd_closure_f5(size_t _i) { - return libcrux_ml_kem_polynomial_ZERO_89_c3(); +libcrux_ml_kem_ind_cpa_sample_ring_element_cbd_closure_97(size_t _i) { + return libcrux_ml_kem_polynomial_ZERO_89_19(); } /** @@ -4451,11 +4451,11 @@ generics - ETA2= 2 */ static KRML_MUSTINLINE tuple_b0 -libcrux_ml_kem_ind_cpa_sample_ring_element_cbd_6d(uint8_t prf_input[33U], +libcrux_ml_kem_ind_cpa_sample_ring_element_cbd_54(uint8_t prf_input[33U], uint8_t domain_separator) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 error_1[3U]; for (size_t i = (size_t)0U; i < (size_t)3U; i++) { - error_1[i] = libcrux_ml_kem_polynomial_ZERO_89_c3(); + error_1[i] = libcrux_ml_kem_polynomial_ZERO_89_19(); } /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_prf_input[33U]; @@ -4470,11 +4470,11 @@ libcrux_ml_kem_ind_cpa_sample_ring_element_cbd_6d(uint8_t prf_input[33U], domain_separator = (uint32_t)domain_separator + 1U; } uint8_t prf_outputs[3U][128U]; - libcrux_ml_kem_hash_functions_portable_PRFxN_f1_d5(prf_inputs, prf_outputs); + libcrux_ml_kem_hash_functions_portable_PRFxN_f1_9f(prf_inputs, prf_outputs); for (size_t i = (size_t)0U; i < (size_t)3U; i++) { size_t i0 = i; libcrux_ml_kem_polynomial_PolynomialRingElement_f0 uu____1 = - libcrux_ml_kem_sampling_sample_from_binomial_distribution_ca( + libcrux_ml_kem_sampling_sample_from_binomial_distribution_63( Eurydice_array_to_slice((size_t)128U, prf_outputs[i0], uint8_t)); error_1[i0] = uu____1; } @@ -4496,7 +4496,7 @@ A monomorphic instance of libcrux_ml_kem.hash_functions.portable.PRF with const generics - LEN= 128 */ -static KRML_MUSTINLINE void libcrux_ml_kem_hash_functions_portable_PRF_7c0( +static KRML_MUSTINLINE void libcrux_ml_kem_hash_functions_portable_PRF_440( Eurydice_slice input, uint8_t ret[128U]) { uint8_t digest[128U] = {0U}; libcrux_sha3_portable_shake256( @@ -4514,9 +4514,9 @@ with const generics - K= 3 - LEN= 128 */ -static KRML_MUSTINLINE void libcrux_ml_kem_hash_functions_portable_PRF_f1_2e0( +static KRML_MUSTINLINE void libcrux_ml_kem_hash_functions_portable_PRF_f1_9d0( Eurydice_slice input, uint8_t ret[128U]) { - libcrux_ml_kem_hash_functions_portable_PRF_7c0(input, ret); + libcrux_ml_kem_hash_functions_portable_PRF_440(input, ret); } /** @@ -4526,8 +4526,8 @@ with const generics - K= 3 */ static inline libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -libcrux_ml_kem_matrix_compute_vector_u_closure_57(size_t _i) { - return libcrux_ml_kem_polynomial_ZERO_89_c3(); +libcrux_ml_kem_matrix_compute_vector_u_closure_f1(size_t _i) { + return libcrux_ml_kem_polynomial_ZERO_89_19(); } /** @@ -4540,7 +4540,7 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static KRML_MUSTINLINE void libcrux_ml_kem_polynomial_add_error_reduce_89_27( +static KRML_MUSTINLINE void libcrux_ml_kem_polynomial_add_error_reduce_89_aa( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *self, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *error) { for (size_t i = (size_t)0U; @@ -4567,14 +4567,14 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 3 */ -static KRML_MUSTINLINE void libcrux_ml_kem_matrix_compute_vector_u_59( +static KRML_MUSTINLINE void libcrux_ml_kem_matrix_compute_vector_u_62( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 (*a_as_ntt)[3U], libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *r_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *error_1, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 ret[3U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 result[3U]; for (size_t i = (size_t)0U; i < (size_t)3U; i++) { - result[i] = libcrux_ml_kem_polynomial_ZERO_89_c3(); + result[i] = libcrux_ml_kem_polynomial_ZERO_89_19(); } for (size_t i0 = (size_t)0U; i0 < Eurydice_slice_len( @@ -4595,12 +4595,12 @@ static KRML_MUSTINLINE void libcrux_ml_kem_matrix_compute_vector_u_59( size_t j = i; libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *a_element = &row[j]; libcrux_ml_kem_polynomial_PolynomialRingElement_f0 product = - libcrux_ml_kem_polynomial_ntt_multiply_89_3b(a_element, &r_as_ntt[j]); - libcrux_ml_kem_polynomial_add_to_ring_element_89_1e(&result[i1], + libcrux_ml_kem_polynomial_ntt_multiply_89_58(a_element, &r_as_ntt[j]); + libcrux_ml_kem_polynomial_add_to_ring_element_89_88(&result[i1], &product); } - libcrux_ml_kem_invert_ntt_invert_ntt_montgomery_ca(&result[i1]); - libcrux_ml_kem_polynomial_add_error_reduce_89_27(&result[i1], &error_1[i1]); + libcrux_ml_kem_invert_ntt_invert_ntt_montgomery_d1(&result[i1]); + libcrux_ml_kem_polynomial_add_error_reduce_89_aa(&result[i1], &error_1[i1]); } memcpy( ret, result, @@ -4614,7 +4614,7 @@ with const generics */ static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_traits_decompress_1_0c( +libcrux_ml_kem_vector_traits_decompress_1_97( libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { libcrux_ml_kem_vector_portable_vector_type_PortableVector uu____0 = libcrux_ml_kem_vector_portable_ZERO_0d(); @@ -4629,10 +4629,10 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -libcrux_ml_kem_serialize_deserialize_then_decompress_message_c4( +libcrux_ml_kem_serialize_deserialize_then_decompress_message_57( uint8_t serialized[32U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re = - libcrux_ml_kem_polynomial_ZERO_89_c3(); + libcrux_ml_kem_polynomial_ZERO_89_19(); for (size_t i = (size_t)0U; i < (size_t)16U; i++) { size_t i0 = i; libcrux_ml_kem_vector_portable_vector_type_PortableVector @@ -4642,7 +4642,7 @@ libcrux_ml_kem_serialize_deserialize_then_decompress_message_c4( (size_t)2U * i0 + (size_t)2U, uint8_t)); libcrux_ml_kem_vector_portable_vector_type_PortableVector uu____0 = - libcrux_ml_kem_vector_traits_decompress_1_0c(coefficient_compressed); + libcrux_ml_kem_vector_traits_decompress_1_97(coefficient_compressed); re.coefficients[i0] = uu____0; } return re; @@ -4659,7 +4659,7 @@ with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -libcrux_ml_kem_polynomial_add_message_error_reduce_89_d3( +libcrux_ml_kem_polynomial_add_message_error_reduce_89_7e( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *self, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *message, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 result) { @@ -4692,22 +4692,22 @@ with const generics - K= 3 */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -libcrux_ml_kem_matrix_compute_ring_element_v_db( +libcrux_ml_kem_matrix_compute_ring_element_v_2f( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *t_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *r_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *error_2, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *message) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 result = - libcrux_ml_kem_polynomial_ZERO_89_c3(); + libcrux_ml_kem_polynomial_ZERO_89_19(); for (size_t i = (size_t)0U; i < (size_t)3U; i++) { size_t i0 = i; libcrux_ml_kem_polynomial_PolynomialRingElement_f0 product = - libcrux_ml_kem_polynomial_ntt_multiply_89_3b(&t_as_ntt[i0], + libcrux_ml_kem_polynomial_ntt_multiply_89_58(&t_as_ntt[i0], &r_as_ntt[i0]); - libcrux_ml_kem_polynomial_add_to_ring_element_89_1e(&result, &product); + libcrux_ml_kem_polynomial_add_to_ring_element_89_88(&result, &product); } - libcrux_ml_kem_invert_ntt_invert_ntt_montgomery_ca(&result); - result = libcrux_ml_kem_polynomial_add_message_error_reduce_89_d3( + libcrux_ml_kem_invert_ntt_invert_ntt_montgomery_d1(&result); + result = libcrux_ml_kem_polynomial_add_message_error_reduce_89_7e( error_2, message, result); return result; } @@ -4718,7 +4718,7 @@ with const generics - COEFFICIENT_BITS= 10 */ static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_portable_compress_compress_dc( +libcrux_ml_kem_vector_portable_compress_compress_53( libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_ELEMENTS_IN_VECTOR; i++) { @@ -4741,9 +4741,9 @@ with const generics - COEFFICIENT_BITS= 10 */ static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_portable_compress_0d_96( +libcrux_ml_kem_vector_portable_compress_0d_fd( libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { - return libcrux_ml_kem_vector_portable_compress_compress_dc(v); + return libcrux_ml_kem_vector_portable_compress_compress_53(v); } /** @@ -4753,15 +4753,15 @@ with const generics - OUT_LEN= 320 */ static KRML_MUSTINLINE void -libcrux_ml_kem_serialize_compress_then_serialize_10_18( +libcrux_ml_kem_serialize_compress_then_serialize_10_43( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re, uint8_t ret[320U]) { uint8_t serialized[320U] = {0U}; for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { size_t i0 = i; libcrux_ml_kem_vector_portable_vector_type_PortableVector coefficient = - libcrux_ml_kem_vector_portable_compress_0d_96( - libcrux_ml_kem_vector_traits_to_unsigned_representative_84( + libcrux_ml_kem_vector_portable_compress_0d_fd( + libcrux_ml_kem_vector_traits_to_unsigned_representative_5d( re->coefficients[i0])); uint8_t bytes[20U]; libcrux_ml_kem_vector_portable_serialize_10_0d(coefficient, bytes); @@ -4779,7 +4779,7 @@ with const generics - COEFFICIENT_BITS= 11 */ static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_portable_compress_compress_dc0( +libcrux_ml_kem_vector_portable_compress_compress_530( libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_ELEMENTS_IN_VECTOR; i++) { @@ -4802,9 +4802,9 @@ with const generics - COEFFICIENT_BITS= 11 */ static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_portable_compress_0d_960( +libcrux_ml_kem_vector_portable_compress_0d_fd0( libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { - return libcrux_ml_kem_vector_portable_compress_compress_dc0(v); + return libcrux_ml_kem_vector_portable_compress_compress_530(v); } /** @@ -4814,15 +4814,15 @@ with const generics - OUT_LEN= 320 */ static KRML_MUSTINLINE void -libcrux_ml_kem_serialize_compress_then_serialize_11_82( +libcrux_ml_kem_serialize_compress_then_serialize_11_f7( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re, uint8_t ret[320U]) { uint8_t serialized[320U] = {0U}; for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { size_t i0 = i; libcrux_ml_kem_vector_portable_vector_type_PortableVector coefficient = - libcrux_ml_kem_vector_portable_compress_0d_960( - libcrux_ml_kem_vector_traits_to_unsigned_representative_84( + libcrux_ml_kem_vector_portable_compress_0d_fd0( + libcrux_ml_kem_vector_traits_to_unsigned_representative_5d( re->coefficients[i0])); uint8_t bytes[22U]; libcrux_ml_kem_vector_portable_serialize_11_0d(coefficient, bytes); @@ -4842,10 +4842,10 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - OUT_LEN= 320 */ static KRML_MUSTINLINE void -libcrux_ml_kem_serialize_compress_then_serialize_ring_element_u_24( +libcrux_ml_kem_serialize_compress_then_serialize_ring_element_u_9c( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re, uint8_t ret[320U]) { uint8_t uu____0[320U]; - libcrux_ml_kem_serialize_compress_then_serialize_10_18(re, uu____0); + libcrux_ml_kem_serialize_compress_then_serialize_10_43(re, uu____0); memcpy(ret, uu____0, (size_t)320U * sizeof(uint8_t)); } @@ -4861,7 +4861,7 @@ with const generics - COMPRESSION_FACTOR= 10 - BLOCK_LEN= 320 */ -static inline void libcrux_ml_kem_ind_cpa_compress_then_serialize_u_e6( +static inline void libcrux_ml_kem_ind_cpa_compress_then_serialize_u_bb( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 input[3U], Eurydice_slice out) { for (size_t i = (size_t)0U; @@ -4877,7 +4877,7 @@ static inline void libcrux_ml_kem_ind_cpa_compress_then_serialize_u_e6( out, i0 * ((size_t)960U / (size_t)3U), (i0 + (size_t)1U) * ((size_t)960U / (size_t)3U), uint8_t); uint8_t ret[320U]; - libcrux_ml_kem_serialize_compress_then_serialize_ring_element_u_24(&re, + libcrux_ml_kem_serialize_compress_then_serialize_ring_element_u_9c(&re, ret); Eurydice_slice_copy( uu____0, Eurydice_array_to_slice((size_t)320U, ret, uint8_t), uint8_t); @@ -4890,7 +4890,7 @@ with const generics - COEFFICIENT_BITS= 4 */ static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_portable_compress_compress_dc1( +libcrux_ml_kem_vector_portable_compress_compress_531( libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_ELEMENTS_IN_VECTOR; i++) { @@ -4913,9 +4913,9 @@ with const generics - COEFFICIENT_BITS= 4 */ static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_portable_compress_0d_961( +libcrux_ml_kem_vector_portable_compress_0d_fd1( libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { - return libcrux_ml_kem_vector_portable_compress_compress_dc1(v); + return libcrux_ml_kem_vector_portable_compress_compress_531(v); } /** @@ -4925,15 +4925,15 @@ with const generics */ static KRML_MUSTINLINE void -libcrux_ml_kem_serialize_compress_then_serialize_4_19( +libcrux_ml_kem_serialize_compress_then_serialize_4_12( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re, Eurydice_slice serialized) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { size_t i0 = i; libcrux_ml_kem_vector_portable_vector_type_PortableVector coefficient = - libcrux_ml_kem_vector_portable_compress_0d_961( - libcrux_ml_kem_vector_traits_to_unsigned_representative_84( + libcrux_ml_kem_vector_portable_compress_0d_fd1( + libcrux_ml_kem_vector_traits_to_unsigned_representative_5d( re.coefficients[i0])); uint8_t bytes[8U]; libcrux_ml_kem_vector_portable_serialize_4_0d(coefficient, bytes); @@ -4950,7 +4950,7 @@ with const generics - COEFFICIENT_BITS= 5 */ static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_portable_compress_compress_dc2( +libcrux_ml_kem_vector_portable_compress_compress_532( libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_ELEMENTS_IN_VECTOR; i++) { @@ -4973,9 +4973,9 @@ with const generics - COEFFICIENT_BITS= 5 */ static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_portable_compress_0d_962( +libcrux_ml_kem_vector_portable_compress_0d_fd2( libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { - return libcrux_ml_kem_vector_portable_compress_compress_dc2(v); + return libcrux_ml_kem_vector_portable_compress_compress_532(v); } /** @@ -4985,15 +4985,15 @@ with const generics */ static KRML_MUSTINLINE void -libcrux_ml_kem_serialize_compress_then_serialize_5_02( +libcrux_ml_kem_serialize_compress_then_serialize_5_cb( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re, Eurydice_slice serialized) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { size_t i0 = i; libcrux_ml_kem_vector_portable_vector_type_PortableVector coefficients = - libcrux_ml_kem_vector_portable_compress_0d_962( - libcrux_ml_kem_vector_traits_to_unsigned_representative_84( + libcrux_ml_kem_vector_portable_compress_0d_fd2( + libcrux_ml_kem_vector_traits_to_unsigned_representative_5d( re.coefficients[i0])); uint8_t bytes[10U]; libcrux_ml_kem_vector_portable_serialize_5_0d(coefficients, bytes); @@ -5012,9 +5012,9 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - OUT_LEN= 128 */ static KRML_MUSTINLINE void -libcrux_ml_kem_serialize_compress_then_serialize_ring_element_v_47( +libcrux_ml_kem_serialize_compress_then_serialize_ring_element_v_3b( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re, Eurydice_slice out) { - libcrux_ml_kem_serialize_compress_then_serialize_4_19(re, out); + libcrux_ml_kem_serialize_compress_then_serialize_4_12(re, out); } /** @@ -5035,26 +5035,26 @@ generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -static inline void libcrux_ml_kem_ind_cpa_encrypt_b4(Eurydice_slice public_key, +static inline void libcrux_ml_kem_ind_cpa_encrypt_d8(Eurydice_slice public_key, uint8_t message[32U], Eurydice_slice randomness, uint8_t ret[1088U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 t_as_ntt[3U]; - libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_20( + libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_60( Eurydice_slice_subslice_to(public_key, (size_t)1152U, uint8_t, size_t), t_as_ntt); Eurydice_slice seed = Eurydice_slice_subslice_from(public_key, (size_t)1152U, uint8_t, size_t); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 A[3U][3U]; uint8_t ret0[34U]; - libcrux_ml_kem_utils_into_padded_array_6d1(seed, ret0); - libcrux_ml_kem_matrix_sample_matrix_A_e7(ret0, false, A); + libcrux_ml_kem_utils_into_padded_array_421(seed, ret0); + libcrux_ml_kem_matrix_sample_matrix_A_3c(ret0, false, A); uint8_t prf_input[33U]; - libcrux_ml_kem_utils_into_padded_array_6d2(randomness, prf_input); + libcrux_ml_kem_utils_into_padded_array_422(randomness, prf_input); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_prf_input0[33U]; memcpy(copy_of_prf_input0, prf_input, (size_t)33U * sizeof(uint8_t)); - tuple_b0 uu____1 = libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_78( + tuple_b0 uu____1 = libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_ce( copy_of_prf_input0, 0U); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 r_as_ntt[3U]; memcpy( @@ -5064,7 +5064,7 @@ static inline void libcrux_ml_kem_ind_cpa_encrypt_b4(Eurydice_slice public_key, /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_prf_input[33U]; memcpy(copy_of_prf_input, prf_input, (size_t)33U * sizeof(uint8_t)); - tuple_b0 uu____3 = libcrux_ml_kem_ind_cpa_sample_ring_element_cbd_6d( + tuple_b0 uu____3 = libcrux_ml_kem_ind_cpa_sample_ring_element_cbd_54( copy_of_prf_input, domain_separator0); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 error_1[3U]; memcpy( @@ -5073,32 +5073,32 @@ static inline void libcrux_ml_kem_ind_cpa_encrypt_b4(Eurydice_slice public_key, uint8_t domain_separator = uu____3.snd; prf_input[32U] = domain_separator; uint8_t prf_output[128U]; - libcrux_ml_kem_hash_functions_portable_PRF_f1_2e0( + libcrux_ml_kem_hash_functions_portable_PRF_f1_9d0( Eurydice_array_to_slice((size_t)33U, prf_input, uint8_t), prf_output); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 error_2 = - libcrux_ml_kem_sampling_sample_from_binomial_distribution_ca( + libcrux_ml_kem_sampling_sample_from_binomial_distribution_63( Eurydice_array_to_slice((size_t)128U, prf_output, uint8_t)); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 u[3U]; - libcrux_ml_kem_matrix_compute_vector_u_59(A, r_as_ntt, error_1, u); + libcrux_ml_kem_matrix_compute_vector_u_62(A, r_as_ntt, error_1, u); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_message[32U]; memcpy(copy_of_message, message, (size_t)32U * sizeof(uint8_t)); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 message_as_ring_element = - libcrux_ml_kem_serialize_deserialize_then_decompress_message_c4( + libcrux_ml_kem_serialize_deserialize_then_decompress_message_57( copy_of_message); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 v = - libcrux_ml_kem_matrix_compute_ring_element_v_db( + libcrux_ml_kem_matrix_compute_ring_element_v_2f( t_as_ntt, r_as_ntt, &error_2, &message_as_ring_element); uint8_t ciphertext[1088U] = {0U}; libcrux_ml_kem_polynomial_PolynomialRingElement_f0 uu____5[3U]; memcpy( uu____5, u, (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); - libcrux_ml_kem_ind_cpa_compress_then_serialize_u_e6( + libcrux_ml_kem_ind_cpa_compress_then_serialize_u_bb( uu____5, Eurydice_array_to_subslice2(ciphertext, (size_t)0U, (size_t)960U, uint8_t)); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 uu____6 = v; - libcrux_ml_kem_serialize_compress_then_serialize_ring_element_v_47( + libcrux_ml_kem_serialize_compress_then_serialize_ring_element_v_3b( uu____6, Eurydice_array_to_subslice_from((size_t)1088U, ciphertext, (size_t)960U, uint8_t, size_t)); memcpy(ret, ciphertext, (size_t)1088U * sizeof(uint8_t)); @@ -5115,7 +5115,7 @@ with const generics - K= 3 - CIPHERTEXT_SIZE= 1088 */ -static KRML_MUSTINLINE void libcrux_ml_kem_variant_kdf_d8_c5( +static KRML_MUSTINLINE void libcrux_ml_kem_variant_kdf_d8_97( Eurydice_slice shared_secret, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *_, uint8_t ret[32U]) { uint8_t out[32U] = {0U}; @@ -5146,7 +5146,7 @@ libcrux_ml_kem_variant_MlKem with const generics - ETA2_RANDOMNESS_SIZE= 128 - IMPLICIT_REJECTION_HASH_INPUT_SIZE= 1120 */ -static inline void libcrux_ml_kem_ind_cca_decapsulate_d3( +static inline void libcrux_ml_kem_ind_cca_decapsulate_a6( libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext, uint8_t ret[32U]) { Eurydice_slice_uint8_t_x2 uu____0 = Eurydice_slice_split_at( @@ -5164,10 +5164,10 @@ static inline void libcrux_ml_kem_ind_cca_decapsulate_d3( Eurydice_slice ind_cpa_public_key_hash = uu____2.fst; Eurydice_slice implicit_rejection_value = uu____2.snd; uint8_t decrypted[32U]; - libcrux_ml_kem_ind_cpa_decrypt_0e(ind_cpa_secret_key, ciphertext->value, + libcrux_ml_kem_ind_cpa_decrypt_b1(ind_cpa_secret_key, ciphertext->value, decrypted); uint8_t to_hash0[64U]; - libcrux_ml_kem_utils_into_padded_array_6d( + libcrux_ml_kem_utils_into_padded_array_42( Eurydice_array_to_slice((size_t)32U, decrypted, uint8_t), to_hash0); Eurydice_slice_copy( Eurydice_array_to_subslice_from( @@ -5175,7 +5175,7 @@ static inline void libcrux_ml_kem_ind_cca_decapsulate_d3( uint8_t, size_t), ind_cpa_public_key_hash, uint8_t); uint8_t hashed[64U]; - libcrux_ml_kem_hash_functions_portable_G_f1_38( + libcrux_ml_kem_hash_functions_portable_G_f1_07( Eurydice_array_to_slice((size_t)64U, to_hash0, uint8_t), hashed); Eurydice_slice_uint8_t_x2 uu____3 = Eurydice_slice_split_at( Eurydice_array_to_slice((size_t)64U, hashed, uint8_t), @@ -5184,14 +5184,14 @@ static inline void libcrux_ml_kem_ind_cca_decapsulate_d3( Eurydice_slice shared_secret0 = uu____3.fst; Eurydice_slice pseudorandomness = uu____3.snd; uint8_t to_hash[1120U]; - libcrux_ml_kem_utils_into_padded_array_6d0(implicit_rejection_value, to_hash); + libcrux_ml_kem_utils_into_padded_array_420(implicit_rejection_value, to_hash); Eurydice_slice uu____4 = Eurydice_array_to_subslice_from( (size_t)1120U, to_hash, LIBCRUX_ML_KEM_CONSTANTS_SHARED_SECRET_SIZE, uint8_t, size_t); - Eurydice_slice_copy(uu____4, libcrux_ml_kem_types_as_ref_00_d6(ciphertext), + Eurydice_slice_copy(uu____4, libcrux_ml_kem_types_as_ref_00_cf(ciphertext), uint8_t); uint8_t implicit_rejection_shared_secret0[32U]; - libcrux_ml_kem_hash_functions_portable_PRF_f1_2e( + libcrux_ml_kem_hash_functions_portable_PRF_f1_9d( Eurydice_array_to_slice((size_t)1120U, to_hash, uint8_t), implicit_rejection_shared_secret0); Eurydice_slice uu____5 = ind_cpa_public_key; @@ -5199,18 +5199,18 @@ static inline void libcrux_ml_kem_ind_cca_decapsulate_d3( uint8_t copy_of_decrypted[32U]; memcpy(copy_of_decrypted, decrypted, (size_t)32U * sizeof(uint8_t)); uint8_t expected_ciphertext[1088U]; - libcrux_ml_kem_ind_cpa_encrypt_b4(uu____5, copy_of_decrypted, + libcrux_ml_kem_ind_cpa_encrypt_d8(uu____5, copy_of_decrypted, pseudorandomness, expected_ciphertext); uint8_t implicit_rejection_shared_secret[32U]; - libcrux_ml_kem_variant_kdf_d8_c5( + libcrux_ml_kem_variant_kdf_d8_97( Eurydice_array_to_slice((size_t)32U, implicit_rejection_shared_secret0, uint8_t), ciphertext, implicit_rejection_shared_secret); uint8_t shared_secret[32U]; - libcrux_ml_kem_variant_kdf_d8_c5(shared_secret0, ciphertext, shared_secret); + libcrux_ml_kem_variant_kdf_d8_97(shared_secret0, ciphertext, shared_secret); uint8_t ret0[32U]; libcrux_ml_kem_constant_time_ops_compare_ciphertexts_select_shared_secret_in_constant_time( - libcrux_ml_kem_types_as_ref_00_d6(ciphertext), + libcrux_ml_kem_types_as_ref_00_cf(ciphertext), Eurydice_array_to_slice((size_t)1088U, expected_ciphertext, uint8_t), Eurydice_array_to_slice((size_t)32U, shared_secret, uint8_t), Eurydice_array_to_slice((size_t)32U, implicit_rejection_shared_secret, @@ -5243,10 +5243,10 @@ libcrux_ml_kem.ind_cca.instantiations.portable.decapsulate with const generics - IMPLICIT_REJECTION_HASH_INPUT_SIZE= 1120 */ static inline void -libcrux_ml_kem_ind_cca_instantiations_portable_decapsulate_c7( +libcrux_ml_kem_ind_cca_instantiations_portable_decapsulate_b0( libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext, uint8_t ret[32U]) { - libcrux_ml_kem_ind_cca_decapsulate_d3(private_key, ciphertext, ret); + libcrux_ml_kem_ind_cca_decapsulate_a6(private_key, ciphertext, ret); } /** @@ -5259,7 +5259,7 @@ libcrux_ml_kem_ind_cca_instantiations_portable_decapsulate_c7( static inline void libcrux_ml_kem_mlkem768_portable_decapsulate( libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext, uint8_t ret[32U]) { - libcrux_ml_kem_ind_cca_instantiations_portable_decapsulate_c7( + libcrux_ml_kem_ind_cca_instantiations_portable_decapsulate_b0( private_key, ciphertext, ret); } @@ -5273,7 +5273,7 @@ with types libcrux_ml_kem_hash_functions_portable_PortableHash[[$3size_t]] with const generics - K= 3 */ -static KRML_MUSTINLINE void libcrux_ml_kem_variant_entropy_preprocess_d8_9f( +static KRML_MUSTINLINE void libcrux_ml_kem_variant_entropy_preprocess_d8_2b( Eurydice_slice randomness, uint8_t ret[32U]) { uint8_t out[32U] = {0U}; Eurydice_slice_copy(Eurydice_array_to_slice((size_t)32U, out, uint8_t), @@ -5290,7 +5290,7 @@ A monomorphic instance of libcrux_ml_kem.hash_functions.portable.H_f1 with const generics - K= 3 */ -static KRML_MUSTINLINE void libcrux_ml_kem_hash_functions_portable_H_f1_19( +static KRML_MUSTINLINE void libcrux_ml_kem_hash_functions_portable_H_f1_c6( Eurydice_slice input, uint8_t ret[32U]) { libcrux_ml_kem_hash_functions_portable_H(input, ret); } @@ -5314,28 +5314,28 @@ libcrux_ml_kem_variant_MlKem with const generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -static inline tuple_3c libcrux_ml_kem_ind_cca_encapsulate_c4( +static inline tuple_3c libcrux_ml_kem_ind_cca_encapsulate_23( libcrux_ml_kem_types_MlKemPublicKey_15 *public_key, uint8_t randomness[32U]) { uint8_t randomness0[32U]; - libcrux_ml_kem_variant_entropy_preprocess_d8_9f( + libcrux_ml_kem_variant_entropy_preprocess_d8_2b( Eurydice_array_to_slice((size_t)32U, randomness, uint8_t), randomness0); uint8_t to_hash[64U]; - libcrux_ml_kem_utils_into_padded_array_6d( + libcrux_ml_kem_utils_into_padded_array_42( Eurydice_array_to_slice((size_t)32U, randomness0, uint8_t), to_hash); Eurydice_slice uu____0 = Eurydice_array_to_subslice_from( (size_t)64U, to_hash, LIBCRUX_ML_KEM_CONSTANTS_H_DIGEST_SIZE, uint8_t, size_t); uint8_t ret[32U]; - libcrux_ml_kem_hash_functions_portable_H_f1_19( + libcrux_ml_kem_hash_functions_portable_H_f1_c6( Eurydice_array_to_slice((size_t)1184U, - libcrux_ml_kem_types_as_slice_cb_07(public_key), + libcrux_ml_kem_types_as_slice_cb_00(public_key), uint8_t), ret); Eurydice_slice_copy( uu____0, Eurydice_array_to_slice((size_t)32U, ret, uint8_t), uint8_t); uint8_t hashed[64U]; - libcrux_ml_kem_hash_functions_portable_G_f1_38( + libcrux_ml_kem_hash_functions_portable_G_f1_07( Eurydice_array_to_slice((size_t)64U, to_hash, uint8_t), hashed); Eurydice_slice_uint8_t_x2 uu____1 = Eurydice_slice_split_at( Eurydice_array_to_slice((size_t)64U, hashed, uint8_t), @@ -5344,20 +5344,20 @@ static inline tuple_3c libcrux_ml_kem_ind_cca_encapsulate_c4( Eurydice_slice shared_secret = uu____1.fst; Eurydice_slice pseudorandomness = uu____1.snd; Eurydice_slice uu____2 = Eurydice_array_to_slice( - (size_t)1184U, libcrux_ml_kem_types_as_slice_cb_07(public_key), uint8_t); + (size_t)1184U, libcrux_ml_kem_types_as_slice_cb_00(public_key), uint8_t); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness0, (size_t)32U * sizeof(uint8_t)); uint8_t ciphertext[1088U]; - libcrux_ml_kem_ind_cpa_encrypt_b4(uu____2, copy_of_randomness, + libcrux_ml_kem_ind_cpa_encrypt_d8(uu____2, copy_of_randomness, pseudorandomness, ciphertext); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_ciphertext[1088U]; memcpy(copy_of_ciphertext, ciphertext, (size_t)1088U * sizeof(uint8_t)); libcrux_ml_kem_mlkem768_MlKem768Ciphertext ciphertext0 = - libcrux_ml_kem_types_from_01_e9(copy_of_ciphertext); + libcrux_ml_kem_types_from_01_e5(copy_of_ciphertext); uint8_t shared_secret_array[32U]; - libcrux_ml_kem_variant_kdf_d8_c5(shared_secret, &ciphertext0, + libcrux_ml_kem_variant_kdf_d8_97(shared_secret, &ciphertext0, shared_secret_array); libcrux_ml_kem_mlkem768_MlKem768Ciphertext uu____5 = ciphertext0; /* Passing arrays by value in Rust generates a copy in C */ @@ -5388,14 +5388,14 @@ libcrux_ml_kem.ind_cca.instantiations.portable.encapsulate with const generics - ETA2_RANDOMNESS_SIZE= 128 */ static inline tuple_3c -libcrux_ml_kem_ind_cca_instantiations_portable_encapsulate_66( +libcrux_ml_kem_ind_cca_instantiations_portable_encapsulate_80( libcrux_ml_kem_types_MlKemPublicKey_15 *public_key, uint8_t randomness[32U]) { libcrux_ml_kem_types_MlKemPublicKey_15 *uu____0 = public_key; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness, (size_t)32U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_encapsulate_c4(uu____0, copy_of_randomness); + return libcrux_ml_kem_ind_cca_encapsulate_23(uu____0, copy_of_randomness); } /** @@ -5412,7 +5412,7 @@ static inline tuple_3c libcrux_ml_kem_mlkem768_portable_encapsulate( /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness, (size_t)32U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_instantiations_portable_encapsulate_66( + return libcrux_ml_kem_ind_cca_instantiations_portable_encapsulate_80( uu____0, copy_of_randomness); } @@ -5426,7 +5426,7 @@ with types libcrux_ml_kem_hash_functions_portable_PortableHash[[$3size_t]] with const generics - K= 3 */ -static KRML_MUSTINLINE void libcrux_ml_kem_variant_cpa_keygen_seed_d8_b0( +static KRML_MUSTINLINE void libcrux_ml_kem_variant_cpa_keygen_seed_d8_0a( Eurydice_slice key_generation_seed, uint8_t ret[64U]) { uint8_t seed[33U] = {0U}; Eurydice_slice_copy( @@ -5437,7 +5437,7 @@ static KRML_MUSTINLINE void libcrux_ml_kem_variant_cpa_keygen_seed_d8_b0( seed[LIBCRUX_ML_KEM_CONSTANTS_CPA_PKE_KEY_GENERATION_SEED_SIZE] = (uint8_t)(size_t)3U; uint8_t ret0[64U]; - libcrux_ml_kem_hash_functions_portable_G_f1_38( + libcrux_ml_kem_hash_functions_portable_G_f1_07( Eurydice_array_to_slice((size_t)33U, seed, uint8_t), ret0); memcpy(ret, ret0, (size_t)64U * sizeof(uint8_t)); } @@ -5449,8 +5449,8 @@ with const generics - K= 3 */ static inline libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -libcrux_ml_kem_matrix_compute_As_plus_e_closure_06(size_t _i) { - return libcrux_ml_kem_polynomial_ZERO_89_c3(); +libcrux_ml_kem_matrix_compute_As_plus_e_closure_e7(size_t _i) { + return libcrux_ml_kem_polynomial_ZERO_89_19(); } /** @@ -5460,7 +5460,7 @@ with const generics */ static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_traits_to_standard_domain_21( +libcrux_ml_kem_vector_traits_to_standard_domain_97( libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { return libcrux_ml_kem_vector_portable_montgomery_multiply_by_constant_0d( v, LIBCRUX_ML_KEM_VECTOR_TRAITS_MONTGOMERY_R_SQUARED_MOD_FIELD_MODULUS); @@ -5477,7 +5477,7 @@ with const generics */ static KRML_MUSTINLINE void -libcrux_ml_kem_polynomial_add_standard_error_reduce_89_64( +libcrux_ml_kem_polynomial_add_standard_error_reduce_89_82( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *self, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *error) { for (size_t i = (size_t)0U; @@ -5485,7 +5485,7 @@ libcrux_ml_kem_polynomial_add_standard_error_reduce_89_64( size_t j = i; libcrux_ml_kem_vector_portable_vector_type_PortableVector coefficient_normal_form = - libcrux_ml_kem_vector_traits_to_standard_domain_21( + libcrux_ml_kem_vector_traits_to_standard_domain_97( self->coefficients[j]); libcrux_ml_kem_vector_portable_vector_type_PortableVector uu____0 = libcrux_ml_kem_vector_portable_barrett_reduce_0d( @@ -5504,14 +5504,14 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 3 */ -static KRML_MUSTINLINE void libcrux_ml_kem_matrix_compute_As_plus_e_c7( +static KRML_MUSTINLINE void libcrux_ml_kem_matrix_compute_As_plus_e_c8( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 (*matrix_A)[3U], libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *s_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *error_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 ret[3U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 result[3U]; for (size_t i = (size_t)0U; i < (size_t)3U; i++) { - result[i] = libcrux_ml_kem_polynomial_ZERO_89_c3(); + result[i] = libcrux_ml_kem_polynomial_ZERO_89_19(); } for (size_t i0 = (size_t)0U; i0 < Eurydice_slice_len( @@ -5533,12 +5533,12 @@ static KRML_MUSTINLINE void libcrux_ml_kem_matrix_compute_As_plus_e_c7( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *matrix_element = &row[j]; libcrux_ml_kem_polynomial_PolynomialRingElement_f0 product = - libcrux_ml_kem_polynomial_ntt_multiply_89_3b(matrix_element, + libcrux_ml_kem_polynomial_ntt_multiply_89_58(matrix_element, &s_as_ntt[j]); - libcrux_ml_kem_polynomial_add_to_ring_element_89_1e(&result[i1], + libcrux_ml_kem_polynomial_add_to_ring_element_89_88(&result[i1], &product); } - libcrux_ml_kem_polynomial_add_standard_error_reduce_89_64( + libcrux_ml_kem_polynomial_add_standard_error_reduce_89_82( &result[i1], &error_as_ntt[i1]); } memcpy( @@ -5553,14 +5553,14 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ static KRML_MUSTINLINE void -libcrux_ml_kem_serialize_serialize_uncompressed_ring_element_3c( +libcrux_ml_kem_serialize_serialize_uncompressed_ring_element_47( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re, uint8_t ret[384U]) { uint8_t serialized[384U] = {0U}; for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { size_t i0 = i; libcrux_ml_kem_vector_portable_vector_type_PortableVector coefficient = - libcrux_ml_kem_vector_traits_to_unsigned_representative_84( + libcrux_ml_kem_vector_traits_to_unsigned_representative_5d( re->coefficients[i0]); uint8_t bytes[24U]; libcrux_ml_kem_vector_portable_serialize_12_0d(coefficient, bytes); @@ -5582,7 +5582,7 @@ with const generics - K= 3 - OUT_LEN= 1152 */ -static KRML_MUSTINLINE void libcrux_ml_kem_ind_cpa_serialize_secret_key_a3( +static KRML_MUSTINLINE void libcrux_ml_kem_ind_cpa_serialize_secret_key_6c( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *key, uint8_t ret[1152U]) { uint8_t out[1152U] = {0U}; @@ -5600,7 +5600,7 @@ static KRML_MUSTINLINE void libcrux_ml_kem_ind_cpa_serialize_secret_key_a3( (i0 + (size_t)1U) * LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT, uint8_t); uint8_t ret0[384U]; - libcrux_ml_kem_serialize_serialize_uncompressed_ring_element_3c(&re, ret0); + libcrux_ml_kem_serialize_serialize_uncompressed_ring_element_47(&re, ret0); Eurydice_slice_copy( uu____0, Eurydice_array_to_slice((size_t)384U, ret0, uint8_t), uint8_t); } @@ -5618,14 +5618,14 @@ with const generics - RANKED_BYTES_PER_RING_ELEMENT= 1152 - PUBLIC_KEY_SIZE= 1184 */ -static KRML_MUSTINLINE void libcrux_ml_kem_ind_cpa_serialize_public_key_67( +static KRML_MUSTINLINE void libcrux_ml_kem_ind_cpa_serialize_public_key_5d( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *t_as_ntt, Eurydice_slice seed_for_a, uint8_t ret[1184U]) { uint8_t public_key_serialized[1184U] = {0U}; Eurydice_slice uu____0 = Eurydice_array_to_subslice2( public_key_serialized, (size_t)0U, (size_t)1152U, uint8_t); uint8_t ret0[1152U]; - libcrux_ml_kem_ind_cpa_serialize_secret_key_a3(t_as_ntt, ret0); + libcrux_ml_kem_ind_cpa_serialize_secret_key_6c(t_as_ntt, ret0); Eurydice_slice_copy( uu____0, Eurydice_array_to_slice((size_t)1152U, ret0, uint8_t), uint8_t); Eurydice_slice_copy( @@ -5648,9 +5648,9 @@ libcrux_ml_kem_variant_MlKem with const generics - ETA1_RANDOMNESS_SIZE= 128 */ static inline libcrux_ml_kem_utils_extraction_helper_Keypair768 -libcrux_ml_kem_ind_cpa_generate_keypair_a2(Eurydice_slice key_generation_seed) { +libcrux_ml_kem_ind_cpa_generate_keypair_02(Eurydice_slice key_generation_seed) { uint8_t hashed[64U]; - libcrux_ml_kem_variant_cpa_keygen_seed_d8_b0(key_generation_seed, hashed); + libcrux_ml_kem_variant_cpa_keygen_seed_d8_0a(key_generation_seed, hashed); Eurydice_slice_uint8_t_x2 uu____0 = Eurydice_slice_split_at( Eurydice_array_to_slice((size_t)64U, hashed, uint8_t), (size_t)32U, uint8_t, Eurydice_slice_uint8_t_x2); @@ -5658,15 +5658,15 @@ libcrux_ml_kem_ind_cpa_generate_keypair_a2(Eurydice_slice key_generation_seed) { Eurydice_slice seed_for_secret_and_error = uu____0.snd; libcrux_ml_kem_polynomial_PolynomialRingElement_f0 A_transpose[3U][3U]; uint8_t ret[34U]; - libcrux_ml_kem_utils_into_padded_array_6d1(seed_for_A0, ret); - libcrux_ml_kem_matrix_sample_matrix_A_e7(ret, true, A_transpose); + libcrux_ml_kem_utils_into_padded_array_421(seed_for_A0, ret); + libcrux_ml_kem_matrix_sample_matrix_A_3c(ret, true, A_transpose); uint8_t prf_input[33U]; - libcrux_ml_kem_utils_into_padded_array_6d2(seed_for_secret_and_error, + libcrux_ml_kem_utils_into_padded_array_422(seed_for_secret_and_error, prf_input); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_prf_input0[33U]; memcpy(copy_of_prf_input0, prf_input, (size_t)33U * sizeof(uint8_t)); - tuple_b0 uu____2 = libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_78( + tuple_b0 uu____2 = libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_ce( copy_of_prf_input0, 0U); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 secret_as_ntt[3U]; memcpy( @@ -5679,23 +5679,23 @@ libcrux_ml_kem_ind_cpa_generate_keypair_a2(Eurydice_slice key_generation_seed) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 error_as_ntt[3U]; memcpy( error_as_ntt, - libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_78(copy_of_prf_input, + libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_ce(copy_of_prf_input, domain_separator) .fst, (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 t_as_ntt[3U]; - libcrux_ml_kem_matrix_compute_As_plus_e_c7(A_transpose, secret_as_ntt, + libcrux_ml_kem_matrix_compute_As_plus_e_c8(A_transpose, secret_as_ntt, error_as_ntt, t_as_ntt); uint8_t seed_for_A[32U]; Result_00 dst; Eurydice_slice_to_array2(&dst, seed_for_A0, Eurydice_slice, uint8_t[32U]); unwrap_41_33(dst, seed_for_A); uint8_t public_key_serialized[1184U]; - libcrux_ml_kem_ind_cpa_serialize_public_key_67( + libcrux_ml_kem_ind_cpa_serialize_public_key_5d( t_as_ntt, Eurydice_array_to_slice((size_t)32U, seed_for_A, uint8_t), public_key_serialized); uint8_t secret_key_serialized[1152U]; - libcrux_ml_kem_ind_cpa_serialize_secret_key_a3(secret_as_ntt, + libcrux_ml_kem_ind_cpa_serialize_secret_key_6c(secret_as_ntt, secret_key_serialized); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_secret_key_serialized[1152U]; @@ -5723,7 +5723,7 @@ with const generics - K= 3 - SERIALIZED_KEY_LEN= 2400 */ -static KRML_MUSTINLINE void libcrux_ml_kem_ind_cca_serialize_kem_secret_key_5d( +static KRML_MUSTINLINE void libcrux_ml_kem_ind_cca_serialize_kem_secret_key_5a( Eurydice_slice private_key, Eurydice_slice public_key, Eurydice_slice implicit_rejection_value, uint8_t ret[2400U]) { uint8_t out[2400U] = {0U}; @@ -5749,7 +5749,7 @@ static KRML_MUSTINLINE void libcrux_ml_kem_ind_cca_serialize_kem_secret_key_5d( Eurydice_slice uu____6 = Eurydice_array_to_subslice2( out, pointer, pointer + LIBCRUX_ML_KEM_CONSTANTS_H_DIGEST_SIZE, uint8_t); uint8_t ret0[32U]; - libcrux_ml_kem_hash_functions_portable_H_f1_19(public_key, ret0); + libcrux_ml_kem_hash_functions_portable_H_f1_c6(public_key, ret0); Eurydice_slice_copy( uu____6, Eurydice_array_to_slice((size_t)32U, ret0, uint8_t), uint8_t); pointer = pointer + LIBCRUX_ML_KEM_CONSTANTS_H_DIGEST_SIZE; @@ -5787,7 +5787,7 @@ libcrux_ml_kem_variant_MlKem with const generics - ETA1_RANDOMNESS_SIZE= 128 */ static inline libcrux_ml_kem_mlkem768_MlKem768KeyPair -libcrux_ml_kem_ind_cca_generate_keypair_f6(uint8_t randomness[64U]) { +libcrux_ml_kem_ind_cca_generate_keypair_d4(uint8_t randomness[64U]) { Eurydice_slice ind_cpa_keypair_randomness = Eurydice_array_to_subslice2( randomness, (size_t)0U, LIBCRUX_ML_KEM_CONSTANTS_CPA_PKE_KEY_GENERATION_SEED_SIZE, uint8_t); @@ -5796,13 +5796,13 @@ libcrux_ml_kem_ind_cca_generate_keypair_f6(uint8_t randomness[64U]) { LIBCRUX_ML_KEM_CONSTANTS_CPA_PKE_KEY_GENERATION_SEED_SIZE, uint8_t, size_t); libcrux_ml_kem_utils_extraction_helper_Keypair768 uu____0 = - libcrux_ml_kem_ind_cpa_generate_keypair_a2(ind_cpa_keypair_randomness); + libcrux_ml_kem_ind_cpa_generate_keypair_02(ind_cpa_keypair_randomness); uint8_t ind_cpa_private_key[1152U]; memcpy(ind_cpa_private_key, uu____0.fst, (size_t)1152U * sizeof(uint8_t)); uint8_t public_key[1184U]; memcpy(public_key, uu____0.snd, (size_t)1184U * sizeof(uint8_t)); uint8_t secret_key_serialized[2400U]; - libcrux_ml_kem_ind_cca_serialize_kem_secret_key_5d( + libcrux_ml_kem_ind_cca_serialize_kem_secret_key_5a( Eurydice_array_to_slice((size_t)1152U, ind_cpa_private_key, uint8_t), Eurydice_array_to_slice((size_t)1184U, public_key, uint8_t), implicit_rejection_value, secret_key_serialized); @@ -5811,13 +5811,13 @@ libcrux_ml_kem_ind_cca_generate_keypair_f6(uint8_t randomness[64U]) { memcpy(copy_of_secret_key_serialized, secret_key_serialized, (size_t)2400U * sizeof(uint8_t)); libcrux_ml_kem_types_MlKemPrivateKey_55 private_key = - libcrux_ml_kem_types_from_05_89(copy_of_secret_key_serialized); + libcrux_ml_kem_types_from_05_9d(copy_of_secret_key_serialized); libcrux_ml_kem_types_MlKemPrivateKey_55 uu____2 = private_key; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_public_key[1184U]; memcpy(copy_of_public_key, public_key, (size_t)1184U * sizeof(uint8_t)); - return libcrux_ml_kem_types_from_17_82( - uu____2, libcrux_ml_kem_types_from_b6_96(copy_of_public_key)); + return libcrux_ml_kem_types_from_17_f6( + uu____2, libcrux_ml_kem_types_from_b6_8c(copy_of_public_key)); } /** @@ -5836,12 +5836,12 @@ generics - ETA1_RANDOMNESS_SIZE= 128 */ static inline libcrux_ml_kem_mlkem768_MlKem768KeyPair -libcrux_ml_kem_ind_cca_instantiations_portable_generate_keypair_87( +libcrux_ml_kem_ind_cca_instantiations_portable_generate_keypair_63( uint8_t randomness[64U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[64U]; memcpy(copy_of_randomness, randomness, (size_t)64U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_generate_keypair_f6(copy_of_randomness); + return libcrux_ml_kem_ind_cca_generate_keypair_d4(copy_of_randomness); } /** @@ -5852,7 +5852,7 @@ libcrux_ml_kem_mlkem768_portable_generate_key_pair(uint8_t randomness[64U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[64U]; memcpy(copy_of_randomness, randomness, (size_t)64U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_instantiations_portable_generate_keypair_87( + return libcrux_ml_kem_ind_cca_instantiations_portable_generate_keypair_63( copy_of_randomness); } @@ -5867,24 +5867,24 @@ with const generics - K= 3 - CIPHERTEXT_SIZE= 1088 */ -static KRML_MUSTINLINE void libcrux_ml_kem_variant_kdf_33_25( +static KRML_MUSTINLINE void libcrux_ml_kem_variant_kdf_33_bc( Eurydice_slice shared_secret, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext, uint8_t ret[32U]) { uint8_t kdf_input[64U]; - libcrux_ml_kem_utils_into_padded_array_6d(shared_secret, kdf_input); + libcrux_ml_kem_utils_into_padded_array_42(shared_secret, kdf_input); Eurydice_slice uu____0 = Eurydice_array_to_subslice_from( (size_t)64U, kdf_input, LIBCRUX_ML_KEM_CONSTANTS_H_DIGEST_SIZE, uint8_t, size_t); uint8_t ret0[32U]; - libcrux_ml_kem_hash_functions_portable_H_f1_19( + libcrux_ml_kem_hash_functions_portable_H_f1_c6( Eurydice_array_to_slice((size_t)1088U, - libcrux_ml_kem_types_as_slice_d4_b2(ciphertext), + libcrux_ml_kem_types_as_slice_d4_aa(ciphertext), uint8_t), ret0); Eurydice_slice_copy( uu____0, Eurydice_array_to_slice((size_t)32U, ret0, uint8_t), uint8_t); uint8_t ret1[32U]; - libcrux_ml_kem_hash_functions_portable_PRF_f1_2e( + libcrux_ml_kem_hash_functions_portable_PRF_f1_9d( Eurydice_array_to_slice((size_t)64U, kdf_input, uint8_t), ret1); memcpy(ret, ret1, (size_t)32U * sizeof(uint8_t)); } @@ -5911,7 +5911,7 @@ libcrux_ml_kem_variant_Kyber with const generics - ETA2_RANDOMNESS_SIZE= 128 - IMPLICIT_REJECTION_HASH_INPUT_SIZE= 1120 */ -static inline void libcrux_ml_kem_ind_cca_decapsulate_d30( +static inline void libcrux_ml_kem_ind_cca_decapsulate_a60( libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext, uint8_t ret[32U]) { Eurydice_slice_uint8_t_x2 uu____0 = Eurydice_slice_split_at( @@ -5929,10 +5929,10 @@ static inline void libcrux_ml_kem_ind_cca_decapsulate_d30( Eurydice_slice ind_cpa_public_key_hash = uu____2.fst; Eurydice_slice implicit_rejection_value = uu____2.snd; uint8_t decrypted[32U]; - libcrux_ml_kem_ind_cpa_decrypt_0e(ind_cpa_secret_key, ciphertext->value, + libcrux_ml_kem_ind_cpa_decrypt_b1(ind_cpa_secret_key, ciphertext->value, decrypted); uint8_t to_hash0[64U]; - libcrux_ml_kem_utils_into_padded_array_6d( + libcrux_ml_kem_utils_into_padded_array_42( Eurydice_array_to_slice((size_t)32U, decrypted, uint8_t), to_hash0); Eurydice_slice_copy( Eurydice_array_to_subslice_from( @@ -5940,7 +5940,7 @@ static inline void libcrux_ml_kem_ind_cca_decapsulate_d30( uint8_t, size_t), ind_cpa_public_key_hash, uint8_t); uint8_t hashed[64U]; - libcrux_ml_kem_hash_functions_portable_G_f1_38( + libcrux_ml_kem_hash_functions_portable_G_f1_07( Eurydice_array_to_slice((size_t)64U, to_hash0, uint8_t), hashed); Eurydice_slice_uint8_t_x2 uu____3 = Eurydice_slice_split_at( Eurydice_array_to_slice((size_t)64U, hashed, uint8_t), @@ -5949,14 +5949,14 @@ static inline void libcrux_ml_kem_ind_cca_decapsulate_d30( Eurydice_slice shared_secret0 = uu____3.fst; Eurydice_slice pseudorandomness = uu____3.snd; uint8_t to_hash[1120U]; - libcrux_ml_kem_utils_into_padded_array_6d0(implicit_rejection_value, to_hash); + libcrux_ml_kem_utils_into_padded_array_420(implicit_rejection_value, to_hash); Eurydice_slice uu____4 = Eurydice_array_to_subslice_from( (size_t)1120U, to_hash, LIBCRUX_ML_KEM_CONSTANTS_SHARED_SECRET_SIZE, uint8_t, size_t); - Eurydice_slice_copy(uu____4, libcrux_ml_kem_types_as_ref_00_d6(ciphertext), + Eurydice_slice_copy(uu____4, libcrux_ml_kem_types_as_ref_00_cf(ciphertext), uint8_t); uint8_t implicit_rejection_shared_secret0[32U]; - libcrux_ml_kem_hash_functions_portable_PRF_f1_2e( + libcrux_ml_kem_hash_functions_portable_PRF_f1_9d( Eurydice_array_to_slice((size_t)1120U, to_hash, uint8_t), implicit_rejection_shared_secret0); Eurydice_slice uu____5 = ind_cpa_public_key; @@ -5964,18 +5964,18 @@ static inline void libcrux_ml_kem_ind_cca_decapsulate_d30( uint8_t copy_of_decrypted[32U]; memcpy(copy_of_decrypted, decrypted, (size_t)32U * sizeof(uint8_t)); uint8_t expected_ciphertext[1088U]; - libcrux_ml_kem_ind_cpa_encrypt_b4(uu____5, copy_of_decrypted, + libcrux_ml_kem_ind_cpa_encrypt_d8(uu____5, copy_of_decrypted, pseudorandomness, expected_ciphertext); uint8_t implicit_rejection_shared_secret[32U]; - libcrux_ml_kem_variant_kdf_33_25( + libcrux_ml_kem_variant_kdf_33_bc( Eurydice_array_to_slice((size_t)32U, implicit_rejection_shared_secret0, uint8_t), ciphertext, implicit_rejection_shared_secret); uint8_t shared_secret[32U]; - libcrux_ml_kem_variant_kdf_33_25(shared_secret0, ciphertext, shared_secret); + libcrux_ml_kem_variant_kdf_33_bc(shared_secret0, ciphertext, shared_secret); uint8_t ret0[32U]; libcrux_ml_kem_constant_time_ops_compare_ciphertexts_select_shared_secret_in_constant_time( - libcrux_ml_kem_types_as_ref_00_d6(ciphertext), + libcrux_ml_kem_types_as_ref_00_cf(ciphertext), Eurydice_array_to_slice((size_t)1088U, expected_ciphertext, uint8_t), Eurydice_array_to_slice((size_t)32U, shared_secret, uint8_t), Eurydice_array_to_slice((size_t)32U, implicit_rejection_shared_secret, @@ -6009,10 +6009,10 @@ generics - IMPLICIT_REJECTION_HASH_INPUT_SIZE= 1120 */ static inline void -libcrux_ml_kem_ind_cca_instantiations_portable_kyber_decapsulate_f1( +libcrux_ml_kem_ind_cca_instantiations_portable_kyber_decapsulate_46( libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext, uint8_t ret[32U]) { - libcrux_ml_kem_ind_cca_decapsulate_d30(private_key, ciphertext, ret); + libcrux_ml_kem_ind_cca_decapsulate_a60(private_key, ciphertext, ret); } /** @@ -6025,7 +6025,7 @@ libcrux_ml_kem_ind_cca_instantiations_portable_kyber_decapsulate_f1( static inline void libcrux_ml_kem_mlkem768_portable_kyber_decapsulate( libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext, uint8_t ret[32U]) { - libcrux_ml_kem_ind_cca_instantiations_portable_kyber_decapsulate_f1( + libcrux_ml_kem_ind_cca_instantiations_portable_kyber_decapsulate_46( private_key, ciphertext, ret); } @@ -6039,9 +6039,9 @@ with types libcrux_ml_kem_hash_functions_portable_PortableHash[[$3size_t]] with const generics - K= 3 */ -static KRML_MUSTINLINE void libcrux_ml_kem_variant_entropy_preprocess_33_d5( +static KRML_MUSTINLINE void libcrux_ml_kem_variant_entropy_preprocess_33_38( Eurydice_slice randomness, uint8_t ret[32U]) { - libcrux_ml_kem_hash_functions_portable_H_f1_19(randomness, ret); + libcrux_ml_kem_hash_functions_portable_H_f1_c6(randomness, ret); } /** @@ -6063,28 +6063,28 @@ libcrux_ml_kem_variant_Kyber with const generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -static inline tuple_3c libcrux_ml_kem_ind_cca_encapsulate_c40( +static inline tuple_3c libcrux_ml_kem_ind_cca_encapsulate_230( libcrux_ml_kem_types_MlKemPublicKey_15 *public_key, uint8_t randomness[32U]) { uint8_t randomness0[32U]; - libcrux_ml_kem_variant_entropy_preprocess_33_d5( + libcrux_ml_kem_variant_entropy_preprocess_33_38( Eurydice_array_to_slice((size_t)32U, randomness, uint8_t), randomness0); uint8_t to_hash[64U]; - libcrux_ml_kem_utils_into_padded_array_6d( + libcrux_ml_kem_utils_into_padded_array_42( Eurydice_array_to_slice((size_t)32U, randomness0, uint8_t), to_hash); Eurydice_slice uu____0 = Eurydice_array_to_subslice_from( (size_t)64U, to_hash, LIBCRUX_ML_KEM_CONSTANTS_H_DIGEST_SIZE, uint8_t, size_t); uint8_t ret[32U]; - libcrux_ml_kem_hash_functions_portable_H_f1_19( + libcrux_ml_kem_hash_functions_portable_H_f1_c6( Eurydice_array_to_slice((size_t)1184U, - libcrux_ml_kem_types_as_slice_cb_07(public_key), + libcrux_ml_kem_types_as_slice_cb_00(public_key), uint8_t), ret); Eurydice_slice_copy( uu____0, Eurydice_array_to_slice((size_t)32U, ret, uint8_t), uint8_t); uint8_t hashed[64U]; - libcrux_ml_kem_hash_functions_portable_G_f1_38( + libcrux_ml_kem_hash_functions_portable_G_f1_07( Eurydice_array_to_slice((size_t)64U, to_hash, uint8_t), hashed); Eurydice_slice_uint8_t_x2 uu____1 = Eurydice_slice_split_at( Eurydice_array_to_slice((size_t)64U, hashed, uint8_t), @@ -6093,20 +6093,20 @@ static inline tuple_3c libcrux_ml_kem_ind_cca_encapsulate_c40( Eurydice_slice shared_secret = uu____1.fst; Eurydice_slice pseudorandomness = uu____1.snd; Eurydice_slice uu____2 = Eurydice_array_to_slice( - (size_t)1184U, libcrux_ml_kem_types_as_slice_cb_07(public_key), uint8_t); + (size_t)1184U, libcrux_ml_kem_types_as_slice_cb_00(public_key), uint8_t); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness0, (size_t)32U * sizeof(uint8_t)); uint8_t ciphertext[1088U]; - libcrux_ml_kem_ind_cpa_encrypt_b4(uu____2, copy_of_randomness, + libcrux_ml_kem_ind_cpa_encrypt_d8(uu____2, copy_of_randomness, pseudorandomness, ciphertext); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_ciphertext[1088U]; memcpy(copy_of_ciphertext, ciphertext, (size_t)1088U * sizeof(uint8_t)); libcrux_ml_kem_mlkem768_MlKem768Ciphertext ciphertext0 = - libcrux_ml_kem_types_from_01_e9(copy_of_ciphertext); + libcrux_ml_kem_types_from_01_e5(copy_of_ciphertext); uint8_t shared_secret_array[32U]; - libcrux_ml_kem_variant_kdf_33_25(shared_secret, &ciphertext0, + libcrux_ml_kem_variant_kdf_33_bc(shared_secret, &ciphertext0, shared_secret_array); libcrux_ml_kem_mlkem768_MlKem768Ciphertext uu____5 = ciphertext0; /* Passing arrays by value in Rust generates a copy in C */ @@ -6141,14 +6141,14 @@ generics - ETA2_RANDOMNESS_SIZE= 128 */ static inline tuple_3c -libcrux_ml_kem_ind_cca_instantiations_portable_kyber_encapsulate_8e( +libcrux_ml_kem_ind_cca_instantiations_portable_kyber_encapsulate_f5( libcrux_ml_kem_types_MlKemPublicKey_15 *public_key, uint8_t randomness[32U]) { libcrux_ml_kem_types_MlKemPublicKey_15 *uu____0 = public_key; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness, (size_t)32U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_encapsulate_c40(uu____0, copy_of_randomness); + return libcrux_ml_kem_ind_cca_encapsulate_230(uu____0, copy_of_randomness); } /** @@ -6165,7 +6165,7 @@ static inline tuple_3c libcrux_ml_kem_mlkem768_portable_kyber_encapsulate( /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness, (size_t)32U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_instantiations_portable_kyber_encapsulate_8e( + return libcrux_ml_kem_ind_cca_instantiations_portable_kyber_encapsulate_f5( uu____0, copy_of_randomness); } @@ -6179,9 +6179,9 @@ with types libcrux_ml_kem_hash_functions_portable_PortableHash[[$3size_t]] with const generics - K= 3 */ -static KRML_MUSTINLINE void libcrux_ml_kem_variant_cpa_keygen_seed_33_ea( +static KRML_MUSTINLINE void libcrux_ml_kem_variant_cpa_keygen_seed_33_9c( Eurydice_slice key_generation_seed, uint8_t ret[64U]) { - libcrux_ml_kem_hash_functions_portable_G_f1_38(key_generation_seed, ret); + libcrux_ml_kem_hash_functions_portable_G_f1_07(key_generation_seed, ret); } /** @@ -6197,10 +6197,10 @@ libcrux_ml_kem_variant_Kyber with const generics - ETA1_RANDOMNESS_SIZE= 128 */ static inline libcrux_ml_kem_utils_extraction_helper_Keypair768 -libcrux_ml_kem_ind_cpa_generate_keypair_a20( +libcrux_ml_kem_ind_cpa_generate_keypair_020( Eurydice_slice key_generation_seed) { uint8_t hashed[64U]; - libcrux_ml_kem_variant_cpa_keygen_seed_33_ea(key_generation_seed, hashed); + libcrux_ml_kem_variant_cpa_keygen_seed_33_9c(key_generation_seed, hashed); Eurydice_slice_uint8_t_x2 uu____0 = Eurydice_slice_split_at( Eurydice_array_to_slice((size_t)64U, hashed, uint8_t), (size_t)32U, uint8_t, Eurydice_slice_uint8_t_x2); @@ -6208,15 +6208,15 @@ libcrux_ml_kem_ind_cpa_generate_keypair_a20( Eurydice_slice seed_for_secret_and_error = uu____0.snd; libcrux_ml_kem_polynomial_PolynomialRingElement_f0 A_transpose[3U][3U]; uint8_t ret[34U]; - libcrux_ml_kem_utils_into_padded_array_6d1(seed_for_A0, ret); - libcrux_ml_kem_matrix_sample_matrix_A_e7(ret, true, A_transpose); + libcrux_ml_kem_utils_into_padded_array_421(seed_for_A0, ret); + libcrux_ml_kem_matrix_sample_matrix_A_3c(ret, true, A_transpose); uint8_t prf_input[33U]; - libcrux_ml_kem_utils_into_padded_array_6d2(seed_for_secret_and_error, + libcrux_ml_kem_utils_into_padded_array_422(seed_for_secret_and_error, prf_input); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_prf_input0[33U]; memcpy(copy_of_prf_input0, prf_input, (size_t)33U * sizeof(uint8_t)); - tuple_b0 uu____2 = libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_78( + tuple_b0 uu____2 = libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_ce( copy_of_prf_input0, 0U); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 secret_as_ntt[3U]; memcpy( @@ -6229,23 +6229,23 @@ libcrux_ml_kem_ind_cpa_generate_keypair_a20( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 error_as_ntt[3U]; memcpy( error_as_ntt, - libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_78(copy_of_prf_input, + libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_ce(copy_of_prf_input, domain_separator) .fst, (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 t_as_ntt[3U]; - libcrux_ml_kem_matrix_compute_As_plus_e_c7(A_transpose, secret_as_ntt, + libcrux_ml_kem_matrix_compute_As_plus_e_c8(A_transpose, secret_as_ntt, error_as_ntt, t_as_ntt); uint8_t seed_for_A[32U]; Result_00 dst; Eurydice_slice_to_array2(&dst, seed_for_A0, Eurydice_slice, uint8_t[32U]); unwrap_41_33(dst, seed_for_A); uint8_t public_key_serialized[1184U]; - libcrux_ml_kem_ind_cpa_serialize_public_key_67( + libcrux_ml_kem_ind_cpa_serialize_public_key_5d( t_as_ntt, Eurydice_array_to_slice((size_t)32U, seed_for_A, uint8_t), public_key_serialized); uint8_t secret_key_serialized[1152U]; - libcrux_ml_kem_ind_cpa_serialize_secret_key_a3(secret_as_ntt, + libcrux_ml_kem_ind_cpa_serialize_secret_key_6c(secret_as_ntt, secret_key_serialized); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_secret_key_serialized[1152U]; @@ -6285,7 +6285,7 @@ libcrux_ml_kem_variant_Kyber with const generics - ETA1_RANDOMNESS_SIZE= 128 */ static inline libcrux_ml_kem_mlkem768_MlKem768KeyPair -libcrux_ml_kem_ind_cca_generate_keypair_f60(uint8_t randomness[64U]) { +libcrux_ml_kem_ind_cca_generate_keypair_d40(uint8_t randomness[64U]) { Eurydice_slice ind_cpa_keypair_randomness = Eurydice_array_to_subslice2( randomness, (size_t)0U, LIBCRUX_ML_KEM_CONSTANTS_CPA_PKE_KEY_GENERATION_SEED_SIZE, uint8_t); @@ -6294,13 +6294,13 @@ libcrux_ml_kem_ind_cca_generate_keypair_f60(uint8_t randomness[64U]) { LIBCRUX_ML_KEM_CONSTANTS_CPA_PKE_KEY_GENERATION_SEED_SIZE, uint8_t, size_t); libcrux_ml_kem_utils_extraction_helper_Keypair768 uu____0 = - libcrux_ml_kem_ind_cpa_generate_keypair_a20(ind_cpa_keypair_randomness); + libcrux_ml_kem_ind_cpa_generate_keypair_020(ind_cpa_keypair_randomness); uint8_t ind_cpa_private_key[1152U]; memcpy(ind_cpa_private_key, uu____0.fst, (size_t)1152U * sizeof(uint8_t)); uint8_t public_key[1184U]; memcpy(public_key, uu____0.snd, (size_t)1184U * sizeof(uint8_t)); uint8_t secret_key_serialized[2400U]; - libcrux_ml_kem_ind_cca_serialize_kem_secret_key_5d( + libcrux_ml_kem_ind_cca_serialize_kem_secret_key_5a( Eurydice_array_to_slice((size_t)1152U, ind_cpa_private_key, uint8_t), Eurydice_array_to_slice((size_t)1184U, public_key, uint8_t), implicit_rejection_value, secret_key_serialized); @@ -6309,13 +6309,13 @@ libcrux_ml_kem_ind_cca_generate_keypair_f60(uint8_t randomness[64U]) { memcpy(copy_of_secret_key_serialized, secret_key_serialized, (size_t)2400U * sizeof(uint8_t)); libcrux_ml_kem_types_MlKemPrivateKey_55 private_key = - libcrux_ml_kem_types_from_05_89(copy_of_secret_key_serialized); + libcrux_ml_kem_types_from_05_9d(copy_of_secret_key_serialized); libcrux_ml_kem_types_MlKemPrivateKey_55 uu____2 = private_key; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_public_key[1184U]; memcpy(copy_of_public_key, public_key, (size_t)1184U * sizeof(uint8_t)); - return libcrux_ml_kem_types_from_17_82( - uu____2, libcrux_ml_kem_types_from_b6_96(copy_of_public_key)); + return libcrux_ml_kem_types_from_17_f6( + uu____2, libcrux_ml_kem_types_from_b6_8c(copy_of_public_key)); } /** @@ -6331,12 +6331,12 @@ generics - ETA1_RANDOMNESS_SIZE= 128 */ static inline libcrux_ml_kem_mlkem768_MlKem768KeyPair -libcrux_ml_kem_ind_cca_instantiations_portable_kyber_generate_keypair_e7( +libcrux_ml_kem_ind_cca_instantiations_portable_kyber_generate_keypair_8d( uint8_t randomness[64U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[64U]; memcpy(copy_of_randomness, randomness, (size_t)64U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_generate_keypair_f60(copy_of_randomness); + return libcrux_ml_kem_ind_cca_generate_keypair_d40(copy_of_randomness); } /** @@ -6348,7 +6348,7 @@ libcrux_ml_kem_mlkem768_portable_kyber_generate_key_pair( /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[64U]; memcpy(copy_of_randomness, randomness, (size_t)64U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_instantiations_portable_kyber_generate_keypair_e7( + return libcrux_ml_kem_ind_cca_instantiations_portable_kyber_generate_keypair_8d( copy_of_randomness); } @@ -6367,11 +6367,11 @@ with const generics - SECRET_KEY_SIZE= 2400 - CIPHERTEXT_SIZE= 1088 */ -static KRML_MUSTINLINE bool libcrux_ml_kem_ind_cca_validate_private_key_4f( +static KRML_MUSTINLINE bool libcrux_ml_kem_ind_cca_validate_private_key_3d( libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *_ciphertext) { uint8_t t[32U]; - libcrux_ml_kem_hash_functions_portable_H_f1_19( + libcrux_ml_kem_hash_functions_portable_H_f1_c6( Eurydice_array_to_subslice2(private_key->value, (size_t)384U * (size_t)3U, (size_t)768U * (size_t)3U + (size_t)32U, uint8_t), @@ -6395,10 +6395,10 @@ generics - CIPHERTEXT_SIZE= 1088 */ static KRML_MUSTINLINE bool -libcrux_ml_kem_ind_cca_instantiations_portable_validate_private_key_40( +libcrux_ml_kem_ind_cca_instantiations_portable_validate_private_key_58( libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext) { - return libcrux_ml_kem_ind_cca_validate_private_key_4f(private_key, + return libcrux_ml_kem_ind_cca_validate_private_key_3d(private_key, ciphertext); } @@ -6410,7 +6410,7 @@ libcrux_ml_kem_ind_cca_instantiations_portable_validate_private_key_40( static inline bool libcrux_ml_kem_mlkem768_portable_validate_private_key( libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext) { - return libcrux_ml_kem_ind_cca_instantiations_portable_validate_private_key_40( + return libcrux_ml_kem_ind_cca_instantiations_portable_validate_private_key_58( private_key, ciphertext); } @@ -6422,9 +6422,9 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 3 */ static inline libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_closure_050( +libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_closure_fc0( size_t _i) { - return libcrux_ml_kem_polynomial_ZERO_89_c3(); + return libcrux_ml_kem_polynomial_ZERO_89_19(); } /** @@ -6441,12 +6441,12 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 3 */ static KRML_MUSTINLINE void -libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_200( +libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_600( Eurydice_slice public_key, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 ret[3U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 deserialized_pk[3U]; for (size_t i = (size_t)0U; i < (size_t)3U; i++) { - deserialized_pk[i] = libcrux_ml_kem_polynomial_ZERO_89_c3(); + deserialized_pk[i] = libcrux_ml_kem_polynomial_ZERO_89_19(); } for (size_t i = (size_t)0U; i < Eurydice_slice_len(public_key, uint8_t) / @@ -6459,7 +6459,7 @@ libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_200( LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT, uint8_t); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 uu____0 = - libcrux_ml_kem_serialize_deserialize_to_reduced_ring_element_47( + libcrux_ml_kem_serialize_deserialize_to_reduced_ring_element_5e( ring_element); deserialized_pk[i0] = uu____0; } @@ -6483,16 +6483,16 @@ with const generics - RANKED_BYTES_PER_RING_ELEMENT= 1152 - PUBLIC_KEY_SIZE= 1184 */ -static KRML_MUSTINLINE bool libcrux_ml_kem_ind_cca_validate_public_key_c1( +static KRML_MUSTINLINE bool libcrux_ml_kem_ind_cca_validate_public_key_45( uint8_t *public_key) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 deserialized_pk[3U]; - libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_200( + libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_600( Eurydice_array_to_subslice_to((size_t)1184U, public_key, (size_t)1152U, uint8_t, size_t), deserialized_pk); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *uu____0 = deserialized_pk; uint8_t public_key_serialized[1184U]; - libcrux_ml_kem_ind_cpa_serialize_public_key_67( + libcrux_ml_kem_ind_cpa_serialize_public_key_5d( uu____0, Eurydice_array_to_subslice_from((size_t)1184U, public_key, (size_t)1152U, uint8_t, size_t), @@ -6513,9 +6513,9 @@ generics - PUBLIC_KEY_SIZE= 1184 */ static KRML_MUSTINLINE bool -libcrux_ml_kem_ind_cca_instantiations_portable_validate_public_key_d3( +libcrux_ml_kem_ind_cca_instantiations_portable_validate_public_key_ec( uint8_t *public_key) { - return libcrux_ml_kem_ind_cca_validate_public_key_c1(public_key); + return libcrux_ml_kem_ind_cca_validate_public_key_45(public_key); } /** @@ -6525,7 +6525,7 @@ libcrux_ml_kem_ind_cca_instantiations_portable_validate_public_key_d3( */ static inline bool libcrux_ml_kem_mlkem768_portable_validate_public_key( libcrux_ml_kem_types_MlKemPublicKey_15 *public_key) { - return libcrux_ml_kem_ind_cca_instantiations_portable_validate_public_key_d3( + return libcrux_ml_kem_ind_cca_instantiations_portable_validate_public_key_ec( public_key->value); } diff --git a/libcrux-ml-kem/cg/libcrux_sha3_avx2.h b/libcrux-ml-kem/cg/libcrux_sha3_avx2.h index cd32aec32..24805a174 100644 --- a/libcrux-ml-kem/cg/libcrux_sha3_avx2.h +++ b/libcrux-ml-kem/cg/libcrux_sha3_avx2.h @@ -7,8 +7,8 @@ * Charon: b351338f6a84c7a1afc27433eb0ffdc668b3581d * Eurydice: 7efec1624422fd5e94388ef06b9c76dfe7a48d46 * Karamel: c96fb69d15693284644d6aecaa90afa37e4de8f0 - * F*: a32b316e521fa4f239b610ec8f1d15e78d62cbe8-dirty - * Libcrux: 3676fd514a5df7dc5dd8382e2c18dfffa42488dd + * F*: 5643e656b989aca7629723653a2570c7df6252b9-dirty + * Libcrux: 99498eed461fa03566e0382b445c77bd2af5b59d */ #ifndef __libcrux_sha3_avx2_H diff --git a/libcrux-ml-kem/cg/libcrux_sha3_portable.h b/libcrux-ml-kem/cg/libcrux_sha3_portable.h index 60e8874ef..564fcb92e 100644 --- a/libcrux-ml-kem/cg/libcrux_sha3_portable.h +++ b/libcrux-ml-kem/cg/libcrux_sha3_portable.h @@ -7,8 +7,8 @@ * Charon: b351338f6a84c7a1afc27433eb0ffdc668b3581d * Eurydice: 7efec1624422fd5e94388ef06b9c76dfe7a48d46 * Karamel: c96fb69d15693284644d6aecaa90afa37e4de8f0 - * F*: a32b316e521fa4f239b610ec8f1d15e78d62cbe8-dirty - * Libcrux: 3676fd514a5df7dc5dd8382e2c18dfffa42488dd + * F*: 5643e656b989aca7629723653a2570c7df6252b9-dirty + * Libcrux: 99498eed461fa03566e0382b445c77bd2af5b59d */ #ifndef __libcrux_sha3_portable_H @@ -3513,7 +3513,7 @@ typedef struct libcrux_sha3_neon_x2_incremental_KeccakState_s { Initialise the `KeccakState2`. */ static KRML_MUSTINLINE libcrux_sha3_neon_x2_incremental_KeccakState -libcrux_sha3_neon_x2_incremental_shake128_init(void) { +libcrux_sha3_neon_x2_incremental_init(void) { KRML_HOST_EPRINTF("KaRaMeL abort at %s:%d\n%s\n", __FILE__, __LINE__, "panic!"); KRML_HOST_EXIT(255U); @@ -3557,6 +3557,54 @@ libcrux_sha3_neon_x2_incremental_shake128_squeeze_next_block( KRML_HOST_EXIT(255U); } +/** + Squeeze five blocks +*/ +static KRML_MUSTINLINE void +libcrux_sha3_neon_x2_incremental_shake128_squeeze_first_five_blocks( + libcrux_sha3_neon_x2_incremental_KeccakState *s, Eurydice_slice out0, + Eurydice_slice out1) { + KRML_HOST_EPRINTF("KaRaMeL abort at %s:%d\n%s\n", __FILE__, __LINE__, + "panic!"); + KRML_HOST_EXIT(255U); +} + +/** + Shake256 absorb `data0` and `data1` in the [`KeccakState`] `s`. +*/ +static KRML_MUSTINLINE void +libcrux_sha3_neon_x2_incremental_shake256_absorb_final( + libcrux_sha3_neon_x2_incremental_KeccakState *s, Eurydice_slice data0, + Eurydice_slice data1) { + KRML_HOST_EPRINTF("KaRaMeL abort at %s:%d\n%s\n", __FILE__, __LINE__, + "panic!"); + KRML_HOST_EXIT(255U); +} + +/** + Squeeze block +*/ +static KRML_MUSTINLINE void +libcrux_sha3_neon_x2_incremental_shake256_squeeze_first_block( + libcrux_sha3_neon_x2_incremental_KeccakState *s, Eurydice_slice out0, + Eurydice_slice out1) { + KRML_HOST_EPRINTF("KaRaMeL abort at %s:%d\n%s\n", __FILE__, __LINE__, + "panic!"); + KRML_HOST_EXIT(255U); +} + +/** + Squeeze next block +*/ +static KRML_MUSTINLINE void +libcrux_sha3_neon_x2_incremental_shake256_squeeze_next_block( + libcrux_sha3_neon_x2_incremental_KeccakState *s, Eurydice_slice out0, + Eurydice_slice out1) { + KRML_HOST_EPRINTF("KaRaMeL abort at %s:%d\n%s\n", __FILE__, __LINE__, + "panic!"); + KRML_HOST_EXIT(255U); +} + /** A monomorphic instance of libcrux_sha3.generic_keccak.squeeze_first_five_blocks with types uint64_t diff --git a/libcrux-ml-kem/src/hash_functions.rs b/libcrux-ml-kem/src/hash_functions.rs index a2e2728e0..e0c6079b9 100644 --- a/libcrux-ml-kem/src/hash_functions.rs +++ b/libcrux-ml-kem/src/hash_functions.rs @@ -469,8 +469,8 @@ pub(crate) mod neon { fn shake128_init_absorb(input: [[u8; 34]; K]) -> Simd128Hash { debug_assert!(K == 2 || K == 3 || K == 4); let mut state = [ - x2::incremental::shake128_init(), - x2::incremental::shake128_init(), + x2::incremental::init(), + x2::incremental::init(), ]; match K as u8 { 2 => { diff --git a/libcrux-sha3/src/lib.rs b/libcrux-sha3/src/lib.rs index d112e05e0..c1395155d 100644 --- a/libcrux-sha3/src/lib.rs +++ b/libcrux-sha3/src/lib.rs @@ -575,8 +575,8 @@ pub mod neon { pub mod incremental { #[cfg(feature = "simd128")] use crate::generic_keccak::{ - absorb_final, squeeze_first_three_blocks, squeeze_next_block, - KeccakState as GenericState, + absorb_final, squeeze_first_block, squeeze_first_five_blocks, + squeeze_first_three_blocks, squeeze_next_block, KeccakState as GenericState, }; /// The Keccak state for the incremental API. @@ -597,7 +597,7 @@ pub mod neon { /// Initialise the `KeccakState2`. #[inline(always)] - pub fn shake128_init() -> KeccakState { + pub fn init() -> KeccakState { #[cfg(not(feature = "simd128"))] unimplemented!(); // XXX: These functions could alternatively implement the same with @@ -633,6 +633,26 @@ pub mod neon { ); } + /// Shake256 absorb `data0` and `data1` in the [`KeccakState`] `s`. + #[inline(always)] + #[allow(unused_variables)] + pub fn shake256_absorb_final(s: &mut KeccakState, data0: &[u8], data1: &[u8]) { + #[cfg(not(feature = "simd128"))] + unimplemented!(); + // XXX: These functions could alternatively implement the same with + // the portable implementation + // { + // let [mut s0, mut s1] = s; + // shake128_absorb_final(&mut s0, data0); + // shake128_absorb_final(&mut s1, data1); + // } + #[cfg(feature = "simd128")] + absorb_final::<2, crate::simd::arm64::uint64x2_t, 136, 0x1fu8>( + &mut s.state, + [data0, data1], + ); + } + /// Initialise the state and perform up to 4 absorbs at the same time, /// using two [`KeccakState2`]. /// @@ -641,7 +661,7 @@ pub mod neon { #[inline(always)] fn _shake128_absorb_finalxN(input: [[u8; 34]; N]) -> [KeccakState; 2] { debug_assert!(N == 2 || N == 3 || N == 4); - let mut state = [shake128_init(), shake128_init()]; + let mut state = [init(), init()]; match N { 2 => { @@ -686,6 +706,57 @@ pub mod neon { ) } + /// Squeeze five blocks + #[allow(unused_variables)] + #[inline(always)] + pub fn shake128_squeeze_first_five_blocks( + s: &mut KeccakState, + out0: &mut [u8], + out1: &mut [u8], + ) { + #[cfg(not(feature = "simd128"))] + unimplemented!(); + #[cfg(feature = "simd128")] + squeeze_first_five_blocks::<2, crate::simd::arm64::uint64x2_t, 168>( + &mut s.state, + [out0, out1], + ) + } + + /// Squeeze block + #[inline(always)] + #[allow(unused_variables)] // TODO: decide if we want to fall back here + pub fn shake256_squeeze_first_block( + s: &mut KeccakState, + out0: &mut [u8], + out1: &mut [u8], + ) { + #[cfg(not(feature = "simd128"))] + unimplemented!(); + #[cfg(feature = "simd128")] + squeeze_first_block::<2, crate::simd::arm64::uint64x2_t, 136>( + &mut s.state, + [out0, out1], + ); + } + + /// Squeeze next block + #[inline(always)] + #[allow(unused_variables)] // TODO: decide if we want to fall back here + pub fn shake256_squeeze_next_block( + s: &mut KeccakState, + out0: &mut [u8], + out1: &mut [u8], + ) { + #[cfg(not(feature = "simd128"))] + unimplemented!(); + #[cfg(feature = "simd128")] + squeeze_next_block::<2, crate::simd::arm64::uint64x2_t, 136>( + &mut s.state, + [out0, out1], + ); + } + /// Squeeze up to 3 x 4 (N) blocks in parallel, using two [`KeccakState2`]. /// Each block is of size `LEN`. ///