diff --git a/libcrux-ml-kem/c/code_gen.txt b/libcrux-ml-kem/c/code_gen.txt index 1941d5aa3..7535b1c7d 100644 --- a/libcrux-ml-kem/c/code_gen.txt +++ b/libcrux-ml-kem/c/code_gen.txt @@ -3,4 +3,4 @@ Charon: 28d543bfacc902ba9cc2a734b76baae9583892a4 Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 F*: 5643e656b989aca7629723653a2570c7df6252b9-dirty -Libcrux: 97f7cefe14dabf275e4671ffea87e032d7779b71 +Libcrux: 49c07712f755745796ce294c5267a1945b9e9b6b diff --git a/libcrux-ml-kem/c/internal/libcrux_core.h b/libcrux-ml-kem/c/internal/libcrux_core.h index d63ff8521..ae7c89d6d 100644 --- a/libcrux-ml-kem/c/internal/libcrux_core.h +++ b/libcrux-ml-kem/c/internal/libcrux_core.h @@ -8,7 +8,7 @@ * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 * F*: 5643e656b989aca7629723653a2570c7df6252b9-dirty - * Libcrux: 97f7cefe14dabf275e4671ffea87e032d7779b71 + * Libcrux: 49c07712f755745796ce294c5267a1945b9e9b6b */ #ifndef __internal_libcrux_core_H @@ -69,7 +69,7 @@ A monomorphic instance of libcrux_ml_kem.types.from_40 with const generics - SIZE= 1568 */ -libcrux_ml_kem_types_MlKemPublicKey_1f libcrux_ml_kem_types_from_40_601( +libcrux_ml_kem_types_MlKemPublicKey_1f libcrux_ml_kem_types_from_40_cb1( uint8_t value[1568U]); /** @@ -85,7 +85,7 @@ with const generics - PRIVATE_KEY_SIZE= 3168 - PUBLIC_KEY_SIZE= 1568 */ -libcrux_ml_kem_mlkem1024_MlKem1024KeyPair libcrux_ml_kem_types_from_17_8b1( +libcrux_ml_kem_mlkem1024_MlKem1024KeyPair libcrux_ml_kem_types_from_17_dc1( libcrux_ml_kem_types_MlKemPrivateKey_95 sk, libcrux_ml_kem_types_MlKemPublicKey_1f pk); @@ -98,7 +98,7 @@ A monomorphic instance of libcrux_ml_kem.types.from_88 with const generics - SIZE= 3168 */ -libcrux_ml_kem_types_MlKemPrivateKey_95 libcrux_ml_kem_types_from_88_2d1( +libcrux_ml_kem_types_MlKemPrivateKey_95 libcrux_ml_kem_types_from_88_581( uint8_t value[3168U]); /** @@ -110,7 +110,7 @@ A monomorphic instance of libcrux_ml_kem.types.from_40 with const generics - SIZE= 1184 */ -libcrux_ml_kem_types_MlKemPublicKey_15 libcrux_ml_kem_types_from_40_600( +libcrux_ml_kem_types_MlKemPublicKey_15 libcrux_ml_kem_types_from_40_cb0( uint8_t value[1184U]); /** @@ -126,7 +126,7 @@ with const generics - PRIVATE_KEY_SIZE= 2400 - PUBLIC_KEY_SIZE= 1184 */ -libcrux_ml_kem_mlkem768_MlKem768KeyPair libcrux_ml_kem_types_from_17_8b0( +libcrux_ml_kem_mlkem768_MlKem768KeyPair libcrux_ml_kem_types_from_17_dc0( libcrux_ml_kem_types_MlKemPrivateKey_55 sk, libcrux_ml_kem_types_MlKemPublicKey_15 pk); @@ -139,7 +139,7 @@ A monomorphic instance of libcrux_ml_kem.types.from_88 with const generics - SIZE= 2400 */ -libcrux_ml_kem_types_MlKemPrivateKey_55 libcrux_ml_kem_types_from_88_2d0( +libcrux_ml_kem_types_MlKemPrivateKey_55 libcrux_ml_kem_types_from_88_580( uint8_t value[2400U]); /** @@ -151,7 +151,7 @@ A monomorphic instance of libcrux_ml_kem.types.from_40 with const generics - SIZE= 800 */ -libcrux_ml_kem_types_MlKemPublicKey_be libcrux_ml_kem_types_from_40_60( +libcrux_ml_kem_types_MlKemPublicKey_be libcrux_ml_kem_types_from_40_cb( uint8_t value[800U]); /** @@ -167,7 +167,7 @@ with const generics - PRIVATE_KEY_SIZE= 1632 - PUBLIC_KEY_SIZE= 800 */ -libcrux_ml_kem_types_MlKemKeyPair_cb libcrux_ml_kem_types_from_17_8b( +libcrux_ml_kem_types_MlKemKeyPair_cb libcrux_ml_kem_types_from_17_dc( libcrux_ml_kem_types_MlKemPrivateKey_5e sk, libcrux_ml_kem_types_MlKemPublicKey_be pk); @@ -180,7 +180,7 @@ A monomorphic instance of libcrux_ml_kem.types.from_88 with const generics - SIZE= 1632 */ -libcrux_ml_kem_types_MlKemPrivateKey_5e libcrux_ml_kem_types_from_88_2d( +libcrux_ml_kem_types_MlKemPrivateKey_5e libcrux_ml_kem_types_from_88_58( uint8_t value[1632U]); /** @@ -194,7 +194,7 @@ A monomorphic instance of libcrux_ml_kem.types.as_slice_ba with const generics - SIZE= 1184 */ -uint8_t *libcrux_ml_kem_types_as_slice_ba_121( +uint8_t *libcrux_ml_kem_types_as_slice_ba_661( libcrux_ml_kem_types_MlKemPublicKey_15 *self); /** @@ -206,7 +206,7 @@ A monomorphic instance of libcrux_ml_kem.types.from_fc with const generics - SIZE= 1088 */ -libcrux_ml_kem_mlkem768_MlKem768Ciphertext libcrux_ml_kem_types_from_fc_361( +libcrux_ml_kem_mlkem768_MlKem768Ciphertext libcrux_ml_kem_types_from_fc_0e1( uint8_t value[1088U]); /** @@ -218,7 +218,7 @@ A monomorphic instance of libcrux_ml_kem.types.as_ref_fd with const generics - SIZE= 1088 */ -Eurydice_slice libcrux_ml_kem_types_as_ref_fd_ed1( +Eurydice_slice libcrux_ml_kem_types_as_ref_fd_f71( libcrux_ml_kem_mlkem768_MlKem768Ciphertext *self); /** @@ -243,7 +243,7 @@ A monomorphic instance of libcrux_ml_kem.types.as_slice_ba with const generics - SIZE= 800 */ -uint8_t *libcrux_ml_kem_types_as_slice_ba_120( +uint8_t *libcrux_ml_kem_types_as_slice_ba_660( libcrux_ml_kem_types_MlKemPublicKey_be *self); /** @@ -255,7 +255,7 @@ A monomorphic instance of libcrux_ml_kem.types.from_fc with const generics - SIZE= 768 */ -libcrux_ml_kem_types_MlKemCiphertext_e8 libcrux_ml_kem_types_from_fc_360( +libcrux_ml_kem_types_MlKemCiphertext_e8 libcrux_ml_kem_types_from_fc_0e0( uint8_t value[768U]); /** @@ -267,7 +267,7 @@ A monomorphic instance of libcrux_ml_kem.types.as_ref_fd with const generics - SIZE= 768 */ -Eurydice_slice libcrux_ml_kem_types_as_ref_fd_ed0( +Eurydice_slice libcrux_ml_kem_types_as_ref_fd_f70( libcrux_ml_kem_types_MlKemCiphertext_e8 *self); /** @@ -292,7 +292,7 @@ A monomorphic instance of libcrux_ml_kem.types.as_slice_ba with const generics - SIZE= 1568 */ -uint8_t *libcrux_ml_kem_types_as_slice_ba_12( +uint8_t *libcrux_ml_kem_types_as_slice_ba_66( libcrux_ml_kem_types_MlKemPublicKey_1f *self); /** @@ -339,7 +339,7 @@ A monomorphic instance of libcrux_ml_kem.types.from_fc with const generics - SIZE= 1568 */ -libcrux_ml_kem_types_MlKemCiphertext_1f libcrux_ml_kem_types_from_fc_36( +libcrux_ml_kem_types_MlKemCiphertext_1f libcrux_ml_kem_types_from_fc_0e( uint8_t value[1568U]); /** @@ -362,7 +362,7 @@ A monomorphic instance of libcrux_ml_kem.types.as_ref_fd with const generics - SIZE= 1568 */ -Eurydice_slice libcrux_ml_kem_types_as_ref_fd_ed( +Eurydice_slice libcrux_ml_kem_types_as_ref_fd_f7( libcrux_ml_kem_types_MlKemCiphertext_1f *self); /** diff --git a/libcrux-ml-kem/c/internal/libcrux_mlkem_avx2.h b/libcrux-ml-kem/c/internal/libcrux_mlkem_avx2.h index 76a437be1..8f84007b1 100644 --- a/libcrux-ml-kem/c/internal/libcrux_mlkem_avx2.h +++ b/libcrux-ml-kem/c/internal/libcrux_mlkem_avx2.h @@ -8,7 +8,7 @@ * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 * F*: 5643e656b989aca7629723653a2570c7df6252b9-dirty - * Libcrux: 97f7cefe14dabf275e4671ffea87e032d7779b71 + * Libcrux: 49c07712f755745796ce294c5267a1945b9e9b6b */ #ifndef __internal_libcrux_mlkem_avx2_H @@ -48,7 +48,7 @@ with const generics - RANKED_BYTES_PER_RING_ELEMENT= 1152 - PUBLIC_KEY_SIZE= 1184 */ -bool libcrux_ml_kem_ind_cca_validate_public_key_051(uint8_t *public_key); +bool libcrux_ml_kem_ind_cca_validate_public_key_fc1(uint8_t *public_key); /** Validate an ML-KEM private key. @@ -65,7 +65,7 @@ with const generics - SECRET_KEY_SIZE= 2400 - CIPHERTEXT_SIZE= 1088 */ -bool libcrux_ml_kem_ind_cca_validate_private_key_4d1( +bool libcrux_ml_kem_ind_cca_validate_private_key_2e1( libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *_ciphertext); @@ -91,7 +91,7 @@ with const generics - ETA1_RANDOMNESS_SIZE= 128 */ libcrux_ml_kem_mlkem768_MlKem768KeyPair -libcrux_ml_kem_ind_cca_generate_keypair_511(uint8_t randomness[64U]); +libcrux_ml_kem_ind_cca_generate_keypair_cb1(uint8_t randomness[64U]); /** A monomorphic instance of libcrux_ml_kem.ind_cca.encapsulate @@ -112,7 +112,7 @@ with const generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -tuple_3c libcrux_ml_kem_ind_cca_encapsulate_9c1( +tuple_3c libcrux_ml_kem_ind_cca_encapsulate_271( libcrux_ml_kem_types_MlKemPublicKey_15 *public_key, uint8_t randomness[32U]); @@ -138,7 +138,7 @@ with const generics - ETA2_RANDOMNESS_SIZE= 128 - IMPLICIT_REJECTION_HASH_INPUT_SIZE= 1120 */ -void libcrux_ml_kem_ind_cca_decapsulate_971( +void libcrux_ml_kem_ind_cca_decapsulate_061( libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext, uint8_t ret[32U]); @@ -157,7 +157,7 @@ with const generics - RANKED_BYTES_PER_RING_ELEMENT= 1536 - PUBLIC_KEY_SIZE= 1568 */ -bool libcrux_ml_kem_ind_cca_validate_public_key_050(uint8_t *public_key); +bool libcrux_ml_kem_ind_cca_validate_public_key_fc0(uint8_t *public_key); /** Validate an ML-KEM private key. @@ -174,7 +174,7 @@ with const generics - SECRET_KEY_SIZE= 3168 - CIPHERTEXT_SIZE= 1568 */ -bool libcrux_ml_kem_ind_cca_validate_private_key_4d0( +bool libcrux_ml_kem_ind_cca_validate_private_key_2e0( libcrux_ml_kem_types_MlKemPrivateKey_95 *private_key, libcrux_ml_kem_types_MlKemCiphertext_1f *_ciphertext); @@ -200,7 +200,7 @@ with const generics - ETA1_RANDOMNESS_SIZE= 128 */ libcrux_ml_kem_mlkem1024_MlKem1024KeyPair -libcrux_ml_kem_ind_cca_generate_keypair_510(uint8_t randomness[64U]); +libcrux_ml_kem_ind_cca_generate_keypair_cb0(uint8_t randomness[64U]); /** A monomorphic instance of libcrux_ml_kem.ind_cca.encapsulate @@ -221,7 +221,7 @@ with const generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -tuple_21 libcrux_ml_kem_ind_cca_encapsulate_9c0( +tuple_21 libcrux_ml_kem_ind_cca_encapsulate_270( libcrux_ml_kem_types_MlKemPublicKey_1f *public_key, uint8_t randomness[32U]); @@ -247,7 +247,7 @@ with const generics - ETA2_RANDOMNESS_SIZE= 128 - IMPLICIT_REJECTION_HASH_INPUT_SIZE= 1600 */ -void libcrux_ml_kem_ind_cca_decapsulate_970( +void libcrux_ml_kem_ind_cca_decapsulate_060( libcrux_ml_kem_types_MlKemPrivateKey_95 *private_key, libcrux_ml_kem_types_MlKemCiphertext_1f *ciphertext, uint8_t ret[32U]); @@ -266,7 +266,7 @@ with const generics - RANKED_BYTES_PER_RING_ELEMENT= 768 - PUBLIC_KEY_SIZE= 800 */ -bool libcrux_ml_kem_ind_cca_validate_public_key_05(uint8_t *public_key); +bool libcrux_ml_kem_ind_cca_validate_public_key_fc(uint8_t *public_key); /** Validate an ML-KEM private key. @@ -283,7 +283,7 @@ with const generics - SECRET_KEY_SIZE= 1632 - CIPHERTEXT_SIZE= 768 */ -bool libcrux_ml_kem_ind_cca_validate_private_key_4d( +bool libcrux_ml_kem_ind_cca_validate_private_key_2e( libcrux_ml_kem_types_MlKemPrivateKey_5e *private_key, libcrux_ml_kem_types_MlKemCiphertext_e8 *_ciphertext); @@ -308,7 +308,7 @@ with const generics - ETA1= 3 - ETA1_RANDOMNESS_SIZE= 192 */ -libcrux_ml_kem_types_MlKemKeyPair_cb libcrux_ml_kem_ind_cca_generate_keypair_51( +libcrux_ml_kem_types_MlKemKeyPair_cb libcrux_ml_kem_ind_cca_generate_keypair_cb( uint8_t randomness[64U]); /** @@ -330,7 +330,7 @@ with const generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -tuple_ec libcrux_ml_kem_ind_cca_encapsulate_9c( +tuple_ec libcrux_ml_kem_ind_cca_encapsulate_27( libcrux_ml_kem_types_MlKemPublicKey_be *public_key, uint8_t randomness[32U]); @@ -356,7 +356,7 @@ with const generics - ETA2_RANDOMNESS_SIZE= 128 - IMPLICIT_REJECTION_HASH_INPUT_SIZE= 800 */ -void libcrux_ml_kem_ind_cca_decapsulate_97( +void libcrux_ml_kem_ind_cca_decapsulate_06( libcrux_ml_kem_types_MlKemPrivateKey_5e *private_key, libcrux_ml_kem_types_MlKemCiphertext_e8 *ciphertext, uint8_t ret[32U]); diff --git a/libcrux-ml-kem/c/internal/libcrux_mlkem_portable.h b/libcrux-ml-kem/c/internal/libcrux_mlkem_portable.h index dddacb13a..551d1ef93 100644 --- a/libcrux-ml-kem/c/internal/libcrux_mlkem_portable.h +++ b/libcrux-ml-kem/c/internal/libcrux_mlkem_portable.h @@ -8,7 +8,7 @@ * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 * F*: 5643e656b989aca7629723653a2570c7df6252b9-dirty - * Libcrux: 97f7cefe14dabf275e4671ffea87e032d7779b71 + * Libcrux: 49c07712f755745796ce294c5267a1945b9e9b6b */ #ifndef __internal_libcrux_mlkem_portable_H @@ -53,7 +53,7 @@ with const generics - RANKED_BYTES_PER_RING_ELEMENT= 1536 - PUBLIC_KEY_SIZE= 1568 */ -bool libcrux_ml_kem_ind_cca_validate_public_key_951(uint8_t *public_key); +bool libcrux_ml_kem_ind_cca_validate_public_key_831(uint8_t *public_key); /** Validate an ML-KEM private key. @@ -70,7 +70,7 @@ with const generics - SECRET_KEY_SIZE= 3168 - CIPHERTEXT_SIZE= 1568 */ -bool libcrux_ml_kem_ind_cca_validate_private_key_0f( +bool libcrux_ml_kem_ind_cca_validate_private_key_b4( libcrux_ml_kem_types_MlKemPrivateKey_95 *private_key, libcrux_ml_kem_types_MlKemCiphertext_1f *_ciphertext); @@ -96,7 +96,7 @@ libcrux_ml_kem_variant_MlKem with const generics - ETA1_RANDOMNESS_SIZE= 128 */ libcrux_ml_kem_mlkem1024_MlKem1024KeyPair -libcrux_ml_kem_ind_cca_generate_keypair_541(uint8_t randomness[64U]); +libcrux_ml_kem_ind_cca_generate_keypair_791(uint8_t randomness[64U]); /** A monomorphic instance of libcrux_ml_kem.ind_cca.encapsulate @@ -117,7 +117,7 @@ libcrux_ml_kem_variant_MlKem with const generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -tuple_21 libcrux_ml_kem_ind_cca_encapsulate_b11( +tuple_21 libcrux_ml_kem_ind_cca_encapsulate_3a1( libcrux_ml_kem_types_MlKemPublicKey_1f *public_key, uint8_t randomness[32U]); @@ -143,7 +143,7 @@ libcrux_ml_kem_variant_MlKem with const generics - ETA2_RANDOMNESS_SIZE= 128 - IMPLICIT_REJECTION_HASH_INPUT_SIZE= 1600 */ -void libcrux_ml_kem_ind_cca_decapsulate_6a1( +void libcrux_ml_kem_ind_cca_decapsulate_1d1( libcrux_ml_kem_types_MlKemPrivateKey_95 *private_key, libcrux_ml_kem_types_MlKemCiphertext_1f *ciphertext, uint8_t ret[32U]); @@ -162,7 +162,7 @@ with const generics - RANKED_BYTES_PER_RING_ELEMENT= 768 - PUBLIC_KEY_SIZE= 800 */ -bool libcrux_ml_kem_ind_cca_validate_public_key_950(uint8_t *public_key); +bool libcrux_ml_kem_ind_cca_validate_public_key_830(uint8_t *public_key); /** Validate an ML-KEM private key. @@ -179,7 +179,7 @@ with const generics - SECRET_KEY_SIZE= 1632 - CIPHERTEXT_SIZE= 768 */ -bool libcrux_ml_kem_ind_cca_validate_private_key_3d( +bool libcrux_ml_kem_ind_cca_validate_private_key_8f( libcrux_ml_kem_types_MlKemPrivateKey_5e *private_key, libcrux_ml_kem_types_MlKemCiphertext_e8 *_ciphertext); @@ -205,7 +205,7 @@ libcrux_ml_kem_variant_MlKem with const generics - ETA1_RANDOMNESS_SIZE= 192 */ libcrux_ml_kem_types_MlKemKeyPair_cb -libcrux_ml_kem_ind_cca_generate_keypair_540(uint8_t randomness[64U]); +libcrux_ml_kem_ind_cca_generate_keypair_790(uint8_t randomness[64U]); /** A monomorphic instance of libcrux_ml_kem.ind_cca.encapsulate @@ -226,7 +226,7 @@ libcrux_ml_kem_variant_MlKem with const generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -tuple_ec libcrux_ml_kem_ind_cca_encapsulate_b10( +tuple_ec libcrux_ml_kem_ind_cca_encapsulate_3a0( libcrux_ml_kem_types_MlKemPublicKey_be *public_key, uint8_t randomness[32U]); @@ -252,7 +252,7 @@ libcrux_ml_kem_variant_MlKem with const generics - ETA2_RANDOMNESS_SIZE= 128 - IMPLICIT_REJECTION_HASH_INPUT_SIZE= 800 */ -void libcrux_ml_kem_ind_cca_decapsulate_6a0( +void libcrux_ml_kem_ind_cca_decapsulate_1d0( libcrux_ml_kem_types_MlKemPrivateKey_5e *private_key, libcrux_ml_kem_types_MlKemCiphertext_e8 *ciphertext, uint8_t ret[32U]); @@ -271,7 +271,7 @@ with const generics - RANKED_BYTES_PER_RING_ELEMENT= 1152 - PUBLIC_KEY_SIZE= 1184 */ -bool libcrux_ml_kem_ind_cca_validate_public_key_95(uint8_t *public_key); +bool libcrux_ml_kem_ind_cca_validate_public_key_83(uint8_t *public_key); /** Validate an ML-KEM private key. @@ -288,7 +288,7 @@ with const generics - SECRET_KEY_SIZE= 2400 - CIPHERTEXT_SIZE= 1088 */ -bool libcrux_ml_kem_ind_cca_validate_private_key_46( +bool libcrux_ml_kem_ind_cca_validate_private_key_d2( libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *_ciphertext); @@ -314,7 +314,7 @@ libcrux_ml_kem_variant_MlKem with const generics - ETA1_RANDOMNESS_SIZE= 128 */ libcrux_ml_kem_mlkem768_MlKem768KeyPair -libcrux_ml_kem_ind_cca_generate_keypair_54(uint8_t randomness[64U]); +libcrux_ml_kem_ind_cca_generate_keypair_79(uint8_t randomness[64U]); /** A monomorphic instance of libcrux_ml_kem.ind_cca.encapsulate @@ -335,7 +335,7 @@ libcrux_ml_kem_variant_MlKem with const generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -tuple_3c libcrux_ml_kem_ind_cca_encapsulate_b1( +tuple_3c libcrux_ml_kem_ind_cca_encapsulate_3a( libcrux_ml_kem_types_MlKemPublicKey_15 *public_key, uint8_t randomness[32U]); @@ -361,7 +361,7 @@ libcrux_ml_kem_variant_MlKem with const generics - ETA2_RANDOMNESS_SIZE= 128 - IMPLICIT_REJECTION_HASH_INPUT_SIZE= 1120 */ -void libcrux_ml_kem_ind_cca_decapsulate_6a( +void libcrux_ml_kem_ind_cca_decapsulate_1d( libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext, uint8_t ret[32U]); diff --git a/libcrux-ml-kem/c/internal/libcrux_sha3_avx2.h b/libcrux-ml-kem/c/internal/libcrux_sha3_avx2.h index a816870cb..00d90049a 100644 --- a/libcrux-ml-kem/c/internal/libcrux_sha3_avx2.h +++ b/libcrux-ml-kem/c/internal/libcrux_sha3_avx2.h @@ -8,7 +8,7 @@ * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 * F*: 5643e656b989aca7629723653a2570c7df6252b9-dirty - * Libcrux: 97f7cefe14dabf275e4671ffea87e032d7779b71 + * Libcrux: 49c07712f755745796ce294c5267a1945b9e9b6b */ #ifndef __internal_libcrux_sha3_avx2_H diff --git a/libcrux-ml-kem/c/internal/libcrux_sha3_internal.h b/libcrux-ml-kem/c/internal/libcrux_sha3_internal.h index 2728474cc..cfaa6f58c 100644 --- a/libcrux-ml-kem/c/internal/libcrux_sha3_internal.h +++ b/libcrux-ml-kem/c/internal/libcrux_sha3_internal.h @@ -8,7 +8,7 @@ * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 * F*: 5643e656b989aca7629723653a2570c7df6252b9-dirty - * Libcrux: 97f7cefe14dabf275e4671ffea87e032d7779b71 + * Libcrux: 49c07712f755745796ce294c5267a1945b9e9b6b */ #ifndef __internal_libcrux_sha3_internal_H diff --git a/libcrux-ml-kem/c/libcrux_core.c b/libcrux-ml-kem/c/libcrux_core.c index d9873deab..a36c02555 100644 --- a/libcrux-ml-kem/c/libcrux_core.c +++ b/libcrux-ml-kem/c/libcrux_core.c @@ -8,7 +8,7 @@ * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 * F*: 5643e656b989aca7629723653a2570c7df6252b9-dirty - * Libcrux: 97f7cefe14dabf275e4671ffea87e032d7779b71 + * Libcrux: 49c07712f755745796ce294c5267a1945b9e9b6b */ #include "internal/libcrux_core.h" @@ -91,7 +91,7 @@ A monomorphic instance of libcrux_ml_kem.types.from_40 with const generics - SIZE= 1568 */ -libcrux_ml_kem_types_MlKemPublicKey_1f libcrux_ml_kem_types_from_40_601( +libcrux_ml_kem_types_MlKemPublicKey_1f libcrux_ml_kem_types_from_40_cb1( uint8_t value[1568U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_value[1568U]; @@ -114,7 +114,7 @@ with const generics - PRIVATE_KEY_SIZE= 3168 - PUBLIC_KEY_SIZE= 1568 */ -libcrux_ml_kem_mlkem1024_MlKem1024KeyPair libcrux_ml_kem_types_from_17_8b1( +libcrux_ml_kem_mlkem1024_MlKem1024KeyPair libcrux_ml_kem_types_from_17_dc1( libcrux_ml_kem_types_MlKemPrivateKey_95 sk, libcrux_ml_kem_types_MlKemPublicKey_1f pk) { return ( @@ -130,7 +130,7 @@ A monomorphic instance of libcrux_ml_kem.types.from_88 with const generics - SIZE= 3168 */ -libcrux_ml_kem_types_MlKemPrivateKey_95 libcrux_ml_kem_types_from_88_2d1( +libcrux_ml_kem_types_MlKemPrivateKey_95 libcrux_ml_kem_types_from_88_581( uint8_t value[3168U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_value[3168U]; @@ -149,7 +149,7 @@ A monomorphic instance of libcrux_ml_kem.types.from_40 with const generics - SIZE= 1184 */ -libcrux_ml_kem_types_MlKemPublicKey_15 libcrux_ml_kem_types_from_40_600( +libcrux_ml_kem_types_MlKemPublicKey_15 libcrux_ml_kem_types_from_40_cb0( uint8_t value[1184U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_value[1184U]; @@ -172,7 +172,7 @@ with const generics - PRIVATE_KEY_SIZE= 2400 - PUBLIC_KEY_SIZE= 1184 */ -libcrux_ml_kem_mlkem768_MlKem768KeyPair libcrux_ml_kem_types_from_17_8b0( +libcrux_ml_kem_mlkem768_MlKem768KeyPair libcrux_ml_kem_types_from_17_dc0( libcrux_ml_kem_types_MlKemPrivateKey_55 sk, libcrux_ml_kem_types_MlKemPublicKey_15 pk) { return ( @@ -188,7 +188,7 @@ A monomorphic instance of libcrux_ml_kem.types.from_88 with const generics - SIZE= 2400 */ -libcrux_ml_kem_types_MlKemPrivateKey_55 libcrux_ml_kem_types_from_88_2d0( +libcrux_ml_kem_types_MlKemPrivateKey_55 libcrux_ml_kem_types_from_88_580( uint8_t value[2400U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_value[2400U]; @@ -207,7 +207,7 @@ A monomorphic instance of libcrux_ml_kem.types.from_40 with const generics - SIZE= 800 */ -libcrux_ml_kem_types_MlKemPublicKey_be libcrux_ml_kem_types_from_40_60( +libcrux_ml_kem_types_MlKemPublicKey_be libcrux_ml_kem_types_from_40_cb( uint8_t value[800U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_value[800U]; @@ -230,7 +230,7 @@ with const generics - PRIVATE_KEY_SIZE= 1632 - PUBLIC_KEY_SIZE= 800 */ -libcrux_ml_kem_types_MlKemKeyPair_cb libcrux_ml_kem_types_from_17_8b( +libcrux_ml_kem_types_MlKemKeyPair_cb libcrux_ml_kem_types_from_17_dc( libcrux_ml_kem_types_MlKemPrivateKey_5e sk, libcrux_ml_kem_types_MlKemPublicKey_be pk) { return (CLITERAL(libcrux_ml_kem_types_MlKemKeyPair_cb){.sk = sk, .pk = pk}); @@ -245,7 +245,7 @@ A monomorphic instance of libcrux_ml_kem.types.from_88 with const generics - SIZE= 1632 */ -libcrux_ml_kem_types_MlKemPrivateKey_5e libcrux_ml_kem_types_from_88_2d( +libcrux_ml_kem_types_MlKemPrivateKey_5e libcrux_ml_kem_types_from_88_58( uint8_t value[1632U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_value[1632U]; @@ -266,7 +266,7 @@ A monomorphic instance of libcrux_ml_kem.types.as_slice_ba with const generics - SIZE= 1184 */ -uint8_t *libcrux_ml_kem_types_as_slice_ba_121( +uint8_t *libcrux_ml_kem_types_as_slice_ba_661( libcrux_ml_kem_types_MlKemPublicKey_15 *self) { return self->value; } @@ -280,7 +280,7 @@ A monomorphic instance of libcrux_ml_kem.types.from_fc with const generics - SIZE= 1088 */ -libcrux_ml_kem_mlkem768_MlKem768Ciphertext libcrux_ml_kem_types_from_fc_361( +libcrux_ml_kem_mlkem768_MlKem768Ciphertext libcrux_ml_kem_types_from_fc_0e1( uint8_t value[1088U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_value[1088U]; @@ -299,7 +299,7 @@ A monomorphic instance of libcrux_ml_kem.types.as_ref_fd with const generics - SIZE= 1088 */ -Eurydice_slice libcrux_ml_kem_types_as_ref_fd_ed1( +Eurydice_slice libcrux_ml_kem_types_as_ref_fd_f71( libcrux_ml_kem_mlkem768_MlKem768Ciphertext *self) { return Eurydice_array_to_slice((size_t)1088U, self->value, uint8_t); } @@ -334,7 +334,7 @@ A monomorphic instance of libcrux_ml_kem.types.as_slice_ba with const generics - SIZE= 800 */ -uint8_t *libcrux_ml_kem_types_as_slice_ba_120( +uint8_t *libcrux_ml_kem_types_as_slice_ba_660( libcrux_ml_kem_types_MlKemPublicKey_be *self) { return self->value; } @@ -348,7 +348,7 @@ A monomorphic instance of libcrux_ml_kem.types.from_fc with const generics - SIZE= 768 */ -libcrux_ml_kem_types_MlKemCiphertext_e8 libcrux_ml_kem_types_from_fc_360( +libcrux_ml_kem_types_MlKemCiphertext_e8 libcrux_ml_kem_types_from_fc_0e0( uint8_t value[768U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_value[768U]; @@ -367,7 +367,7 @@ A monomorphic instance of libcrux_ml_kem.types.as_ref_fd with const generics - SIZE= 768 */ -Eurydice_slice libcrux_ml_kem_types_as_ref_fd_ed0( +Eurydice_slice libcrux_ml_kem_types_as_ref_fd_f70( libcrux_ml_kem_types_MlKemCiphertext_e8 *self) { return Eurydice_array_to_slice((size_t)768U, self->value, uint8_t); } @@ -402,7 +402,7 @@ A monomorphic instance of libcrux_ml_kem.types.as_slice_ba with const generics - SIZE= 1568 */ -uint8_t *libcrux_ml_kem_types_as_slice_ba_12( +uint8_t *libcrux_ml_kem_types_as_slice_ba_66( libcrux_ml_kem_types_MlKemPublicKey_1f *self) { return self->value; } @@ -456,7 +456,7 @@ A monomorphic instance of libcrux_ml_kem.types.from_fc with const generics - SIZE= 1568 */ -libcrux_ml_kem_types_MlKemCiphertext_1f libcrux_ml_kem_types_from_fc_36( +libcrux_ml_kem_types_MlKemCiphertext_1f libcrux_ml_kem_types_from_fc_0e( uint8_t value[1568U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_value[1568U]; @@ -494,7 +494,7 @@ A monomorphic instance of libcrux_ml_kem.types.as_ref_fd with const generics - SIZE= 1568 */ -Eurydice_slice libcrux_ml_kem_types_as_ref_fd_ed( +Eurydice_slice libcrux_ml_kem_types_as_ref_fd_f7( libcrux_ml_kem_types_MlKemCiphertext_1f *self) { return Eurydice_array_to_slice((size_t)1568U, self->value, uint8_t); } diff --git a/libcrux-ml-kem/c/libcrux_core.h b/libcrux-ml-kem/c/libcrux_core.h index b6fc94baa..d4ec1881f 100644 --- a/libcrux-ml-kem/c/libcrux_core.h +++ b/libcrux-ml-kem/c/libcrux_core.h @@ -8,7 +8,7 @@ * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 * F*: 5643e656b989aca7629723653a2570c7df6252b9-dirty - * Libcrux: 97f7cefe14dabf275e4671ffea87e032d7779b71 + * Libcrux: 49c07712f755745796ce294c5267a1945b9e9b6b */ #ifndef __libcrux_core_H diff --git a/libcrux-ml-kem/c/libcrux_mlkem1024.h b/libcrux-ml-kem/c/libcrux_mlkem1024.h index b3a6aef7e..e60e06687 100644 --- a/libcrux-ml-kem/c/libcrux_mlkem1024.h +++ b/libcrux-ml-kem/c/libcrux_mlkem1024.h @@ -8,7 +8,7 @@ * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 * F*: 5643e656b989aca7629723653a2570c7df6252b9-dirty - * Libcrux: 97f7cefe14dabf275e4671ffea87e032d7779b71 + * Libcrux: 49c07712f755745796ce294c5267a1945b9e9b6b */ #ifndef __libcrux_mlkem1024_H diff --git a/libcrux-ml-kem/c/libcrux_mlkem1024_avx2.c b/libcrux-ml-kem/c/libcrux_mlkem1024_avx2.c index ead7903df..9b2885f42 100644 --- a/libcrux-ml-kem/c/libcrux_mlkem1024_avx2.c +++ b/libcrux-ml-kem/c/libcrux_mlkem1024_avx2.c @@ -8,7 +8,7 @@ * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 * F*: 5643e656b989aca7629723653a2570c7df6252b9-dirty - * Libcrux: 97f7cefe14dabf275e4671ffea87e032d7779b71 + * Libcrux: 49c07712f755745796ce294c5267a1945b9e9b6b */ #include "libcrux_mlkem1024_avx2.h" @@ -38,10 +38,10 @@ with const generics - ETA2_RANDOMNESS_SIZE= 128 - IMPLICIT_REJECTION_HASH_INPUT_SIZE= 1600 */ -static void decapsulate_800( +static void decapsulate_b60( libcrux_ml_kem_types_MlKemPrivateKey_95 *private_key, libcrux_ml_kem_types_MlKemCiphertext_1f *ciphertext, uint8_t ret[32U]) { - libcrux_ml_kem_ind_cca_decapsulate_970(private_key, ciphertext, ret); + libcrux_ml_kem_ind_cca_decapsulate_060(private_key, ciphertext, ret); } /** @@ -54,7 +54,7 @@ static void decapsulate_800( void libcrux_ml_kem_mlkem1024_avx2_decapsulate( libcrux_ml_kem_types_MlKemPrivateKey_95 *private_key, libcrux_ml_kem_types_MlKemCiphertext_1f *ciphertext, uint8_t ret[32U]) { - decapsulate_800(private_key, ciphertext, ret); + decapsulate_b60(private_key, ciphertext, ret); } /** @@ -74,14 +74,14 @@ with const generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -static tuple_21 encapsulate_4d0( +static tuple_21 encapsulate_910( libcrux_ml_kem_types_MlKemPublicKey_1f *public_key, uint8_t randomness[32U]) { libcrux_ml_kem_types_MlKemPublicKey_1f *uu____0 = public_key; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness, (size_t)32U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_encapsulate_9c0(uu____0, copy_of_randomness); + return libcrux_ml_kem_ind_cca_encapsulate_270(uu____0, copy_of_randomness); } /** @@ -98,7 +98,7 @@ tuple_21 libcrux_ml_kem_mlkem1024_avx2_encapsulate( /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness, (size_t)32U * sizeof(uint8_t)); - return encapsulate_4d0(uu____0, copy_of_randomness); + return encapsulate_910(uu____0, copy_of_randomness); } /** @@ -115,12 +115,12 @@ libcrux_ml_kem.ind_cca.instantiations.avx2.generate_keypair with const generics - ETA1= 2 - ETA1_RANDOMNESS_SIZE= 128 */ -static libcrux_ml_kem_mlkem1024_MlKem1024KeyPair generate_keypair_740( +static libcrux_ml_kem_mlkem1024_MlKem1024KeyPair generate_keypair_310( uint8_t randomness[64U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[64U]; memcpy(copy_of_randomness, randomness, (size_t)64U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_generate_keypair_510(copy_of_randomness); + return libcrux_ml_kem_ind_cca_generate_keypair_cb0(copy_of_randomness); } /** @@ -131,7 +131,7 @@ libcrux_ml_kem_mlkem1024_avx2_generate_key_pair(uint8_t randomness[64U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[64U]; memcpy(copy_of_randomness, randomness, (size_t)64U * sizeof(uint8_t)); - return generate_keypair_740(copy_of_randomness); + return generate_keypair_310(copy_of_randomness); } /** @@ -145,10 +145,10 @@ generics - SECRET_KEY_SIZE= 3168 - CIPHERTEXT_SIZE= 1568 */ -static KRML_MUSTINLINE bool validate_private_key_2d0( +static KRML_MUSTINLINE bool validate_private_key_eb0( libcrux_ml_kem_types_MlKemPrivateKey_95 *private_key, libcrux_ml_kem_types_MlKemCiphertext_1f *ciphertext) { - return libcrux_ml_kem_ind_cca_validate_private_key_4d0(private_key, + return libcrux_ml_kem_ind_cca_validate_private_key_2e0(private_key, ciphertext); } @@ -160,7 +160,7 @@ static KRML_MUSTINLINE bool validate_private_key_2d0( bool libcrux_ml_kem_mlkem1024_avx2_validate_private_key( libcrux_ml_kem_types_MlKemPrivateKey_95 *private_key, libcrux_ml_kem_types_MlKemCiphertext_1f *ciphertext) { - return validate_private_key_2d0(private_key, ciphertext); + return validate_private_key_eb0(private_key, ciphertext); } /** @@ -174,8 +174,8 @@ generics - RANKED_BYTES_PER_RING_ELEMENT= 1536 - PUBLIC_KEY_SIZE= 1568 */ -static KRML_MUSTINLINE bool validate_public_key_060(uint8_t *public_key) { - return libcrux_ml_kem_ind_cca_validate_public_key_050(public_key); +static KRML_MUSTINLINE bool validate_public_key_600(uint8_t *public_key) { + return libcrux_ml_kem_ind_cca_validate_public_key_fc0(public_key); } /** @@ -185,5 +185,5 @@ static KRML_MUSTINLINE bool validate_public_key_060(uint8_t *public_key) { */ bool libcrux_ml_kem_mlkem1024_avx2_validate_public_key( libcrux_ml_kem_types_MlKemPublicKey_1f *public_key) { - return validate_public_key_060(public_key->value); + return validate_public_key_600(public_key->value); } diff --git a/libcrux-ml-kem/c/libcrux_mlkem1024_avx2.h b/libcrux-ml-kem/c/libcrux_mlkem1024_avx2.h index 0137867e0..099610b06 100644 --- a/libcrux-ml-kem/c/libcrux_mlkem1024_avx2.h +++ b/libcrux-ml-kem/c/libcrux_mlkem1024_avx2.h @@ -8,7 +8,7 @@ * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 * F*: 5643e656b989aca7629723653a2570c7df6252b9-dirty - * Libcrux: 97f7cefe14dabf275e4671ffea87e032d7779b71 + * Libcrux: 49c07712f755745796ce294c5267a1945b9e9b6b */ #ifndef __libcrux_mlkem1024_avx2_H diff --git a/libcrux-ml-kem/c/libcrux_mlkem1024_portable.c b/libcrux-ml-kem/c/libcrux_mlkem1024_portable.c index 44f7cd132..fbb7dbfdb 100644 --- a/libcrux-ml-kem/c/libcrux_mlkem1024_portable.c +++ b/libcrux-ml-kem/c/libcrux_mlkem1024_portable.c @@ -8,7 +8,7 @@ * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 * F*: 5643e656b989aca7629723653a2570c7df6252b9-dirty - * Libcrux: 97f7cefe14dabf275e4671ffea87e032d7779b71 + * Libcrux: 49c07712f755745796ce294c5267a1945b9e9b6b */ #include "libcrux_mlkem1024_portable.h" @@ -38,10 +38,10 @@ libcrux_ml_kem.ind_cca.instantiations.portable.decapsulate with const generics - ETA2_RANDOMNESS_SIZE= 128 - IMPLICIT_REJECTION_HASH_INPUT_SIZE= 1600 */ -static void decapsulate_c41( +static void decapsulate_1a1( libcrux_ml_kem_types_MlKemPrivateKey_95 *private_key, libcrux_ml_kem_types_MlKemCiphertext_1f *ciphertext, uint8_t ret[32U]) { - libcrux_ml_kem_ind_cca_decapsulate_6a1(private_key, ciphertext, ret); + libcrux_ml_kem_ind_cca_decapsulate_1d1(private_key, ciphertext, ret); } /** @@ -54,7 +54,7 @@ static void decapsulate_c41( void libcrux_ml_kem_mlkem1024_portable_decapsulate( libcrux_ml_kem_types_MlKemPrivateKey_95 *private_key, libcrux_ml_kem_types_MlKemCiphertext_1f *ciphertext, uint8_t ret[32U]) { - decapsulate_c41(private_key, ciphertext, ret); + decapsulate_1a1(private_key, ciphertext, ret); } /** @@ -74,14 +74,14 @@ libcrux_ml_kem.ind_cca.instantiations.portable.encapsulate with const generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -static tuple_21 encapsulate_591( +static tuple_21 encapsulate_ad1( libcrux_ml_kem_types_MlKemPublicKey_1f *public_key, uint8_t randomness[32U]) { libcrux_ml_kem_types_MlKemPublicKey_1f *uu____0 = public_key; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness, (size_t)32U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_encapsulate_b11(uu____0, copy_of_randomness); + return libcrux_ml_kem_ind_cca_encapsulate_3a1(uu____0, copy_of_randomness); } /** @@ -98,7 +98,7 @@ tuple_21 libcrux_ml_kem_mlkem1024_portable_encapsulate( /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness, (size_t)32U * sizeof(uint8_t)); - return encapsulate_591(uu____0, copy_of_randomness); + return encapsulate_ad1(uu____0, copy_of_randomness); } /** @@ -116,12 +116,12 @@ generics - ETA1= 2 - ETA1_RANDOMNESS_SIZE= 128 */ -static libcrux_ml_kem_mlkem1024_MlKem1024KeyPair generate_keypair_6b1( +static libcrux_ml_kem_mlkem1024_MlKem1024KeyPair generate_keypair_6e1( uint8_t randomness[64U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[64U]; memcpy(copy_of_randomness, randomness, (size_t)64U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_generate_keypair_541(copy_of_randomness); + return libcrux_ml_kem_ind_cca_generate_keypair_791(copy_of_randomness); } /** @@ -132,7 +132,7 @@ libcrux_ml_kem_mlkem1024_portable_generate_key_pair(uint8_t randomness[64U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[64U]; memcpy(copy_of_randomness, randomness, (size_t)64U * sizeof(uint8_t)); - return generate_keypair_6b1(copy_of_randomness); + return generate_keypair_6e1(copy_of_randomness); } /** @@ -146,10 +146,10 @@ generics - SECRET_KEY_SIZE= 3168 - CIPHERTEXT_SIZE= 1568 */ -static KRML_MUSTINLINE bool validate_private_key_7c1( +static KRML_MUSTINLINE bool validate_private_key_701( libcrux_ml_kem_types_MlKemPrivateKey_95 *private_key, libcrux_ml_kem_types_MlKemCiphertext_1f *ciphertext) { - return libcrux_ml_kem_ind_cca_validate_private_key_0f(private_key, + return libcrux_ml_kem_ind_cca_validate_private_key_b4(private_key, ciphertext); } @@ -161,7 +161,7 @@ static KRML_MUSTINLINE bool validate_private_key_7c1( bool libcrux_ml_kem_mlkem1024_portable_validate_private_key( libcrux_ml_kem_types_MlKemPrivateKey_95 *private_key, libcrux_ml_kem_types_MlKemCiphertext_1f *ciphertext) { - return validate_private_key_7c1(private_key, ciphertext); + return validate_private_key_701(private_key, ciphertext); } /** @@ -175,8 +175,8 @@ generics - RANKED_BYTES_PER_RING_ELEMENT= 1536 - PUBLIC_KEY_SIZE= 1568 */ -static KRML_MUSTINLINE bool validate_public_key_981(uint8_t *public_key) { - return libcrux_ml_kem_ind_cca_validate_public_key_951(public_key); +static KRML_MUSTINLINE bool validate_public_key_0f1(uint8_t *public_key) { + return libcrux_ml_kem_ind_cca_validate_public_key_831(public_key); } /** @@ -186,5 +186,5 @@ static KRML_MUSTINLINE bool validate_public_key_981(uint8_t *public_key) { */ bool libcrux_ml_kem_mlkem1024_portable_validate_public_key( libcrux_ml_kem_types_MlKemPublicKey_1f *public_key) { - return validate_public_key_981(public_key->value); + return validate_public_key_0f1(public_key->value); } diff --git a/libcrux-ml-kem/c/libcrux_mlkem1024_portable.h b/libcrux-ml-kem/c/libcrux_mlkem1024_portable.h index f90019244..a2cca8cf5 100644 --- a/libcrux-ml-kem/c/libcrux_mlkem1024_portable.h +++ b/libcrux-ml-kem/c/libcrux_mlkem1024_portable.h @@ -8,7 +8,7 @@ * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 * F*: 5643e656b989aca7629723653a2570c7df6252b9-dirty - * Libcrux: 97f7cefe14dabf275e4671ffea87e032d7779b71 + * Libcrux: 49c07712f755745796ce294c5267a1945b9e9b6b */ #ifndef __libcrux_mlkem1024_portable_H diff --git a/libcrux-ml-kem/c/libcrux_mlkem512.h b/libcrux-ml-kem/c/libcrux_mlkem512.h index c5a45c75e..7de9f7e14 100644 --- a/libcrux-ml-kem/c/libcrux_mlkem512.h +++ b/libcrux-ml-kem/c/libcrux_mlkem512.h @@ -8,7 +8,7 @@ * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 * F*: 5643e656b989aca7629723653a2570c7df6252b9-dirty - * Libcrux: 97f7cefe14dabf275e4671ffea87e032d7779b71 + * Libcrux: 49c07712f755745796ce294c5267a1945b9e9b6b */ #ifndef __libcrux_mlkem512_H diff --git a/libcrux-ml-kem/c/libcrux_mlkem512_avx2.c b/libcrux-ml-kem/c/libcrux_mlkem512_avx2.c index dbd91535d..e6951581f 100644 --- a/libcrux-ml-kem/c/libcrux_mlkem512_avx2.c +++ b/libcrux-ml-kem/c/libcrux_mlkem512_avx2.c @@ -8,7 +8,7 @@ * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 * F*: 5643e656b989aca7629723653a2570c7df6252b9-dirty - * Libcrux: 97f7cefe14dabf275e4671ffea87e032d7779b71 + * Libcrux: 49c07712f755745796ce294c5267a1945b9e9b6b */ #include "libcrux_mlkem512_avx2.h" @@ -38,10 +38,10 @@ with const generics - ETA2_RANDOMNESS_SIZE= 128 - IMPLICIT_REJECTION_HASH_INPUT_SIZE= 800 */ -static void decapsulate_80(libcrux_ml_kem_types_MlKemPrivateKey_5e *private_key, +static void decapsulate_b6(libcrux_ml_kem_types_MlKemPrivateKey_5e *private_key, libcrux_ml_kem_types_MlKemCiphertext_e8 *ciphertext, uint8_t ret[32U]) { - libcrux_ml_kem_ind_cca_decapsulate_97(private_key, ciphertext, ret); + libcrux_ml_kem_ind_cca_decapsulate_06(private_key, ciphertext, ret); } /** @@ -54,7 +54,7 @@ static void decapsulate_80(libcrux_ml_kem_types_MlKemPrivateKey_5e *private_key, void libcrux_ml_kem_mlkem512_avx2_decapsulate( libcrux_ml_kem_types_MlKemPrivateKey_5e *private_key, libcrux_ml_kem_types_MlKemCiphertext_e8 *ciphertext, uint8_t ret[32U]) { - decapsulate_80(private_key, ciphertext, ret); + decapsulate_b6(private_key, ciphertext, ret); } /** @@ -74,14 +74,14 @@ with const generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -static tuple_ec encapsulate_4d( +static tuple_ec encapsulate_91( libcrux_ml_kem_types_MlKemPublicKey_be *public_key, uint8_t randomness[32U]) { libcrux_ml_kem_types_MlKemPublicKey_be *uu____0 = public_key; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness, (size_t)32U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_encapsulate_9c(uu____0, copy_of_randomness); + return libcrux_ml_kem_ind_cca_encapsulate_27(uu____0, copy_of_randomness); } /** @@ -98,7 +98,7 @@ tuple_ec libcrux_ml_kem_mlkem512_avx2_encapsulate( /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness, (size_t)32U * sizeof(uint8_t)); - return encapsulate_4d(uu____0, copy_of_randomness); + return encapsulate_91(uu____0, copy_of_randomness); } /** @@ -115,12 +115,12 @@ libcrux_ml_kem.ind_cca.instantiations.avx2.generate_keypair with const generics - ETA1= 3 - ETA1_RANDOMNESS_SIZE= 192 */ -static libcrux_ml_kem_types_MlKemKeyPair_cb generate_keypair_74( +static libcrux_ml_kem_types_MlKemKeyPair_cb generate_keypair_31( uint8_t randomness[64U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[64U]; memcpy(copy_of_randomness, randomness, (size_t)64U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_generate_keypair_51(copy_of_randomness); + return libcrux_ml_kem_ind_cca_generate_keypair_cb(copy_of_randomness); } /** @@ -131,7 +131,7 @@ libcrux_ml_kem_mlkem512_avx2_generate_key_pair(uint8_t randomness[64U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[64U]; memcpy(copy_of_randomness, randomness, (size_t)64U * sizeof(uint8_t)); - return generate_keypair_74(copy_of_randomness); + return generate_keypair_31(copy_of_randomness); } /** @@ -145,10 +145,10 @@ generics - SECRET_KEY_SIZE= 1632 - CIPHERTEXT_SIZE= 768 */ -static KRML_MUSTINLINE bool validate_private_key_2d( +static KRML_MUSTINLINE bool validate_private_key_eb( libcrux_ml_kem_types_MlKemPrivateKey_5e *private_key, libcrux_ml_kem_types_MlKemCiphertext_e8 *ciphertext) { - return libcrux_ml_kem_ind_cca_validate_private_key_4d(private_key, + return libcrux_ml_kem_ind_cca_validate_private_key_2e(private_key, ciphertext); } @@ -160,7 +160,7 @@ static KRML_MUSTINLINE bool validate_private_key_2d( bool libcrux_ml_kem_mlkem512_avx2_validate_private_key( libcrux_ml_kem_types_MlKemPrivateKey_5e *private_key, libcrux_ml_kem_types_MlKemCiphertext_e8 *ciphertext) { - return validate_private_key_2d(private_key, ciphertext); + return validate_private_key_eb(private_key, ciphertext); } /** @@ -174,8 +174,8 @@ generics - RANKED_BYTES_PER_RING_ELEMENT= 768 - PUBLIC_KEY_SIZE= 800 */ -static KRML_MUSTINLINE bool validate_public_key_06(uint8_t *public_key) { - return libcrux_ml_kem_ind_cca_validate_public_key_05(public_key); +static KRML_MUSTINLINE bool validate_public_key_60(uint8_t *public_key) { + return libcrux_ml_kem_ind_cca_validate_public_key_fc(public_key); } /** @@ -185,5 +185,5 @@ static KRML_MUSTINLINE bool validate_public_key_06(uint8_t *public_key) { */ bool libcrux_ml_kem_mlkem512_avx2_validate_public_key( libcrux_ml_kem_types_MlKemPublicKey_be *public_key) { - return validate_public_key_06(public_key->value); + return validate_public_key_60(public_key->value); } diff --git a/libcrux-ml-kem/c/libcrux_mlkem512_avx2.h b/libcrux-ml-kem/c/libcrux_mlkem512_avx2.h index 52b13f940..3025f2b4d 100644 --- a/libcrux-ml-kem/c/libcrux_mlkem512_avx2.h +++ b/libcrux-ml-kem/c/libcrux_mlkem512_avx2.h @@ -8,7 +8,7 @@ * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 * F*: 5643e656b989aca7629723653a2570c7df6252b9-dirty - * Libcrux: 97f7cefe14dabf275e4671ffea87e032d7779b71 + * Libcrux: 49c07712f755745796ce294c5267a1945b9e9b6b */ #ifndef __libcrux_mlkem512_avx2_H diff --git a/libcrux-ml-kem/c/libcrux_mlkem512_portable.c b/libcrux-ml-kem/c/libcrux_mlkem512_portable.c index 1ccf583ba..95a3fce57 100644 --- a/libcrux-ml-kem/c/libcrux_mlkem512_portable.c +++ b/libcrux-ml-kem/c/libcrux_mlkem512_portable.c @@ -8,7 +8,7 @@ * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 * F*: 5643e656b989aca7629723653a2570c7df6252b9-dirty - * Libcrux: 97f7cefe14dabf275e4671ffea87e032d7779b71 + * Libcrux: 49c07712f755745796ce294c5267a1945b9e9b6b */ #include "libcrux_mlkem512_portable.h" @@ -38,10 +38,10 @@ libcrux_ml_kem.ind_cca.instantiations.portable.decapsulate with const generics - ETA2_RANDOMNESS_SIZE= 128 - IMPLICIT_REJECTION_HASH_INPUT_SIZE= 800 */ -static void decapsulate_c40( +static void decapsulate_1a0( libcrux_ml_kem_types_MlKemPrivateKey_5e *private_key, libcrux_ml_kem_types_MlKemCiphertext_e8 *ciphertext, uint8_t ret[32U]) { - libcrux_ml_kem_ind_cca_decapsulate_6a0(private_key, ciphertext, ret); + libcrux_ml_kem_ind_cca_decapsulate_1d0(private_key, ciphertext, ret); } /** @@ -54,7 +54,7 @@ static void decapsulate_c40( void libcrux_ml_kem_mlkem512_portable_decapsulate( libcrux_ml_kem_types_MlKemPrivateKey_5e *private_key, libcrux_ml_kem_types_MlKemCiphertext_e8 *ciphertext, uint8_t ret[32U]) { - decapsulate_c40(private_key, ciphertext, ret); + decapsulate_1a0(private_key, ciphertext, ret); } /** @@ -74,14 +74,14 @@ libcrux_ml_kem.ind_cca.instantiations.portable.encapsulate with const generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -static tuple_ec encapsulate_590( +static tuple_ec encapsulate_ad0( libcrux_ml_kem_types_MlKemPublicKey_be *public_key, uint8_t randomness[32U]) { libcrux_ml_kem_types_MlKemPublicKey_be *uu____0 = public_key; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness, (size_t)32U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_encapsulate_b10(uu____0, copy_of_randomness); + return libcrux_ml_kem_ind_cca_encapsulate_3a0(uu____0, copy_of_randomness); } /** @@ -98,7 +98,7 @@ tuple_ec libcrux_ml_kem_mlkem512_portable_encapsulate( /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness, (size_t)32U * sizeof(uint8_t)); - return encapsulate_590(uu____0, copy_of_randomness); + return encapsulate_ad0(uu____0, copy_of_randomness); } /** @@ -116,12 +116,12 @@ generics - ETA1= 3 - ETA1_RANDOMNESS_SIZE= 192 */ -static libcrux_ml_kem_types_MlKemKeyPair_cb generate_keypair_6b0( +static libcrux_ml_kem_types_MlKemKeyPair_cb generate_keypair_6e0( uint8_t randomness[64U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[64U]; memcpy(copy_of_randomness, randomness, (size_t)64U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_generate_keypair_540(copy_of_randomness); + return libcrux_ml_kem_ind_cca_generate_keypair_790(copy_of_randomness); } /** @@ -132,7 +132,7 @@ libcrux_ml_kem_mlkem512_portable_generate_key_pair(uint8_t randomness[64U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[64U]; memcpy(copy_of_randomness, randomness, (size_t)64U * sizeof(uint8_t)); - return generate_keypair_6b0(copy_of_randomness); + return generate_keypair_6e0(copy_of_randomness); } /** @@ -146,10 +146,10 @@ generics - SECRET_KEY_SIZE= 1632 - CIPHERTEXT_SIZE= 768 */ -static KRML_MUSTINLINE bool validate_private_key_7c0( +static KRML_MUSTINLINE bool validate_private_key_700( libcrux_ml_kem_types_MlKemPrivateKey_5e *private_key, libcrux_ml_kem_types_MlKemCiphertext_e8 *ciphertext) { - return libcrux_ml_kem_ind_cca_validate_private_key_3d(private_key, + return libcrux_ml_kem_ind_cca_validate_private_key_8f(private_key, ciphertext); } @@ -161,7 +161,7 @@ static KRML_MUSTINLINE bool validate_private_key_7c0( bool libcrux_ml_kem_mlkem512_portable_validate_private_key( libcrux_ml_kem_types_MlKemPrivateKey_5e *private_key, libcrux_ml_kem_types_MlKemCiphertext_e8 *ciphertext) { - return validate_private_key_7c0(private_key, ciphertext); + return validate_private_key_700(private_key, ciphertext); } /** @@ -175,8 +175,8 @@ generics - RANKED_BYTES_PER_RING_ELEMENT= 768 - PUBLIC_KEY_SIZE= 800 */ -static KRML_MUSTINLINE bool validate_public_key_980(uint8_t *public_key) { - return libcrux_ml_kem_ind_cca_validate_public_key_950(public_key); +static KRML_MUSTINLINE bool validate_public_key_0f0(uint8_t *public_key) { + return libcrux_ml_kem_ind_cca_validate_public_key_830(public_key); } /** @@ -186,5 +186,5 @@ static KRML_MUSTINLINE bool validate_public_key_980(uint8_t *public_key) { */ bool libcrux_ml_kem_mlkem512_portable_validate_public_key( libcrux_ml_kem_types_MlKemPublicKey_be *public_key) { - return validate_public_key_980(public_key->value); + return validate_public_key_0f0(public_key->value); } diff --git a/libcrux-ml-kem/c/libcrux_mlkem512_portable.h b/libcrux-ml-kem/c/libcrux_mlkem512_portable.h index 1d12a463f..25fd5d188 100644 --- a/libcrux-ml-kem/c/libcrux_mlkem512_portable.h +++ b/libcrux-ml-kem/c/libcrux_mlkem512_portable.h @@ -8,7 +8,7 @@ * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 * F*: 5643e656b989aca7629723653a2570c7df6252b9-dirty - * Libcrux: 97f7cefe14dabf275e4671ffea87e032d7779b71 + * Libcrux: 49c07712f755745796ce294c5267a1945b9e9b6b */ #ifndef __libcrux_mlkem512_portable_H diff --git a/libcrux-ml-kem/c/libcrux_mlkem768.h b/libcrux-ml-kem/c/libcrux_mlkem768.h index 8c310f854..6a373e3b5 100644 --- a/libcrux-ml-kem/c/libcrux_mlkem768.h +++ b/libcrux-ml-kem/c/libcrux_mlkem768.h @@ -8,7 +8,7 @@ * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 * F*: 5643e656b989aca7629723653a2570c7df6252b9-dirty - * Libcrux: 97f7cefe14dabf275e4671ffea87e032d7779b71 + * Libcrux: 49c07712f755745796ce294c5267a1945b9e9b6b */ #ifndef __libcrux_mlkem768_H diff --git a/libcrux-ml-kem/c/libcrux_mlkem768_avx2.c b/libcrux-ml-kem/c/libcrux_mlkem768_avx2.c index 40d410fc0..4f10dd106 100644 --- a/libcrux-ml-kem/c/libcrux_mlkem768_avx2.c +++ b/libcrux-ml-kem/c/libcrux_mlkem768_avx2.c @@ -8,7 +8,7 @@ * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 * F*: 5643e656b989aca7629723653a2570c7df6252b9-dirty - * Libcrux: 97f7cefe14dabf275e4671ffea87e032d7779b71 + * Libcrux: 49c07712f755745796ce294c5267a1945b9e9b6b */ #include "libcrux_mlkem768_avx2.h" @@ -38,10 +38,10 @@ with const generics - ETA2_RANDOMNESS_SIZE= 128 - IMPLICIT_REJECTION_HASH_INPUT_SIZE= 1120 */ -static void decapsulate_801( +static void decapsulate_b61( libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext, uint8_t ret[32U]) { - libcrux_ml_kem_ind_cca_decapsulate_971(private_key, ciphertext, ret); + libcrux_ml_kem_ind_cca_decapsulate_061(private_key, ciphertext, ret); } /** @@ -54,7 +54,7 @@ static void decapsulate_801( void libcrux_ml_kem_mlkem768_avx2_decapsulate( libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext, uint8_t ret[32U]) { - decapsulate_801(private_key, ciphertext, ret); + decapsulate_b61(private_key, ciphertext, ret); } /** @@ -74,14 +74,14 @@ with const generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -static tuple_3c encapsulate_4d1( +static tuple_3c encapsulate_911( libcrux_ml_kem_types_MlKemPublicKey_15 *public_key, uint8_t randomness[32U]) { libcrux_ml_kem_types_MlKemPublicKey_15 *uu____0 = public_key; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness, (size_t)32U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_encapsulate_9c1(uu____0, copy_of_randomness); + return libcrux_ml_kem_ind_cca_encapsulate_271(uu____0, copy_of_randomness); } /** @@ -98,7 +98,7 @@ tuple_3c libcrux_ml_kem_mlkem768_avx2_encapsulate( /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness, (size_t)32U * sizeof(uint8_t)); - return encapsulate_4d1(uu____0, copy_of_randomness); + return encapsulate_911(uu____0, copy_of_randomness); } /** @@ -115,12 +115,12 @@ libcrux_ml_kem.ind_cca.instantiations.avx2.generate_keypair with const generics - ETA1= 2 - ETA1_RANDOMNESS_SIZE= 128 */ -static libcrux_ml_kem_mlkem768_MlKem768KeyPair generate_keypair_741( +static libcrux_ml_kem_mlkem768_MlKem768KeyPair generate_keypair_311( uint8_t randomness[64U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[64U]; memcpy(copy_of_randomness, randomness, (size_t)64U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_generate_keypair_511(copy_of_randomness); + return libcrux_ml_kem_ind_cca_generate_keypair_cb1(copy_of_randomness); } /** @@ -131,7 +131,7 @@ libcrux_ml_kem_mlkem768_avx2_generate_key_pair(uint8_t randomness[64U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[64U]; memcpy(copy_of_randomness, randomness, (size_t)64U * sizeof(uint8_t)); - return generate_keypair_741(copy_of_randomness); + return generate_keypair_311(copy_of_randomness); } /** @@ -145,10 +145,10 @@ generics - SECRET_KEY_SIZE= 2400 - CIPHERTEXT_SIZE= 1088 */ -static KRML_MUSTINLINE bool validate_private_key_2d1( +static KRML_MUSTINLINE bool validate_private_key_eb1( libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext) { - return libcrux_ml_kem_ind_cca_validate_private_key_4d1(private_key, + return libcrux_ml_kem_ind_cca_validate_private_key_2e1(private_key, ciphertext); } @@ -160,7 +160,7 @@ static KRML_MUSTINLINE bool validate_private_key_2d1( bool libcrux_ml_kem_mlkem768_avx2_validate_private_key( libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext) { - return validate_private_key_2d1(private_key, ciphertext); + return validate_private_key_eb1(private_key, ciphertext); } /** @@ -174,8 +174,8 @@ generics - RANKED_BYTES_PER_RING_ELEMENT= 1152 - PUBLIC_KEY_SIZE= 1184 */ -static KRML_MUSTINLINE bool validate_public_key_061(uint8_t *public_key) { - return libcrux_ml_kem_ind_cca_validate_public_key_051(public_key); +static KRML_MUSTINLINE bool validate_public_key_601(uint8_t *public_key) { + return libcrux_ml_kem_ind_cca_validate_public_key_fc1(public_key); } /** @@ -185,5 +185,5 @@ static KRML_MUSTINLINE bool validate_public_key_061(uint8_t *public_key) { */ bool libcrux_ml_kem_mlkem768_avx2_validate_public_key( libcrux_ml_kem_types_MlKemPublicKey_15 *public_key) { - return validate_public_key_061(public_key->value); + return validate_public_key_601(public_key->value); } diff --git a/libcrux-ml-kem/c/libcrux_mlkem768_avx2.h b/libcrux-ml-kem/c/libcrux_mlkem768_avx2.h index a2ee6c8d8..05da09c21 100644 --- a/libcrux-ml-kem/c/libcrux_mlkem768_avx2.h +++ b/libcrux-ml-kem/c/libcrux_mlkem768_avx2.h @@ -8,7 +8,7 @@ * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 * F*: 5643e656b989aca7629723653a2570c7df6252b9-dirty - * Libcrux: 97f7cefe14dabf275e4671ffea87e032d7779b71 + * Libcrux: 49c07712f755745796ce294c5267a1945b9e9b6b */ #ifndef __libcrux_mlkem768_avx2_H diff --git a/libcrux-ml-kem/c/libcrux_mlkem768_portable.c b/libcrux-ml-kem/c/libcrux_mlkem768_portable.c index 67296e121..a4e0c33da 100644 --- a/libcrux-ml-kem/c/libcrux_mlkem768_portable.c +++ b/libcrux-ml-kem/c/libcrux_mlkem768_portable.c @@ -8,7 +8,7 @@ * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 * F*: 5643e656b989aca7629723653a2570c7df6252b9-dirty - * Libcrux: 97f7cefe14dabf275e4671ffea87e032d7779b71 + * Libcrux: 49c07712f755745796ce294c5267a1945b9e9b6b */ #include "libcrux_mlkem768_portable.h" @@ -38,10 +38,10 @@ libcrux_ml_kem.ind_cca.instantiations.portable.decapsulate with const generics - ETA2_RANDOMNESS_SIZE= 128 - IMPLICIT_REJECTION_HASH_INPUT_SIZE= 1120 */ -static void decapsulate_c4( +static void decapsulate_1a( libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext, uint8_t ret[32U]) { - libcrux_ml_kem_ind_cca_decapsulate_6a(private_key, ciphertext, ret); + libcrux_ml_kem_ind_cca_decapsulate_1d(private_key, ciphertext, ret); } /** @@ -54,7 +54,7 @@ static void decapsulate_c4( void libcrux_ml_kem_mlkem768_portable_decapsulate( libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext, uint8_t ret[32U]) { - decapsulate_c4(private_key, ciphertext, ret); + decapsulate_1a(private_key, ciphertext, ret); } /** @@ -74,14 +74,14 @@ libcrux_ml_kem.ind_cca.instantiations.portable.encapsulate with const generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -static tuple_3c encapsulate_59( +static tuple_3c encapsulate_ad( libcrux_ml_kem_types_MlKemPublicKey_15 *public_key, uint8_t randomness[32U]) { libcrux_ml_kem_types_MlKemPublicKey_15 *uu____0 = public_key; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness, (size_t)32U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_encapsulate_b1(uu____0, copy_of_randomness); + return libcrux_ml_kem_ind_cca_encapsulate_3a(uu____0, copy_of_randomness); } /** @@ -98,7 +98,7 @@ tuple_3c libcrux_ml_kem_mlkem768_portable_encapsulate( /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness, (size_t)32U * sizeof(uint8_t)); - return encapsulate_59(uu____0, copy_of_randomness); + return encapsulate_ad(uu____0, copy_of_randomness); } /** @@ -116,12 +116,12 @@ generics - ETA1= 2 - ETA1_RANDOMNESS_SIZE= 128 */ -static libcrux_ml_kem_mlkem768_MlKem768KeyPair generate_keypair_6b( +static libcrux_ml_kem_mlkem768_MlKem768KeyPair generate_keypair_6e( uint8_t randomness[64U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[64U]; memcpy(copy_of_randomness, randomness, (size_t)64U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_generate_keypair_54(copy_of_randomness); + return libcrux_ml_kem_ind_cca_generate_keypair_79(copy_of_randomness); } /** @@ -132,7 +132,7 @@ libcrux_ml_kem_mlkem768_portable_generate_key_pair(uint8_t randomness[64U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[64U]; memcpy(copy_of_randomness, randomness, (size_t)64U * sizeof(uint8_t)); - return generate_keypair_6b(copy_of_randomness); + return generate_keypair_6e(copy_of_randomness); } /** @@ -146,10 +146,10 @@ generics - SECRET_KEY_SIZE= 2400 - CIPHERTEXT_SIZE= 1088 */ -static KRML_MUSTINLINE bool validate_private_key_7c( +static KRML_MUSTINLINE bool validate_private_key_70( libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext) { - return libcrux_ml_kem_ind_cca_validate_private_key_46(private_key, + return libcrux_ml_kem_ind_cca_validate_private_key_d2(private_key, ciphertext); } @@ -161,7 +161,7 @@ static KRML_MUSTINLINE bool validate_private_key_7c( bool libcrux_ml_kem_mlkem768_portable_validate_private_key( libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext) { - return validate_private_key_7c(private_key, ciphertext); + return validate_private_key_70(private_key, ciphertext); } /** @@ -175,8 +175,8 @@ generics - RANKED_BYTES_PER_RING_ELEMENT= 1152 - PUBLIC_KEY_SIZE= 1184 */ -static KRML_MUSTINLINE bool validate_public_key_98(uint8_t *public_key) { - return libcrux_ml_kem_ind_cca_validate_public_key_95(public_key); +static KRML_MUSTINLINE bool validate_public_key_0f(uint8_t *public_key) { + return libcrux_ml_kem_ind_cca_validate_public_key_83(public_key); } /** @@ -186,5 +186,5 @@ static KRML_MUSTINLINE bool validate_public_key_98(uint8_t *public_key) { */ bool libcrux_ml_kem_mlkem768_portable_validate_public_key( libcrux_ml_kem_types_MlKemPublicKey_15 *public_key) { - return validate_public_key_98(public_key->value); + return validate_public_key_0f(public_key->value); } diff --git a/libcrux-ml-kem/c/libcrux_mlkem768_portable.h b/libcrux-ml-kem/c/libcrux_mlkem768_portable.h index 8ba4db78e..8a0a911df 100644 --- a/libcrux-ml-kem/c/libcrux_mlkem768_portable.h +++ b/libcrux-ml-kem/c/libcrux_mlkem768_portable.h @@ -8,7 +8,7 @@ * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 * F*: 5643e656b989aca7629723653a2570c7df6252b9-dirty - * Libcrux: 97f7cefe14dabf275e4671ffea87e032d7779b71 + * Libcrux: 49c07712f755745796ce294c5267a1945b9e9b6b */ #ifndef __libcrux_mlkem768_portable_H diff --git a/libcrux-ml-kem/c/libcrux_mlkem_avx2.c b/libcrux-ml-kem/c/libcrux_mlkem_avx2.c index 21d70b037..1e4a5327d 100644 --- a/libcrux-ml-kem/c/libcrux_mlkem_avx2.c +++ b/libcrux-ml-kem/c/libcrux_mlkem_avx2.c @@ -8,7 +8,7 @@ * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 * F*: 5643e656b989aca7629723653a2570c7df6252b9-dirty - * Libcrux: 97f7cefe14dabf275e4671ffea87e032d7779b71 + * Libcrux: 49c07712f755745796ce294c5267a1945b9e9b6b */ #include "internal/libcrux_mlkem_avx2.h" @@ -74,6 +74,22 @@ void libcrux_ml_kem_vector_avx2_to_i16_array_ea(__m256i x, int16_t ret[16U]) { libcrux_ml_kem_vector_avx2_to_i16_array(x, ret); } +/** +This function found in impl {(libcrux_ml_kem::vector::traits::Operations for +libcrux_ml_kem::vector::avx2::SIMD256Vector)} +*/ +void libcrux_ml_kem_vector_avx2_to_bytes_ea(__m256i x, Eurydice_slice out) { + mm256_storeu_si256_u8(out, x); +} + +/** +This function found in impl {(libcrux_ml_kem::vector::traits::Operations for +libcrux_ml_kem::vector::avx2::SIMD256Vector)} +*/ +__m256i libcrux_ml_kem_vector_avx2_from_bytes_ea(Eurydice_slice bytes) { + return mm256_loadu_si256_u8(bytes); +} + KRML_MUSTINLINE __m256i libcrux_ml_kem_vector_avx2_arithmetic_add(__m256i lhs, __m256i rhs) { return mm256_add_epi16(lhs, rhs); @@ -1070,7 +1086,7 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -deserialize_to_reduced_ring_element_1b(Eurydice_slice serialized) { +deserialize_to_reduced_ring_element_a9(Eurydice_slice serialized) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 re = ZERO_d6_7d(); for (size_t i = (size_t)0U; i < Eurydice_slice_len(serialized, uint8_t) / (size_t)24U; i++) { @@ -1094,7 +1110,7 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - PUBLIC_KEY_SIZE= 1184 - K= 3 */ -static KRML_MUSTINLINE void deserialize_ring_elements_reduced_8c4( +static KRML_MUSTINLINE void deserialize_ring_elements_reduced_7d4( Eurydice_slice public_key, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *deserialized_pk) { for (size_t i = (size_t)0U; @@ -1108,7 +1124,7 @@ static KRML_MUSTINLINE void deserialize_ring_elements_reduced_8c4( LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT, uint8_t); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 uu____0 = - deserialize_to_reduced_ring_element_1b(ring_element); + deserialize_to_reduced_ring_element_a9(ring_element); deserialized_pk[i0] = uu____0; } } @@ -1126,13 +1142,13 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - PUBLIC_KEY_SIZE= 1184 - K= 3 */ -static KRML_MUSTINLINE void deserialize_ring_elements_reduced_out_661( +static KRML_MUSTINLINE void deserialize_ring_elements_reduced_out_611( Eurydice_slice public_key, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 ret[3U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 deserialized_pk[3U]; KRML_MAYBE_FOR3(i, (size_t)0U, (size_t)3U, (size_t)1U, deserialized_pk[i] = ZERO_d6_7d();); - deserialize_ring_elements_reduced_8c4(public_key, deserialized_pk); + deserialize_ring_elements_reduced_7d4(public_key, deserialized_pk); memcpy( ret, deserialized_pk, (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); @@ -1143,7 +1159,7 @@ A monomorphic instance of libcrux_ml_kem.vector.avx2.arithmetic.shift_right with const generics - SHIFT_BY= 15 */ -static KRML_MUSTINLINE __m256i shift_right_84(__m256i vector) { +static KRML_MUSTINLINE __m256i shift_right_ba(__m256i vector) { return mm256_srai_epi16((int32_t)15, vector, __m256i); } @@ -1156,8 +1172,8 @@ A monomorphic instance of libcrux_ml_kem.vector.avx2.shift_right_ea with const generics - SHIFT_BY= 15 */ -static __m256i shift_right_ea_fc(__m256i vector) { - return shift_right_84(vector); +static __m256i shift_right_ea_50(__m256i vector) { + return shift_right_ba(vector); } /** @@ -1166,8 +1182,8 @@ libcrux_ml_kem.vector.traits.to_unsigned_representative with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ -static __m256i to_unsigned_representative_c0(__m256i a) { - __m256i t = shift_right_ea_fc(a); +static __m256i to_unsigned_representative_09(__m256i a) { + __m256i t = shift_right_ea_50(a); __m256i fm = libcrux_ml_kem_vector_avx2_bitwise_and_with_constant_ea( t, LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_MODULUS); return libcrux_ml_kem_vector_avx2_add_ea(a, &fm); @@ -1179,13 +1195,13 @@ libcrux_ml_kem.serialize.serialize_uncompressed_ring_element with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ -static KRML_MUSTINLINE void serialize_uncompressed_ring_element_53( +static KRML_MUSTINLINE void serialize_uncompressed_ring_element_a3( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re, uint8_t ret[384U]) { uint8_t serialized[384U] = {0U}; for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { size_t i0 = i; - __m256i coefficient = to_unsigned_representative_c0(re->coefficients[i0]); + __m256i coefficient = to_unsigned_representative_09(re->coefficients[i0]); uint8_t bytes[24U]; libcrux_ml_kem_vector_avx2_serialize_12_ea(coefficient, bytes); Eurydice_slice uu____0 = Eurydice_array_to_subslice2( @@ -1206,7 +1222,7 @@ with const generics - K= 3 - OUT_LEN= 1152 */ -static KRML_MUSTINLINE void serialize_secret_key_5f1( +static KRML_MUSTINLINE void serialize_secret_key_171( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *key, uint8_t ret[1152U]) { uint8_t out[1152U] = {0U}; @@ -1224,7 +1240,7 @@ static KRML_MUSTINLINE void serialize_secret_key_5f1( (i0 + (size_t)1U) * LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT, uint8_t); uint8_t ret0[384U]; - serialize_uncompressed_ring_element_53(&re, ret0); + serialize_uncompressed_ring_element_a3(&re, ret0); Eurydice_slice_copy( uu____0, Eurydice_array_to_slice((size_t)384U, ret0, uint8_t), uint8_t); } @@ -1242,13 +1258,13 @@ with const generics - RANKED_BYTES_PER_RING_ELEMENT= 1152 - PUBLIC_KEY_SIZE= 1184 */ -static KRML_MUSTINLINE void serialize_public_key_mut_c21( +static KRML_MUSTINLINE void serialize_public_key_mut_341( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *t_as_ntt, Eurydice_slice seed_for_a, uint8_t *serialized) { Eurydice_slice uu____0 = Eurydice_array_to_subslice2(serialized, (size_t)0U, (size_t)1152U, uint8_t); uint8_t ret[1152U]; - serialize_secret_key_5f1(t_as_ntt, ret); + serialize_secret_key_171(t_as_ntt, ret); Eurydice_slice_copy( uu____0, Eurydice_array_to_slice((size_t)1152U, ret, uint8_t), uint8_t); Eurydice_slice_copy( @@ -1268,11 +1284,11 @@ with const generics - RANKED_BYTES_PER_RING_ELEMENT= 1152 - PUBLIC_KEY_SIZE= 1184 */ -static KRML_MUSTINLINE void serialize_public_key_021( +static KRML_MUSTINLINE void serialize_public_key_3b1( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *t_as_ntt, Eurydice_slice seed_for_a, uint8_t ret[1184U]) { uint8_t public_key_serialized[1184U] = {0U}; - serialize_public_key_mut_c21(t_as_ntt, seed_for_a, public_key_serialized); + serialize_public_key_mut_341(t_as_ntt, seed_for_a, public_key_serialized); memcpy(ret, public_key_serialized, (size_t)1184U * sizeof(uint8_t)); } @@ -1291,15 +1307,15 @@ with const generics - RANKED_BYTES_PER_RING_ELEMENT= 1152 - PUBLIC_KEY_SIZE= 1184 */ -bool libcrux_ml_kem_ind_cca_validate_public_key_051(uint8_t *public_key) { +bool libcrux_ml_kem_ind_cca_validate_public_key_fc1(uint8_t *public_key) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 deserialized_pk[3U]; - deserialize_ring_elements_reduced_out_661( + deserialize_ring_elements_reduced_out_611( Eurydice_array_to_subslice_to((size_t)1184U, public_key, (size_t)1152U, uint8_t, size_t), deserialized_pk); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *uu____0 = deserialized_pk; uint8_t public_key_serialized[1184U]; - serialize_public_key_021( + serialize_public_key_3b1( uu____0, Eurydice_array_to_subslice_from((size_t)1184U, public_key, (size_t)1152U, uint8_t, size_t), @@ -1336,7 +1352,7 @@ with const generics - SECRET_KEY_SIZE= 2400 - CIPHERTEXT_SIZE= 1088 */ -bool libcrux_ml_kem_ind_cca_validate_private_key_4d1( +bool libcrux_ml_kem_ind_cca_validate_private_key_2e1( libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *_ciphertext) { uint8_t t[32U]; @@ -1372,7 +1388,7 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - K= 3 */ -static IndCpaPrivateKeyUnpacked_a0 default_1a_191(void) { +static IndCpaPrivateKeyUnpacked_a0 default_1a_bf1(void) { IndCpaPrivateKeyUnpacked_a0 lit; lit.secret_as_ntt[0U] = ZERO_d6_7d(); lit.secret_as_ntt[1U] = ZERO_d6_7d(); @@ -1403,7 +1419,7 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - K= 3 */ -static IndCpaPublicKeyUnpacked_a0 default_8d_801(void) { +static IndCpaPublicKeyUnpacked_a0 default_8d_201(void) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 uu____0[3U]; KRML_MAYBE_FOR3(i, (size_t)0U, (size_t)3U, (size_t)1U, uu____0[i] = ZERO_d6_7d();); @@ -1448,7 +1464,7 @@ with types libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics - K= 3 */ -static KRML_MUSTINLINE void cpa_keygen_seed_d8_e11( +static KRML_MUSTINLINE void cpa_keygen_seed_d8_af1( Eurydice_slice key_generation_seed, uint8_t ret[64U]) { uint8_t seed[33U] = {0U}; Eurydice_slice_copy( @@ -1590,7 +1606,7 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - K= 3 - N= 504 */ -static KRML_MUSTINLINE bool sample_from_uniform_distribution_next_743( +static KRML_MUSTINLINE bool sample_from_uniform_distribution_next_b83( uint8_t randomness[3U][504U], size_t *sampled_coefficients, int16_t (*out)[272U]) { KRML_MAYBE_FOR3( @@ -1713,7 +1729,7 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - K= 3 - N= 168 */ -static KRML_MUSTINLINE bool sample_from_uniform_distribution_next_744( +static KRML_MUSTINLINE bool sample_from_uniform_distribution_next_b84( uint8_t randomness[3U][168U], size_t *sampled_coefficients, int16_t (*out)[272U]) { KRML_MAYBE_FOR3( @@ -1757,7 +1773,7 @@ with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -from_i16_array_d6_14(Eurydice_slice a) { +from_i16_array_d6_df(Eurydice_slice a) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 result = ZERO_d6_7d(); for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { @@ -1775,9 +1791,9 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector, libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics - K= 3 */ -static libcrux_ml_kem_polynomial_PolynomialRingElement_d2 closure_e41( +static libcrux_ml_kem_polynomial_PolynomialRingElement_d2 closure_f91( int16_t s[272U]) { - return from_i16_array_d6_14( + return from_i16_array_d6_df( Eurydice_array_to_subslice2(s, (size_t)0U, (size_t)256U, int16_t)); } @@ -1787,7 +1803,7 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector, libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics - K= 3 */ -static KRML_MUSTINLINE void sample_from_xof_671( +static KRML_MUSTINLINE void sample_from_xof_a31( uint8_t seeds[3U][34U], libcrux_ml_kem_polynomial_PolynomialRingElement_d2 ret[3U]) { size_t sampled_coefficients[3U] = {0U}; @@ -1802,7 +1818,7 @@ static KRML_MUSTINLINE void sample_from_xof_671( /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness0[3U][504U]; memcpy(copy_of_randomness0, randomness0, (size_t)3U * sizeof(uint8_t[504U])); - bool done = sample_from_uniform_distribution_next_743( + bool done = sample_from_uniform_distribution_next_b83( copy_of_randomness0, sampled_coefficients, out); while (true) { if (done) { @@ -1814,7 +1830,7 @@ static KRML_MUSTINLINE void sample_from_xof_671( uint8_t copy_of_randomness[3U][168U]; memcpy(copy_of_randomness, randomness, (size_t)3U * sizeof(uint8_t[168U])); - done = sample_from_uniform_distribution_next_744( + done = sample_from_uniform_distribution_next_b84( copy_of_randomness, sampled_coefficients, out); } } @@ -1823,7 +1839,7 @@ static KRML_MUSTINLINE void sample_from_xof_671( memcpy(copy_of_out, out, (size_t)3U * sizeof(int16_t[272U])); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 ret0[3U]; KRML_MAYBE_FOR3(i, (size_t)0U, (size_t)3U, (size_t)1U, - ret0[i] = closure_e41(copy_of_out[i]);); + ret0[i] = closure_f91(copy_of_out[i]);); memcpy( ret, ret0, (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); @@ -1835,7 +1851,7 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector, libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics - K= 3 */ -static KRML_MUSTINLINE void sample_matrix_A_341( +static KRML_MUSTINLINE void sample_matrix_A_8e1( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 (*A_transpose)[3U], uint8_t seed[34U], bool transpose) { KRML_MAYBE_FOR3( @@ -1852,7 +1868,7 @@ static KRML_MUSTINLINE void sample_matrix_A_341( uint8_t copy_of_seeds[3U][34U]; memcpy(copy_of_seeds, seeds, (size_t)3U * sizeof(uint8_t[34U])); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 sampled[3U]; - sample_from_xof_671(copy_of_seeds, sampled); + sample_from_xof_a31(copy_of_seeds, sampled); for (size_t i = (size_t)0U; i < Eurydice_slice_len( Eurydice_array_to_slice( @@ -1977,7 +1993,7 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -sample_from_binomial_distribution_2_ea(Eurydice_slice randomness) { +sample_from_binomial_distribution_2_43(Eurydice_slice randomness) { int16_t sampled_i16s[256U] = {0U}; for (size_t i0 = (size_t)0U; i0 < Eurydice_slice_len(randomness, uint8_t) / (size_t)4U; i0++) { @@ -2011,7 +2027,7 @@ sample_from_binomial_distribution_2_ea(Eurydice_slice randomness) { sampled_i16s[(size_t)8U * chunk_number + offset] = outcome_1 - outcome_2; } } - return from_i16_array_d6_14( + return from_i16_array_d6_df( Eurydice_array_to_slice((size_t)256U, sampled_i16s, int16_t)); } @@ -2022,7 +2038,7 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -sample_from_binomial_distribution_3_3c(Eurydice_slice randomness) { +sample_from_binomial_distribution_3_a0(Eurydice_slice randomness) { int16_t sampled_i16s[256U] = {0U}; for (size_t i0 = (size_t)0U; i0 < Eurydice_slice_len(randomness, uint8_t) / (size_t)3U; i0++) { @@ -2055,7 +2071,7 @@ sample_from_binomial_distribution_3_3c(Eurydice_slice randomness) { sampled_i16s[(size_t)4U * chunk_number + offset] = outcome_1 - outcome_2; } } - return from_i16_array_d6_14( + return from_i16_array_d6_df( Eurydice_array_to_slice((size_t)256U, sampled_i16s, int16_t)); } @@ -2066,8 +2082,8 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - ETA= 2 */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -sample_from_binomial_distribution_af(Eurydice_slice randomness) { - return sample_from_binomial_distribution_2_ea(randomness); +sample_from_binomial_distribution_29(Eurydice_slice randomness) { + return sample_from_binomial_distribution_2_43(randomness); } /** @@ -2076,7 +2092,7 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ -static KRML_MUSTINLINE void ntt_at_layer_7_ab( +static KRML_MUSTINLINE void ntt_at_layer_7_c8( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re) { size_t step = LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT / (size_t)2U; for (size_t i = (size_t)0U; i < step; i++) { @@ -2101,7 +2117,7 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ -static __m256i montgomery_multiply_fe_aa(__m256i v, int16_t fer) { +static __m256i montgomery_multiply_fe_71(__m256i v, int16_t fer) { return libcrux_ml_kem_vector_avx2_montgomery_multiply_by_constant_ea(v, fer); } @@ -2112,8 +2128,8 @@ with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_vector_avx2_SIMD256Vector_x2 -ntt_layer_int_vec_step_c2(__m256i a, __m256i b, int16_t zeta_r) { - __m256i t = montgomery_multiply_fe_aa(b, zeta_r); +ntt_layer_int_vec_step_24(__m256i a, __m256i b, int16_t zeta_r) { + __m256i t = montgomery_multiply_fe_71(b, zeta_r); b = libcrux_ml_kem_vector_avx2_sub_ea(a, &t); a = libcrux_ml_kem_vector_avx2_add_ea(a, &t); return (CLITERAL(libcrux_ml_kem_vector_avx2_SIMD256Vector_x2){.fst = a, @@ -2126,7 +2142,7 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ -static KRML_MUSTINLINE void ntt_at_layer_4_plus_b8( +static KRML_MUSTINLINE void ntt_at_layer_4_plus_48( size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re, size_t layer) { size_t step = (size_t)1U << (uint32_t)layer; @@ -2139,7 +2155,7 @@ static KRML_MUSTINLINE void ntt_at_layer_4_plus_b8( for (size_t i = offset_vec; i < offset_vec + step_vec; i++) { size_t j = i; libcrux_ml_kem_vector_avx2_SIMD256Vector_x2 uu____0 = - ntt_layer_int_vec_step_c2( + ntt_layer_int_vec_step_24( re->coefficients[j], re->coefficients[j + step_vec], libcrux_ml_kem_polynomial_ZETAS_TIMES_MONTGOMERY_R[zeta_i[0U]]); __m256i x = uu____0.fst; @@ -2156,7 +2172,7 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ -static KRML_MUSTINLINE void ntt_at_layer_3_5f( +static KRML_MUSTINLINE void ntt_at_layer_3_c0( size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re) { KRML_MAYBE_FOR16( i, (size_t)0U, (size_t)16U, (size_t)1U, size_t round = i; @@ -2172,7 +2188,7 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ -static KRML_MUSTINLINE void ntt_at_layer_2_c2( +static KRML_MUSTINLINE void ntt_at_layer_2_9a( size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re) { KRML_MAYBE_FOR16( i, (size_t)0U, (size_t)16U, (size_t)1U, size_t round = i; @@ -2191,7 +2207,7 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ -static KRML_MUSTINLINE void ntt_at_layer_1_60( +static KRML_MUSTINLINE void ntt_at_layer_1_03( size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re) { KRML_MAYBE_FOR16( i, (size_t)0U, (size_t)16U, (size_t)1U, size_t round = i; @@ -2219,7 +2235,7 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ -static KRML_MUSTINLINE void poly_barrett_reduce_d6_2b( +static KRML_MUSTINLINE void poly_barrett_reduce_d6_5c( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *self) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { @@ -2235,17 +2251,17 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ -static KRML_MUSTINLINE void ntt_binomially_sampled_ring_element_d5( +static KRML_MUSTINLINE void ntt_binomially_sampled_ring_element_7b( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re) { - ntt_at_layer_7_ab(re); + ntt_at_layer_7_c8(re); size_t zeta_i = (size_t)1U; - ntt_at_layer_4_plus_b8(&zeta_i, re, (size_t)6U); - ntt_at_layer_4_plus_b8(&zeta_i, re, (size_t)5U); - ntt_at_layer_4_plus_b8(&zeta_i, re, (size_t)4U); - ntt_at_layer_3_5f(&zeta_i, re); - ntt_at_layer_2_c2(&zeta_i, re); - ntt_at_layer_1_60(&zeta_i, re); - poly_barrett_reduce_d6_2b(re); + ntt_at_layer_4_plus_48(&zeta_i, re, (size_t)6U); + ntt_at_layer_4_plus_48(&zeta_i, re, (size_t)5U); + ntt_at_layer_4_plus_48(&zeta_i, re, (size_t)4U); + ntt_at_layer_3_c0(&zeta_i, re); + ntt_at_layer_2_9a(&zeta_i, re); + ntt_at_layer_1_03(&zeta_i, re); + poly_barrett_reduce_d6_5c(re); } /** @@ -2260,7 +2276,7 @@ libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics - ETA= 2 - ETA_RANDOMNESS_SIZE= 128 */ -static KRML_MUSTINLINE uint8_t sample_vector_cbd_then_ntt_ee1( +static KRML_MUSTINLINE uint8_t sample_vector_cbd_then_ntt_5f1( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re_as_ntt, uint8_t prf_input[33U], uint8_t domain_separator) { /* Passing arrays by value in Rust generates a copy in C */ @@ -2277,9 +2293,9 @@ static KRML_MUSTINLINE uint8_t sample_vector_cbd_then_ntt_ee1( PRFxN_a9_162(prf_inputs, prf_outputs); KRML_MAYBE_FOR3( i, (size_t)0U, (size_t)3U, (size_t)1U, size_t i0 = i; - re_as_ntt[i0] = sample_from_binomial_distribution_af( + re_as_ntt[i0] = sample_from_binomial_distribution_29( Eurydice_array_to_slice((size_t)128U, prf_outputs[i0], uint8_t)); - ntt_binomially_sampled_ring_element_d5(&re_as_ntt[i0]);); + ntt_binomially_sampled_ring_element_7b(&re_as_ntt[i0]);); return domain_separator; } @@ -2302,7 +2318,7 @@ libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics - ETA= 2 - ETA_RANDOMNESS_SIZE= 128 */ -static KRML_MUSTINLINE tuple_b0 sample_vector_cbd_then_ntt_out_7f1( +static KRML_MUSTINLINE tuple_b0 sample_vector_cbd_then_ntt_out_351( uint8_t prf_input[33U], uint8_t domain_separator) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 re_as_ntt[3U]; KRML_MAYBE_FOR3(i, (size_t)0U, (size_t)3U, (size_t)1U, @@ -2311,7 +2327,7 @@ static KRML_MUSTINLINE tuple_b0 sample_vector_cbd_then_ntt_out_7f1( uint8_t uu____1[33U]; memcpy(uu____1, prf_input, (size_t)33U * sizeof(uint8_t)); domain_separator = - sample_vector_cbd_then_ntt_ee1(uu____0, uu____1, domain_separator); + sample_vector_cbd_then_ntt_5f1(uu____0, uu____1, domain_separator); /* Passing arrays by value in Rust generates a copy in C */ libcrux_ml_kem_polynomial_PolynomialRingElement_d2 copy_of_re_as_ntt[3U]; memcpy( @@ -2364,7 +2380,7 @@ with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -ntt_multiply_d6_f1(libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *self, +ntt_multiply_d6_c4(libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *self, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *rhs) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 out = ZERO_d6_7d(); for (size_t i = (size_t)0U; @@ -2402,7 +2418,7 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - K= 3 */ -static KRML_MUSTINLINE void add_to_ring_element_d6_b81( +static KRML_MUSTINLINE void add_to_ring_element_d6_861( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *self, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *rhs) { for (size_t i = (size_t)0U; @@ -2422,7 +2438,7 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ -static __m256i to_standard_domain_bd(__m256i v) { +static __m256i to_standard_domain_ba(__m256i v) { return libcrux_ml_kem_vector_avx2_montgomery_multiply_by_constant_ea( v, LIBCRUX_ML_KEM_VECTOR_TRAITS_MONTGOMERY_R_SQUARED_MOD_FIELD_MODULUS); } @@ -2438,14 +2454,14 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ -static KRML_MUSTINLINE void add_standard_error_reduce_d6_a7( +static KRML_MUSTINLINE void add_standard_error_reduce_d6_4e( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *self, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *error) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { size_t j = i; __m256i coefficient_normal_form = - to_standard_domain_bd(self->coefficients[j]); + to_standard_domain_ba(self->coefficients[j]); self->coefficients[j] = libcrux_ml_kem_vector_avx2_barrett_reduce_ea( libcrux_ml_kem_vector_avx2_add_ea(coefficient_normal_form, &error->coefficients[j])); @@ -2461,7 +2477,7 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - K= 3 */ -static KRML_MUSTINLINE void compute_As_plus_e_a21( +static KRML_MUSTINLINE void compute_As_plus_e_911( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *t_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 (*matrix_A)[3U], libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *s_as_ntt, @@ -2488,10 +2504,10 @@ static KRML_MUSTINLINE void compute_As_plus_e_a21( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *matrix_element = &row[j]; libcrux_ml_kem_polynomial_PolynomialRingElement_d2 product = - ntt_multiply_d6_f1(matrix_element, &s_as_ntt[j]); - add_to_ring_element_d6_b81(&t_as_ntt[i0], &product); + ntt_multiply_d6_c4(matrix_element, &s_as_ntt[j]); + add_to_ring_element_d6_861(&t_as_ntt[i0], &product); } - add_standard_error_reduce_d6_a7(&t_as_ntt[i0], &error_as_ntt[i0]); + add_standard_error_reduce_d6_4e(&t_as_ntt[i0], &error_as_ntt[i0]); } } @@ -2545,12 +2561,12 @@ with const generics - ETA1= 2 - ETA1_RANDOMNESS_SIZE= 128 */ -static void generate_keypair_unpacked_811( +static void generate_keypair_unpacked_351( Eurydice_slice key_generation_seed, IndCpaPrivateKeyUnpacked_a0 *private_key, IndCpaPublicKeyUnpacked_a0 *public_key) { uint8_t hashed[64U]; - cpa_keygen_seed_d8_e11(key_generation_seed, hashed); + cpa_keygen_seed_d8_af1(key_generation_seed, hashed); Eurydice_slice_uint8_t_x2 uu____0 = Eurydice_slice_split_at( Eurydice_array_to_slice((size_t)64U, hashed, uint8_t), (size_t)32U, uint8_t, Eurydice_slice_uint8_t_x2); @@ -2560,7 +2576,7 @@ static void generate_keypair_unpacked_811( public_key->A; uint8_t ret[34U]; libcrux_ml_kem_utils_into_padded_array_422(seed_for_A, ret); - sample_matrix_A_341(uu____1, ret, true); + sample_matrix_A_8e1(uu____1, ret, true); uint8_t prf_input[33U]; libcrux_ml_kem_utils_into_padded_array_421(seed_for_secret_and_error, prf_input); @@ -2570,17 +2586,17 @@ static void generate_keypair_unpacked_811( uint8_t copy_of_prf_input0[33U]; memcpy(copy_of_prf_input0, prf_input, (size_t)33U * sizeof(uint8_t)); uint8_t domain_separator = - sample_vector_cbd_then_ntt_ee1(uu____2, copy_of_prf_input0, 0U); + sample_vector_cbd_then_ntt_5f1(uu____2, copy_of_prf_input0, 0U); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_prf_input[33U]; memcpy(copy_of_prf_input, prf_input, (size_t)33U * sizeof(uint8_t)); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 error_as_ntt[3U]; memcpy( error_as_ntt, - sample_vector_cbd_then_ntt_out_7f1(copy_of_prf_input, domain_separator) + sample_vector_cbd_then_ntt_out_351(copy_of_prf_input, domain_separator) .fst, (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); - compute_As_plus_e_a21(public_key->t_as_ntt, public_key->A, + compute_As_plus_e_911(public_key->t_as_ntt, public_key->A, private_key->secret_as_ntt, error_as_ntt); uint8_t uu____5[32U]; core_result_Result_00 dst; @@ -2601,18 +2617,18 @@ with const generics - ETA1= 2 - ETA1_RANDOMNESS_SIZE= 128 */ -static libcrux_ml_kem_utils_extraction_helper_Keypair768 generate_keypair_2f1( +static libcrux_ml_kem_utils_extraction_helper_Keypair768 generate_keypair_311( Eurydice_slice key_generation_seed) { - IndCpaPrivateKeyUnpacked_a0 private_key = default_1a_191(); - IndCpaPublicKeyUnpacked_a0 public_key = default_8d_801(); - generate_keypair_unpacked_811(key_generation_seed, &private_key, &public_key); + IndCpaPrivateKeyUnpacked_a0 private_key = default_1a_bf1(); + IndCpaPublicKeyUnpacked_a0 public_key = default_8d_201(); + generate_keypair_unpacked_351(key_generation_seed, &private_key, &public_key); uint8_t public_key_serialized[1184U]; - serialize_public_key_021( + serialize_public_key_3b1( public_key.t_as_ntt, Eurydice_array_to_slice((size_t)32U, public_key.seed_for_A, uint8_t), public_key_serialized); uint8_t secret_key_serialized[1152U]; - serialize_secret_key_5f1(private_key.secret_as_ntt, secret_key_serialized); + serialize_secret_key_171(private_key.secret_as_ntt, secret_key_serialized); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_secret_key_serialized[1152U]; memcpy(copy_of_secret_key_serialized, secret_key_serialized, @@ -2639,7 +2655,7 @@ with const generics - K= 3 - SERIALIZED_KEY_LEN= 2400 */ -static KRML_MUSTINLINE void serialize_kem_secret_key_0a1( +static KRML_MUSTINLINE void serialize_kem_secret_key_7a1( Eurydice_slice private_key, Eurydice_slice public_key, Eurydice_slice implicit_rejection_value, uint8_t ret[2400U]) { uint8_t out[2400U] = {0U}; @@ -2703,7 +2719,7 @@ with const generics - ETA1_RANDOMNESS_SIZE= 128 */ libcrux_ml_kem_mlkem768_MlKem768KeyPair -libcrux_ml_kem_ind_cca_generate_keypair_511(uint8_t randomness[64U]) { +libcrux_ml_kem_ind_cca_generate_keypair_cb1(uint8_t randomness[64U]) { Eurydice_slice ind_cpa_keypair_randomness = Eurydice_array_to_subslice2( randomness, (size_t)0U, LIBCRUX_ML_KEM_CONSTANTS_CPA_PKE_KEY_GENERATION_SEED_SIZE, uint8_t); @@ -2712,13 +2728,13 @@ libcrux_ml_kem_ind_cca_generate_keypair_511(uint8_t randomness[64U]) { LIBCRUX_ML_KEM_CONSTANTS_CPA_PKE_KEY_GENERATION_SEED_SIZE, uint8_t, size_t); libcrux_ml_kem_utils_extraction_helper_Keypair768 uu____0 = - generate_keypair_2f1(ind_cpa_keypair_randomness); + generate_keypair_311(ind_cpa_keypair_randomness); uint8_t ind_cpa_private_key[1152U]; memcpy(ind_cpa_private_key, uu____0.fst, (size_t)1152U * sizeof(uint8_t)); uint8_t public_key[1184U]; memcpy(public_key, uu____0.snd, (size_t)1184U * sizeof(uint8_t)); uint8_t secret_key_serialized[2400U]; - serialize_kem_secret_key_0a1( + serialize_kem_secret_key_7a1( Eurydice_array_to_slice((size_t)1152U, ind_cpa_private_key, uint8_t), Eurydice_array_to_slice((size_t)1184U, public_key, uint8_t), implicit_rejection_value, secret_key_serialized); @@ -2727,13 +2743,13 @@ libcrux_ml_kem_ind_cca_generate_keypair_511(uint8_t randomness[64U]) { memcpy(copy_of_secret_key_serialized, secret_key_serialized, (size_t)2400U * sizeof(uint8_t)); libcrux_ml_kem_types_MlKemPrivateKey_55 private_key = - libcrux_ml_kem_types_from_88_2d0(copy_of_secret_key_serialized); + libcrux_ml_kem_types_from_88_580(copy_of_secret_key_serialized); libcrux_ml_kem_types_MlKemPrivateKey_55 uu____2 = private_key; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_public_key[1184U]; memcpy(copy_of_public_key, public_key, (size_t)1184U * sizeof(uint8_t)); - return libcrux_ml_kem_types_from_17_8b0( - uu____2, libcrux_ml_kem_types_from_40_600(copy_of_public_key)); + return libcrux_ml_kem_types_from_17_dc0( + uu____2, libcrux_ml_kem_types_from_40_cb0(copy_of_public_key)); } /** @@ -2746,7 +2762,7 @@ with types libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics - K= 3 */ -static KRML_MUSTINLINE void entropy_preprocess_d8_961(Eurydice_slice randomness, +static KRML_MUSTINLINE void entropy_preprocess_d8_cd1(Eurydice_slice randomness, uint8_t ret[32U]) { uint8_t out[32U] = {0U}; Eurydice_slice_copy(Eurydice_array_to_slice((size_t)32U, out, uint8_t), @@ -2764,7 +2780,7 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - PUBLIC_KEY_SIZE= 1152 - K= 3 */ -static KRML_MUSTINLINE void deserialize_ring_elements_reduced_8c1( +static KRML_MUSTINLINE void deserialize_ring_elements_reduced_7d1( Eurydice_slice public_key, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *deserialized_pk) { for (size_t i = (size_t)0U; @@ -2778,7 +2794,7 @@ static KRML_MUSTINLINE void deserialize_ring_elements_reduced_8c1( LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT, uint8_t); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 uu____0 = - deserialize_to_reduced_ring_element_1b(ring_element); + deserialize_to_reduced_ring_element_a9(ring_element); deserialized_pk[i0] = uu____0; } } @@ -2795,7 +2811,7 @@ libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics - ETA2= 2 */ static KRML_MUSTINLINE tuple_b0 -sample_ring_element_cbd_c61(uint8_t prf_input[33U], uint8_t domain_separator) { +sample_ring_element_cbd_b21(uint8_t prf_input[33U], uint8_t domain_separator) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 error_1[3U]; KRML_MAYBE_FOR3(i, (size_t)0U, (size_t)3U, (size_t)1U, error_1[i] = ZERO_d6_7d();); @@ -2814,7 +2830,7 @@ sample_ring_element_cbd_c61(uint8_t prf_input[33U], uint8_t domain_separator) { KRML_MAYBE_FOR3( i, (size_t)0U, (size_t)3U, (size_t)1U, size_t i0 = i; libcrux_ml_kem_polynomial_PolynomialRingElement_d2 uu____1 = - sample_from_binomial_distribution_af( + sample_from_binomial_distribution_29( Eurydice_array_to_slice((size_t)128U, prf_outputs[i0], uint8_t)); error_1[i0] = uu____1;); /* Passing arrays by value in Rust generates a copy in C */ @@ -2863,7 +2879,7 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ -static KRML_MUSTINLINE void invert_ntt_at_layer_1_2b( +static KRML_MUSTINLINE void invert_ntt_at_layer_1_8c( size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re) { KRML_MAYBE_FOR16( i, (size_t)0U, (size_t)16U, (size_t)1U, size_t round = i; @@ -2887,7 +2903,7 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ -static KRML_MUSTINLINE void invert_ntt_at_layer_2_6a( +static KRML_MUSTINLINE void invert_ntt_at_layer_2_90( size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re) { KRML_MAYBE_FOR16( i, (size_t)0U, (size_t)16U, (size_t)1U, size_t round = i; @@ -2907,7 +2923,7 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ -static KRML_MUSTINLINE void invert_ntt_at_layer_3_ad( +static KRML_MUSTINLINE void invert_ntt_at_layer_3_b6( size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re) { KRML_MAYBE_FOR16( i, (size_t)0U, (size_t)16U, (size_t)1U, size_t round = i; @@ -2925,11 +2941,11 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_vector_avx2_SIMD256Vector_x2 -inv_ntt_layer_int_vec_step_reduce_63(__m256i a, __m256i b, int16_t zeta_r) { +inv_ntt_layer_int_vec_step_reduce_b2(__m256i a, __m256i b, int16_t zeta_r) { __m256i a_minus_b = libcrux_ml_kem_vector_avx2_sub_ea(b, &a); a = libcrux_ml_kem_vector_avx2_barrett_reduce_ea( libcrux_ml_kem_vector_avx2_add_ea(a, &b)); - b = montgomery_multiply_fe_aa(a_minus_b, zeta_r); + b = montgomery_multiply_fe_71(a_minus_b, zeta_r); return (CLITERAL(libcrux_ml_kem_vector_avx2_SIMD256Vector_x2){.fst = a, .snd = b}); } @@ -2940,7 +2956,7 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ -static KRML_MUSTINLINE void invert_ntt_at_layer_4_plus_8f( +static KRML_MUSTINLINE void invert_ntt_at_layer_4_plus_64( size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re, size_t layer) { size_t step = (size_t)1U << (uint32_t)layer; @@ -2955,7 +2971,7 @@ static KRML_MUSTINLINE void invert_ntt_at_layer_4_plus_8f( for (size_t i = offset_vec; i < offset_vec + step_vec; i++) { size_t j = i; libcrux_ml_kem_vector_avx2_SIMD256Vector_x2 uu____0 = - inv_ntt_layer_int_vec_step_reduce_63( + inv_ntt_layer_int_vec_step_reduce_b2( re->coefficients[j], re->coefficients[j + step_vec], libcrux_ml_kem_polynomial_ZETAS_TIMES_MONTGOMERY_R[zeta_i[0U]]); __m256i x = uu____0.fst; @@ -2972,18 +2988,18 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - K= 3 */ -static KRML_MUSTINLINE void invert_ntt_montgomery_191( +static KRML_MUSTINLINE void invert_ntt_montgomery_641( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re) { size_t zeta_i = LIBCRUX_ML_KEM_CONSTANTS_COEFFICIENTS_IN_RING_ELEMENT / (size_t)2U; - invert_ntt_at_layer_1_2b(&zeta_i, re); - invert_ntt_at_layer_2_6a(&zeta_i, re); - invert_ntt_at_layer_3_ad(&zeta_i, re); - invert_ntt_at_layer_4_plus_8f(&zeta_i, re, (size_t)4U); - invert_ntt_at_layer_4_plus_8f(&zeta_i, re, (size_t)5U); - invert_ntt_at_layer_4_plus_8f(&zeta_i, re, (size_t)6U); - invert_ntt_at_layer_4_plus_8f(&zeta_i, re, (size_t)7U); - poly_barrett_reduce_d6_2b(re); + invert_ntt_at_layer_1_8c(&zeta_i, re); + invert_ntt_at_layer_2_90(&zeta_i, re); + invert_ntt_at_layer_3_b6(&zeta_i, re); + invert_ntt_at_layer_4_plus_64(&zeta_i, re, (size_t)4U); + invert_ntt_at_layer_4_plus_64(&zeta_i, re, (size_t)5U); + invert_ntt_at_layer_4_plus_64(&zeta_i, re, (size_t)6U); + invert_ntt_at_layer_4_plus_64(&zeta_i, re, (size_t)7U); + poly_barrett_reduce_d6_5c(re); } /** @@ -2997,7 +3013,7 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ -static KRML_MUSTINLINE void add_error_reduce_d6_89( +static KRML_MUSTINLINE void add_error_reduce_d6_70( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *self, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *error) { for (size_t i = (size_t)0U; @@ -3021,7 +3037,7 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - K= 3 */ -static KRML_MUSTINLINE void compute_vector_u_ba1( +static KRML_MUSTINLINE void compute_vector_u_a21( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 (*a_as_ntt)[3U], libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *r_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *error_1, @@ -3048,11 +3064,11 @@ static KRML_MUSTINLINE void compute_vector_u_ba1( size_t j = i; libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *a_element = &row[j]; libcrux_ml_kem_polynomial_PolynomialRingElement_d2 product = - ntt_multiply_d6_f1(a_element, &r_as_ntt[j]); - add_to_ring_element_d6_b81(&result[i1], &product); + ntt_multiply_d6_c4(a_element, &r_as_ntt[j]); + add_to_ring_element_d6_861(&result[i1], &product); } - invert_ntt_montgomery_191(&result[i1]); - add_error_reduce_d6_89(&result[i1], &error_1[i1]); + invert_ntt_montgomery_641(&result[i1]); + add_error_reduce_d6_70(&result[i1], &error_1[i1]); } memcpy( ret, result, @@ -3065,7 +3081,7 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ -static __m256i decompress_1_f2(__m256i v) { +static __m256i decompress_1_5b(__m256i v) { return libcrux_ml_kem_vector_avx2_bitwise_and_with_constant_ea( libcrux_ml_kem_vector_avx2_sub_ea(libcrux_ml_kem_vector_avx2_ZERO_ea(), &v), @@ -3079,7 +3095,7 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -deserialize_then_decompress_message_ef(uint8_t serialized[32U]) { +deserialize_then_decompress_message_58(uint8_t serialized[32U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 re = ZERO_d6_7d(); KRML_MAYBE_FOR16( i, (size_t)0U, (size_t)16U, (size_t)1U, size_t i0 = i; @@ -3088,7 +3104,7 @@ deserialize_then_decompress_message_ef(uint8_t serialized[32U]) { Eurydice_array_to_subslice2(serialized, (size_t)2U * i0, (size_t)2U * i0 + (size_t)2U, uint8_t)); - re.coefficients[i0] = decompress_1_f2(coefficient_compressed);); + re.coefficients[i0] = decompress_1_5b(coefficient_compressed);); return re; } @@ -3104,7 +3120,7 @@ with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -add_message_error_reduce_d6_df( +add_message_error_reduce_d6_55( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *self, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *message, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 result) { @@ -3134,7 +3150,7 @@ with const generics - K= 3 */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -compute_ring_element_v_9f1( +compute_ring_element_v_7e1( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *t_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *r_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *error_2, @@ -3142,10 +3158,10 @@ compute_ring_element_v_9f1( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 result = ZERO_d6_7d(); KRML_MAYBE_FOR3(i, (size_t)0U, (size_t)3U, (size_t)1U, size_t i0 = i; libcrux_ml_kem_polynomial_PolynomialRingElement_d2 product = - ntt_multiply_d6_f1(&t_as_ntt[i0], &r_as_ntt[i0]); - add_to_ring_element_d6_b81(&result, &product);); - invert_ntt_montgomery_191(&result); - result = add_message_error_reduce_d6_df(error_2, message, result); + ntt_multiply_d6_c4(&t_as_ntt[i0], &r_as_ntt[i0]); + add_to_ring_element_d6_861(&result, &product);); + invert_ntt_montgomery_641(&result); + result = add_message_error_reduce_d6_55(error_2, message, result); return result; } @@ -3156,7 +3172,7 @@ generics - COEFFICIENT_BITS= 10 */ static KRML_MUSTINLINE __m256i -compress_ciphertext_coefficient_43(__m256i vector) { +compress_ciphertext_coefficient_21(__m256i vector) { __m256i field_modulus_halved = mm256_set1_epi32( ((int32_t)LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_MODULUS - (int32_t)1) / (int32_t)2); @@ -3203,8 +3219,8 @@ A monomorphic instance of libcrux_ml_kem.vector.avx2.compress_ea with const generics - COEFFICIENT_BITS= 10 */ -static __m256i compress_ea_ab(__m256i vector) { - return compress_ciphertext_coefficient_43(vector); +static __m256i compress_ea_8f(__m256i vector) { + return compress_ciphertext_coefficient_21(vector); } /** @@ -3213,14 +3229,14 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - OUT_LEN= 320 */ -static KRML_MUSTINLINE void compress_then_serialize_10_190( +static KRML_MUSTINLINE void compress_then_serialize_10_8c0( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re, uint8_t ret[320U]) { uint8_t serialized[320U] = {0U}; for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { size_t i0 = i; __m256i coefficient = - compress_ea_ab(to_unsigned_representative_c0(re->coefficients[i0])); + compress_ea_8f(to_unsigned_representative_09(re->coefficients[i0])); uint8_t bytes[20U]; libcrux_ml_kem_vector_avx2_serialize_10_ea(coefficient, bytes); Eurydice_slice uu____0 = Eurydice_array_to_subslice2( @@ -3238,7 +3254,7 @@ generics - COEFFICIENT_BITS= 11 */ static KRML_MUSTINLINE __m256i -compress_ciphertext_coefficient_430(__m256i vector) { +compress_ciphertext_coefficient_210(__m256i vector) { __m256i field_modulus_halved = mm256_set1_epi32( ((int32_t)LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_MODULUS - (int32_t)1) / (int32_t)2); @@ -3285,8 +3301,8 @@ A monomorphic instance of libcrux_ml_kem.vector.avx2.compress_ea with const generics - COEFFICIENT_BITS= 11 */ -static __m256i compress_ea_ab0(__m256i vector) { - return compress_ciphertext_coefficient_430(vector); +static __m256i compress_ea_8f0(__m256i vector) { + return compress_ciphertext_coefficient_210(vector); } /** @@ -3296,10 +3312,10 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - COMPRESSION_FACTOR= 10 - OUT_LEN= 320 */ -static KRML_MUSTINLINE void compress_then_serialize_ring_element_u_880( +static KRML_MUSTINLINE void compress_then_serialize_ring_element_u_3f0( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re, uint8_t ret[320U]) { uint8_t uu____0[320U]; - compress_then_serialize_10_190(re, uu____0); + compress_then_serialize_10_8c0(re, uu____0); memcpy(ret, uu____0, (size_t)320U * sizeof(uint8_t)); } @@ -3315,7 +3331,7 @@ with const generics - COMPRESSION_FACTOR= 10 - BLOCK_LEN= 320 */ -static void compress_then_serialize_u_0b1( +static void compress_then_serialize_u_591( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 input[3U], Eurydice_slice out) { for (size_t i = (size_t)0U; @@ -3331,7 +3347,7 @@ static void compress_then_serialize_u_0b1( out, i0 * ((size_t)960U / (size_t)3U), (i0 + (size_t)1U) * ((size_t)960U / (size_t)3U), uint8_t); uint8_t ret[320U]; - compress_then_serialize_ring_element_u_880(&re, ret); + compress_then_serialize_ring_element_u_3f0(&re, ret); Eurydice_slice_copy( uu____0, Eurydice_array_to_slice((size_t)320U, ret, uint8_t), uint8_t); } @@ -3344,7 +3360,7 @@ generics - COEFFICIENT_BITS= 4 */ static KRML_MUSTINLINE __m256i -compress_ciphertext_coefficient_431(__m256i vector) { +compress_ciphertext_coefficient_211(__m256i vector) { __m256i field_modulus_halved = mm256_set1_epi32( ((int32_t)LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_MODULUS - (int32_t)1) / (int32_t)2); @@ -3391,8 +3407,8 @@ A monomorphic instance of libcrux_ml_kem.vector.avx2.compress_ea with const generics - COEFFICIENT_BITS= 4 */ -static __m256i compress_ea_ab1(__m256i vector) { - return compress_ciphertext_coefficient_431(vector); +static __m256i compress_ea_8f1(__m256i vector) { + return compress_ciphertext_coefficient_211(vector); } /** @@ -3401,14 +3417,14 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ -static KRML_MUSTINLINE void compress_then_serialize_4_f5( +static KRML_MUSTINLINE void compress_then_serialize_4_1c( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 re, Eurydice_slice serialized) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { size_t i0 = i; __m256i coefficient = - compress_ea_ab1(to_unsigned_representative_c0(re.coefficients[i0])); + compress_ea_8f1(to_unsigned_representative_09(re.coefficients[i0])); uint8_t bytes[8U]; libcrux_ml_kem_vector_avx2_serialize_4_ea(coefficient, bytes); Eurydice_slice_copy( @@ -3425,7 +3441,7 @@ generics - COEFFICIENT_BITS= 5 */ static KRML_MUSTINLINE __m256i -compress_ciphertext_coefficient_432(__m256i vector) { +compress_ciphertext_coefficient_212(__m256i vector) { __m256i field_modulus_halved = mm256_set1_epi32( ((int32_t)LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_MODULUS - (int32_t)1) / (int32_t)2); @@ -3472,8 +3488,8 @@ A monomorphic instance of libcrux_ml_kem.vector.avx2.compress_ea with const generics - COEFFICIENT_BITS= 5 */ -static __m256i compress_ea_ab2(__m256i vector) { - return compress_ciphertext_coefficient_432(vector); +static __m256i compress_ea_8f2(__m256i vector) { + return compress_ciphertext_coefficient_212(vector); } /** @@ -3482,14 +3498,14 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ -static KRML_MUSTINLINE void compress_then_serialize_5_a4( +static KRML_MUSTINLINE void compress_then_serialize_5_60( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 re, Eurydice_slice serialized) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { size_t i0 = i; __m256i coefficients = - compress_ea_ab2(to_unsigned_representative_c0(re.coefficients[i0])); + compress_ea_8f2(to_unsigned_representative_09(re.coefficients[i0])); uint8_t bytes[10U]; libcrux_ml_kem_vector_avx2_serialize_5_ea(coefficients, bytes); Eurydice_slice_copy( @@ -3506,9 +3522,9 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - COMPRESSION_FACTOR= 4 - OUT_LEN= 128 */ -static KRML_MUSTINLINE void compress_then_serialize_ring_element_v_f30( +static KRML_MUSTINLINE void compress_then_serialize_ring_element_v_b00( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 re, Eurydice_slice out) { - compress_then_serialize_4_f5(re, out); + compress_then_serialize_4_1c(re, out); } /** @@ -3569,7 +3585,7 @@ libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -static void encrypt_unpacked_be1(IndCpaPublicKeyUnpacked_a0 *public_key, +static void encrypt_unpacked_9c1(IndCpaPublicKeyUnpacked_a0 *public_key, uint8_t message[32U], Eurydice_slice randomness, uint8_t ret[1088U]) { @@ -3578,7 +3594,7 @@ static void encrypt_unpacked_be1(IndCpaPublicKeyUnpacked_a0 *public_key, /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_prf_input0[33U]; memcpy(copy_of_prf_input0, prf_input, (size_t)33U * sizeof(uint8_t)); - tuple_b0 uu____1 = sample_vector_cbd_then_ntt_out_7f1(copy_of_prf_input0, 0U); + tuple_b0 uu____1 = sample_vector_cbd_then_ntt_out_351(copy_of_prf_input0, 0U); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 r_as_ntt[3U]; memcpy( r_as_ntt, uu____1.fst, @@ -3588,7 +3604,7 @@ static void encrypt_unpacked_be1(IndCpaPublicKeyUnpacked_a0 *public_key, uint8_t copy_of_prf_input[33U]; memcpy(copy_of_prf_input, prf_input, (size_t)33U * sizeof(uint8_t)); tuple_b0 uu____3 = - sample_ring_element_cbd_c61(copy_of_prf_input, domain_separator0); + sample_ring_element_cbd_b21(copy_of_prf_input, domain_separator0); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 error_1[3U]; memcpy( error_1, uu____3.fst, @@ -3599,28 +3615,28 @@ static void encrypt_unpacked_be1(IndCpaPublicKeyUnpacked_a0 *public_key, PRF_a9_424(Eurydice_array_to_slice((size_t)33U, prf_input, uint8_t), prf_output); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 error_2 = - sample_from_binomial_distribution_af( + sample_from_binomial_distribution_29( Eurydice_array_to_slice((size_t)128U, prf_output, uint8_t)); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 u[3U]; - compute_vector_u_ba1(public_key->A, r_as_ntt, error_1, u); + compute_vector_u_a21(public_key->A, r_as_ntt, error_1, u); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_message[32U]; memcpy(copy_of_message, message, (size_t)32U * sizeof(uint8_t)); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 message_as_ring_element = - deserialize_then_decompress_message_ef(copy_of_message); + deserialize_then_decompress_message_58(copy_of_message); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 v = - compute_ring_element_v_9f1(public_key->t_as_ntt, r_as_ntt, &error_2, + compute_ring_element_v_7e1(public_key->t_as_ntt, r_as_ntt, &error_2, &message_as_ring_element); uint8_t ciphertext[1088U] = {0U}; libcrux_ml_kem_polynomial_PolynomialRingElement_d2 uu____5[3U]; memcpy( uu____5, u, (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); - compress_then_serialize_u_0b1( + compress_then_serialize_u_591( uu____5, Eurydice_array_to_subslice2(ciphertext, (size_t)0U, (size_t)960U, uint8_t)); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 uu____6 = v; - compress_then_serialize_ring_element_v_f30( + compress_then_serialize_ring_element_v_b00( uu____6, Eurydice_array_to_subslice_from((size_t)1088U, ciphertext, (size_t)960U, uint8_t, size_t)); memcpy(ret, ciphertext, (size_t)1088U * sizeof(uint8_t)); @@ -3643,10 +3659,10 @@ libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -static void encrypt_a41(Eurydice_slice public_key, uint8_t message[32U], +static void encrypt_781(Eurydice_slice public_key, uint8_t message[32U], Eurydice_slice randomness, uint8_t ret[1088U]) { - IndCpaPublicKeyUnpacked_a0 unpacked_public_key = default_8d_801(); - deserialize_ring_elements_reduced_8c1( + IndCpaPublicKeyUnpacked_a0 unpacked_public_key = default_8d_201(); + deserialize_ring_elements_reduced_7d1( Eurydice_slice_subslice_to(public_key, (size_t)1152U, uint8_t, size_t), unpacked_public_key.t_as_ntt); Eurydice_slice seed = @@ -3655,13 +3671,13 @@ static void encrypt_a41(Eurydice_slice public_key, uint8_t message[32U], unpacked_public_key.A; uint8_t ret0[34U]; libcrux_ml_kem_utils_into_padded_array_422(seed, ret0); - sample_matrix_A_341(uu____0, ret0, false); + sample_matrix_A_8e1(uu____0, ret0, false); IndCpaPublicKeyUnpacked_a0 *uu____1 = &unpacked_public_key; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_message[32U]; memcpy(copy_of_message, message, (size_t)32U * sizeof(uint8_t)); uint8_t ret1[1088U]; - encrypt_unpacked_be1(uu____1, copy_of_message, randomness, ret1); + encrypt_unpacked_9c1(uu____1, copy_of_message, randomness, ret1); memcpy(ret, ret1, (size_t)1088U * sizeof(uint8_t)); } @@ -3676,7 +3692,7 @@ with const generics - K= 3 - CIPHERTEXT_SIZE= 1088 */ -static KRML_MUSTINLINE void kdf_d8_e91(Eurydice_slice shared_secret, +static KRML_MUSTINLINE void kdf_d8_481(Eurydice_slice shared_secret, uint8_t ret[32U]) { uint8_t out[32U] = {0U}; Eurydice_slice_copy(Eurydice_array_to_slice((size_t)32U, out, uint8_t), @@ -3703,11 +3719,11 @@ with const generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -tuple_3c libcrux_ml_kem_ind_cca_encapsulate_9c1( +tuple_3c libcrux_ml_kem_ind_cca_encapsulate_271( libcrux_ml_kem_types_MlKemPublicKey_15 *public_key, uint8_t randomness[32U]) { uint8_t randomness0[32U]; - entropy_preprocess_d8_961( + entropy_preprocess_d8_cd1( Eurydice_array_to_slice((size_t)32U, randomness, uint8_t), randomness0); uint8_t to_hash[64U]; libcrux_ml_kem_utils_into_padded_array_42( @@ -3717,7 +3733,7 @@ tuple_3c libcrux_ml_kem_ind_cca_encapsulate_9c1( size_t); uint8_t ret[32U]; H_a9_161(Eurydice_array_to_slice( - (size_t)1184U, libcrux_ml_kem_types_as_slice_ba_121(public_key), + (size_t)1184U, libcrux_ml_kem_types_as_slice_ba_661(public_key), uint8_t), ret); Eurydice_slice_copy( @@ -3731,19 +3747,19 @@ tuple_3c libcrux_ml_kem_ind_cca_encapsulate_9c1( Eurydice_slice shared_secret = uu____1.fst; Eurydice_slice pseudorandomness = uu____1.snd; Eurydice_slice uu____2 = Eurydice_array_to_slice( - (size_t)1184U, libcrux_ml_kem_types_as_slice_ba_121(public_key), uint8_t); + (size_t)1184U, libcrux_ml_kem_types_as_slice_ba_661(public_key), uint8_t); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness0, (size_t)32U * sizeof(uint8_t)); uint8_t ciphertext[1088U]; - encrypt_a41(uu____2, copy_of_randomness, pseudorandomness, ciphertext); + encrypt_781(uu____2, copy_of_randomness, pseudorandomness, ciphertext); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_ciphertext[1088U]; memcpy(copy_of_ciphertext, ciphertext, (size_t)1088U * sizeof(uint8_t)); libcrux_ml_kem_mlkem768_MlKem768Ciphertext ciphertext0 = - libcrux_ml_kem_types_from_fc_361(copy_of_ciphertext); + libcrux_ml_kem_types_from_fc_0e1(copy_of_ciphertext); uint8_t shared_secret_array[32U]; - kdf_d8_e91(shared_secret, shared_secret_array); + kdf_d8_481(shared_secret, shared_secret_array); libcrux_ml_kem_mlkem768_MlKem768Ciphertext uu____5 = ciphertext0; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_shared_secret_array[32U]; @@ -3762,7 +3778,7 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -deserialize_to_uncompressed_ring_element_71(Eurydice_slice serialized) { +deserialize_to_uncompressed_ring_element_ff(Eurydice_slice serialized) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 re = ZERO_d6_7d(); for (size_t i = (size_t)0U; i < Eurydice_slice_len(serialized, uint8_t) / (size_t)24U; i++) { @@ -3783,7 +3799,7 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - K= 3 */ -static KRML_MUSTINLINE void deserialize_secret_key_c51( +static KRML_MUSTINLINE void deserialize_secret_key_ee1( Eurydice_slice secret_key, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 ret[3U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 secret_as_ntt[3U]; @@ -3800,7 +3816,7 @@ static KRML_MUSTINLINE void deserialize_secret_key_c51( LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT, uint8_t); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 uu____0 = - deserialize_to_uncompressed_ring_element_71(secret_bytes); + deserialize_to_uncompressed_ring_element_ff(secret_bytes); secret_as_ntt[i0] = uu____0; } memcpy( @@ -3815,7 +3831,7 @@ generics - COEFFICIENT_BITS= 10 */ static KRML_MUSTINLINE __m256i -decompress_ciphertext_coefficient_87(__m256i vector) { +decompress_ciphertext_coefficient_7d(__m256i vector) { __m256i field_modulus = mm256_set1_epi32((int32_t)LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_MODULUS); __m256i two_pow_coefficient_bits = @@ -3859,8 +3875,8 @@ libcrux_ml_kem.vector.avx2.decompress_ciphertext_coefficient_ea with const generics - COEFFICIENT_BITS= 10 */ -static __m256i decompress_ciphertext_coefficient_ea_2e(__m256i vector) { - return decompress_ciphertext_coefficient_87(vector); +static __m256i decompress_ciphertext_coefficient_ea_64(__m256i vector) { + return decompress_ciphertext_coefficient_7d(vector); } /** @@ -3870,7 +3886,7 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -deserialize_then_decompress_10_5f(Eurydice_slice serialized) { +deserialize_then_decompress_10_4e(Eurydice_slice serialized) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 re = ZERO_d6_7d(); for (size_t i = (size_t)0U; i < Eurydice_slice_len(serialized, uint8_t) / (size_t)20U; i++) { @@ -3878,7 +3894,7 @@ deserialize_then_decompress_10_5f(Eurydice_slice serialized) { Eurydice_slice bytes = Eurydice_slice_subslice2( serialized, i0 * (size_t)20U, i0 * (size_t)20U + (size_t)20U, uint8_t); __m256i coefficient = libcrux_ml_kem_vector_avx2_deserialize_10_ea(bytes); - re.coefficients[i0] = decompress_ciphertext_coefficient_ea_2e(coefficient); + re.coefficients[i0] = decompress_ciphertext_coefficient_ea_64(coefficient); } return re; } @@ -3890,7 +3906,7 @@ generics - COEFFICIENT_BITS= 11 */ static KRML_MUSTINLINE __m256i -decompress_ciphertext_coefficient_870(__m256i vector) { +decompress_ciphertext_coefficient_7d0(__m256i vector) { __m256i field_modulus = mm256_set1_epi32((int32_t)LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_MODULUS); __m256i two_pow_coefficient_bits = @@ -3934,8 +3950,8 @@ libcrux_ml_kem.vector.avx2.decompress_ciphertext_coefficient_ea with const generics - COEFFICIENT_BITS= 11 */ -static __m256i decompress_ciphertext_coefficient_ea_2e0(__m256i vector) { - return decompress_ciphertext_coefficient_870(vector); +static __m256i decompress_ciphertext_coefficient_ea_640(__m256i vector) { + return decompress_ciphertext_coefficient_7d0(vector); } /** @@ -3945,7 +3961,7 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -deserialize_then_decompress_11_9a(Eurydice_slice serialized) { +deserialize_then_decompress_11_2e(Eurydice_slice serialized) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 re = ZERO_d6_7d(); for (size_t i = (size_t)0U; i < Eurydice_slice_len(serialized, uint8_t) / (size_t)22U; i++) { @@ -3953,7 +3969,7 @@ deserialize_then_decompress_11_9a(Eurydice_slice serialized) { Eurydice_slice bytes = Eurydice_slice_subslice2( serialized, i0 * (size_t)22U, i0 * (size_t)22U + (size_t)22U, uint8_t); __m256i coefficient = libcrux_ml_kem_vector_avx2_deserialize_11_ea(bytes); - re.coefficients[i0] = decompress_ciphertext_coefficient_ea_2e0(coefficient); + re.coefficients[i0] = decompress_ciphertext_coefficient_ea_640(coefficient); } return re; } @@ -3965,8 +3981,8 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - COMPRESSION_FACTOR= 10 */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -deserialize_then_decompress_ring_element_u_f90(Eurydice_slice serialized) { - return deserialize_then_decompress_10_5f(serialized); +deserialize_then_decompress_ring_element_u_740(Eurydice_slice serialized) { + return deserialize_then_decompress_10_4e(serialized); } /** @@ -3975,17 +3991,17 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - VECTOR_U_COMPRESSION_FACTOR= 10 */ -static KRML_MUSTINLINE void ntt_vector_u_9b0( +static KRML_MUSTINLINE void ntt_vector_u_4c0( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re) { size_t zeta_i = (size_t)0U; - ntt_at_layer_4_plus_b8(&zeta_i, re, (size_t)7U); - ntt_at_layer_4_plus_b8(&zeta_i, re, (size_t)6U); - ntt_at_layer_4_plus_b8(&zeta_i, re, (size_t)5U); - ntt_at_layer_4_plus_b8(&zeta_i, re, (size_t)4U); - ntt_at_layer_3_5f(&zeta_i, re); - ntt_at_layer_2_c2(&zeta_i, re); - ntt_at_layer_1_60(&zeta_i, re); - poly_barrett_reduce_d6_2b(re); + ntt_at_layer_4_plus_48(&zeta_i, re, (size_t)7U); + ntt_at_layer_4_plus_48(&zeta_i, re, (size_t)6U); + ntt_at_layer_4_plus_48(&zeta_i, re, (size_t)5U); + ntt_at_layer_4_plus_48(&zeta_i, re, (size_t)4U); + ntt_at_layer_3_c0(&zeta_i, re); + ntt_at_layer_2_9a(&zeta_i, re); + ntt_at_layer_1_03(&zeta_i, re); + poly_barrett_reduce_d6_5c(re); } /** @@ -4000,7 +4016,7 @@ with const generics - CIPHERTEXT_SIZE= 1088 - U_COMPRESSION_FACTOR= 10 */ -static KRML_MUSTINLINE void deserialize_then_decompress_u_9d1( +static KRML_MUSTINLINE void deserialize_then_decompress_u_021( uint8_t *ciphertext, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 ret[3U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 u_as_ntt[3U]; @@ -4023,8 +4039,8 @@ static KRML_MUSTINLINE void deserialize_then_decompress_u_9d1( LIBCRUX_ML_KEM_CONSTANTS_COEFFICIENTS_IN_RING_ELEMENT * (size_t)10U / (size_t)8U, uint8_t); - u_as_ntt[i0] = deserialize_then_decompress_ring_element_u_f90(u_bytes); - ntt_vector_u_9b0(&u_as_ntt[i0]); + u_as_ntt[i0] = deserialize_then_decompress_ring_element_u_740(u_bytes); + ntt_vector_u_4c0(&u_as_ntt[i0]); } memcpy( ret, u_as_ntt, @@ -4038,7 +4054,7 @@ generics - COEFFICIENT_BITS= 4 */ static KRML_MUSTINLINE __m256i -decompress_ciphertext_coefficient_871(__m256i vector) { +decompress_ciphertext_coefficient_7d1(__m256i vector) { __m256i field_modulus = mm256_set1_epi32((int32_t)LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_MODULUS); __m256i two_pow_coefficient_bits = @@ -4082,8 +4098,8 @@ libcrux_ml_kem.vector.avx2.decompress_ciphertext_coefficient_ea with const generics - COEFFICIENT_BITS= 4 */ -static __m256i decompress_ciphertext_coefficient_ea_2e1(__m256i vector) { - return decompress_ciphertext_coefficient_871(vector); +static __m256i decompress_ciphertext_coefficient_ea_641(__m256i vector) { + return decompress_ciphertext_coefficient_7d1(vector); } /** @@ -4093,7 +4109,7 @@ with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -deserialize_then_decompress_4_8d(Eurydice_slice serialized) { +deserialize_then_decompress_4_f7(Eurydice_slice serialized) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 re = ZERO_d6_7d(); for (size_t i = (size_t)0U; i < Eurydice_slice_len(serialized, uint8_t) / (size_t)8U; i++) { @@ -4101,7 +4117,7 @@ deserialize_then_decompress_4_8d(Eurydice_slice serialized) { Eurydice_slice bytes = Eurydice_slice_subslice2( serialized, i0 * (size_t)8U, i0 * (size_t)8U + (size_t)8U, uint8_t); __m256i coefficient = libcrux_ml_kem_vector_avx2_deserialize_4_ea(bytes); - re.coefficients[i0] = decompress_ciphertext_coefficient_ea_2e1(coefficient); + re.coefficients[i0] = decompress_ciphertext_coefficient_ea_641(coefficient); } return re; } @@ -4113,7 +4129,7 @@ generics - COEFFICIENT_BITS= 5 */ static KRML_MUSTINLINE __m256i -decompress_ciphertext_coefficient_872(__m256i vector) { +decompress_ciphertext_coefficient_7d2(__m256i vector) { __m256i field_modulus = mm256_set1_epi32((int32_t)LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_MODULUS); __m256i two_pow_coefficient_bits = @@ -4157,8 +4173,8 @@ libcrux_ml_kem.vector.avx2.decompress_ciphertext_coefficient_ea with const generics - COEFFICIENT_BITS= 5 */ -static __m256i decompress_ciphertext_coefficient_ea_2e2(__m256i vector) { - return decompress_ciphertext_coefficient_872(vector); +static __m256i decompress_ciphertext_coefficient_ea_642(__m256i vector) { + return decompress_ciphertext_coefficient_7d2(vector); } /** @@ -4168,7 +4184,7 @@ with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -deserialize_then_decompress_5_c1(Eurydice_slice serialized) { +deserialize_then_decompress_5_56(Eurydice_slice serialized) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 re = ZERO_d6_7d(); for (size_t i = (size_t)0U; i < Eurydice_slice_len(serialized, uint8_t) / (size_t)10U; i++) { @@ -4177,7 +4193,7 @@ deserialize_then_decompress_5_c1(Eurydice_slice serialized) { serialized, i0 * (size_t)10U, i0 * (size_t)10U + (size_t)10U, uint8_t); re.coefficients[i0] = libcrux_ml_kem_vector_avx2_deserialize_5_ea(bytes); re.coefficients[i0] = - decompress_ciphertext_coefficient_ea_2e2(re.coefficients[i0]); + decompress_ciphertext_coefficient_ea_642(re.coefficients[i0]); } return re; } @@ -4189,8 +4205,8 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - COMPRESSION_FACTOR= 4 */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -deserialize_then_decompress_ring_element_v_590(Eurydice_slice serialized) { - return deserialize_then_decompress_4_8d(serialized); +deserialize_then_decompress_ring_element_v_ac0(Eurydice_slice serialized) { + return deserialize_then_decompress_4_f7(serialized); } /** @@ -4205,7 +4221,7 @@ with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -subtract_reduce_d6_4a(libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *self, +subtract_reduce_d6_8a(libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *self, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 b) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { @@ -4233,17 +4249,17 @@ with const generics - K= 3 */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -compute_message_6a1( +compute_message_311( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *v, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *secret_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *u_as_ntt) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 result = ZERO_d6_7d(); KRML_MAYBE_FOR3(i, (size_t)0U, (size_t)3U, (size_t)1U, size_t i0 = i; libcrux_ml_kem_polynomial_PolynomialRingElement_d2 product = - ntt_multiply_d6_f1(&secret_as_ntt[i0], &u_as_ntt[i0]); - add_to_ring_element_d6_b81(&result, &product);); - invert_ntt_montgomery_191(&result); - result = subtract_reduce_d6_4a(v, result); + ntt_multiply_d6_c4(&secret_as_ntt[i0], &u_as_ntt[i0]); + add_to_ring_element_d6_861(&result, &product);); + invert_ntt_montgomery_641(&result); + result = subtract_reduce_d6_8a(v, result); return result; } @@ -4253,12 +4269,12 @@ libcrux_ml_kem.serialize.compress_then_serialize_message with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ -static KRML_MUSTINLINE void compress_then_serialize_message_53( +static KRML_MUSTINLINE void compress_then_serialize_message_34( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 re, uint8_t ret[32U]) { uint8_t serialized[32U] = {0U}; KRML_MAYBE_FOR16( i, (size_t)0U, (size_t)16U, (size_t)1U, size_t i0 = i; - __m256i coefficient = to_unsigned_representative_c0(re.coefficients[i0]); + __m256i coefficient = to_unsigned_representative_09(re.coefficients[i0]); __m256i coefficient_compressed = libcrux_ml_kem_vector_avx2_compress_1_ea(coefficient); uint8_t bytes[2U]; @@ -4305,18 +4321,18 @@ with const generics - U_COMPRESSION_FACTOR= 10 - V_COMPRESSION_FACTOR= 4 */ -static void decrypt_unpacked_671(IndCpaPrivateKeyUnpacked_a0 *secret_key, +static void decrypt_unpacked_d21(IndCpaPrivateKeyUnpacked_a0 *secret_key, uint8_t *ciphertext, uint8_t ret[32U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 u_as_ntt[3U]; - deserialize_then_decompress_u_9d1(ciphertext, u_as_ntt); + deserialize_then_decompress_u_021(ciphertext, u_as_ntt); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 v = - deserialize_then_decompress_ring_element_v_590( + deserialize_then_decompress_ring_element_v_ac0( Eurydice_array_to_subslice_from((size_t)1088U, ciphertext, (size_t)960U, uint8_t, size_t)); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 message = - compute_message_6a1(&v, secret_key->secret_as_ntt, u_as_ntt); + compute_message_311(&v, secret_key->secret_as_ntt, u_as_ntt); uint8_t ret0[32U]; - compress_then_serialize_message_53(message, ret0); + compress_then_serialize_message_34(message, ret0); memcpy(ret, ret0, (size_t)32U * sizeof(uint8_t)); } @@ -4330,10 +4346,10 @@ with const generics - U_COMPRESSION_FACTOR= 10 - V_COMPRESSION_FACTOR= 4 */ -static void decrypt_3d1(Eurydice_slice secret_key, uint8_t *ciphertext, +static void decrypt_611(Eurydice_slice secret_key, uint8_t *ciphertext, uint8_t ret[32U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 secret_as_ntt[3U]; - deserialize_secret_key_c51(secret_key, secret_as_ntt); + deserialize_secret_key_ee1(secret_key, secret_as_ntt); /* Passing arrays by value in Rust generates a copy in C */ libcrux_ml_kem_polynomial_PolynomialRingElement_d2 copy_of_secret_as_ntt[3U]; memcpy( @@ -4344,7 +4360,7 @@ static void decrypt_3d1(Eurydice_slice secret_key, uint8_t *ciphertext, secret_key_unpacked.secret_as_ntt, copy_of_secret_as_ntt, (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); uint8_t ret0[32U]; - decrypt_unpacked_671(&secret_key_unpacked, ciphertext, ret0); + decrypt_unpacked_d21(&secret_key_unpacked, ciphertext, ret0); memcpy(ret, ret0, (size_t)32U * sizeof(uint8_t)); } @@ -4396,7 +4412,7 @@ with const generics - ETA2_RANDOMNESS_SIZE= 128 - IMPLICIT_REJECTION_HASH_INPUT_SIZE= 1120 */ -void libcrux_ml_kem_ind_cca_decapsulate_971( +void libcrux_ml_kem_ind_cca_decapsulate_061( libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext, uint8_t ret[32U]) { Eurydice_slice_uint8_t_x2 uu____0 = Eurydice_slice_split_at( @@ -4414,7 +4430,7 @@ void libcrux_ml_kem_ind_cca_decapsulate_971( Eurydice_slice ind_cpa_public_key_hash = uu____2.fst; Eurydice_slice implicit_rejection_value = uu____2.snd; uint8_t decrypted[32U]; - decrypt_3d1(ind_cpa_secret_key, ciphertext->value, decrypted); + decrypt_611(ind_cpa_secret_key, ciphertext->value, decrypted); uint8_t to_hash0[64U]; libcrux_ml_kem_utils_into_padded_array_42( Eurydice_array_to_slice((size_t)32U, decrypted, uint8_t), to_hash0); @@ -4436,7 +4452,7 @@ void libcrux_ml_kem_ind_cca_decapsulate_971( Eurydice_slice uu____4 = Eurydice_array_to_subslice_from( (size_t)1120U, to_hash, LIBCRUX_ML_KEM_CONSTANTS_SHARED_SECRET_SIZE, uint8_t, size_t); - Eurydice_slice_copy(uu____4, libcrux_ml_kem_types_as_ref_fd_ed1(ciphertext), + Eurydice_slice_copy(uu____4, libcrux_ml_kem_types_as_ref_fd_f71(ciphertext), uint8_t); uint8_t implicit_rejection_shared_secret0[32U]; PRF_a9_423(Eurydice_array_to_slice((size_t)1120U, to_hash, uint8_t), @@ -4446,17 +4462,17 @@ void libcrux_ml_kem_ind_cca_decapsulate_971( uint8_t copy_of_decrypted[32U]; memcpy(copy_of_decrypted, decrypted, (size_t)32U * sizeof(uint8_t)); uint8_t expected_ciphertext[1088U]; - encrypt_a41(uu____5, copy_of_decrypted, pseudorandomness, + encrypt_781(uu____5, copy_of_decrypted, pseudorandomness, expected_ciphertext); uint8_t implicit_rejection_shared_secret[32U]; - kdf_d8_e91(Eurydice_array_to_slice( + kdf_d8_481(Eurydice_array_to_slice( (size_t)32U, implicit_rejection_shared_secret0, uint8_t), implicit_rejection_shared_secret); uint8_t shared_secret[32U]; - kdf_d8_e91(shared_secret0, shared_secret); + kdf_d8_481(shared_secret0, shared_secret); uint8_t ret0[32U]; libcrux_ml_kem_constant_time_ops_compare_ciphertexts_select_shared_secret_in_constant_time( - libcrux_ml_kem_types_as_ref_fd_ed1(ciphertext), + libcrux_ml_kem_types_as_ref_fd_f71(ciphertext), Eurydice_array_to_slice((size_t)1088U, expected_ciphertext, uint8_t), Eurydice_array_to_slice((size_t)32U, shared_secret, uint8_t), Eurydice_array_to_slice((size_t)32U, implicit_rejection_shared_secret, @@ -4475,7 +4491,7 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - PUBLIC_KEY_SIZE= 1568 - K= 4 */ -static KRML_MUSTINLINE void deserialize_ring_elements_reduced_8c3( +static KRML_MUSTINLINE void deserialize_ring_elements_reduced_7d3( Eurydice_slice public_key, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *deserialized_pk) { for (size_t i = (size_t)0U; @@ -4489,7 +4505,7 @@ static KRML_MUSTINLINE void deserialize_ring_elements_reduced_8c3( LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT, uint8_t); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 uu____0 = - deserialize_to_reduced_ring_element_1b(ring_element); + deserialize_to_reduced_ring_element_a9(ring_element); deserialized_pk[i0] = uu____0; } } @@ -4507,13 +4523,13 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - PUBLIC_KEY_SIZE= 1568 - K= 4 */ -static KRML_MUSTINLINE void deserialize_ring_elements_reduced_out_660( +static KRML_MUSTINLINE void deserialize_ring_elements_reduced_out_610( Eurydice_slice public_key, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 ret[4U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 deserialized_pk[4U]; KRML_MAYBE_FOR4(i, (size_t)0U, (size_t)4U, (size_t)1U, deserialized_pk[i] = ZERO_d6_7d();); - deserialize_ring_elements_reduced_8c3(public_key, deserialized_pk); + deserialize_ring_elements_reduced_7d3(public_key, deserialized_pk); memcpy( ret, deserialized_pk, (size_t)4U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); @@ -4529,7 +4545,7 @@ with const generics - K= 4 - OUT_LEN= 1536 */ -static KRML_MUSTINLINE void serialize_secret_key_5f( +static KRML_MUSTINLINE void serialize_secret_key_17( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *key, uint8_t ret[1536U]) { uint8_t out[1536U] = {0U}; @@ -4547,7 +4563,7 @@ static KRML_MUSTINLINE void serialize_secret_key_5f( (i0 + (size_t)1U) * LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT, uint8_t); uint8_t ret0[384U]; - serialize_uncompressed_ring_element_53(&re, ret0); + serialize_uncompressed_ring_element_a3(&re, ret0); Eurydice_slice_copy( uu____0, Eurydice_array_to_slice((size_t)384U, ret0, uint8_t), uint8_t); } @@ -4565,13 +4581,13 @@ with const generics - RANKED_BYTES_PER_RING_ELEMENT= 1536 - PUBLIC_KEY_SIZE= 1568 */ -static KRML_MUSTINLINE void serialize_public_key_mut_c2( +static KRML_MUSTINLINE void serialize_public_key_mut_34( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *t_as_ntt, Eurydice_slice seed_for_a, uint8_t *serialized) { Eurydice_slice uu____0 = Eurydice_array_to_subslice2(serialized, (size_t)0U, (size_t)1536U, uint8_t); uint8_t ret[1536U]; - serialize_secret_key_5f(t_as_ntt, ret); + serialize_secret_key_17(t_as_ntt, ret); Eurydice_slice_copy( uu____0, Eurydice_array_to_slice((size_t)1536U, ret, uint8_t), uint8_t); Eurydice_slice_copy( @@ -4591,11 +4607,11 @@ with const generics - RANKED_BYTES_PER_RING_ELEMENT= 1536 - PUBLIC_KEY_SIZE= 1568 */ -static KRML_MUSTINLINE void serialize_public_key_02( +static KRML_MUSTINLINE void serialize_public_key_3b( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *t_as_ntt, Eurydice_slice seed_for_a, uint8_t ret[1568U]) { uint8_t public_key_serialized[1568U] = {0U}; - serialize_public_key_mut_c2(t_as_ntt, seed_for_a, public_key_serialized); + serialize_public_key_mut_34(t_as_ntt, seed_for_a, public_key_serialized); memcpy(ret, public_key_serialized, (size_t)1568U * sizeof(uint8_t)); } @@ -4614,15 +4630,15 @@ with const generics - RANKED_BYTES_PER_RING_ELEMENT= 1536 - PUBLIC_KEY_SIZE= 1568 */ -bool libcrux_ml_kem_ind_cca_validate_public_key_050(uint8_t *public_key) { +bool libcrux_ml_kem_ind_cca_validate_public_key_fc0(uint8_t *public_key) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 deserialized_pk[4U]; - deserialize_ring_elements_reduced_out_660( + deserialize_ring_elements_reduced_out_610( Eurydice_array_to_subslice_to((size_t)1568U, public_key, (size_t)1536U, uint8_t, size_t), deserialized_pk); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *uu____0 = deserialized_pk; uint8_t public_key_serialized[1568U]; - serialize_public_key_02( + serialize_public_key_3b( uu____0, Eurydice_array_to_subslice_from((size_t)1568U, public_key, (size_t)1536U, uint8_t, size_t), @@ -4659,7 +4675,7 @@ with const generics - SECRET_KEY_SIZE= 3168 - CIPHERTEXT_SIZE= 1568 */ -bool libcrux_ml_kem_ind_cca_validate_private_key_4d0( +bool libcrux_ml_kem_ind_cca_validate_private_key_2e0( libcrux_ml_kem_types_MlKemPrivateKey_95 *private_key, libcrux_ml_kem_types_MlKemCiphertext_1f *_ciphertext) { uint8_t t[32U]; @@ -4695,7 +4711,7 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - K= 4 */ -static IndCpaPrivateKeyUnpacked_01 default_1a_19(void) { +static IndCpaPrivateKeyUnpacked_01 default_1a_bf(void) { IndCpaPrivateKeyUnpacked_01 lit; lit.secret_as_ntt[0U] = ZERO_d6_7d(); lit.secret_as_ntt[1U] = ZERO_d6_7d(); @@ -4727,7 +4743,7 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - K= 4 */ -static IndCpaPublicKeyUnpacked_01 default_8d_80(void) { +static IndCpaPublicKeyUnpacked_01 default_8d_20(void) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 uu____0[4U]; KRML_MAYBE_FOR4(i, (size_t)0U, (size_t)4U, (size_t)1U, uu____0[i] = ZERO_d6_7d();); @@ -4779,7 +4795,7 @@ with types libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics - K= 4 */ -static KRML_MUSTINLINE void cpa_keygen_seed_d8_e1( +static KRML_MUSTINLINE void cpa_keygen_seed_d8_af( Eurydice_slice key_generation_seed, uint8_t ret[64U]) { uint8_t seed[33U] = {0U}; Eurydice_slice_copy( @@ -4924,7 +4940,7 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - K= 4 - N= 504 */ -static KRML_MUSTINLINE bool sample_from_uniform_distribution_next_74( +static KRML_MUSTINLINE bool sample_from_uniform_distribution_next_b8( uint8_t randomness[4U][504U], size_t *sampled_coefficients, int16_t (*out)[272U]) { KRML_MAYBE_FOR4( @@ -5050,7 +5066,7 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - K= 4 - N= 168 */ -static KRML_MUSTINLINE bool sample_from_uniform_distribution_next_740( +static KRML_MUSTINLINE bool sample_from_uniform_distribution_next_b80( uint8_t randomness[4U][168U], size_t *sampled_coefficients, int16_t (*out)[272U]) { KRML_MAYBE_FOR4( @@ -5088,9 +5104,9 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector, libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics - K= 4 */ -static libcrux_ml_kem_polynomial_PolynomialRingElement_d2 closure_e4( +static libcrux_ml_kem_polynomial_PolynomialRingElement_d2 closure_f9( int16_t s[272U]) { - return from_i16_array_d6_14( + return from_i16_array_d6_df( Eurydice_array_to_subslice2(s, (size_t)0U, (size_t)256U, int16_t)); } @@ -5100,7 +5116,7 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector, libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics - K= 4 */ -static KRML_MUSTINLINE void sample_from_xof_67( +static KRML_MUSTINLINE void sample_from_xof_a3( uint8_t seeds[4U][34U], libcrux_ml_kem_polynomial_PolynomialRingElement_d2 ret[4U]) { size_t sampled_coefficients[4U] = {0U}; @@ -5115,7 +5131,7 @@ static KRML_MUSTINLINE void sample_from_xof_67( /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness0[4U][504U]; memcpy(copy_of_randomness0, randomness0, (size_t)4U * sizeof(uint8_t[504U])); - bool done = sample_from_uniform_distribution_next_74( + bool done = sample_from_uniform_distribution_next_b8( copy_of_randomness0, sampled_coefficients, out); while (true) { if (done) { @@ -5127,7 +5143,7 @@ static KRML_MUSTINLINE void sample_from_xof_67( uint8_t copy_of_randomness[4U][168U]; memcpy(copy_of_randomness, randomness, (size_t)4U * sizeof(uint8_t[168U])); - done = sample_from_uniform_distribution_next_740( + done = sample_from_uniform_distribution_next_b80( copy_of_randomness, sampled_coefficients, out); } } @@ -5136,7 +5152,7 @@ static KRML_MUSTINLINE void sample_from_xof_67( memcpy(copy_of_out, out, (size_t)4U * sizeof(int16_t[272U])); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 ret0[4U]; KRML_MAYBE_FOR4(i, (size_t)0U, (size_t)4U, (size_t)1U, - ret0[i] = closure_e4(copy_of_out[i]);); + ret0[i] = closure_f9(copy_of_out[i]);); memcpy( ret, ret0, (size_t)4U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); @@ -5148,7 +5164,7 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector, libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics - K= 4 */ -static KRML_MUSTINLINE void sample_matrix_A_34( +static KRML_MUSTINLINE void sample_matrix_A_8e( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 (*A_transpose)[4U], uint8_t seed[34U], bool transpose) { KRML_MAYBE_FOR4( @@ -5165,7 +5181,7 @@ static KRML_MUSTINLINE void sample_matrix_A_34( uint8_t copy_of_seeds[4U][34U]; memcpy(copy_of_seeds, seeds, (size_t)4U * sizeof(uint8_t[34U])); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 sampled[4U]; - sample_from_xof_67(copy_of_seeds, sampled); + sample_from_xof_a3(copy_of_seeds, sampled); for (size_t i = (size_t)0U; i < Eurydice_slice_len( Eurydice_array_to_slice( @@ -5249,7 +5265,7 @@ libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics - ETA= 2 - ETA_RANDOMNESS_SIZE= 128 */ -static KRML_MUSTINLINE uint8_t sample_vector_cbd_then_ntt_ee( +static KRML_MUSTINLINE uint8_t sample_vector_cbd_then_ntt_5f( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re_as_ntt, uint8_t prf_input[33U], uint8_t domain_separator) { /* Passing arrays by value in Rust generates a copy in C */ @@ -5266,9 +5282,9 @@ static KRML_MUSTINLINE uint8_t sample_vector_cbd_then_ntt_ee( PRFxN_a9_16(prf_inputs, prf_outputs); KRML_MAYBE_FOR4( i, (size_t)0U, (size_t)4U, (size_t)1U, size_t i0 = i; - re_as_ntt[i0] = sample_from_binomial_distribution_af( + re_as_ntt[i0] = sample_from_binomial_distribution_29( Eurydice_array_to_slice((size_t)128U, prf_outputs[i0], uint8_t)); - ntt_binomially_sampled_ring_element_d5(&re_as_ntt[i0]);); + ntt_binomially_sampled_ring_element_7b(&re_as_ntt[i0]);); return domain_separator; } @@ -5291,7 +5307,7 @@ libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics - ETA= 2 - ETA_RANDOMNESS_SIZE= 128 */ -static KRML_MUSTINLINE tuple_71 sample_vector_cbd_then_ntt_out_7f( +static KRML_MUSTINLINE tuple_71 sample_vector_cbd_then_ntt_out_35( uint8_t prf_input[33U], uint8_t domain_separator) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 re_as_ntt[4U]; KRML_MAYBE_FOR4(i, (size_t)0U, (size_t)4U, (size_t)1U, @@ -5300,7 +5316,7 @@ static KRML_MUSTINLINE tuple_71 sample_vector_cbd_then_ntt_out_7f( uint8_t uu____1[33U]; memcpy(uu____1, prf_input, (size_t)33U * sizeof(uint8_t)); domain_separator = - sample_vector_cbd_then_ntt_ee(uu____0, uu____1, domain_separator); + sample_vector_cbd_then_ntt_5f(uu____0, uu____1, domain_separator); /* Passing arrays by value in Rust generates a copy in C */ libcrux_ml_kem_polynomial_PolynomialRingElement_d2 copy_of_re_as_ntt[4U]; memcpy( @@ -5329,7 +5345,7 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - K= 4 */ -static KRML_MUSTINLINE void add_to_ring_element_d6_b8( +static KRML_MUSTINLINE void add_to_ring_element_d6_86( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *self, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *rhs) { for (size_t i = (size_t)0U; @@ -5352,7 +5368,7 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - K= 4 */ -static KRML_MUSTINLINE void compute_As_plus_e_a2( +static KRML_MUSTINLINE void compute_As_plus_e_91( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *t_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 (*matrix_A)[4U], libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *s_as_ntt, @@ -5379,10 +5395,10 @@ static KRML_MUSTINLINE void compute_As_plus_e_a2( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *matrix_element = &row[j]; libcrux_ml_kem_polynomial_PolynomialRingElement_d2 product = - ntt_multiply_d6_f1(matrix_element, &s_as_ntt[j]); - add_to_ring_element_d6_b8(&t_as_ntt[i0], &product); + ntt_multiply_d6_c4(matrix_element, &s_as_ntt[j]); + add_to_ring_element_d6_86(&t_as_ntt[i0], &product); } - add_standard_error_reduce_d6_a7(&t_as_ntt[i0], &error_as_ntt[i0]); + add_standard_error_reduce_d6_4e(&t_as_ntt[i0], &error_as_ntt[i0]); } } @@ -5436,12 +5452,12 @@ with const generics - ETA1= 2 - ETA1_RANDOMNESS_SIZE= 128 */ -static void generate_keypair_unpacked_81( +static void generate_keypair_unpacked_35( Eurydice_slice key_generation_seed, IndCpaPrivateKeyUnpacked_01 *private_key, IndCpaPublicKeyUnpacked_01 *public_key) { uint8_t hashed[64U]; - cpa_keygen_seed_d8_e1(key_generation_seed, hashed); + cpa_keygen_seed_d8_af(key_generation_seed, hashed); Eurydice_slice_uint8_t_x2 uu____0 = Eurydice_slice_split_at( Eurydice_array_to_slice((size_t)64U, hashed, uint8_t), (size_t)32U, uint8_t, Eurydice_slice_uint8_t_x2); @@ -5451,7 +5467,7 @@ static void generate_keypair_unpacked_81( public_key->A; uint8_t ret[34U]; libcrux_ml_kem_utils_into_padded_array_422(seed_for_A, ret); - sample_matrix_A_34(uu____1, ret, true); + sample_matrix_A_8e(uu____1, ret, true); uint8_t prf_input[33U]; libcrux_ml_kem_utils_into_padded_array_421(seed_for_secret_and_error, prf_input); @@ -5461,17 +5477,17 @@ static void generate_keypair_unpacked_81( uint8_t copy_of_prf_input0[33U]; memcpy(copy_of_prf_input0, prf_input, (size_t)33U * sizeof(uint8_t)); uint8_t domain_separator = - sample_vector_cbd_then_ntt_ee(uu____2, copy_of_prf_input0, 0U); + sample_vector_cbd_then_ntt_5f(uu____2, copy_of_prf_input0, 0U); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_prf_input[33U]; memcpy(copy_of_prf_input, prf_input, (size_t)33U * sizeof(uint8_t)); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 error_as_ntt[4U]; memcpy( error_as_ntt, - sample_vector_cbd_then_ntt_out_7f(copy_of_prf_input, domain_separator) + sample_vector_cbd_then_ntt_out_35(copy_of_prf_input, domain_separator) .fst, (size_t)4U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); - compute_As_plus_e_a2(public_key->t_as_ntt, public_key->A, + compute_As_plus_e_91(public_key->t_as_ntt, public_key->A, private_key->secret_as_ntt, error_as_ntt); uint8_t uu____5[32U]; core_result_Result_00 dst; @@ -5492,18 +5508,18 @@ with const generics - ETA1= 2 - ETA1_RANDOMNESS_SIZE= 128 */ -static libcrux_ml_kem_utils_extraction_helper_Keypair1024 generate_keypair_2f0( +static libcrux_ml_kem_utils_extraction_helper_Keypair1024 generate_keypair_310( Eurydice_slice key_generation_seed) { - IndCpaPrivateKeyUnpacked_01 private_key = default_1a_19(); - IndCpaPublicKeyUnpacked_01 public_key = default_8d_80(); - generate_keypair_unpacked_81(key_generation_seed, &private_key, &public_key); + IndCpaPrivateKeyUnpacked_01 private_key = default_1a_bf(); + IndCpaPublicKeyUnpacked_01 public_key = default_8d_20(); + generate_keypair_unpacked_35(key_generation_seed, &private_key, &public_key); uint8_t public_key_serialized[1568U]; - serialize_public_key_02( + serialize_public_key_3b( public_key.t_as_ntt, Eurydice_array_to_slice((size_t)32U, public_key.seed_for_A, uint8_t), public_key_serialized); uint8_t secret_key_serialized[1536U]; - serialize_secret_key_5f(private_key.secret_as_ntt, secret_key_serialized); + serialize_secret_key_17(private_key.secret_as_ntt, secret_key_serialized); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_secret_key_serialized[1536U]; memcpy(copy_of_secret_key_serialized, secret_key_serialized, @@ -5530,7 +5546,7 @@ with const generics - K= 4 - SERIALIZED_KEY_LEN= 3168 */ -static KRML_MUSTINLINE void serialize_kem_secret_key_0a0( +static KRML_MUSTINLINE void serialize_kem_secret_key_7a0( Eurydice_slice private_key, Eurydice_slice public_key, Eurydice_slice implicit_rejection_value, uint8_t ret[3168U]) { uint8_t out[3168U] = {0U}; @@ -5594,7 +5610,7 @@ with const generics - ETA1_RANDOMNESS_SIZE= 128 */ libcrux_ml_kem_mlkem1024_MlKem1024KeyPair -libcrux_ml_kem_ind_cca_generate_keypair_510(uint8_t randomness[64U]) { +libcrux_ml_kem_ind_cca_generate_keypair_cb0(uint8_t randomness[64U]) { Eurydice_slice ind_cpa_keypair_randomness = Eurydice_array_to_subslice2( randomness, (size_t)0U, LIBCRUX_ML_KEM_CONSTANTS_CPA_PKE_KEY_GENERATION_SEED_SIZE, uint8_t); @@ -5603,13 +5619,13 @@ libcrux_ml_kem_ind_cca_generate_keypair_510(uint8_t randomness[64U]) { LIBCRUX_ML_KEM_CONSTANTS_CPA_PKE_KEY_GENERATION_SEED_SIZE, uint8_t, size_t); libcrux_ml_kem_utils_extraction_helper_Keypair1024 uu____0 = - generate_keypair_2f0(ind_cpa_keypair_randomness); + generate_keypair_310(ind_cpa_keypair_randomness); uint8_t ind_cpa_private_key[1536U]; memcpy(ind_cpa_private_key, uu____0.fst, (size_t)1536U * sizeof(uint8_t)); uint8_t public_key[1568U]; memcpy(public_key, uu____0.snd, (size_t)1568U * sizeof(uint8_t)); uint8_t secret_key_serialized[3168U]; - serialize_kem_secret_key_0a0( + serialize_kem_secret_key_7a0( Eurydice_array_to_slice((size_t)1536U, ind_cpa_private_key, uint8_t), Eurydice_array_to_slice((size_t)1568U, public_key, uint8_t), implicit_rejection_value, secret_key_serialized); @@ -5618,13 +5634,13 @@ libcrux_ml_kem_ind_cca_generate_keypair_510(uint8_t randomness[64U]) { memcpy(copy_of_secret_key_serialized, secret_key_serialized, (size_t)3168U * sizeof(uint8_t)); libcrux_ml_kem_types_MlKemPrivateKey_95 private_key = - libcrux_ml_kem_types_from_88_2d1(copy_of_secret_key_serialized); + libcrux_ml_kem_types_from_88_581(copy_of_secret_key_serialized); libcrux_ml_kem_types_MlKemPrivateKey_95 uu____2 = private_key; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_public_key[1568U]; memcpy(copy_of_public_key, public_key, (size_t)1568U * sizeof(uint8_t)); - return libcrux_ml_kem_types_from_17_8b1( - uu____2, libcrux_ml_kem_types_from_40_601(copy_of_public_key)); + return libcrux_ml_kem_types_from_17_dc1( + uu____2, libcrux_ml_kem_types_from_40_cb1(copy_of_public_key)); } /** @@ -5637,7 +5653,7 @@ with types libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics - K= 4 */ -static KRML_MUSTINLINE void entropy_preprocess_d8_960(Eurydice_slice randomness, +static KRML_MUSTINLINE void entropy_preprocess_d8_cd0(Eurydice_slice randomness, uint8_t ret[32U]) { uint8_t out[32U] = {0U}; Eurydice_slice_copy(Eurydice_array_to_slice((size_t)32U, out, uint8_t), @@ -5655,7 +5671,7 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - PUBLIC_KEY_SIZE= 1536 - K= 4 */ -static KRML_MUSTINLINE void deserialize_ring_elements_reduced_8c( +static KRML_MUSTINLINE void deserialize_ring_elements_reduced_7d( Eurydice_slice public_key, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *deserialized_pk) { for (size_t i = (size_t)0U; @@ -5669,7 +5685,7 @@ static KRML_MUSTINLINE void deserialize_ring_elements_reduced_8c( LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT, uint8_t); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 uu____0 = - deserialize_to_reduced_ring_element_1b(ring_element); + deserialize_to_reduced_ring_element_a9(ring_element); deserialized_pk[i0] = uu____0; } } @@ -5686,7 +5702,7 @@ libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics - ETA2= 2 */ static KRML_MUSTINLINE tuple_71 -sample_ring_element_cbd_c6(uint8_t prf_input[33U], uint8_t domain_separator) { +sample_ring_element_cbd_b2(uint8_t prf_input[33U], uint8_t domain_separator) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 error_1[4U]; KRML_MAYBE_FOR4(i, (size_t)0U, (size_t)4U, (size_t)1U, error_1[i] = ZERO_d6_7d();); @@ -5705,7 +5721,7 @@ sample_ring_element_cbd_c6(uint8_t prf_input[33U], uint8_t domain_separator) { KRML_MAYBE_FOR4( i, (size_t)0U, (size_t)4U, (size_t)1U, size_t i0 = i; libcrux_ml_kem_polynomial_PolynomialRingElement_d2 uu____1 = - sample_from_binomial_distribution_af( + sample_from_binomial_distribution_29( Eurydice_array_to_slice((size_t)128U, prf_outputs[i0], uint8_t)); error_1[i0] = uu____1;); /* Passing arrays by value in Rust generates a copy in C */ @@ -5742,18 +5758,18 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - K= 4 */ -static KRML_MUSTINLINE void invert_ntt_montgomery_19( +static KRML_MUSTINLINE void invert_ntt_montgomery_64( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re) { size_t zeta_i = LIBCRUX_ML_KEM_CONSTANTS_COEFFICIENTS_IN_RING_ELEMENT / (size_t)2U; - invert_ntt_at_layer_1_2b(&zeta_i, re); - invert_ntt_at_layer_2_6a(&zeta_i, re); - invert_ntt_at_layer_3_ad(&zeta_i, re); - invert_ntt_at_layer_4_plus_8f(&zeta_i, re, (size_t)4U); - invert_ntt_at_layer_4_plus_8f(&zeta_i, re, (size_t)5U); - invert_ntt_at_layer_4_plus_8f(&zeta_i, re, (size_t)6U); - invert_ntt_at_layer_4_plus_8f(&zeta_i, re, (size_t)7U); - poly_barrett_reduce_d6_2b(re); + invert_ntt_at_layer_1_8c(&zeta_i, re); + invert_ntt_at_layer_2_90(&zeta_i, re); + invert_ntt_at_layer_3_b6(&zeta_i, re); + invert_ntt_at_layer_4_plus_64(&zeta_i, re, (size_t)4U); + invert_ntt_at_layer_4_plus_64(&zeta_i, re, (size_t)5U); + invert_ntt_at_layer_4_plus_64(&zeta_i, re, (size_t)6U); + invert_ntt_at_layer_4_plus_64(&zeta_i, re, (size_t)7U); + poly_barrett_reduce_d6_5c(re); } /** @@ -5765,7 +5781,7 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - K= 4 */ -static KRML_MUSTINLINE void compute_vector_u_ba( +static KRML_MUSTINLINE void compute_vector_u_a2( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 (*a_as_ntt)[4U], libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *r_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *error_1, @@ -5792,11 +5808,11 @@ static KRML_MUSTINLINE void compute_vector_u_ba( size_t j = i; libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *a_element = &row[j]; libcrux_ml_kem_polynomial_PolynomialRingElement_d2 product = - ntt_multiply_d6_f1(a_element, &r_as_ntt[j]); - add_to_ring_element_d6_b8(&result[i1], &product); + ntt_multiply_d6_c4(a_element, &r_as_ntt[j]); + add_to_ring_element_d6_86(&result[i1], &product); } - invert_ntt_montgomery_19(&result[i1]); - add_error_reduce_d6_89(&result[i1], &error_1[i1]); + invert_ntt_montgomery_64(&result[i1]); + add_error_reduce_d6_70(&result[i1], &error_1[i1]); } memcpy( ret, result, @@ -5813,7 +5829,7 @@ with const generics - K= 4 */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -compute_ring_element_v_9f( +compute_ring_element_v_7e( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *t_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *r_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *error_2, @@ -5821,10 +5837,10 @@ compute_ring_element_v_9f( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 result = ZERO_d6_7d(); KRML_MAYBE_FOR4(i, (size_t)0U, (size_t)4U, (size_t)1U, size_t i0 = i; libcrux_ml_kem_polynomial_PolynomialRingElement_d2 product = - ntt_multiply_d6_f1(&t_as_ntt[i0], &r_as_ntt[i0]); - add_to_ring_element_d6_b8(&result, &product);); - invert_ntt_montgomery_19(&result); - result = add_message_error_reduce_d6_df(error_2, message, result); + ntt_multiply_d6_c4(&t_as_ntt[i0], &r_as_ntt[i0]); + add_to_ring_element_d6_86(&result, &product);); + invert_ntt_montgomery_64(&result); + result = add_message_error_reduce_d6_55(error_2, message, result); return result; } @@ -5834,14 +5850,14 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - OUT_LEN= 352 */ -static KRML_MUSTINLINE void compress_then_serialize_11_88( +static KRML_MUSTINLINE void compress_then_serialize_11_56( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re, uint8_t ret[352U]) { uint8_t serialized[352U] = {0U}; for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { size_t i0 = i; __m256i coefficient = - compress_ea_ab0(to_unsigned_representative_c0(re->coefficients[i0])); + compress_ea_8f0(to_unsigned_representative_09(re->coefficients[i0])); uint8_t bytes[22U]; libcrux_ml_kem_vector_avx2_serialize_11_ea(coefficient, bytes); Eurydice_slice uu____0 = Eurydice_array_to_subslice2( @@ -5859,10 +5875,10 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - COMPRESSION_FACTOR= 11 - OUT_LEN= 352 */ -static KRML_MUSTINLINE void compress_then_serialize_ring_element_u_88( +static KRML_MUSTINLINE void compress_then_serialize_ring_element_u_3f( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re, uint8_t ret[352U]) { uint8_t uu____0[352U]; - compress_then_serialize_11_88(re, uu____0); + compress_then_serialize_11_56(re, uu____0); memcpy(ret, uu____0, (size_t)352U * sizeof(uint8_t)); } @@ -5878,7 +5894,7 @@ with const generics - COMPRESSION_FACTOR= 11 - BLOCK_LEN= 352 */ -static void compress_then_serialize_u_0b( +static void compress_then_serialize_u_59( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 input[4U], Eurydice_slice out) { for (size_t i = (size_t)0U; @@ -5894,7 +5910,7 @@ static void compress_then_serialize_u_0b( out, i0 * ((size_t)1408U / (size_t)4U), (i0 + (size_t)1U) * ((size_t)1408U / (size_t)4U), uint8_t); uint8_t ret[352U]; - compress_then_serialize_ring_element_u_88(&re, ret); + compress_then_serialize_ring_element_u_3f(&re, ret); Eurydice_slice_copy( uu____0, Eurydice_array_to_slice((size_t)352U, ret, uint8_t), uint8_t); } @@ -5907,9 +5923,9 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - COMPRESSION_FACTOR= 5 - OUT_LEN= 160 */ -static KRML_MUSTINLINE void compress_then_serialize_ring_element_v_f3( +static KRML_MUSTINLINE void compress_then_serialize_ring_element_v_b0( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 re, Eurydice_slice out) { - compress_then_serialize_5_a4(re, out); + compress_then_serialize_5_60(re, out); } /** @@ -5970,7 +5986,7 @@ libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -static void encrypt_unpacked_be(IndCpaPublicKeyUnpacked_01 *public_key, +static void encrypt_unpacked_9c(IndCpaPublicKeyUnpacked_01 *public_key, uint8_t message[32U], Eurydice_slice randomness, uint8_t ret[1568U]) { uint8_t prf_input[33U]; @@ -5978,7 +5994,7 @@ static void encrypt_unpacked_be(IndCpaPublicKeyUnpacked_01 *public_key, /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_prf_input0[33U]; memcpy(copy_of_prf_input0, prf_input, (size_t)33U * sizeof(uint8_t)); - tuple_71 uu____1 = sample_vector_cbd_then_ntt_out_7f(copy_of_prf_input0, 0U); + tuple_71 uu____1 = sample_vector_cbd_then_ntt_out_35(copy_of_prf_input0, 0U); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 r_as_ntt[4U]; memcpy( r_as_ntt, uu____1.fst, @@ -5988,7 +6004,7 @@ static void encrypt_unpacked_be(IndCpaPublicKeyUnpacked_01 *public_key, uint8_t copy_of_prf_input[33U]; memcpy(copy_of_prf_input, prf_input, (size_t)33U * sizeof(uint8_t)); tuple_71 uu____3 = - sample_ring_element_cbd_c6(copy_of_prf_input, domain_separator0); + sample_ring_element_cbd_b2(copy_of_prf_input, domain_separator0); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 error_1[4U]; memcpy( error_1, uu____3.fst, @@ -5999,28 +6015,28 @@ static void encrypt_unpacked_be(IndCpaPublicKeyUnpacked_01 *public_key, PRF_a9_420(Eurydice_array_to_slice((size_t)33U, prf_input, uint8_t), prf_output); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 error_2 = - sample_from_binomial_distribution_af( + sample_from_binomial_distribution_29( Eurydice_array_to_slice((size_t)128U, prf_output, uint8_t)); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 u[4U]; - compute_vector_u_ba(public_key->A, r_as_ntt, error_1, u); + compute_vector_u_a2(public_key->A, r_as_ntt, error_1, u); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_message[32U]; memcpy(copy_of_message, message, (size_t)32U * sizeof(uint8_t)); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 message_as_ring_element = - deserialize_then_decompress_message_ef(copy_of_message); + deserialize_then_decompress_message_58(copy_of_message); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 v = - compute_ring_element_v_9f(public_key->t_as_ntt, r_as_ntt, &error_2, + compute_ring_element_v_7e(public_key->t_as_ntt, r_as_ntt, &error_2, &message_as_ring_element); uint8_t ciphertext[1568U] = {0U}; libcrux_ml_kem_polynomial_PolynomialRingElement_d2 uu____5[4U]; memcpy( uu____5, u, (size_t)4U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); - compress_then_serialize_u_0b( + compress_then_serialize_u_59( uu____5, Eurydice_array_to_subslice2(ciphertext, (size_t)0U, (size_t)1408U, uint8_t)); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 uu____6 = v; - compress_then_serialize_ring_element_v_f3( + compress_then_serialize_ring_element_v_b0( uu____6, Eurydice_array_to_subslice_from((size_t)1568U, ciphertext, (size_t)1408U, uint8_t, size_t)); memcpy(ret, ciphertext, (size_t)1568U * sizeof(uint8_t)); @@ -6043,10 +6059,10 @@ libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -static void encrypt_a40(Eurydice_slice public_key, uint8_t message[32U], +static void encrypt_780(Eurydice_slice public_key, uint8_t message[32U], Eurydice_slice randomness, uint8_t ret[1568U]) { - IndCpaPublicKeyUnpacked_01 unpacked_public_key = default_8d_80(); - deserialize_ring_elements_reduced_8c( + IndCpaPublicKeyUnpacked_01 unpacked_public_key = default_8d_20(); + deserialize_ring_elements_reduced_7d( Eurydice_slice_subslice_to(public_key, (size_t)1536U, uint8_t, size_t), unpacked_public_key.t_as_ntt); Eurydice_slice seed = @@ -6055,13 +6071,13 @@ static void encrypt_a40(Eurydice_slice public_key, uint8_t message[32U], unpacked_public_key.A; uint8_t ret0[34U]; libcrux_ml_kem_utils_into_padded_array_422(seed, ret0); - sample_matrix_A_34(uu____0, ret0, false); + sample_matrix_A_8e(uu____0, ret0, false); IndCpaPublicKeyUnpacked_01 *uu____1 = &unpacked_public_key; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_message[32U]; memcpy(copy_of_message, message, (size_t)32U * sizeof(uint8_t)); uint8_t ret1[1568U]; - encrypt_unpacked_be(uu____1, copy_of_message, randomness, ret1); + encrypt_unpacked_9c(uu____1, copy_of_message, randomness, ret1); memcpy(ret, ret1, (size_t)1568U * sizeof(uint8_t)); } @@ -6076,7 +6092,7 @@ with const generics - K= 4 - CIPHERTEXT_SIZE= 1568 */ -static KRML_MUSTINLINE void kdf_d8_e90(Eurydice_slice shared_secret, +static KRML_MUSTINLINE void kdf_d8_480(Eurydice_slice shared_secret, uint8_t ret[32U]) { uint8_t out[32U] = {0U}; Eurydice_slice_copy(Eurydice_array_to_slice((size_t)32U, out, uint8_t), @@ -6103,11 +6119,11 @@ with const generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -tuple_21 libcrux_ml_kem_ind_cca_encapsulate_9c0( +tuple_21 libcrux_ml_kem_ind_cca_encapsulate_270( libcrux_ml_kem_types_MlKemPublicKey_1f *public_key, uint8_t randomness[32U]) { uint8_t randomness0[32U]; - entropy_preprocess_d8_960( + entropy_preprocess_d8_cd0( Eurydice_array_to_slice((size_t)32U, randomness, uint8_t), randomness0); uint8_t to_hash[64U]; libcrux_ml_kem_utils_into_padded_array_42( @@ -6117,7 +6133,7 @@ tuple_21 libcrux_ml_kem_ind_cca_encapsulate_9c0( size_t); uint8_t ret[32U]; H_a9_16(Eurydice_array_to_slice( - (size_t)1568U, libcrux_ml_kem_types_as_slice_ba_12(public_key), + (size_t)1568U, libcrux_ml_kem_types_as_slice_ba_66(public_key), uint8_t), ret); Eurydice_slice_copy( @@ -6131,19 +6147,19 @@ tuple_21 libcrux_ml_kem_ind_cca_encapsulate_9c0( Eurydice_slice shared_secret = uu____1.fst; Eurydice_slice pseudorandomness = uu____1.snd; Eurydice_slice uu____2 = Eurydice_array_to_slice( - (size_t)1568U, libcrux_ml_kem_types_as_slice_ba_12(public_key), uint8_t); + (size_t)1568U, libcrux_ml_kem_types_as_slice_ba_66(public_key), uint8_t); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness0, (size_t)32U * sizeof(uint8_t)); uint8_t ciphertext[1568U]; - encrypt_a40(uu____2, copy_of_randomness, pseudorandomness, ciphertext); + encrypt_780(uu____2, copy_of_randomness, pseudorandomness, ciphertext); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_ciphertext[1568U]; memcpy(copy_of_ciphertext, ciphertext, (size_t)1568U * sizeof(uint8_t)); libcrux_ml_kem_types_MlKemCiphertext_1f ciphertext0 = - libcrux_ml_kem_types_from_fc_36(copy_of_ciphertext); + libcrux_ml_kem_types_from_fc_0e(copy_of_ciphertext); uint8_t shared_secret_array[32U]; - kdf_d8_e90(shared_secret, shared_secret_array); + kdf_d8_480(shared_secret, shared_secret_array); libcrux_ml_kem_types_MlKemCiphertext_1f uu____5 = ciphertext0; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_shared_secret_array[32U]; @@ -6164,7 +6180,7 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - K= 4 */ -static KRML_MUSTINLINE void deserialize_secret_key_c50( +static KRML_MUSTINLINE void deserialize_secret_key_ee0( Eurydice_slice secret_key, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 ret[4U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 secret_as_ntt[4U]; @@ -6181,7 +6197,7 @@ static KRML_MUSTINLINE void deserialize_secret_key_c50( LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT, uint8_t); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 uu____0 = - deserialize_to_uncompressed_ring_element_71(secret_bytes); + deserialize_to_uncompressed_ring_element_ff(secret_bytes); secret_as_ntt[i0] = uu____0; } memcpy( @@ -6196,8 +6212,8 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - COMPRESSION_FACTOR= 11 */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -deserialize_then_decompress_ring_element_u_f9(Eurydice_slice serialized) { - return deserialize_then_decompress_11_9a(serialized); +deserialize_then_decompress_ring_element_u_74(Eurydice_slice serialized) { + return deserialize_then_decompress_11_2e(serialized); } /** @@ -6206,17 +6222,17 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - VECTOR_U_COMPRESSION_FACTOR= 11 */ -static KRML_MUSTINLINE void ntt_vector_u_9b( +static KRML_MUSTINLINE void ntt_vector_u_4c( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re) { size_t zeta_i = (size_t)0U; - ntt_at_layer_4_plus_b8(&zeta_i, re, (size_t)7U); - ntt_at_layer_4_plus_b8(&zeta_i, re, (size_t)6U); - ntt_at_layer_4_plus_b8(&zeta_i, re, (size_t)5U); - ntt_at_layer_4_plus_b8(&zeta_i, re, (size_t)4U); - ntt_at_layer_3_5f(&zeta_i, re); - ntt_at_layer_2_c2(&zeta_i, re); - ntt_at_layer_1_60(&zeta_i, re); - poly_barrett_reduce_d6_2b(re); + ntt_at_layer_4_plus_48(&zeta_i, re, (size_t)7U); + ntt_at_layer_4_plus_48(&zeta_i, re, (size_t)6U); + ntt_at_layer_4_plus_48(&zeta_i, re, (size_t)5U); + ntt_at_layer_4_plus_48(&zeta_i, re, (size_t)4U); + ntt_at_layer_3_c0(&zeta_i, re); + ntt_at_layer_2_9a(&zeta_i, re); + ntt_at_layer_1_03(&zeta_i, re); + poly_barrett_reduce_d6_5c(re); } /** @@ -6231,7 +6247,7 @@ with const generics - CIPHERTEXT_SIZE= 1568 - U_COMPRESSION_FACTOR= 11 */ -static KRML_MUSTINLINE void deserialize_then_decompress_u_9d( +static KRML_MUSTINLINE void deserialize_then_decompress_u_02( uint8_t *ciphertext, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 ret[4U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 u_as_ntt[4U]; @@ -6254,8 +6270,8 @@ static KRML_MUSTINLINE void deserialize_then_decompress_u_9d( LIBCRUX_ML_KEM_CONSTANTS_COEFFICIENTS_IN_RING_ELEMENT * (size_t)11U / (size_t)8U, uint8_t); - u_as_ntt[i0] = deserialize_then_decompress_ring_element_u_f9(u_bytes); - ntt_vector_u_9b(&u_as_ntt[i0]); + u_as_ntt[i0] = deserialize_then_decompress_ring_element_u_74(u_bytes); + ntt_vector_u_4c(&u_as_ntt[i0]); } memcpy( ret, u_as_ntt, @@ -6269,8 +6285,8 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - COMPRESSION_FACTOR= 5 */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -deserialize_then_decompress_ring_element_v_59(Eurydice_slice serialized) { - return deserialize_then_decompress_5_c1(serialized); +deserialize_then_decompress_ring_element_v_ac(Eurydice_slice serialized) { + return deserialize_then_decompress_5_56(serialized); } /** @@ -6286,17 +6302,17 @@ with const generics - K= 4 */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -compute_message_6a( +compute_message_31( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *v, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *secret_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *u_as_ntt) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 result = ZERO_d6_7d(); KRML_MAYBE_FOR4(i, (size_t)0U, (size_t)4U, (size_t)1U, size_t i0 = i; libcrux_ml_kem_polynomial_PolynomialRingElement_d2 product = - ntt_multiply_d6_f1(&secret_as_ntt[i0], &u_as_ntt[i0]); - add_to_ring_element_d6_b8(&result, &product);); - invert_ntt_montgomery_19(&result); - result = subtract_reduce_d6_4a(v, result); + ntt_multiply_d6_c4(&secret_as_ntt[i0], &u_as_ntt[i0]); + add_to_ring_element_d6_86(&result, &product);); + invert_ntt_montgomery_64(&result); + result = subtract_reduce_d6_8a(v, result); return result; } @@ -6334,18 +6350,18 @@ with const generics - U_COMPRESSION_FACTOR= 11 - V_COMPRESSION_FACTOR= 5 */ -static void decrypt_unpacked_67(IndCpaPrivateKeyUnpacked_01 *secret_key, +static void decrypt_unpacked_d2(IndCpaPrivateKeyUnpacked_01 *secret_key, uint8_t *ciphertext, uint8_t ret[32U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 u_as_ntt[4U]; - deserialize_then_decompress_u_9d(ciphertext, u_as_ntt); + deserialize_then_decompress_u_02(ciphertext, u_as_ntt); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 v = - deserialize_then_decompress_ring_element_v_59( + deserialize_then_decompress_ring_element_v_ac( Eurydice_array_to_subslice_from((size_t)1568U, ciphertext, (size_t)1408U, uint8_t, size_t)); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 message = - compute_message_6a(&v, secret_key->secret_as_ntt, u_as_ntt); + compute_message_31(&v, secret_key->secret_as_ntt, u_as_ntt); uint8_t ret0[32U]; - compress_then_serialize_message_53(message, ret0); + compress_then_serialize_message_34(message, ret0); memcpy(ret, ret0, (size_t)32U * sizeof(uint8_t)); } @@ -6359,10 +6375,10 @@ with const generics - U_COMPRESSION_FACTOR= 11 - V_COMPRESSION_FACTOR= 5 */ -static void decrypt_3d0(Eurydice_slice secret_key, uint8_t *ciphertext, +static void decrypt_610(Eurydice_slice secret_key, uint8_t *ciphertext, uint8_t ret[32U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 secret_as_ntt[4U]; - deserialize_secret_key_c50(secret_key, secret_as_ntt); + deserialize_secret_key_ee0(secret_key, secret_as_ntt); /* Passing arrays by value in Rust generates a copy in C */ libcrux_ml_kem_polynomial_PolynomialRingElement_d2 copy_of_secret_as_ntt[4U]; memcpy( @@ -6373,7 +6389,7 @@ static void decrypt_3d0(Eurydice_slice secret_key, uint8_t *ciphertext, secret_key_unpacked.secret_as_ntt, copy_of_secret_as_ntt, (size_t)4U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); uint8_t ret0[32U]; - decrypt_unpacked_67(&secret_key_unpacked, ciphertext, ret0); + decrypt_unpacked_d2(&secret_key_unpacked, ciphertext, ret0); memcpy(ret, ret0, (size_t)32U * sizeof(uint8_t)); } @@ -6413,7 +6429,7 @@ with const generics - ETA2_RANDOMNESS_SIZE= 128 - IMPLICIT_REJECTION_HASH_INPUT_SIZE= 1600 */ -void libcrux_ml_kem_ind_cca_decapsulate_970( +void libcrux_ml_kem_ind_cca_decapsulate_060( libcrux_ml_kem_types_MlKemPrivateKey_95 *private_key, libcrux_ml_kem_types_MlKemCiphertext_1f *ciphertext, uint8_t ret[32U]) { Eurydice_slice_uint8_t_x2 uu____0 = Eurydice_slice_split_at( @@ -6431,7 +6447,7 @@ void libcrux_ml_kem_ind_cca_decapsulate_970( Eurydice_slice ind_cpa_public_key_hash = uu____2.fst; Eurydice_slice implicit_rejection_value = uu____2.snd; uint8_t decrypted[32U]; - decrypt_3d0(ind_cpa_secret_key, ciphertext->value, decrypted); + decrypt_610(ind_cpa_secret_key, ciphertext->value, decrypted); uint8_t to_hash0[64U]; libcrux_ml_kem_utils_into_padded_array_42( Eurydice_array_to_slice((size_t)32U, decrypted, uint8_t), to_hash0); @@ -6453,7 +6469,7 @@ void libcrux_ml_kem_ind_cca_decapsulate_970( Eurydice_slice uu____4 = Eurydice_array_to_subslice_from( (size_t)1600U, to_hash, LIBCRUX_ML_KEM_CONSTANTS_SHARED_SECRET_SIZE, uint8_t, size_t); - Eurydice_slice_copy(uu____4, libcrux_ml_kem_types_as_ref_fd_ed(ciphertext), + Eurydice_slice_copy(uu____4, libcrux_ml_kem_types_as_ref_fd_f7(ciphertext), uint8_t); uint8_t implicit_rejection_shared_secret0[32U]; PRF_a9_42(Eurydice_array_to_slice((size_t)1600U, to_hash, uint8_t), @@ -6463,17 +6479,17 @@ void libcrux_ml_kem_ind_cca_decapsulate_970( uint8_t copy_of_decrypted[32U]; memcpy(copy_of_decrypted, decrypted, (size_t)32U * sizeof(uint8_t)); uint8_t expected_ciphertext[1568U]; - encrypt_a40(uu____5, copy_of_decrypted, pseudorandomness, + encrypt_780(uu____5, copy_of_decrypted, pseudorandomness, expected_ciphertext); uint8_t implicit_rejection_shared_secret[32U]; - kdf_d8_e90(Eurydice_array_to_slice( + kdf_d8_480(Eurydice_array_to_slice( (size_t)32U, implicit_rejection_shared_secret0, uint8_t), implicit_rejection_shared_secret); uint8_t shared_secret[32U]; - kdf_d8_e90(shared_secret0, shared_secret); + kdf_d8_480(shared_secret0, shared_secret); uint8_t ret0[32U]; libcrux_ml_kem_constant_time_ops_compare_ciphertexts_select_shared_secret_in_constant_time( - libcrux_ml_kem_types_as_ref_fd_ed(ciphertext), + libcrux_ml_kem_types_as_ref_fd_f7(ciphertext), Eurydice_array_to_slice((size_t)1568U, expected_ciphertext, uint8_t), Eurydice_array_to_slice((size_t)32U, shared_secret, uint8_t), Eurydice_array_to_slice((size_t)32U, implicit_rejection_shared_secret, @@ -6492,7 +6508,7 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - PUBLIC_KEY_SIZE= 800 - K= 2 */ -static KRML_MUSTINLINE void deserialize_ring_elements_reduced_8c2( +static KRML_MUSTINLINE void deserialize_ring_elements_reduced_7d2( Eurydice_slice public_key, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *deserialized_pk) { for (size_t i = (size_t)0U; @@ -6506,7 +6522,7 @@ static KRML_MUSTINLINE void deserialize_ring_elements_reduced_8c2( LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT, uint8_t); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 uu____0 = - deserialize_to_reduced_ring_element_1b(ring_element); + deserialize_to_reduced_ring_element_a9(ring_element); deserialized_pk[i0] = uu____0; } } @@ -6524,13 +6540,13 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - PUBLIC_KEY_SIZE= 800 - K= 2 */ -static KRML_MUSTINLINE void deserialize_ring_elements_reduced_out_66( +static KRML_MUSTINLINE void deserialize_ring_elements_reduced_out_61( Eurydice_slice public_key, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 ret[2U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 deserialized_pk[2U]; KRML_MAYBE_FOR2(i, (size_t)0U, (size_t)2U, (size_t)1U, deserialized_pk[i] = ZERO_d6_7d();); - deserialize_ring_elements_reduced_8c2(public_key, deserialized_pk); + deserialize_ring_elements_reduced_7d2(public_key, deserialized_pk); memcpy( ret, deserialized_pk, (size_t)2U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); @@ -6546,7 +6562,7 @@ with const generics - K= 2 - OUT_LEN= 768 */ -static KRML_MUSTINLINE void serialize_secret_key_5f0( +static KRML_MUSTINLINE void serialize_secret_key_170( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *key, uint8_t ret[768U]) { uint8_t out[768U] = {0U}; @@ -6564,7 +6580,7 @@ static KRML_MUSTINLINE void serialize_secret_key_5f0( (i0 + (size_t)1U) * LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT, uint8_t); uint8_t ret0[384U]; - serialize_uncompressed_ring_element_53(&re, ret0); + serialize_uncompressed_ring_element_a3(&re, ret0); Eurydice_slice_copy( uu____0, Eurydice_array_to_slice((size_t)384U, ret0, uint8_t), uint8_t); } @@ -6582,13 +6598,13 @@ with const generics - RANKED_BYTES_PER_RING_ELEMENT= 768 - PUBLIC_KEY_SIZE= 800 */ -static KRML_MUSTINLINE void serialize_public_key_mut_c20( +static KRML_MUSTINLINE void serialize_public_key_mut_340( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *t_as_ntt, Eurydice_slice seed_for_a, uint8_t *serialized) { Eurydice_slice uu____0 = Eurydice_array_to_subslice2(serialized, (size_t)0U, (size_t)768U, uint8_t); uint8_t ret[768U]; - serialize_secret_key_5f0(t_as_ntt, ret); + serialize_secret_key_170(t_as_ntt, ret); Eurydice_slice_copy( uu____0, Eurydice_array_to_slice((size_t)768U, ret, uint8_t), uint8_t); Eurydice_slice_copy( @@ -6608,11 +6624,11 @@ with const generics - RANKED_BYTES_PER_RING_ELEMENT= 768 - PUBLIC_KEY_SIZE= 800 */ -static KRML_MUSTINLINE void serialize_public_key_020( +static KRML_MUSTINLINE void serialize_public_key_3b0( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *t_as_ntt, Eurydice_slice seed_for_a, uint8_t ret[800U]) { uint8_t public_key_serialized[800U] = {0U}; - serialize_public_key_mut_c20(t_as_ntt, seed_for_a, public_key_serialized); + serialize_public_key_mut_340(t_as_ntt, seed_for_a, public_key_serialized); memcpy(ret, public_key_serialized, (size_t)800U * sizeof(uint8_t)); } @@ -6631,15 +6647,15 @@ with const generics - RANKED_BYTES_PER_RING_ELEMENT= 768 - PUBLIC_KEY_SIZE= 800 */ -bool libcrux_ml_kem_ind_cca_validate_public_key_05(uint8_t *public_key) { +bool libcrux_ml_kem_ind_cca_validate_public_key_fc(uint8_t *public_key) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 deserialized_pk[2U]; - deserialize_ring_elements_reduced_out_66( + deserialize_ring_elements_reduced_out_61( Eurydice_array_to_subslice_to((size_t)800U, public_key, (size_t)768U, uint8_t, size_t), deserialized_pk); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *uu____0 = deserialized_pk; uint8_t public_key_serialized[800U]; - serialize_public_key_020( + serialize_public_key_3b0( uu____0, Eurydice_array_to_subslice_from((size_t)800U, public_key, (size_t)768U, uint8_t, size_t), @@ -6676,7 +6692,7 @@ with const generics - SECRET_KEY_SIZE= 1632 - CIPHERTEXT_SIZE= 768 */ -bool libcrux_ml_kem_ind_cca_validate_private_key_4d( +bool libcrux_ml_kem_ind_cca_validate_private_key_2e( libcrux_ml_kem_types_MlKemPrivateKey_5e *private_key, libcrux_ml_kem_types_MlKemCiphertext_e8 *_ciphertext) { uint8_t t[32U]; @@ -6712,7 +6728,7 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - K= 2 */ -static IndCpaPrivateKeyUnpacked_d6 default_1a_190(void) { +static IndCpaPrivateKeyUnpacked_d6 default_1a_bf0(void) { IndCpaPrivateKeyUnpacked_d6 lit; lit.secret_as_ntt[0U] = ZERO_d6_7d(); lit.secret_as_ntt[1U] = ZERO_d6_7d(); @@ -6742,7 +6758,7 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - K= 2 */ -static IndCpaPublicKeyUnpacked_d6 default_8d_800(void) { +static IndCpaPublicKeyUnpacked_d6 default_8d_200(void) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 uu____0[2U]; KRML_MAYBE_FOR2(i, (size_t)0U, (size_t)2U, (size_t)1U, uu____0[i] = ZERO_d6_7d();); @@ -6782,7 +6798,7 @@ with types libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics - K= 2 */ -static KRML_MUSTINLINE void cpa_keygen_seed_d8_e10( +static KRML_MUSTINLINE void cpa_keygen_seed_d8_af0( Eurydice_slice key_generation_seed, uint8_t ret[64U]) { uint8_t seed[33U] = {0U}; Eurydice_slice_copy( @@ -6921,7 +6937,7 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - K= 2 - N= 504 */ -static KRML_MUSTINLINE bool sample_from_uniform_distribution_next_741( +static KRML_MUSTINLINE bool sample_from_uniform_distribution_next_b81( uint8_t randomness[2U][504U], size_t *sampled_coefficients, int16_t (*out)[272U]) { KRML_MAYBE_FOR2( @@ -7041,7 +7057,7 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - K= 2 - N= 168 */ -static KRML_MUSTINLINE bool sample_from_uniform_distribution_next_742( +static KRML_MUSTINLINE bool sample_from_uniform_distribution_next_b82( uint8_t randomness[2U][168U], size_t *sampled_coefficients, int16_t (*out)[272U]) { KRML_MAYBE_FOR2( @@ -7079,9 +7095,9 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector, libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics - K= 2 */ -static libcrux_ml_kem_polynomial_PolynomialRingElement_d2 closure_e40( +static libcrux_ml_kem_polynomial_PolynomialRingElement_d2 closure_f90( int16_t s[272U]) { - return from_i16_array_d6_14( + return from_i16_array_d6_df( Eurydice_array_to_subslice2(s, (size_t)0U, (size_t)256U, int16_t)); } @@ -7091,7 +7107,7 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector, libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics - K= 2 */ -static KRML_MUSTINLINE void sample_from_xof_670( +static KRML_MUSTINLINE void sample_from_xof_a30( uint8_t seeds[2U][34U], libcrux_ml_kem_polynomial_PolynomialRingElement_d2 ret[2U]) { size_t sampled_coefficients[2U] = {0U}; @@ -7106,7 +7122,7 @@ static KRML_MUSTINLINE void sample_from_xof_670( /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness0[2U][504U]; memcpy(copy_of_randomness0, randomness0, (size_t)2U * sizeof(uint8_t[504U])); - bool done = sample_from_uniform_distribution_next_741( + bool done = sample_from_uniform_distribution_next_b81( copy_of_randomness0, sampled_coefficients, out); while (true) { if (done) { @@ -7118,7 +7134,7 @@ static KRML_MUSTINLINE void sample_from_xof_670( uint8_t copy_of_randomness[2U][168U]; memcpy(copy_of_randomness, randomness, (size_t)2U * sizeof(uint8_t[168U])); - done = sample_from_uniform_distribution_next_742( + done = sample_from_uniform_distribution_next_b82( copy_of_randomness, sampled_coefficients, out); } } @@ -7127,7 +7143,7 @@ static KRML_MUSTINLINE void sample_from_xof_670( memcpy(copy_of_out, out, (size_t)2U * sizeof(int16_t[272U])); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 ret0[2U]; KRML_MAYBE_FOR2(i, (size_t)0U, (size_t)2U, (size_t)1U, - ret0[i] = closure_e40(copy_of_out[i]);); + ret0[i] = closure_f90(copy_of_out[i]);); memcpy( ret, ret0, (size_t)2U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); @@ -7139,7 +7155,7 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector, libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics - K= 2 */ -static KRML_MUSTINLINE void sample_matrix_A_340( +static KRML_MUSTINLINE void sample_matrix_A_8e0( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 (*A_transpose)[2U], uint8_t seed[34U], bool transpose) { KRML_MAYBE_FOR2( @@ -7156,7 +7172,7 @@ static KRML_MUSTINLINE void sample_matrix_A_340( uint8_t copy_of_seeds[2U][34U]; memcpy(copy_of_seeds, seeds, (size_t)2U * sizeof(uint8_t[34U])); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 sampled[2U]; - sample_from_xof_670(copy_of_seeds, sampled); + sample_from_xof_a30(copy_of_seeds, sampled); for (size_t i = (size_t)0U; i < Eurydice_slice_len( Eurydice_array_to_slice( @@ -7229,8 +7245,8 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - ETA= 3 */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -sample_from_binomial_distribution_af0(Eurydice_slice randomness) { - return sample_from_binomial_distribution_3_3c(randomness); +sample_from_binomial_distribution_290(Eurydice_slice randomness) { + return sample_from_binomial_distribution_3_a0(randomness); } /** @@ -7245,7 +7261,7 @@ libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics - ETA= 3 - ETA_RANDOMNESS_SIZE= 192 */ -static KRML_MUSTINLINE uint8_t sample_vector_cbd_then_ntt_ee0( +static KRML_MUSTINLINE uint8_t sample_vector_cbd_then_ntt_5f0( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re_as_ntt, uint8_t prf_input[33U], uint8_t domain_separator) { /* Passing arrays by value in Rust generates a copy in C */ @@ -7262,9 +7278,9 @@ static KRML_MUSTINLINE uint8_t sample_vector_cbd_then_ntt_ee0( PRFxN_a9_160(prf_inputs, prf_outputs); KRML_MAYBE_FOR2( i, (size_t)0U, (size_t)2U, (size_t)1U, size_t i0 = i; - re_as_ntt[i0] = sample_from_binomial_distribution_af0( + re_as_ntt[i0] = sample_from_binomial_distribution_290( Eurydice_array_to_slice((size_t)192U, prf_outputs[i0], uint8_t)); - ntt_binomially_sampled_ring_element_d5(&re_as_ntt[i0]);); + ntt_binomially_sampled_ring_element_7b(&re_as_ntt[i0]);); return domain_separator; } @@ -7287,7 +7303,7 @@ libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics - ETA= 3 - ETA_RANDOMNESS_SIZE= 192 */ -static KRML_MUSTINLINE tuple_74 sample_vector_cbd_then_ntt_out_7f0( +static KRML_MUSTINLINE tuple_74 sample_vector_cbd_then_ntt_out_350( uint8_t prf_input[33U], uint8_t domain_separator) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 re_as_ntt[2U]; KRML_MAYBE_FOR2(i, (size_t)0U, (size_t)2U, (size_t)1U, @@ -7296,7 +7312,7 @@ static KRML_MUSTINLINE tuple_74 sample_vector_cbd_then_ntt_out_7f0( uint8_t uu____1[33U]; memcpy(uu____1, prf_input, (size_t)33U * sizeof(uint8_t)); domain_separator = - sample_vector_cbd_then_ntt_ee0(uu____0, uu____1, domain_separator); + sample_vector_cbd_then_ntt_5f0(uu____0, uu____1, domain_separator); /* Passing arrays by value in Rust generates a copy in C */ libcrux_ml_kem_polynomial_PolynomialRingElement_d2 copy_of_re_as_ntt[2U]; memcpy( @@ -7325,7 +7341,7 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - K= 2 */ -static KRML_MUSTINLINE void add_to_ring_element_d6_b80( +static KRML_MUSTINLINE void add_to_ring_element_d6_860( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *self, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *rhs) { for (size_t i = (size_t)0U; @@ -7348,7 +7364,7 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - K= 2 */ -static KRML_MUSTINLINE void compute_As_plus_e_a20( +static KRML_MUSTINLINE void compute_As_plus_e_910( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *t_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 (*matrix_A)[2U], libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *s_as_ntt, @@ -7375,10 +7391,10 @@ static KRML_MUSTINLINE void compute_As_plus_e_a20( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *matrix_element = &row[j]; libcrux_ml_kem_polynomial_PolynomialRingElement_d2 product = - ntt_multiply_d6_f1(matrix_element, &s_as_ntt[j]); - add_to_ring_element_d6_b80(&t_as_ntt[i0], &product); + ntt_multiply_d6_c4(matrix_element, &s_as_ntt[j]); + add_to_ring_element_d6_860(&t_as_ntt[i0], &product); } - add_standard_error_reduce_d6_a7(&t_as_ntt[i0], &error_as_ntt[i0]); + add_standard_error_reduce_d6_4e(&t_as_ntt[i0], &error_as_ntt[i0]); } } @@ -7432,12 +7448,12 @@ with const generics - ETA1= 3 - ETA1_RANDOMNESS_SIZE= 192 */ -static void generate_keypair_unpacked_810( +static void generate_keypair_unpacked_350( Eurydice_slice key_generation_seed, IndCpaPrivateKeyUnpacked_d6 *private_key, IndCpaPublicKeyUnpacked_d6 *public_key) { uint8_t hashed[64U]; - cpa_keygen_seed_d8_e10(key_generation_seed, hashed); + cpa_keygen_seed_d8_af0(key_generation_seed, hashed); Eurydice_slice_uint8_t_x2 uu____0 = Eurydice_slice_split_at( Eurydice_array_to_slice((size_t)64U, hashed, uint8_t), (size_t)32U, uint8_t, Eurydice_slice_uint8_t_x2); @@ -7447,7 +7463,7 @@ static void generate_keypair_unpacked_810( public_key->A; uint8_t ret[34U]; libcrux_ml_kem_utils_into_padded_array_422(seed_for_A, ret); - sample_matrix_A_340(uu____1, ret, true); + sample_matrix_A_8e0(uu____1, ret, true); uint8_t prf_input[33U]; libcrux_ml_kem_utils_into_padded_array_421(seed_for_secret_and_error, prf_input); @@ -7457,17 +7473,17 @@ static void generate_keypair_unpacked_810( uint8_t copy_of_prf_input0[33U]; memcpy(copy_of_prf_input0, prf_input, (size_t)33U * sizeof(uint8_t)); uint8_t domain_separator = - sample_vector_cbd_then_ntt_ee0(uu____2, copy_of_prf_input0, 0U); + sample_vector_cbd_then_ntt_5f0(uu____2, copy_of_prf_input0, 0U); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_prf_input[33U]; memcpy(copy_of_prf_input, prf_input, (size_t)33U * sizeof(uint8_t)); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 error_as_ntt[2U]; memcpy( error_as_ntt, - sample_vector_cbd_then_ntt_out_7f0(copy_of_prf_input, domain_separator) + sample_vector_cbd_then_ntt_out_350(copy_of_prf_input, domain_separator) .fst, (size_t)2U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); - compute_As_plus_e_a20(public_key->t_as_ntt, public_key->A, + compute_As_plus_e_910(public_key->t_as_ntt, public_key->A, private_key->secret_as_ntt, error_as_ntt); uint8_t uu____5[32U]; core_result_Result_00 dst; @@ -7488,18 +7504,18 @@ with const generics - ETA1= 3 - ETA1_RANDOMNESS_SIZE= 192 */ -static libcrux_ml_kem_utils_extraction_helper_Keypair512 generate_keypair_2f( +static libcrux_ml_kem_utils_extraction_helper_Keypair512 generate_keypair_31( Eurydice_slice key_generation_seed) { - IndCpaPrivateKeyUnpacked_d6 private_key = default_1a_190(); - IndCpaPublicKeyUnpacked_d6 public_key = default_8d_800(); - generate_keypair_unpacked_810(key_generation_seed, &private_key, &public_key); + IndCpaPrivateKeyUnpacked_d6 private_key = default_1a_bf0(); + IndCpaPublicKeyUnpacked_d6 public_key = default_8d_200(); + generate_keypair_unpacked_350(key_generation_seed, &private_key, &public_key); uint8_t public_key_serialized[800U]; - serialize_public_key_020( + serialize_public_key_3b0( public_key.t_as_ntt, Eurydice_array_to_slice((size_t)32U, public_key.seed_for_A, uint8_t), public_key_serialized); uint8_t secret_key_serialized[768U]; - serialize_secret_key_5f0(private_key.secret_as_ntt, secret_key_serialized); + serialize_secret_key_170(private_key.secret_as_ntt, secret_key_serialized); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_secret_key_serialized[768U]; memcpy(copy_of_secret_key_serialized, secret_key_serialized, @@ -7526,7 +7542,7 @@ with const generics - K= 2 - SERIALIZED_KEY_LEN= 1632 */ -static KRML_MUSTINLINE void serialize_kem_secret_key_0a( +static KRML_MUSTINLINE void serialize_kem_secret_key_7a( Eurydice_slice private_key, Eurydice_slice public_key, Eurydice_slice implicit_rejection_value, uint8_t ret[1632U]) { uint8_t out[1632U] = {0U}; @@ -7589,7 +7605,7 @@ with const generics - ETA1= 3 - ETA1_RANDOMNESS_SIZE= 192 */ -libcrux_ml_kem_types_MlKemKeyPair_cb libcrux_ml_kem_ind_cca_generate_keypair_51( +libcrux_ml_kem_types_MlKemKeyPair_cb libcrux_ml_kem_ind_cca_generate_keypair_cb( uint8_t randomness[64U]) { Eurydice_slice ind_cpa_keypair_randomness = Eurydice_array_to_subslice2( randomness, (size_t)0U, @@ -7599,13 +7615,13 @@ libcrux_ml_kem_types_MlKemKeyPair_cb libcrux_ml_kem_ind_cca_generate_keypair_51( LIBCRUX_ML_KEM_CONSTANTS_CPA_PKE_KEY_GENERATION_SEED_SIZE, uint8_t, size_t); libcrux_ml_kem_utils_extraction_helper_Keypair512 uu____0 = - generate_keypair_2f(ind_cpa_keypair_randomness); + generate_keypair_31(ind_cpa_keypair_randomness); uint8_t ind_cpa_private_key[768U]; memcpy(ind_cpa_private_key, uu____0.fst, (size_t)768U * sizeof(uint8_t)); uint8_t public_key[800U]; memcpy(public_key, uu____0.snd, (size_t)800U * sizeof(uint8_t)); uint8_t secret_key_serialized[1632U]; - serialize_kem_secret_key_0a( + serialize_kem_secret_key_7a( Eurydice_array_to_slice((size_t)768U, ind_cpa_private_key, uint8_t), Eurydice_array_to_slice((size_t)800U, public_key, uint8_t), implicit_rejection_value, secret_key_serialized); @@ -7614,13 +7630,13 @@ libcrux_ml_kem_types_MlKemKeyPair_cb libcrux_ml_kem_ind_cca_generate_keypair_51( memcpy(copy_of_secret_key_serialized, secret_key_serialized, (size_t)1632U * sizeof(uint8_t)); libcrux_ml_kem_types_MlKemPrivateKey_5e private_key = - libcrux_ml_kem_types_from_88_2d(copy_of_secret_key_serialized); + libcrux_ml_kem_types_from_88_58(copy_of_secret_key_serialized); libcrux_ml_kem_types_MlKemPrivateKey_5e uu____2 = private_key; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_public_key[800U]; memcpy(copy_of_public_key, public_key, (size_t)800U * sizeof(uint8_t)); - return libcrux_ml_kem_types_from_17_8b( - uu____2, libcrux_ml_kem_types_from_40_60(copy_of_public_key)); + return libcrux_ml_kem_types_from_17_dc( + uu____2, libcrux_ml_kem_types_from_40_cb(copy_of_public_key)); } /** @@ -7633,7 +7649,7 @@ with types libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics - K= 2 */ -static KRML_MUSTINLINE void entropy_preprocess_d8_96(Eurydice_slice randomness, +static KRML_MUSTINLINE void entropy_preprocess_d8_cd(Eurydice_slice randomness, uint8_t ret[32U]) { uint8_t out[32U] = {0U}; Eurydice_slice_copy(Eurydice_array_to_slice((size_t)32U, out, uint8_t), @@ -7651,7 +7667,7 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - PUBLIC_KEY_SIZE= 768 - K= 2 */ -static KRML_MUSTINLINE void deserialize_ring_elements_reduced_8c0( +static KRML_MUSTINLINE void deserialize_ring_elements_reduced_7d0( Eurydice_slice public_key, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *deserialized_pk) { for (size_t i = (size_t)0U; @@ -7665,7 +7681,7 @@ static KRML_MUSTINLINE void deserialize_ring_elements_reduced_8c0( LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT, uint8_t); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 uu____0 = - deserialize_to_reduced_ring_element_1b(ring_element); + deserialize_to_reduced_ring_element_a9(ring_element); deserialized_pk[i0] = uu____0; } } @@ -7728,7 +7744,7 @@ libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics - ETA2= 2 */ static KRML_MUSTINLINE tuple_74 -sample_ring_element_cbd_c60(uint8_t prf_input[33U], uint8_t domain_separator) { +sample_ring_element_cbd_b20(uint8_t prf_input[33U], uint8_t domain_separator) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 error_1[2U]; KRML_MAYBE_FOR2(i, (size_t)0U, (size_t)2U, (size_t)1U, error_1[i] = ZERO_d6_7d();); @@ -7747,7 +7763,7 @@ sample_ring_element_cbd_c60(uint8_t prf_input[33U], uint8_t domain_separator) { KRML_MAYBE_FOR2( i, (size_t)0U, (size_t)2U, (size_t)1U, size_t i0 = i; libcrux_ml_kem_polynomial_PolynomialRingElement_d2 uu____1 = - sample_from_binomial_distribution_af( + sample_from_binomial_distribution_29( Eurydice_array_to_slice((size_t)128U, prf_outputs[i0], uint8_t)); error_1[i0] = uu____1;); /* Passing arrays by value in Rust generates a copy in C */ @@ -7784,18 +7800,18 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - K= 2 */ -static KRML_MUSTINLINE void invert_ntt_montgomery_190( +static KRML_MUSTINLINE void invert_ntt_montgomery_640( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re) { size_t zeta_i = LIBCRUX_ML_KEM_CONSTANTS_COEFFICIENTS_IN_RING_ELEMENT / (size_t)2U; - invert_ntt_at_layer_1_2b(&zeta_i, re); - invert_ntt_at_layer_2_6a(&zeta_i, re); - invert_ntt_at_layer_3_ad(&zeta_i, re); - invert_ntt_at_layer_4_plus_8f(&zeta_i, re, (size_t)4U); - invert_ntt_at_layer_4_plus_8f(&zeta_i, re, (size_t)5U); - invert_ntt_at_layer_4_plus_8f(&zeta_i, re, (size_t)6U); - invert_ntt_at_layer_4_plus_8f(&zeta_i, re, (size_t)7U); - poly_barrett_reduce_d6_2b(re); + invert_ntt_at_layer_1_8c(&zeta_i, re); + invert_ntt_at_layer_2_90(&zeta_i, re); + invert_ntt_at_layer_3_b6(&zeta_i, re); + invert_ntt_at_layer_4_plus_64(&zeta_i, re, (size_t)4U); + invert_ntt_at_layer_4_plus_64(&zeta_i, re, (size_t)5U); + invert_ntt_at_layer_4_plus_64(&zeta_i, re, (size_t)6U); + invert_ntt_at_layer_4_plus_64(&zeta_i, re, (size_t)7U); + poly_barrett_reduce_d6_5c(re); } /** @@ -7807,7 +7823,7 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - K= 2 */ -static KRML_MUSTINLINE void compute_vector_u_ba0( +static KRML_MUSTINLINE void compute_vector_u_a20( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 (*a_as_ntt)[2U], libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *r_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *error_1, @@ -7834,11 +7850,11 @@ static KRML_MUSTINLINE void compute_vector_u_ba0( size_t j = i; libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *a_element = &row[j]; libcrux_ml_kem_polynomial_PolynomialRingElement_d2 product = - ntt_multiply_d6_f1(a_element, &r_as_ntt[j]); - add_to_ring_element_d6_b80(&result[i1], &product); + ntt_multiply_d6_c4(a_element, &r_as_ntt[j]); + add_to_ring_element_d6_860(&result[i1], &product); } - invert_ntt_montgomery_190(&result[i1]); - add_error_reduce_d6_89(&result[i1], &error_1[i1]); + invert_ntt_montgomery_640(&result[i1]); + add_error_reduce_d6_70(&result[i1], &error_1[i1]); } memcpy( ret, result, @@ -7855,7 +7871,7 @@ with const generics - K= 2 */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -compute_ring_element_v_9f0( +compute_ring_element_v_7e0( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *t_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *r_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *error_2, @@ -7863,10 +7879,10 @@ compute_ring_element_v_9f0( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 result = ZERO_d6_7d(); KRML_MAYBE_FOR2(i, (size_t)0U, (size_t)2U, (size_t)1U, size_t i0 = i; libcrux_ml_kem_polynomial_PolynomialRingElement_d2 product = - ntt_multiply_d6_f1(&t_as_ntt[i0], &r_as_ntt[i0]); - add_to_ring_element_d6_b80(&result, &product);); - invert_ntt_montgomery_190(&result); - result = add_message_error_reduce_d6_df(error_2, message, result); + ntt_multiply_d6_c4(&t_as_ntt[i0], &r_as_ntt[i0]); + add_to_ring_element_d6_860(&result, &product);); + invert_ntt_montgomery_640(&result); + result = add_message_error_reduce_d6_55(error_2, message, result); return result; } @@ -7882,7 +7898,7 @@ with const generics - COMPRESSION_FACTOR= 10 - BLOCK_LEN= 320 */ -static void compress_then_serialize_u_0b0( +static void compress_then_serialize_u_590( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 input[2U], Eurydice_slice out) { for (size_t i = (size_t)0U; @@ -7898,7 +7914,7 @@ static void compress_then_serialize_u_0b0( out, i0 * ((size_t)640U / (size_t)2U), (i0 + (size_t)1U) * ((size_t)640U / (size_t)2U), uint8_t); uint8_t ret[320U]; - compress_then_serialize_ring_element_u_880(&re, ret); + compress_then_serialize_ring_element_u_3f0(&re, ret); Eurydice_slice_copy( uu____0, Eurydice_array_to_slice((size_t)320U, ret, uint8_t), uint8_t); } @@ -7962,7 +7978,7 @@ libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -static void encrypt_unpacked_be0(IndCpaPublicKeyUnpacked_d6 *public_key, +static void encrypt_unpacked_9c0(IndCpaPublicKeyUnpacked_d6 *public_key, uint8_t message[32U], Eurydice_slice randomness, uint8_t ret[768U]) { uint8_t prf_input[33U]; @@ -7970,7 +7986,7 @@ static void encrypt_unpacked_be0(IndCpaPublicKeyUnpacked_d6 *public_key, /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_prf_input0[33U]; memcpy(copy_of_prf_input0, prf_input, (size_t)33U * sizeof(uint8_t)); - tuple_74 uu____1 = sample_vector_cbd_then_ntt_out_7f0(copy_of_prf_input0, 0U); + tuple_74 uu____1 = sample_vector_cbd_then_ntt_out_350(copy_of_prf_input0, 0U); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 r_as_ntt[2U]; memcpy( r_as_ntt, uu____1.fst, @@ -7980,7 +7996,7 @@ static void encrypt_unpacked_be0(IndCpaPublicKeyUnpacked_d6 *public_key, uint8_t copy_of_prf_input[33U]; memcpy(copy_of_prf_input, prf_input, (size_t)33U * sizeof(uint8_t)); tuple_74 uu____3 = - sample_ring_element_cbd_c60(copy_of_prf_input, domain_separator0); + sample_ring_element_cbd_b20(copy_of_prf_input, domain_separator0); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 error_1[2U]; memcpy( error_1, uu____3.fst, @@ -7991,28 +8007,28 @@ static void encrypt_unpacked_be0(IndCpaPublicKeyUnpacked_d6 *public_key, PRF_a9_422(Eurydice_array_to_slice((size_t)33U, prf_input, uint8_t), prf_output); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 error_2 = - sample_from_binomial_distribution_af( + sample_from_binomial_distribution_29( Eurydice_array_to_slice((size_t)128U, prf_output, uint8_t)); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 u[2U]; - compute_vector_u_ba0(public_key->A, r_as_ntt, error_1, u); + compute_vector_u_a20(public_key->A, r_as_ntt, error_1, u); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_message[32U]; memcpy(copy_of_message, message, (size_t)32U * sizeof(uint8_t)); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 message_as_ring_element = - deserialize_then_decompress_message_ef(copy_of_message); + deserialize_then_decompress_message_58(copy_of_message); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 v = - compute_ring_element_v_9f0(public_key->t_as_ntt, r_as_ntt, &error_2, + compute_ring_element_v_7e0(public_key->t_as_ntt, r_as_ntt, &error_2, &message_as_ring_element); uint8_t ciphertext[768U] = {0U}; libcrux_ml_kem_polynomial_PolynomialRingElement_d2 uu____5[2U]; memcpy( uu____5, u, (size_t)2U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); - compress_then_serialize_u_0b0( + compress_then_serialize_u_590( uu____5, Eurydice_array_to_subslice2(ciphertext, (size_t)0U, (size_t)640U, uint8_t)); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 uu____6 = v; - compress_then_serialize_ring_element_v_f30( + compress_then_serialize_ring_element_v_b00( uu____6, Eurydice_array_to_subslice_from((size_t)768U, ciphertext, (size_t)640U, uint8_t, size_t)); memcpy(ret, ciphertext, (size_t)768U * sizeof(uint8_t)); @@ -8035,10 +8051,10 @@ libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -static void encrypt_a4(Eurydice_slice public_key, uint8_t message[32U], +static void encrypt_78(Eurydice_slice public_key, uint8_t message[32U], Eurydice_slice randomness, uint8_t ret[768U]) { - IndCpaPublicKeyUnpacked_d6 unpacked_public_key = default_8d_800(); - deserialize_ring_elements_reduced_8c0( + IndCpaPublicKeyUnpacked_d6 unpacked_public_key = default_8d_200(); + deserialize_ring_elements_reduced_7d0( Eurydice_slice_subslice_to(public_key, (size_t)768U, uint8_t, size_t), unpacked_public_key.t_as_ntt); Eurydice_slice seed = @@ -8047,13 +8063,13 @@ static void encrypt_a4(Eurydice_slice public_key, uint8_t message[32U], unpacked_public_key.A; uint8_t ret0[34U]; libcrux_ml_kem_utils_into_padded_array_422(seed, ret0); - sample_matrix_A_340(uu____0, ret0, false); + sample_matrix_A_8e0(uu____0, ret0, false); IndCpaPublicKeyUnpacked_d6 *uu____1 = &unpacked_public_key; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_message[32U]; memcpy(copy_of_message, message, (size_t)32U * sizeof(uint8_t)); uint8_t ret1[768U]; - encrypt_unpacked_be0(uu____1, copy_of_message, randomness, ret1); + encrypt_unpacked_9c0(uu____1, copy_of_message, randomness, ret1); memcpy(ret, ret1, (size_t)768U * sizeof(uint8_t)); } @@ -8068,7 +8084,7 @@ with const generics - K= 2 - CIPHERTEXT_SIZE= 768 */ -static KRML_MUSTINLINE void kdf_d8_e9(Eurydice_slice shared_secret, +static KRML_MUSTINLINE void kdf_d8_48(Eurydice_slice shared_secret, uint8_t ret[32U]) { uint8_t out[32U] = {0U}; Eurydice_slice_copy(Eurydice_array_to_slice((size_t)32U, out, uint8_t), @@ -8095,11 +8111,11 @@ with const generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -tuple_ec libcrux_ml_kem_ind_cca_encapsulate_9c( +tuple_ec libcrux_ml_kem_ind_cca_encapsulate_27( libcrux_ml_kem_types_MlKemPublicKey_be *public_key, uint8_t randomness[32U]) { uint8_t randomness0[32U]; - entropy_preprocess_d8_96( + entropy_preprocess_d8_cd( Eurydice_array_to_slice((size_t)32U, randomness, uint8_t), randomness0); uint8_t to_hash[64U]; libcrux_ml_kem_utils_into_padded_array_42( @@ -8109,7 +8125,7 @@ tuple_ec libcrux_ml_kem_ind_cca_encapsulate_9c( size_t); uint8_t ret[32U]; H_a9_160(Eurydice_array_to_slice( - (size_t)800U, libcrux_ml_kem_types_as_slice_ba_120(public_key), + (size_t)800U, libcrux_ml_kem_types_as_slice_ba_660(public_key), uint8_t), ret); Eurydice_slice_copy( @@ -8123,19 +8139,19 @@ tuple_ec libcrux_ml_kem_ind_cca_encapsulate_9c( Eurydice_slice shared_secret = uu____1.fst; Eurydice_slice pseudorandomness = uu____1.snd; Eurydice_slice uu____2 = Eurydice_array_to_slice( - (size_t)800U, libcrux_ml_kem_types_as_slice_ba_120(public_key), uint8_t); + (size_t)800U, libcrux_ml_kem_types_as_slice_ba_660(public_key), uint8_t); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness0, (size_t)32U * sizeof(uint8_t)); uint8_t ciphertext[768U]; - encrypt_a4(uu____2, copy_of_randomness, pseudorandomness, ciphertext); + encrypt_78(uu____2, copy_of_randomness, pseudorandomness, ciphertext); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_ciphertext[768U]; memcpy(copy_of_ciphertext, ciphertext, (size_t)768U * sizeof(uint8_t)); libcrux_ml_kem_types_MlKemCiphertext_e8 ciphertext0 = - libcrux_ml_kem_types_from_fc_360(copy_of_ciphertext); + libcrux_ml_kem_types_from_fc_0e0(copy_of_ciphertext); uint8_t shared_secret_array[32U]; - kdf_d8_e9(shared_secret, shared_secret_array); + kdf_d8_48(shared_secret, shared_secret_array); libcrux_ml_kem_types_MlKemCiphertext_e8 uu____5 = ciphertext0; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_shared_secret_array[32U]; @@ -8156,7 +8172,7 @@ with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - K= 2 */ -static KRML_MUSTINLINE void deserialize_secret_key_c5( +static KRML_MUSTINLINE void deserialize_secret_key_ee( Eurydice_slice secret_key, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 ret[2U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 secret_as_ntt[2U]; @@ -8173,7 +8189,7 @@ static KRML_MUSTINLINE void deserialize_secret_key_c5( LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT, uint8_t); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 uu____0 = - deserialize_to_uncompressed_ring_element_71(secret_bytes); + deserialize_to_uncompressed_ring_element_ff(secret_bytes); secret_as_ntt[i0] = uu____0; } memcpy( @@ -8193,7 +8209,7 @@ with const generics - CIPHERTEXT_SIZE= 768 - U_COMPRESSION_FACTOR= 10 */ -static KRML_MUSTINLINE void deserialize_then_decompress_u_9d0( +static KRML_MUSTINLINE void deserialize_then_decompress_u_020( uint8_t *ciphertext, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 ret[2U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 u_as_ntt[2U]; @@ -8216,8 +8232,8 @@ static KRML_MUSTINLINE void deserialize_then_decompress_u_9d0( LIBCRUX_ML_KEM_CONSTANTS_COEFFICIENTS_IN_RING_ELEMENT * (size_t)10U / (size_t)8U, uint8_t); - u_as_ntt[i0] = deserialize_then_decompress_ring_element_u_f90(u_bytes); - ntt_vector_u_9b0(&u_as_ntt[i0]); + u_as_ntt[i0] = deserialize_then_decompress_ring_element_u_740(u_bytes); + ntt_vector_u_4c0(&u_as_ntt[i0]); } memcpy( ret, u_as_ntt, @@ -8237,17 +8253,17 @@ with const generics - K= 2 */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -compute_message_6a0( +compute_message_310( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *v, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *secret_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *u_as_ntt) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 result = ZERO_d6_7d(); KRML_MAYBE_FOR2(i, (size_t)0U, (size_t)2U, (size_t)1U, size_t i0 = i; libcrux_ml_kem_polynomial_PolynomialRingElement_d2 product = - ntt_multiply_d6_f1(&secret_as_ntt[i0], &u_as_ntt[i0]); - add_to_ring_element_d6_b80(&result, &product);); - invert_ntt_montgomery_190(&result); - result = subtract_reduce_d6_4a(v, result); + ntt_multiply_d6_c4(&secret_as_ntt[i0], &u_as_ntt[i0]); + add_to_ring_element_d6_860(&result, &product);); + invert_ntt_montgomery_640(&result); + result = subtract_reduce_d6_8a(v, result); return result; } @@ -8285,18 +8301,18 @@ with const generics - U_COMPRESSION_FACTOR= 10 - V_COMPRESSION_FACTOR= 4 */ -static void decrypt_unpacked_670(IndCpaPrivateKeyUnpacked_d6 *secret_key, +static void decrypt_unpacked_d20(IndCpaPrivateKeyUnpacked_d6 *secret_key, uint8_t *ciphertext, uint8_t ret[32U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 u_as_ntt[2U]; - deserialize_then_decompress_u_9d0(ciphertext, u_as_ntt); + deserialize_then_decompress_u_020(ciphertext, u_as_ntt); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 v = - deserialize_then_decompress_ring_element_v_590( + deserialize_then_decompress_ring_element_v_ac0( Eurydice_array_to_subslice_from((size_t)768U, ciphertext, (size_t)640U, uint8_t, size_t)); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 message = - compute_message_6a0(&v, secret_key->secret_as_ntt, u_as_ntt); + compute_message_310(&v, secret_key->secret_as_ntt, u_as_ntt); uint8_t ret0[32U]; - compress_then_serialize_message_53(message, ret0); + compress_then_serialize_message_34(message, ret0); memcpy(ret, ret0, (size_t)32U * sizeof(uint8_t)); } @@ -8310,10 +8326,10 @@ with const generics - U_COMPRESSION_FACTOR= 10 - V_COMPRESSION_FACTOR= 4 */ -static void decrypt_3d(Eurydice_slice secret_key, uint8_t *ciphertext, +static void decrypt_61(Eurydice_slice secret_key, uint8_t *ciphertext, uint8_t ret[32U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 secret_as_ntt[2U]; - deserialize_secret_key_c5(secret_key, secret_as_ntt); + deserialize_secret_key_ee(secret_key, secret_as_ntt); /* Passing arrays by value in Rust generates a copy in C */ libcrux_ml_kem_polynomial_PolynomialRingElement_d2 copy_of_secret_as_ntt[2U]; memcpy( @@ -8324,7 +8340,7 @@ static void decrypt_3d(Eurydice_slice secret_key, uint8_t *ciphertext, secret_key_unpacked.secret_as_ntt, copy_of_secret_as_ntt, (size_t)2U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); uint8_t ret0[32U]; - decrypt_unpacked_670(&secret_key_unpacked, ciphertext, ret0); + decrypt_unpacked_d20(&secret_key_unpacked, ciphertext, ret0); memcpy(ret, ret0, (size_t)32U * sizeof(uint8_t)); } @@ -8364,7 +8380,7 @@ with const generics - ETA2_RANDOMNESS_SIZE= 128 - IMPLICIT_REJECTION_HASH_INPUT_SIZE= 800 */ -void libcrux_ml_kem_ind_cca_decapsulate_97( +void libcrux_ml_kem_ind_cca_decapsulate_06( libcrux_ml_kem_types_MlKemPrivateKey_5e *private_key, libcrux_ml_kem_types_MlKemCiphertext_e8 *ciphertext, uint8_t ret[32U]) { Eurydice_slice_uint8_t_x2 uu____0 = Eurydice_slice_split_at( @@ -8382,7 +8398,7 @@ void libcrux_ml_kem_ind_cca_decapsulate_97( Eurydice_slice ind_cpa_public_key_hash = uu____2.fst; Eurydice_slice implicit_rejection_value = uu____2.snd; uint8_t decrypted[32U]; - decrypt_3d(ind_cpa_secret_key, ciphertext->value, decrypted); + decrypt_61(ind_cpa_secret_key, ciphertext->value, decrypted); uint8_t to_hash0[64U]; libcrux_ml_kem_utils_into_padded_array_42( Eurydice_array_to_slice((size_t)32U, decrypted, uint8_t), to_hash0); @@ -8404,7 +8420,7 @@ void libcrux_ml_kem_ind_cca_decapsulate_97( Eurydice_slice uu____4 = Eurydice_array_to_subslice_from( (size_t)800U, to_hash, LIBCRUX_ML_KEM_CONSTANTS_SHARED_SECRET_SIZE, uint8_t, size_t); - Eurydice_slice_copy(uu____4, libcrux_ml_kem_types_as_ref_fd_ed0(ciphertext), + Eurydice_slice_copy(uu____4, libcrux_ml_kem_types_as_ref_fd_f70(ciphertext), uint8_t); uint8_t implicit_rejection_shared_secret0[32U]; PRF_a9_421(Eurydice_array_to_slice((size_t)800U, to_hash, uint8_t), @@ -8414,16 +8430,16 @@ void libcrux_ml_kem_ind_cca_decapsulate_97( uint8_t copy_of_decrypted[32U]; memcpy(copy_of_decrypted, decrypted, (size_t)32U * sizeof(uint8_t)); uint8_t expected_ciphertext[768U]; - encrypt_a4(uu____5, copy_of_decrypted, pseudorandomness, expected_ciphertext); + encrypt_78(uu____5, copy_of_decrypted, pseudorandomness, expected_ciphertext); uint8_t implicit_rejection_shared_secret[32U]; - kdf_d8_e9(Eurydice_array_to_slice((size_t)32U, + kdf_d8_48(Eurydice_array_to_slice((size_t)32U, implicit_rejection_shared_secret0, uint8_t), implicit_rejection_shared_secret); uint8_t shared_secret[32U]; - kdf_d8_e9(shared_secret0, shared_secret); + kdf_d8_48(shared_secret0, shared_secret); uint8_t ret0[32U]; libcrux_ml_kem_constant_time_ops_compare_ciphertexts_select_shared_secret_in_constant_time( - libcrux_ml_kem_types_as_ref_fd_ed0(ciphertext), + libcrux_ml_kem_types_as_ref_fd_f70(ciphertext), Eurydice_array_to_slice((size_t)768U, expected_ciphertext, uint8_t), Eurydice_array_to_slice((size_t)32U, shared_secret, uint8_t), Eurydice_array_to_slice((size_t)32U, implicit_rejection_shared_secret, diff --git a/libcrux-ml-kem/c/libcrux_mlkem_avx2.h b/libcrux-ml-kem/c/libcrux_mlkem_avx2.h index a8c841e7e..fb244e396 100644 --- a/libcrux-ml-kem/c/libcrux_mlkem_avx2.h +++ b/libcrux-ml-kem/c/libcrux_mlkem_avx2.h @@ -8,7 +8,7 @@ * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 * F*: 5643e656b989aca7629723653a2570c7df6252b9-dirty - * Libcrux: 97f7cefe14dabf275e4671ffea87e032d7779b71 + * Libcrux: 49c07712f755745796ce294c5267a1945b9e9b6b */ #ifndef __libcrux_mlkem_avx2_H @@ -54,6 +54,18 @@ libcrux_ml_kem::vector::avx2::SIMD256Vector)} */ void libcrux_ml_kem_vector_avx2_to_i16_array_ea(__m256i x, int16_t ret[16U]); +/** +This function found in impl {(libcrux_ml_kem::vector::traits::Operations for +libcrux_ml_kem::vector::avx2::SIMD256Vector)} +*/ +void libcrux_ml_kem_vector_avx2_to_bytes_ea(__m256i x, Eurydice_slice out); + +/** +This function found in impl {(libcrux_ml_kem::vector::traits::Operations for +libcrux_ml_kem::vector::avx2::SIMD256Vector)} +*/ +__m256i libcrux_ml_kem_vector_avx2_from_bytes_ea(Eurydice_slice bytes); + __m256i libcrux_ml_kem_vector_avx2_arithmetic_add(__m256i lhs, __m256i rhs); /** diff --git a/libcrux-ml-kem/c/libcrux_mlkem_portable.c b/libcrux-ml-kem/c/libcrux_mlkem_portable.c index 479c57de3..fce6018f2 100644 --- a/libcrux-ml-kem/c/libcrux_mlkem_portable.c +++ b/libcrux-ml-kem/c/libcrux_mlkem_portable.c @@ -8,7 +8,7 @@ * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 * F*: 5643e656b989aca7629723653a2570c7df6252b9-dirty - * Libcrux: 97f7cefe14dabf275e4671ffea87e032d7779b71 + * Libcrux: 49c07712f755745796ce294c5267a1945b9e9b6b */ #include "internal/libcrux_mlkem_portable.h" @@ -869,6 +869,61 @@ libcrux_ml_kem_vector_portable_ZERO_0d(void) { return libcrux_ml_kem_vector_portable_vector_type_zero(); } +KRML_MUSTINLINE void libcrux_ml_kem_vector_portable_i16_to_be_bytes( + int16_t x, uint8_t ret[2U]) { + ret[0U] = (uint8_t)(x >> 8U); + ret[1U] = (uint8_t)(x & (int16_t)255); +} + +/** +This function found in impl {(libcrux_ml_kem::vector::traits::Operations for +libcrux_ml_kem::vector::portable::vector_type::PortableVector)} +*/ +void libcrux_ml_kem_vector_portable_to_bytes_0d( + libcrux_ml_kem_vector_portable_vector_type_PortableVector x, + Eurydice_slice out) { + size_t p = (size_t)0U; + for (size_t i = (size_t)0U; + i < + Eurydice_slice_len( + Eurydice_array_to_slice((size_t)16U, x.elements, int16_t), int16_t); + i++) { + size_t i0 = i; + Eurydice_slice uu____0 = + Eurydice_slice_subslice2(out, p, p + (size_t)2U, uint8_t); + uint8_t ret[2U]; + libcrux_ml_kem_vector_portable_i16_to_be_bytes(x.elements[i0], ret); + Eurydice_slice_copy( + uu____0, Eurydice_array_to_slice((size_t)2U, ret, uint8_t), uint8_t); + p = p + (size_t)2U; + } +} + +KRML_MUSTINLINE int16_t +libcrux_ml_kem_vector_portable_bytes_to_i16(Eurydice_slice bytes) { + return (int16_t)Eurydice_slice_index(bytes, (size_t)0U, uint8_t, uint8_t *) + << 8U | + (int16_t)Eurydice_slice_index(bytes, (size_t)1U, uint8_t, uint8_t *); +} + +/** +This function found in impl {(libcrux_ml_kem::vector::traits::Operations for +libcrux_ml_kem::vector::portable::vector_type::PortableVector)} +*/ +libcrux_ml_kem_vector_portable_vector_type_PortableVector +libcrux_ml_kem_vector_portable_from_bytes_0d(Eurydice_slice bytes) { + libcrux_ml_kem_vector_portable_vector_type_PortableVector out = + libcrux_ml_kem_vector_portable_vector_type_zero(); + for (size_t i = (size_t)0U; + i < Eurydice_slice_len(bytes, uint8_t) / (size_t)2U; i++) { + size_t i0 = i; + Eurydice_slice chunk = Eurydice_slice_subslice2( + bytes, i0 * (size_t)2U, i0 * (size_t)2U + (size_t)2U, uint8_t); + out.elements[i0] = libcrux_ml_kem_vector_portable_bytes_to_i16(chunk); + } + return out; +} + KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector libcrux_ml_kem_vector_portable_arithmetic_add( libcrux_ml_kem_vector_portable_vector_type_PortableVector lhs, @@ -2276,7 +2331,7 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -deserialize_to_reduced_ring_element_f6(Eurydice_slice serialized) { +deserialize_to_reduced_ring_element_52(Eurydice_slice serialized) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re = ZERO_d6_19(); for (size_t i = (size_t)0U; i < Eurydice_slice_len(serialized, uint8_t) / (size_t)24U; i++) { @@ -2302,7 +2357,7 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - PUBLIC_KEY_SIZE= 1568 - K= 4 */ -static KRML_MUSTINLINE void deserialize_ring_elements_reduced_1b4( +static KRML_MUSTINLINE void deserialize_ring_elements_reduced_234( Eurydice_slice public_key, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *deserialized_pk) { for (size_t i = (size_t)0U; @@ -2316,7 +2371,7 @@ static KRML_MUSTINLINE void deserialize_ring_elements_reduced_1b4( LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT, uint8_t); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 uu____0 = - deserialize_to_reduced_ring_element_f6(ring_element); + deserialize_to_reduced_ring_element_52(ring_element); deserialized_pk[i0] = uu____0; } } @@ -2334,13 +2389,13 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - PUBLIC_KEY_SIZE= 1568 - K= 4 */ -static KRML_MUSTINLINE void deserialize_ring_elements_reduced_out_6b1( +static KRML_MUSTINLINE void deserialize_ring_elements_reduced_out_841( Eurydice_slice public_key, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 ret[4U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 deserialized_pk[4U]; KRML_MAYBE_FOR4(i, (size_t)0U, (size_t)4U, (size_t)1U, deserialized_pk[i] = ZERO_d6_19();); - deserialize_ring_elements_reduced_1b4(public_key, deserialized_pk); + deserialize_ring_elements_reduced_234(public_key, deserialized_pk); memcpy( ret, deserialized_pk, (size_t)4U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); @@ -2352,7 +2407,7 @@ with const generics - SHIFT_BY= 15 */ static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector -shift_right_7d(libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { +shift_right_1d(libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_ELEMENTS_IN_VECTOR; i++) { size_t i0 = i; @@ -2371,8 +2426,8 @@ with const generics - SHIFT_BY= 15 */ static libcrux_ml_kem_vector_portable_vector_type_PortableVector -shift_right_0d_46(libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { - return shift_right_7d(v); +shift_right_0d_5f(libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { + return shift_right_1d(v); } /** @@ -2382,10 +2437,10 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ static libcrux_ml_kem_vector_portable_vector_type_PortableVector -to_unsigned_representative_08( +to_unsigned_representative_13( libcrux_ml_kem_vector_portable_vector_type_PortableVector a) { libcrux_ml_kem_vector_portable_vector_type_PortableVector t = - shift_right_0d_46(a); + shift_right_0d_5f(a); libcrux_ml_kem_vector_portable_vector_type_PortableVector fm = libcrux_ml_kem_vector_portable_bitwise_and_with_constant_0d( t, LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_MODULUS); @@ -2398,14 +2453,14 @@ libcrux_ml_kem.serialize.serialize_uncompressed_ring_element with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static KRML_MUSTINLINE void serialize_uncompressed_ring_element_16( +static KRML_MUSTINLINE void serialize_uncompressed_ring_element_81( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re, uint8_t ret[384U]) { uint8_t serialized[384U] = {0U}; for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { size_t i0 = i; libcrux_ml_kem_vector_portable_vector_type_PortableVector coefficient = - to_unsigned_representative_08(re->coefficients[i0]); + to_unsigned_representative_13(re->coefficients[i0]); uint8_t bytes[24U]; libcrux_ml_kem_vector_portable_serialize_12_0d(coefficient, bytes); Eurydice_slice uu____0 = Eurydice_array_to_subslice2( @@ -2426,7 +2481,7 @@ with const generics - K= 4 - OUT_LEN= 1536 */ -static KRML_MUSTINLINE void serialize_secret_key_8c( +static KRML_MUSTINLINE void serialize_secret_key_f2( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *key, uint8_t ret[1536U]) { uint8_t out[1536U] = {0U}; @@ -2444,7 +2499,7 @@ static KRML_MUSTINLINE void serialize_secret_key_8c( (i0 + (size_t)1U) * LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT, uint8_t); uint8_t ret0[384U]; - serialize_uncompressed_ring_element_16(&re, ret0); + serialize_uncompressed_ring_element_81(&re, ret0); Eurydice_slice_copy( uu____0, Eurydice_array_to_slice((size_t)384U, ret0, uint8_t), uint8_t); } @@ -2462,13 +2517,13 @@ with const generics - RANKED_BYTES_PER_RING_ELEMENT= 1536 - PUBLIC_KEY_SIZE= 1568 */ -static KRML_MUSTINLINE void serialize_public_key_mut_46( +static KRML_MUSTINLINE void serialize_public_key_mut_98( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *t_as_ntt, Eurydice_slice seed_for_a, uint8_t *serialized) { Eurydice_slice uu____0 = Eurydice_array_to_subslice2(serialized, (size_t)0U, (size_t)1536U, uint8_t); uint8_t ret[1536U]; - serialize_secret_key_8c(t_as_ntt, ret); + serialize_secret_key_f2(t_as_ntt, ret); Eurydice_slice_copy( uu____0, Eurydice_array_to_slice((size_t)1536U, ret, uint8_t), uint8_t); Eurydice_slice_copy( @@ -2488,11 +2543,11 @@ with const generics - RANKED_BYTES_PER_RING_ELEMENT= 1536 - PUBLIC_KEY_SIZE= 1568 */ -static KRML_MUSTINLINE void serialize_public_key_eb( +static KRML_MUSTINLINE void serialize_public_key_cf( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *t_as_ntt, Eurydice_slice seed_for_a, uint8_t ret[1568U]) { uint8_t public_key_serialized[1568U] = {0U}; - serialize_public_key_mut_46(t_as_ntt, seed_for_a, public_key_serialized); + serialize_public_key_mut_98(t_as_ntt, seed_for_a, public_key_serialized); memcpy(ret, public_key_serialized, (size_t)1568U * sizeof(uint8_t)); } @@ -2511,15 +2566,15 @@ with const generics - RANKED_BYTES_PER_RING_ELEMENT= 1536 - PUBLIC_KEY_SIZE= 1568 */ -bool libcrux_ml_kem_ind_cca_validate_public_key_951(uint8_t *public_key) { +bool libcrux_ml_kem_ind_cca_validate_public_key_831(uint8_t *public_key) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 deserialized_pk[4U]; - deserialize_ring_elements_reduced_out_6b1( + deserialize_ring_elements_reduced_out_841( Eurydice_array_to_subslice_to((size_t)1568U, public_key, (size_t)1536U, uint8_t, size_t), deserialized_pk); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *uu____0 = deserialized_pk; uint8_t public_key_serialized[1568U]; - serialize_public_key_eb( + serialize_public_key_cf( uu____0, Eurydice_array_to_subslice_from((size_t)1568U, public_key, (size_t)1536U, uint8_t, size_t), @@ -2556,7 +2611,7 @@ with const generics - SECRET_KEY_SIZE= 3168 - CIPHERTEXT_SIZE= 1568 */ -bool libcrux_ml_kem_ind_cca_validate_private_key_0f( +bool libcrux_ml_kem_ind_cca_validate_private_key_b4( libcrux_ml_kem_types_MlKemPrivateKey_95 *private_key, libcrux_ml_kem_types_MlKemCiphertext_1f *_ciphertext) { uint8_t t[32U]; @@ -2592,7 +2647,7 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 4 */ -static IndCpaPrivateKeyUnpacked_42 default_1a_a3(void) { +static IndCpaPrivateKeyUnpacked_42 default_1a_cf(void) { IndCpaPrivateKeyUnpacked_42 lit; lit.secret_as_ntt[0U] = ZERO_d6_19(); lit.secret_as_ntt[1U] = ZERO_d6_19(); @@ -2624,7 +2679,7 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 4 */ -static IndCpaPublicKeyUnpacked_42 default_8d_6b(void) { +static IndCpaPublicKeyUnpacked_42 default_8d_b3(void) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 uu____0[4U]; KRML_MAYBE_FOR4(i, (size_t)0U, (size_t)4U, (size_t)1U, uu____0[i] = ZERO_d6_19();); @@ -2676,7 +2731,7 @@ with types libcrux_ml_kem_hash_functions_portable_PortableHash[[$4size_t]] with const generics - K= 4 */ -static KRML_MUSTINLINE void cpa_keygen_seed_d8_b7( +static KRML_MUSTINLINE void cpa_keygen_seed_d8_92( Eurydice_slice key_generation_seed, uint8_t ret[64U]) { uint8_t seed[33U] = {0U}; Eurydice_slice_copy( @@ -2824,7 +2879,7 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 4 - N= 504 */ -static KRML_MUSTINLINE bool sample_from_uniform_distribution_next_fb( +static KRML_MUSTINLINE bool sample_from_uniform_distribution_next_95( uint8_t randomness[4U][504U], size_t *sampled_coefficients, int16_t (*out)[272U]) { KRML_MAYBE_FOR4( @@ -2936,7 +2991,7 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 4 - N= 168 */ -static KRML_MUSTINLINE bool sample_from_uniform_distribution_next_fb0( +static KRML_MUSTINLINE bool sample_from_uniform_distribution_next_950( uint8_t randomness[4U][168U], size_t *sampled_coefficients, int16_t (*out)[272U]) { KRML_MAYBE_FOR4( @@ -2980,7 +3035,7 @@ with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -from_i16_array_d6_bb(Eurydice_slice a) { +from_i16_array_d6_ae(Eurydice_slice a) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 result = ZERO_d6_19(); for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { @@ -3001,9 +3056,9 @@ libcrux_ml_kem_hash_functions_portable_PortableHash[[$4size_t]] with const generics - K= 4 */ -static libcrux_ml_kem_polynomial_PolynomialRingElement_f0 closure_ba( +static libcrux_ml_kem_polynomial_PolynomialRingElement_f0 closure_78( int16_t s[272U]) { - return from_i16_array_d6_bb( + return from_i16_array_d6_ae( Eurydice_array_to_subslice2(s, (size_t)0U, (size_t)256U, int16_t)); } @@ -3014,7 +3069,7 @@ libcrux_ml_kem_hash_functions_portable_PortableHash[[$4size_t]] with const generics - K= 4 */ -static KRML_MUSTINLINE void sample_from_xof_49( +static KRML_MUSTINLINE void sample_from_xof_c7( uint8_t seeds[4U][34U], libcrux_ml_kem_polynomial_PolynomialRingElement_f0 ret[4U]) { size_t sampled_coefficients[4U] = {0U}; @@ -3028,7 +3083,7 @@ static KRML_MUSTINLINE void sample_from_xof_49( /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness0[4U][504U]; memcpy(copy_of_randomness0, randomness0, (size_t)4U * sizeof(uint8_t[504U])); - bool done = sample_from_uniform_distribution_next_fb( + bool done = sample_from_uniform_distribution_next_95( copy_of_randomness0, sampled_coefficients, out); while (true) { if (done) { @@ -3040,7 +3095,7 @@ static KRML_MUSTINLINE void sample_from_xof_49( uint8_t copy_of_randomness[4U][168U]; memcpy(copy_of_randomness, randomness, (size_t)4U * sizeof(uint8_t[168U])); - done = sample_from_uniform_distribution_next_fb0( + done = sample_from_uniform_distribution_next_950( copy_of_randomness, sampled_coefficients, out); } } @@ -3049,7 +3104,7 @@ static KRML_MUSTINLINE void sample_from_xof_49( memcpy(copy_of_out, out, (size_t)4U * sizeof(int16_t[272U])); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 ret0[4U]; KRML_MAYBE_FOR4(i, (size_t)0U, (size_t)4U, (size_t)1U, - ret0[i] = closure_ba(copy_of_out[i]);); + ret0[i] = closure_78(copy_of_out[i]);); memcpy( ret, ret0, (size_t)4U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); @@ -3062,7 +3117,7 @@ libcrux_ml_kem_hash_functions_portable_PortableHash[[$4size_t]] with const generics - K= 4 */ -static KRML_MUSTINLINE void sample_matrix_A_ae( +static KRML_MUSTINLINE void sample_matrix_A_96( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 (*A_transpose)[4U], uint8_t seed[34U], bool transpose) { KRML_MAYBE_FOR4( @@ -3079,7 +3134,7 @@ static KRML_MUSTINLINE void sample_matrix_A_ae( uint8_t copy_of_seeds[4U][34U]; memcpy(copy_of_seeds, seeds, (size_t)4U * sizeof(uint8_t[34U])); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 sampled[4U]; - sample_from_xof_49(copy_of_seeds, sampled); + sample_from_xof_c7(copy_of_seeds, sampled); for (size_t i = (size_t)0U; i < Eurydice_slice_len( Eurydice_array_to_slice( @@ -3187,7 +3242,7 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -sample_from_binomial_distribution_2_d1(Eurydice_slice randomness) { +sample_from_binomial_distribution_2_31(Eurydice_slice randomness) { int16_t sampled_i16s[256U] = {0U}; for (size_t i0 = (size_t)0U; i0 < Eurydice_slice_len(randomness, uint8_t) / (size_t)4U; i0++) { @@ -3221,7 +3276,7 @@ sample_from_binomial_distribution_2_d1(Eurydice_slice randomness) { sampled_i16s[(size_t)8U * chunk_number + offset] = outcome_1 - outcome_2; } } - return from_i16_array_d6_bb( + return from_i16_array_d6_ae( Eurydice_array_to_slice((size_t)256U, sampled_i16s, int16_t)); } @@ -3232,7 +3287,7 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -sample_from_binomial_distribution_3_a6(Eurydice_slice randomness) { +sample_from_binomial_distribution_3_6b(Eurydice_slice randomness) { int16_t sampled_i16s[256U] = {0U}; for (size_t i0 = (size_t)0U; i0 < Eurydice_slice_len(randomness, uint8_t) / (size_t)3U; i0++) { @@ -3265,7 +3320,7 @@ sample_from_binomial_distribution_3_a6(Eurydice_slice randomness) { sampled_i16s[(size_t)4U * chunk_number + offset] = outcome_1 - outcome_2; } } - return from_i16_array_d6_bb( + return from_i16_array_d6_ae( Eurydice_array_to_slice((size_t)256U, sampled_i16s, int16_t)); } @@ -3276,8 +3331,8 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - ETA= 2 */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -sample_from_binomial_distribution_dd(Eurydice_slice randomness) { - return sample_from_binomial_distribution_2_d1(randomness); +sample_from_binomial_distribution_56(Eurydice_slice randomness) { + return sample_from_binomial_distribution_2_31(randomness); } /** @@ -3286,7 +3341,7 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static KRML_MUSTINLINE void ntt_at_layer_7_98( +static KRML_MUSTINLINE void ntt_at_layer_7_93( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re) { size_t step = LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT / (size_t)2U; for (size_t i = (size_t)0U; i < step; i++) { @@ -3314,7 +3369,7 @@ with const generics */ static libcrux_ml_kem_vector_portable_vector_type_PortableVector -montgomery_multiply_fe_2c( +montgomery_multiply_fe_44( libcrux_ml_kem_vector_portable_vector_type_PortableVector v, int16_t fer) { return libcrux_ml_kem_vector_portable_montgomery_multiply_by_constant_0d(v, fer); @@ -3328,12 +3383,12 @@ with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector_x2 - ntt_layer_int_vec_step_02( + ntt_layer_int_vec_step_2b( libcrux_ml_kem_vector_portable_vector_type_PortableVector a, libcrux_ml_kem_vector_portable_vector_type_PortableVector b, int16_t zeta_r) { libcrux_ml_kem_vector_portable_vector_type_PortableVector t = - montgomery_multiply_fe_2c(b, zeta_r); + montgomery_multiply_fe_44(b, zeta_r); b = libcrux_ml_kem_vector_portable_sub_0d(a, &t); a = libcrux_ml_kem_vector_portable_add_0d(a, &t); return ( @@ -3347,7 +3402,7 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static KRML_MUSTINLINE void ntt_at_layer_4_plus_35( +static KRML_MUSTINLINE void ntt_at_layer_4_plus_6b( size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re, size_t layer) { size_t step = (size_t)1U << (uint32_t)layer; @@ -3360,7 +3415,7 @@ static KRML_MUSTINLINE void ntt_at_layer_4_plus_35( for (size_t i = offset_vec; i < offset_vec + step_vec; i++) { size_t j = i; libcrux_ml_kem_vector_portable_vector_type_PortableVector_x2 uu____0 = - ntt_layer_int_vec_step_02( + ntt_layer_int_vec_step_2b( re->coefficients[j], re->coefficients[j + step_vec], libcrux_ml_kem_polynomial_ZETAS_TIMES_MONTGOMERY_R[zeta_i[0U]]); libcrux_ml_kem_vector_portable_vector_type_PortableVector x = uu____0.fst; @@ -3377,7 +3432,7 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static KRML_MUSTINLINE void ntt_at_layer_3_e9( +static KRML_MUSTINLINE void ntt_at_layer_3_5c( size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re) { KRML_MAYBE_FOR16( i, (size_t)0U, (size_t)16U, (size_t)1U, size_t round = i; @@ -3395,7 +3450,7 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static KRML_MUSTINLINE void ntt_at_layer_2_34( +static KRML_MUSTINLINE void ntt_at_layer_2_a1( size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re) { KRML_MAYBE_FOR16( i, (size_t)0U, (size_t)16U, (size_t)1U, size_t round = i; @@ -3415,7 +3470,7 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static KRML_MUSTINLINE void ntt_at_layer_1_bd( +static KRML_MUSTINLINE void ntt_at_layer_1_4c( size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re) { KRML_MAYBE_FOR16( i, (size_t)0U, (size_t)16U, (size_t)1U, size_t round = i; @@ -3444,7 +3499,7 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static KRML_MUSTINLINE void poly_barrett_reduce_d6_a9( +static KRML_MUSTINLINE void poly_barrett_reduce_d6_b3( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *self) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { @@ -3462,17 +3517,17 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static KRML_MUSTINLINE void ntt_binomially_sampled_ring_element_fb( +static KRML_MUSTINLINE void ntt_binomially_sampled_ring_element_d9( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re) { - ntt_at_layer_7_98(re); + ntt_at_layer_7_93(re); size_t zeta_i = (size_t)1U; - ntt_at_layer_4_plus_35(&zeta_i, re, (size_t)6U); - ntt_at_layer_4_plus_35(&zeta_i, re, (size_t)5U); - ntt_at_layer_4_plus_35(&zeta_i, re, (size_t)4U); - ntt_at_layer_3_e9(&zeta_i, re); - ntt_at_layer_2_34(&zeta_i, re); - ntt_at_layer_1_bd(&zeta_i, re); - poly_barrett_reduce_d6_a9(re); + ntt_at_layer_4_plus_6b(&zeta_i, re, (size_t)6U); + ntt_at_layer_4_plus_6b(&zeta_i, re, (size_t)5U); + ntt_at_layer_4_plus_6b(&zeta_i, re, (size_t)4U); + ntt_at_layer_3_5c(&zeta_i, re); + ntt_at_layer_2_a1(&zeta_i, re); + ntt_at_layer_1_4c(&zeta_i, re); + poly_barrett_reduce_d6_b3(re); } /** @@ -3488,7 +3543,7 @@ generics - ETA= 2 - ETA_RANDOMNESS_SIZE= 128 */ -static KRML_MUSTINLINE uint8_t sample_vector_cbd_then_ntt_83( +static KRML_MUSTINLINE uint8_t sample_vector_cbd_then_ntt_dd( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re_as_ntt, uint8_t prf_input[33U], uint8_t domain_separator) { /* Passing arrays by value in Rust generates a copy in C */ @@ -3505,9 +3560,9 @@ static KRML_MUSTINLINE uint8_t sample_vector_cbd_then_ntt_83( PRFxN_f1_9f(prf_inputs, prf_outputs); KRML_MAYBE_FOR4( i, (size_t)0U, (size_t)4U, (size_t)1U, size_t i0 = i; - re_as_ntt[i0] = sample_from_binomial_distribution_dd( + re_as_ntt[i0] = sample_from_binomial_distribution_56( Eurydice_array_to_slice((size_t)128U, prf_outputs[i0], uint8_t)); - ntt_binomially_sampled_ring_element_fb(&re_as_ntt[i0]);); + ntt_binomially_sampled_ring_element_d9(&re_as_ntt[i0]);); return domain_separator; } @@ -3531,7 +3586,7 @@ generics - ETA= 2 - ETA_RANDOMNESS_SIZE= 128 */ -static KRML_MUSTINLINE tuple_710 sample_vector_cbd_then_ntt_out_86( +static KRML_MUSTINLINE tuple_710 sample_vector_cbd_then_ntt_out_07( uint8_t prf_input[33U], uint8_t domain_separator) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re_as_ntt[4U]; KRML_MAYBE_FOR4(i, (size_t)0U, (size_t)4U, (size_t)1U, @@ -3540,7 +3595,7 @@ static KRML_MUSTINLINE tuple_710 sample_vector_cbd_then_ntt_out_86( uint8_t uu____1[33U]; memcpy(uu____1, prf_input, (size_t)33U * sizeof(uint8_t)); domain_separator = - sample_vector_cbd_then_ntt_83(uu____0, uu____1, domain_separator); + sample_vector_cbd_then_ntt_dd(uu____0, uu____1, domain_separator); /* Passing arrays by value in Rust generates a copy in C */ libcrux_ml_kem_polynomial_PolynomialRingElement_f0 copy_of_re_as_ntt[4U]; memcpy( @@ -3593,7 +3648,7 @@ with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -ntt_multiply_d6_27(libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *self, +ntt_multiply_d6_8f(libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *self, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *rhs) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 out = ZERO_d6_19(); for (size_t i = (size_t)0U; @@ -3633,7 +3688,7 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 4 */ -static KRML_MUSTINLINE void add_to_ring_element_d6_5d( +static KRML_MUSTINLINE void add_to_ring_element_d6_65( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *self, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *rhs) { for (size_t i = (size_t)0U; @@ -3658,7 +3713,7 @@ with const generics */ static libcrux_ml_kem_vector_portable_vector_type_PortableVector -to_standard_domain_bd0( +to_standard_domain_eb( libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { return libcrux_ml_kem_vector_portable_montgomery_multiply_by_constant_0d( v, LIBCRUX_ML_KEM_VECTOR_TRAITS_MONTGOMERY_R_SQUARED_MOD_FIELD_MODULUS); @@ -3675,14 +3730,14 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static KRML_MUSTINLINE void add_standard_error_reduce_d6_aa( +static KRML_MUSTINLINE void add_standard_error_reduce_d6_9b( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *self, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *error) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { size_t j = i; libcrux_ml_kem_vector_portable_vector_type_PortableVector - coefficient_normal_form = to_standard_domain_bd0(self->coefficients[j]); + coefficient_normal_form = to_standard_domain_eb(self->coefficients[j]); libcrux_ml_kem_vector_portable_vector_type_PortableVector uu____0 = libcrux_ml_kem_vector_portable_barrett_reduce_0d( libcrux_ml_kem_vector_portable_add_0d(coefficient_normal_form, @@ -3700,7 +3755,7 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 4 */ -static KRML_MUSTINLINE void compute_As_plus_e_00( +static KRML_MUSTINLINE void compute_As_plus_e_50( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *t_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 (*matrix_A)[4U], libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *s_as_ntt, @@ -3727,10 +3782,10 @@ static KRML_MUSTINLINE void compute_As_plus_e_00( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *matrix_element = &row[j]; libcrux_ml_kem_polynomial_PolynomialRingElement_f0 product = - ntt_multiply_d6_27(matrix_element, &s_as_ntt[j]); - add_to_ring_element_d6_5d(&t_as_ntt[i0], &product); + ntt_multiply_d6_8f(matrix_element, &s_as_ntt[j]); + add_to_ring_element_d6_65(&t_as_ntt[i0], &product); } - add_standard_error_reduce_d6_aa(&t_as_ntt[i0], &error_as_ntt[i0]); + add_standard_error_reduce_d6_9b(&t_as_ntt[i0], &error_as_ntt[i0]); } } @@ -3784,12 +3839,12 @@ libcrux_ml_kem_variant_MlKem with const generics - ETA1= 2 - ETA1_RANDOMNESS_SIZE= 128 */ -static void generate_keypair_unpacked_74( +static void generate_keypair_unpacked_62( Eurydice_slice key_generation_seed, IndCpaPrivateKeyUnpacked_42 *private_key, IndCpaPublicKeyUnpacked_42 *public_key) { uint8_t hashed[64U]; - cpa_keygen_seed_d8_b7(key_generation_seed, hashed); + cpa_keygen_seed_d8_92(key_generation_seed, hashed); Eurydice_slice_uint8_t_x2 uu____0 = Eurydice_slice_split_at( Eurydice_array_to_slice((size_t)64U, hashed, uint8_t), (size_t)32U, uint8_t, Eurydice_slice_uint8_t_x2); @@ -3799,7 +3854,7 @@ static void generate_keypair_unpacked_74( public_key->A; uint8_t ret[34U]; libcrux_ml_kem_utils_into_padded_array_422(seed_for_A, ret); - sample_matrix_A_ae(uu____1, ret, true); + sample_matrix_A_96(uu____1, ret, true); uint8_t prf_input[33U]; libcrux_ml_kem_utils_into_padded_array_421(seed_for_secret_and_error, prf_input); @@ -3809,17 +3864,17 @@ static void generate_keypair_unpacked_74( uint8_t copy_of_prf_input0[33U]; memcpy(copy_of_prf_input0, prf_input, (size_t)33U * sizeof(uint8_t)); uint8_t domain_separator = - sample_vector_cbd_then_ntt_83(uu____2, copy_of_prf_input0, 0U); + sample_vector_cbd_then_ntt_dd(uu____2, copy_of_prf_input0, 0U); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_prf_input[33U]; memcpy(copy_of_prf_input, prf_input, (size_t)33U * sizeof(uint8_t)); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 error_as_ntt[4U]; memcpy( error_as_ntt, - sample_vector_cbd_then_ntt_out_86(copy_of_prf_input, domain_separator) + sample_vector_cbd_then_ntt_out_07(copy_of_prf_input, domain_separator) .fst, (size_t)4U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); - compute_As_plus_e_00(public_key->t_as_ntt, public_key->A, + compute_As_plus_e_50(public_key->t_as_ntt, public_key->A, private_key->secret_as_ntt, error_as_ntt); uint8_t uu____5[32U]; core_result_Result_00 dst; @@ -3840,18 +3895,18 @@ libcrux_ml_kem_variant_MlKem with const generics - ETA1= 2 - ETA1_RANDOMNESS_SIZE= 128 */ -static libcrux_ml_kem_utils_extraction_helper_Keypair1024 generate_keypair_521( +static libcrux_ml_kem_utils_extraction_helper_Keypair1024 generate_keypair_481( Eurydice_slice key_generation_seed) { - IndCpaPrivateKeyUnpacked_42 private_key = default_1a_a3(); - IndCpaPublicKeyUnpacked_42 public_key = default_8d_6b(); - generate_keypair_unpacked_74(key_generation_seed, &private_key, &public_key); + IndCpaPrivateKeyUnpacked_42 private_key = default_1a_cf(); + IndCpaPublicKeyUnpacked_42 public_key = default_8d_b3(); + generate_keypair_unpacked_62(key_generation_seed, &private_key, &public_key); uint8_t public_key_serialized[1568U]; - serialize_public_key_eb( + serialize_public_key_cf( public_key.t_as_ntt, Eurydice_array_to_slice((size_t)32U, public_key.seed_for_A, uint8_t), public_key_serialized); uint8_t secret_key_serialized[1536U]; - serialize_secret_key_8c(private_key.secret_as_ntt, secret_key_serialized); + serialize_secret_key_f2(private_key.secret_as_ntt, secret_key_serialized); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_secret_key_serialized[1536U]; memcpy(copy_of_secret_key_serialized, secret_key_serialized, @@ -3878,7 +3933,7 @@ with const generics - K= 4 - SERIALIZED_KEY_LEN= 3168 */ -static KRML_MUSTINLINE void serialize_kem_secret_key_82( +static KRML_MUSTINLINE void serialize_kem_secret_key_f7( Eurydice_slice private_key, Eurydice_slice public_key, Eurydice_slice implicit_rejection_value, uint8_t ret[3168U]) { uint8_t out[3168U] = {0U}; @@ -3942,7 +3997,7 @@ libcrux_ml_kem_variant_MlKem with const generics - ETA1_RANDOMNESS_SIZE= 128 */ libcrux_ml_kem_mlkem1024_MlKem1024KeyPair -libcrux_ml_kem_ind_cca_generate_keypair_541(uint8_t randomness[64U]) { +libcrux_ml_kem_ind_cca_generate_keypair_791(uint8_t randomness[64U]) { Eurydice_slice ind_cpa_keypair_randomness = Eurydice_array_to_subslice2( randomness, (size_t)0U, LIBCRUX_ML_KEM_CONSTANTS_CPA_PKE_KEY_GENERATION_SEED_SIZE, uint8_t); @@ -3951,13 +4006,13 @@ libcrux_ml_kem_ind_cca_generate_keypair_541(uint8_t randomness[64U]) { LIBCRUX_ML_KEM_CONSTANTS_CPA_PKE_KEY_GENERATION_SEED_SIZE, uint8_t, size_t); libcrux_ml_kem_utils_extraction_helper_Keypair1024 uu____0 = - generate_keypair_521(ind_cpa_keypair_randomness); + generate_keypair_481(ind_cpa_keypair_randomness); uint8_t ind_cpa_private_key[1536U]; memcpy(ind_cpa_private_key, uu____0.fst, (size_t)1536U * sizeof(uint8_t)); uint8_t public_key[1568U]; memcpy(public_key, uu____0.snd, (size_t)1568U * sizeof(uint8_t)); uint8_t secret_key_serialized[3168U]; - serialize_kem_secret_key_82( + serialize_kem_secret_key_f7( Eurydice_array_to_slice((size_t)1536U, ind_cpa_private_key, uint8_t), Eurydice_array_to_slice((size_t)1568U, public_key, uint8_t), implicit_rejection_value, secret_key_serialized); @@ -3966,13 +4021,13 @@ libcrux_ml_kem_ind_cca_generate_keypair_541(uint8_t randomness[64U]) { memcpy(copy_of_secret_key_serialized, secret_key_serialized, (size_t)3168U * sizeof(uint8_t)); libcrux_ml_kem_types_MlKemPrivateKey_95 private_key = - libcrux_ml_kem_types_from_88_2d1(copy_of_secret_key_serialized); + libcrux_ml_kem_types_from_88_581(copy_of_secret_key_serialized); libcrux_ml_kem_types_MlKemPrivateKey_95 uu____2 = private_key; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_public_key[1568U]; memcpy(copy_of_public_key, public_key, (size_t)1568U * sizeof(uint8_t)); - return libcrux_ml_kem_types_from_17_8b1( - uu____2, libcrux_ml_kem_types_from_40_601(copy_of_public_key)); + return libcrux_ml_kem_types_from_17_dc1( + uu____2, libcrux_ml_kem_types_from_40_cb1(copy_of_public_key)); } /** @@ -3985,7 +4040,7 @@ with types libcrux_ml_kem_hash_functions_portable_PortableHash[[$4size_t]] with const generics - K= 4 */ -static KRML_MUSTINLINE void entropy_preprocess_d8_cd(Eurydice_slice randomness, +static KRML_MUSTINLINE void entropy_preprocess_d8_61(Eurydice_slice randomness, uint8_t ret[32U]) { uint8_t out[32U] = {0U}; Eurydice_slice_copy(Eurydice_array_to_slice((size_t)32U, out, uint8_t), @@ -4003,7 +4058,7 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - PUBLIC_KEY_SIZE= 1536 - K= 4 */ -static KRML_MUSTINLINE void deserialize_ring_elements_reduced_1b( +static KRML_MUSTINLINE void deserialize_ring_elements_reduced_23( Eurydice_slice public_key, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *deserialized_pk) { for (size_t i = (size_t)0U; @@ -4017,7 +4072,7 @@ static KRML_MUSTINLINE void deserialize_ring_elements_reduced_1b( LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT, uint8_t); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 uu____0 = - deserialize_to_reduced_ring_element_f6(ring_element); + deserialize_to_reduced_ring_element_52(ring_element); deserialized_pk[i0] = uu____0; } } @@ -4035,7 +4090,7 @@ generics - ETA2= 2 */ static KRML_MUSTINLINE tuple_710 -sample_ring_element_cbd_af(uint8_t prf_input[33U], uint8_t domain_separator) { +sample_ring_element_cbd_a0(uint8_t prf_input[33U], uint8_t domain_separator) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 error_1[4U]; KRML_MAYBE_FOR4(i, (size_t)0U, (size_t)4U, (size_t)1U, error_1[i] = ZERO_d6_19();); @@ -4054,7 +4109,7 @@ sample_ring_element_cbd_af(uint8_t prf_input[33U], uint8_t domain_separator) { KRML_MAYBE_FOR4( i, (size_t)0U, (size_t)4U, (size_t)1U, size_t i0 = i; libcrux_ml_kem_polynomial_PolynomialRingElement_f0 uu____1 = - sample_from_binomial_distribution_dd( + sample_from_binomial_distribution_56( Eurydice_array_to_slice((size_t)128U, prf_outputs[i0], uint8_t)); error_1[i0] = uu____1;); /* Passing arrays by value in Rust generates a copy in C */ @@ -4103,7 +4158,7 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static KRML_MUSTINLINE void invert_ntt_at_layer_1_0d( +static KRML_MUSTINLINE void invert_ntt_at_layer_1_43( size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re) { KRML_MAYBE_FOR16( i, (size_t)0U, (size_t)16U, (size_t)1U, size_t round = i; @@ -4127,7 +4182,7 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static KRML_MUSTINLINE void invert_ntt_at_layer_2_4a( +static KRML_MUSTINLINE void invert_ntt_at_layer_2_da( size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re) { KRML_MAYBE_FOR16( i, (size_t)0U, (size_t)16U, (size_t)1U, size_t round = i; @@ -4147,7 +4202,7 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static KRML_MUSTINLINE void invert_ntt_at_layer_3_a9( +static KRML_MUSTINLINE void invert_ntt_at_layer_3_e5( size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re) { KRML_MAYBE_FOR16( i, (size_t)0U, (size_t)16U, (size_t)1U, size_t round = i; @@ -4167,7 +4222,7 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector_x2 - inv_ntt_layer_int_vec_step_reduce_f1( + inv_ntt_layer_int_vec_step_reduce_e5( libcrux_ml_kem_vector_portable_vector_type_PortableVector a, libcrux_ml_kem_vector_portable_vector_type_PortableVector b, int16_t zeta_r) { @@ -4175,7 +4230,7 @@ static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_sub_0d(b, &a); a = libcrux_ml_kem_vector_portable_barrett_reduce_0d( libcrux_ml_kem_vector_portable_add_0d(a, &b)); - b = montgomery_multiply_fe_2c(a_minus_b, zeta_r); + b = montgomery_multiply_fe_44(a_minus_b, zeta_r); return ( CLITERAL(libcrux_ml_kem_vector_portable_vector_type_PortableVector_x2){ .fst = a, .snd = b}); @@ -4187,7 +4242,7 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static KRML_MUSTINLINE void invert_ntt_at_layer_4_plus_f5( +static KRML_MUSTINLINE void invert_ntt_at_layer_4_plus_e7( size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re, size_t layer) { size_t step = (size_t)1U << (uint32_t)layer; @@ -4202,7 +4257,7 @@ static KRML_MUSTINLINE void invert_ntt_at_layer_4_plus_f5( for (size_t i = offset_vec; i < offset_vec + step_vec; i++) { size_t j = i; libcrux_ml_kem_vector_portable_vector_type_PortableVector_x2 uu____0 = - inv_ntt_layer_int_vec_step_reduce_f1( + inv_ntt_layer_int_vec_step_reduce_e5( re->coefficients[j], re->coefficients[j + step_vec], libcrux_ml_kem_polynomial_ZETAS_TIMES_MONTGOMERY_R[zeta_i[0U]]); libcrux_ml_kem_vector_portable_vector_type_PortableVector x = uu____0.fst; @@ -4219,18 +4274,18 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 4 */ -static KRML_MUSTINLINE void invert_ntt_montgomery_5f( +static KRML_MUSTINLINE void invert_ntt_montgomery_c1( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re) { size_t zeta_i = LIBCRUX_ML_KEM_CONSTANTS_COEFFICIENTS_IN_RING_ELEMENT / (size_t)2U; - invert_ntt_at_layer_1_0d(&zeta_i, re); - invert_ntt_at_layer_2_4a(&zeta_i, re); - invert_ntt_at_layer_3_a9(&zeta_i, re); - invert_ntt_at_layer_4_plus_f5(&zeta_i, re, (size_t)4U); - invert_ntt_at_layer_4_plus_f5(&zeta_i, re, (size_t)5U); - invert_ntt_at_layer_4_plus_f5(&zeta_i, re, (size_t)6U); - invert_ntt_at_layer_4_plus_f5(&zeta_i, re, (size_t)7U); - poly_barrett_reduce_d6_a9(re); + invert_ntt_at_layer_1_43(&zeta_i, re); + invert_ntt_at_layer_2_da(&zeta_i, re); + invert_ntt_at_layer_3_e5(&zeta_i, re); + invert_ntt_at_layer_4_plus_e7(&zeta_i, re, (size_t)4U); + invert_ntt_at_layer_4_plus_e7(&zeta_i, re, (size_t)5U); + invert_ntt_at_layer_4_plus_e7(&zeta_i, re, (size_t)6U); + invert_ntt_at_layer_4_plus_e7(&zeta_i, re, (size_t)7U); + poly_barrett_reduce_d6_b3(re); } /** @@ -4244,7 +4299,7 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static KRML_MUSTINLINE void add_error_reduce_d6_a3( +static KRML_MUSTINLINE void add_error_reduce_d6_45( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *self, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *error) { for (size_t i = (size_t)0U; @@ -4271,7 +4326,7 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 4 */ -static KRML_MUSTINLINE void compute_vector_u_51( +static KRML_MUSTINLINE void compute_vector_u_da( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 (*a_as_ntt)[4U], libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *r_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *error_1, @@ -4298,11 +4353,11 @@ static KRML_MUSTINLINE void compute_vector_u_51( size_t j = i; libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *a_element = &row[j]; libcrux_ml_kem_polynomial_PolynomialRingElement_f0 product = - ntt_multiply_d6_27(a_element, &r_as_ntt[j]); - add_to_ring_element_d6_5d(&result[i1], &product); + ntt_multiply_d6_8f(a_element, &r_as_ntt[j]); + add_to_ring_element_d6_65(&result[i1], &product); } - invert_ntt_montgomery_5f(&result[i1]); - add_error_reduce_d6_a3(&result[i1], &error_1[i1]); + invert_ntt_montgomery_c1(&result[i1]); + add_error_reduce_d6_45(&result[i1], &error_1[i1]); } memcpy( ret, result, @@ -4316,7 +4371,7 @@ with const generics */ static libcrux_ml_kem_vector_portable_vector_type_PortableVector -decompress_1_7e(libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { +decompress_1_f7(libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { libcrux_ml_kem_vector_portable_vector_type_PortableVector uu____0 = libcrux_ml_kem_vector_portable_ZERO_0d(); return libcrux_ml_kem_vector_portable_bitwise_and_with_constant_0d( @@ -4330,7 +4385,7 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -deserialize_then_decompress_message_40(uint8_t serialized[32U]) { +deserialize_then_decompress_message_36(uint8_t serialized[32U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re = ZERO_d6_19(); KRML_MAYBE_FOR16( i, (size_t)0U, (size_t)16U, (size_t)1U, size_t i0 = i; @@ -4341,7 +4396,7 @@ deserialize_then_decompress_message_40(uint8_t serialized[32U]) { (size_t)2U * i0 + (size_t)2U, uint8_t)); libcrux_ml_kem_vector_portable_vector_type_PortableVector uu____0 = - decompress_1_7e(coefficient_compressed); + decompress_1_f7(coefficient_compressed); re.coefficients[i0] = uu____0;); return re; } @@ -4358,7 +4413,7 @@ with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -add_message_error_reduce_d6_4d( +add_message_error_reduce_d6_a2( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *self, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *message, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 result) { @@ -4391,7 +4446,7 @@ with const generics - K= 4 */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -compute_ring_element_v_16( +compute_ring_element_v_6a( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *t_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *r_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *error_2, @@ -4399,10 +4454,10 @@ compute_ring_element_v_16( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 result = ZERO_d6_19(); KRML_MAYBE_FOR4(i, (size_t)0U, (size_t)4U, (size_t)1U, size_t i0 = i; libcrux_ml_kem_polynomial_PolynomialRingElement_f0 product = - ntt_multiply_d6_27(&t_as_ntt[i0], &r_as_ntt[i0]); - add_to_ring_element_d6_5d(&result, &product);); - invert_ntt_montgomery_5f(&result); - result = add_message_error_reduce_d6_4d(error_2, message, result); + ntt_multiply_d6_8f(&t_as_ntt[i0], &r_as_ntt[i0]); + add_to_ring_element_d6_65(&result, &product);); + invert_ntt_montgomery_c1(&result); + result = add_message_error_reduce_d6_a2(error_2, message, result); return result; } @@ -4412,7 +4467,7 @@ with const generics - COEFFICIENT_BITS= 10 */ static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector -compress_20(libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { +compress_67(libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_ELEMENTS_IN_VECTOR; i++) { size_t i0 = i; @@ -4433,9 +4488,9 @@ A monomorphic instance of libcrux_ml_kem.vector.portable.compress_0d with const generics - COEFFICIENT_BITS= 10 */ -static libcrux_ml_kem_vector_portable_vector_type_PortableVector compress_0d_0c( +static libcrux_ml_kem_vector_portable_vector_type_PortableVector compress_0d_00( libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { - return compress_20(v); + return compress_67(v); } /** @@ -4444,7 +4499,7 @@ with const generics - COEFFICIENT_BITS= 11 */ static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector -compress_200(libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { +compress_670(libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_ELEMENTS_IN_VECTOR; i++) { size_t i0 = i; @@ -4466,8 +4521,8 @@ with const generics - COEFFICIENT_BITS= 11 */ static libcrux_ml_kem_vector_portable_vector_type_PortableVector -compress_0d_0c0(libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { - return compress_200(v); +compress_0d_000(libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { + return compress_670(v); } /** @@ -4476,14 +4531,14 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - OUT_LEN= 352 */ -static KRML_MUSTINLINE void compress_then_serialize_11_9b( +static KRML_MUSTINLINE void compress_then_serialize_11_08( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re, uint8_t ret[352U]) { uint8_t serialized[352U] = {0U}; for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { size_t i0 = i; libcrux_ml_kem_vector_portable_vector_type_PortableVector coefficient = - compress_0d_0c0(to_unsigned_representative_08(re->coefficients[i0])); + compress_0d_000(to_unsigned_representative_13(re->coefficients[i0])); uint8_t bytes[22U]; libcrux_ml_kem_vector_portable_serialize_11_0d(coefficient, bytes); Eurydice_slice uu____0 = Eurydice_array_to_subslice2( @@ -4501,10 +4556,10 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - COMPRESSION_FACTOR= 11 - OUT_LEN= 352 */ -static KRML_MUSTINLINE void compress_then_serialize_ring_element_u_08( +static KRML_MUSTINLINE void compress_then_serialize_ring_element_u_50( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re, uint8_t ret[352U]) { uint8_t uu____0[352U]; - compress_then_serialize_11_9b(re, uu____0); + compress_then_serialize_11_08(re, uu____0); memcpy(ret, uu____0, (size_t)352U * sizeof(uint8_t)); } @@ -4520,7 +4575,7 @@ with const generics - COMPRESSION_FACTOR= 11 - BLOCK_LEN= 352 */ -static void compress_then_serialize_u_2b( +static void compress_then_serialize_u_3f( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 input[4U], Eurydice_slice out) { for (size_t i = (size_t)0U; @@ -4536,7 +4591,7 @@ static void compress_then_serialize_u_2b( out, i0 * ((size_t)1408U / (size_t)4U), (i0 + (size_t)1U) * ((size_t)1408U / (size_t)4U), uint8_t); uint8_t ret[352U]; - compress_then_serialize_ring_element_u_08(&re, ret); + compress_then_serialize_ring_element_u_50(&re, ret); Eurydice_slice_copy( uu____0, Eurydice_array_to_slice((size_t)352U, ret, uint8_t), uint8_t); } @@ -4548,7 +4603,7 @@ with const generics - COEFFICIENT_BITS= 4 */ static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector -compress_201(libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { +compress_671(libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_ELEMENTS_IN_VECTOR; i++) { size_t i0 = i; @@ -4570,8 +4625,8 @@ with const generics - COEFFICIENT_BITS= 4 */ static libcrux_ml_kem_vector_portable_vector_type_PortableVector -compress_0d_0c1(libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { - return compress_201(v); +compress_0d_001(libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { + return compress_671(v); } /** @@ -4580,14 +4635,14 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static KRML_MUSTINLINE void compress_then_serialize_4_d4( +static KRML_MUSTINLINE void compress_then_serialize_4_29( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re, Eurydice_slice serialized) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { size_t i0 = i; libcrux_ml_kem_vector_portable_vector_type_PortableVector coefficient = - compress_0d_0c1(to_unsigned_representative_08(re.coefficients[i0])); + compress_0d_001(to_unsigned_representative_13(re.coefficients[i0])); uint8_t bytes[8U]; libcrux_ml_kem_vector_portable_serialize_4_0d(coefficient, bytes); Eurydice_slice_copy( @@ -4603,7 +4658,7 @@ with const generics - COEFFICIENT_BITS= 5 */ static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector -compress_202(libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { +compress_672(libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_ELEMENTS_IN_VECTOR; i++) { size_t i0 = i; @@ -4625,8 +4680,8 @@ with const generics - COEFFICIENT_BITS= 5 */ static libcrux_ml_kem_vector_portable_vector_type_PortableVector -compress_0d_0c2(libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { - return compress_202(v); +compress_0d_002(libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { + return compress_672(v); } /** @@ -4635,14 +4690,14 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static KRML_MUSTINLINE void compress_then_serialize_5_61( +static KRML_MUSTINLINE void compress_then_serialize_5_56( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re, Eurydice_slice serialized) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { size_t i0 = i; libcrux_ml_kem_vector_portable_vector_type_PortableVector coefficients = - compress_0d_0c2(to_unsigned_representative_08(re.coefficients[i0])); + compress_0d_002(to_unsigned_representative_13(re.coefficients[i0])); uint8_t bytes[10U]; libcrux_ml_kem_vector_portable_serialize_5_0d(coefficients, bytes); Eurydice_slice_copy( @@ -4659,9 +4714,9 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - COMPRESSION_FACTOR= 5 - OUT_LEN= 160 */ -static KRML_MUSTINLINE void compress_then_serialize_ring_element_v_b9( +static KRML_MUSTINLINE void compress_then_serialize_ring_element_v_6f( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re, Eurydice_slice out) { - compress_then_serialize_5_61(re, out); + compress_then_serialize_5_56(re, out); } /** @@ -4723,7 +4778,7 @@ generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -static void encrypt_unpacked_e7(IndCpaPublicKeyUnpacked_42 *public_key, +static void encrypt_unpacked_8c(IndCpaPublicKeyUnpacked_42 *public_key, uint8_t message[32U], Eurydice_slice randomness, uint8_t ret[1568U]) { uint8_t prf_input[33U]; @@ -4731,7 +4786,7 @@ static void encrypt_unpacked_e7(IndCpaPublicKeyUnpacked_42 *public_key, /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_prf_input0[33U]; memcpy(copy_of_prf_input0, prf_input, (size_t)33U * sizeof(uint8_t)); - tuple_710 uu____1 = sample_vector_cbd_then_ntt_out_86(copy_of_prf_input0, 0U); + tuple_710 uu____1 = sample_vector_cbd_then_ntt_out_07(copy_of_prf_input0, 0U); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 r_as_ntt[4U]; memcpy( r_as_ntt, uu____1.fst, @@ -4741,7 +4796,7 @@ static void encrypt_unpacked_e7(IndCpaPublicKeyUnpacked_42 *public_key, uint8_t copy_of_prf_input[33U]; memcpy(copy_of_prf_input, prf_input, (size_t)33U * sizeof(uint8_t)); tuple_710 uu____3 = - sample_ring_element_cbd_af(copy_of_prf_input, domain_separator0); + sample_ring_element_cbd_a0(copy_of_prf_input, domain_separator0); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 error_1[4U]; memcpy( error_1, uu____3.fst, @@ -4752,28 +4807,28 @@ static void encrypt_unpacked_e7(IndCpaPublicKeyUnpacked_42 *public_key, PRF_f1_9d0(Eurydice_array_to_slice((size_t)33U, prf_input, uint8_t), prf_output); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 error_2 = - sample_from_binomial_distribution_dd( + sample_from_binomial_distribution_56( Eurydice_array_to_slice((size_t)128U, prf_output, uint8_t)); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 u[4U]; - compute_vector_u_51(public_key->A, r_as_ntt, error_1, u); + compute_vector_u_da(public_key->A, r_as_ntt, error_1, u); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_message[32U]; memcpy(copy_of_message, message, (size_t)32U * sizeof(uint8_t)); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 message_as_ring_element = - deserialize_then_decompress_message_40(copy_of_message); + deserialize_then_decompress_message_36(copy_of_message); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 v = - compute_ring_element_v_16(public_key->t_as_ntt, r_as_ntt, &error_2, + compute_ring_element_v_6a(public_key->t_as_ntt, r_as_ntt, &error_2, &message_as_ring_element); uint8_t ciphertext[1568U] = {0U}; libcrux_ml_kem_polynomial_PolynomialRingElement_f0 uu____5[4U]; memcpy( uu____5, u, (size_t)4U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); - compress_then_serialize_u_2b( + compress_then_serialize_u_3f( uu____5, Eurydice_array_to_subslice2(ciphertext, (size_t)0U, (size_t)1408U, uint8_t)); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 uu____6 = v; - compress_then_serialize_ring_element_v_b9( + compress_then_serialize_ring_element_v_6f( uu____6, Eurydice_array_to_subslice_from((size_t)1568U, ciphertext, (size_t)1408U, uint8_t, size_t)); memcpy(ret, ciphertext, (size_t)1568U * sizeof(uint8_t)); @@ -4797,10 +4852,10 @@ generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -static void encrypt_ec1(Eurydice_slice public_key, uint8_t message[32U], +static void encrypt_8f1(Eurydice_slice public_key, uint8_t message[32U], Eurydice_slice randomness, uint8_t ret[1568U]) { - IndCpaPublicKeyUnpacked_42 unpacked_public_key = default_8d_6b(); - deserialize_ring_elements_reduced_1b( + IndCpaPublicKeyUnpacked_42 unpacked_public_key = default_8d_b3(); + deserialize_ring_elements_reduced_23( Eurydice_slice_subslice_to(public_key, (size_t)1536U, uint8_t, size_t), unpacked_public_key.t_as_ntt); Eurydice_slice seed = @@ -4809,13 +4864,13 @@ static void encrypt_ec1(Eurydice_slice public_key, uint8_t message[32U], unpacked_public_key.A; uint8_t ret0[34U]; libcrux_ml_kem_utils_into_padded_array_422(seed, ret0); - sample_matrix_A_ae(uu____0, ret0, false); + sample_matrix_A_96(uu____0, ret0, false); IndCpaPublicKeyUnpacked_42 *uu____1 = &unpacked_public_key; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_message[32U]; memcpy(copy_of_message, message, (size_t)32U * sizeof(uint8_t)); uint8_t ret1[1568U]; - encrypt_unpacked_e7(uu____1, copy_of_message, randomness, ret1); + encrypt_unpacked_8c(uu____1, copy_of_message, randomness, ret1); memcpy(ret, ret1, (size_t)1568U * sizeof(uint8_t)); } @@ -4830,7 +4885,7 @@ with const generics - K= 4 - CIPHERTEXT_SIZE= 1568 */ -static KRML_MUSTINLINE void kdf_d8_89(Eurydice_slice shared_secret, +static KRML_MUSTINLINE void kdf_d8_21(Eurydice_slice shared_secret, uint8_t ret[32U]) { uint8_t out[32U] = {0U}; Eurydice_slice_copy(Eurydice_array_to_slice((size_t)32U, out, uint8_t), @@ -4857,11 +4912,11 @@ libcrux_ml_kem_variant_MlKem with const generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -tuple_21 libcrux_ml_kem_ind_cca_encapsulate_b11( +tuple_21 libcrux_ml_kem_ind_cca_encapsulate_3a1( libcrux_ml_kem_types_MlKemPublicKey_1f *public_key, uint8_t randomness[32U]) { uint8_t randomness0[32U]; - entropy_preprocess_d8_cd( + entropy_preprocess_d8_61( Eurydice_array_to_slice((size_t)32U, randomness, uint8_t), randomness0); uint8_t to_hash[64U]; libcrux_ml_kem_utils_into_padded_array_42( @@ -4871,7 +4926,7 @@ tuple_21 libcrux_ml_kem_ind_cca_encapsulate_b11( size_t); uint8_t ret[32U]; H_f1_c6(Eurydice_array_to_slice( - (size_t)1568U, libcrux_ml_kem_types_as_slice_ba_12(public_key), + (size_t)1568U, libcrux_ml_kem_types_as_slice_ba_66(public_key), uint8_t), ret); Eurydice_slice_copy( @@ -4885,19 +4940,19 @@ tuple_21 libcrux_ml_kem_ind_cca_encapsulate_b11( Eurydice_slice shared_secret = uu____1.fst; Eurydice_slice pseudorandomness = uu____1.snd; Eurydice_slice uu____2 = Eurydice_array_to_slice( - (size_t)1568U, libcrux_ml_kem_types_as_slice_ba_12(public_key), uint8_t); + (size_t)1568U, libcrux_ml_kem_types_as_slice_ba_66(public_key), uint8_t); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness0, (size_t)32U * sizeof(uint8_t)); uint8_t ciphertext[1568U]; - encrypt_ec1(uu____2, copy_of_randomness, pseudorandomness, ciphertext); + encrypt_8f1(uu____2, copy_of_randomness, pseudorandomness, ciphertext); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_ciphertext[1568U]; memcpy(copy_of_ciphertext, ciphertext, (size_t)1568U * sizeof(uint8_t)); libcrux_ml_kem_types_MlKemCiphertext_1f ciphertext0 = - libcrux_ml_kem_types_from_fc_36(copy_of_ciphertext); + libcrux_ml_kem_types_from_fc_0e(copy_of_ciphertext); uint8_t shared_secret_array[32U]; - kdf_d8_89(shared_secret, shared_secret_array); + kdf_d8_21(shared_secret, shared_secret_array); libcrux_ml_kem_types_MlKemCiphertext_1f uu____5 = ciphertext0; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_shared_secret_array[32U]; @@ -4916,7 +4971,7 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -deserialize_to_uncompressed_ring_element_7f(Eurydice_slice serialized) { +deserialize_to_uncompressed_ring_element_e1(Eurydice_slice serialized) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re = ZERO_d6_19(); for (size_t i = (size_t)0U; i < Eurydice_slice_len(serialized, uint8_t) / (size_t)24U; i++) { @@ -4939,7 +4994,7 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 4 */ -static KRML_MUSTINLINE void deserialize_secret_key_a21( +static KRML_MUSTINLINE void deserialize_secret_key_181( Eurydice_slice secret_key, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 ret[4U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 secret_as_ntt[4U]; @@ -4956,7 +5011,7 @@ static KRML_MUSTINLINE void deserialize_secret_key_a21( LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT, uint8_t); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 uu____0 = - deserialize_to_uncompressed_ring_element_7f(secret_bytes); + deserialize_to_uncompressed_ring_element_e1(secret_bytes); secret_as_ntt[i0] = uu____0; } memcpy( @@ -4971,7 +5026,7 @@ const generics - COEFFICIENT_BITS= 10 */ static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector -decompress_ciphertext_coefficient_1b( +decompress_ciphertext_coefficient_52( libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_ELEMENTS_IN_VECTOR; i++) { @@ -4996,9 +5051,9 @@ generics - COEFFICIENT_BITS= 10 */ static libcrux_ml_kem_vector_portable_vector_type_PortableVector -decompress_ciphertext_coefficient_0d_7e( +decompress_ciphertext_coefficient_0d_76( libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { - return decompress_ciphertext_coefficient_1b(v); + return decompress_ciphertext_coefficient_52(v); } /** @@ -5008,7 +5063,7 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -deserialize_then_decompress_10_cb(Eurydice_slice serialized) { +deserialize_then_decompress_10_39(Eurydice_slice serialized) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re = ZERO_d6_19(); for (size_t i = (size_t)0U; i < Eurydice_slice_len(serialized, uint8_t) / (size_t)20U; i++) { @@ -5018,7 +5073,7 @@ deserialize_then_decompress_10_cb(Eurydice_slice serialized) { libcrux_ml_kem_vector_portable_vector_type_PortableVector coefficient = libcrux_ml_kem_vector_portable_deserialize_10_0d(bytes); libcrux_ml_kem_vector_portable_vector_type_PortableVector uu____0 = - decompress_ciphertext_coefficient_0d_7e(coefficient); + decompress_ciphertext_coefficient_0d_76(coefficient); re.coefficients[i0] = uu____0; } return re; @@ -5031,7 +5086,7 @@ const generics - COEFFICIENT_BITS= 11 */ static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector -decompress_ciphertext_coefficient_1b0( +decompress_ciphertext_coefficient_520( libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_ELEMENTS_IN_VECTOR; i++) { @@ -5056,9 +5111,9 @@ generics - COEFFICIENT_BITS= 11 */ static libcrux_ml_kem_vector_portable_vector_type_PortableVector -decompress_ciphertext_coefficient_0d_7e0( +decompress_ciphertext_coefficient_0d_760( libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { - return decompress_ciphertext_coefficient_1b0(v); + return decompress_ciphertext_coefficient_520(v); } /** @@ -5068,7 +5123,7 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -deserialize_then_decompress_11_b0(Eurydice_slice serialized) { +deserialize_then_decompress_11_05(Eurydice_slice serialized) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re = ZERO_d6_19(); for (size_t i = (size_t)0U; i < Eurydice_slice_len(serialized, uint8_t) / (size_t)22U; i++) { @@ -5078,7 +5133,7 @@ deserialize_then_decompress_11_b0(Eurydice_slice serialized) { libcrux_ml_kem_vector_portable_vector_type_PortableVector coefficient = libcrux_ml_kem_vector_portable_deserialize_11_0d(bytes); libcrux_ml_kem_vector_portable_vector_type_PortableVector uu____0 = - decompress_ciphertext_coefficient_0d_7e0(coefficient); + decompress_ciphertext_coefficient_0d_760(coefficient); re.coefficients[i0] = uu____0; } return re; @@ -5091,8 +5146,8 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - COMPRESSION_FACTOR= 11 */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -deserialize_then_decompress_ring_element_u_05(Eurydice_slice serialized) { - return deserialize_then_decompress_11_b0(serialized); +deserialize_then_decompress_ring_element_u_44(Eurydice_slice serialized) { + return deserialize_then_decompress_11_05(serialized); } /** @@ -5101,17 +5156,17 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - VECTOR_U_COMPRESSION_FACTOR= 11 */ -static KRML_MUSTINLINE void ntt_vector_u_58( +static KRML_MUSTINLINE void ntt_vector_u_db( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re) { size_t zeta_i = (size_t)0U; - ntt_at_layer_4_plus_35(&zeta_i, re, (size_t)7U); - ntt_at_layer_4_plus_35(&zeta_i, re, (size_t)6U); - ntt_at_layer_4_plus_35(&zeta_i, re, (size_t)5U); - ntt_at_layer_4_plus_35(&zeta_i, re, (size_t)4U); - ntt_at_layer_3_e9(&zeta_i, re); - ntt_at_layer_2_34(&zeta_i, re); - ntt_at_layer_1_bd(&zeta_i, re); - poly_barrett_reduce_d6_a9(re); + ntt_at_layer_4_plus_6b(&zeta_i, re, (size_t)7U); + ntt_at_layer_4_plus_6b(&zeta_i, re, (size_t)6U); + ntt_at_layer_4_plus_6b(&zeta_i, re, (size_t)5U); + ntt_at_layer_4_plus_6b(&zeta_i, re, (size_t)4U); + ntt_at_layer_3_5c(&zeta_i, re); + ntt_at_layer_2_a1(&zeta_i, re); + ntt_at_layer_1_4c(&zeta_i, re); + poly_barrett_reduce_d6_b3(re); } /** @@ -5126,7 +5181,7 @@ with const generics - CIPHERTEXT_SIZE= 1568 - U_COMPRESSION_FACTOR= 11 */ -static KRML_MUSTINLINE void deserialize_then_decompress_u_4d( +static KRML_MUSTINLINE void deserialize_then_decompress_u_d0( uint8_t *ciphertext, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 ret[4U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 u_as_ntt[4U]; @@ -5149,8 +5204,8 @@ static KRML_MUSTINLINE void deserialize_then_decompress_u_4d( LIBCRUX_ML_KEM_CONSTANTS_COEFFICIENTS_IN_RING_ELEMENT * (size_t)11U / (size_t)8U, uint8_t); - u_as_ntt[i0] = deserialize_then_decompress_ring_element_u_05(u_bytes); - ntt_vector_u_58(&u_as_ntt[i0]); + u_as_ntt[i0] = deserialize_then_decompress_ring_element_u_44(u_bytes); + ntt_vector_u_db(&u_as_ntt[i0]); } memcpy( ret, u_as_ntt, @@ -5164,7 +5219,7 @@ const generics - COEFFICIENT_BITS= 4 */ static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector -decompress_ciphertext_coefficient_1b1( +decompress_ciphertext_coefficient_521( libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_ELEMENTS_IN_VECTOR; i++) { @@ -5189,9 +5244,9 @@ generics - COEFFICIENT_BITS= 4 */ static libcrux_ml_kem_vector_portable_vector_type_PortableVector -decompress_ciphertext_coefficient_0d_7e1( +decompress_ciphertext_coefficient_0d_761( libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { - return decompress_ciphertext_coefficient_1b1(v); + return decompress_ciphertext_coefficient_521(v); } /** @@ -5201,7 +5256,7 @@ with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -deserialize_then_decompress_4_ad(Eurydice_slice serialized) { +deserialize_then_decompress_4_69(Eurydice_slice serialized) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re = ZERO_d6_19(); for (size_t i = (size_t)0U; i < Eurydice_slice_len(serialized, uint8_t) / (size_t)8U; i++) { @@ -5211,7 +5266,7 @@ deserialize_then_decompress_4_ad(Eurydice_slice serialized) { libcrux_ml_kem_vector_portable_vector_type_PortableVector coefficient = libcrux_ml_kem_vector_portable_deserialize_4_0d(bytes); libcrux_ml_kem_vector_portable_vector_type_PortableVector uu____0 = - decompress_ciphertext_coefficient_0d_7e1(coefficient); + decompress_ciphertext_coefficient_0d_761(coefficient); re.coefficients[i0] = uu____0; } return re; @@ -5224,7 +5279,7 @@ const generics - COEFFICIENT_BITS= 5 */ static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector -decompress_ciphertext_coefficient_1b2( +decompress_ciphertext_coefficient_522( libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_ELEMENTS_IN_VECTOR; i++) { @@ -5249,9 +5304,9 @@ generics - COEFFICIENT_BITS= 5 */ static libcrux_ml_kem_vector_portable_vector_type_PortableVector -decompress_ciphertext_coefficient_0d_7e2( +decompress_ciphertext_coefficient_0d_762( libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { - return decompress_ciphertext_coefficient_1b2(v); + return decompress_ciphertext_coefficient_522(v); } /** @@ -5261,7 +5316,7 @@ with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -deserialize_then_decompress_5_60(Eurydice_slice serialized) { +deserialize_then_decompress_5_30(Eurydice_slice serialized) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re = ZERO_d6_19(); for (size_t i = (size_t)0U; i < Eurydice_slice_len(serialized, uint8_t) / (size_t)10U; i++) { @@ -5271,7 +5326,7 @@ deserialize_then_decompress_5_60(Eurydice_slice serialized) { re.coefficients[i0] = libcrux_ml_kem_vector_portable_deserialize_5_0d(bytes); libcrux_ml_kem_vector_portable_vector_type_PortableVector uu____1 = - decompress_ciphertext_coefficient_0d_7e2(re.coefficients[i0]); + decompress_ciphertext_coefficient_0d_762(re.coefficients[i0]); re.coefficients[i0] = uu____1; } return re; @@ -5284,8 +5339,8 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - COMPRESSION_FACTOR= 5 */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -deserialize_then_decompress_ring_element_v_03(Eurydice_slice serialized) { - return deserialize_then_decompress_5_60(serialized); +deserialize_then_decompress_ring_element_v_5d(Eurydice_slice serialized) { + return deserialize_then_decompress_5_30(serialized); } /** @@ -5300,7 +5355,7 @@ with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -subtract_reduce_d6_81(libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *self, +subtract_reduce_d6_b1(libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *self, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 b) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { @@ -5331,17 +5386,17 @@ with const generics - K= 4 */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -compute_message_15( +compute_message_b7( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *v, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *secret_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *u_as_ntt) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 result = ZERO_d6_19(); KRML_MAYBE_FOR4(i, (size_t)0U, (size_t)4U, (size_t)1U, size_t i0 = i; libcrux_ml_kem_polynomial_PolynomialRingElement_f0 product = - ntt_multiply_d6_27(&secret_as_ntt[i0], &u_as_ntt[i0]); - add_to_ring_element_d6_5d(&result, &product);); - invert_ntt_montgomery_5f(&result); - result = subtract_reduce_d6_81(v, result); + ntt_multiply_d6_8f(&secret_as_ntt[i0], &u_as_ntt[i0]); + add_to_ring_element_d6_65(&result, &product);); + invert_ntt_montgomery_c1(&result); + result = subtract_reduce_d6_b1(v, result); return result; } @@ -5351,13 +5406,13 @@ libcrux_ml_kem.serialize.compress_then_serialize_message with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static KRML_MUSTINLINE void compress_then_serialize_message_f9( +static KRML_MUSTINLINE void compress_then_serialize_message_1a( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re, uint8_t ret[32U]) { uint8_t serialized[32U] = {0U}; KRML_MAYBE_FOR16( i, (size_t)0U, (size_t)16U, (size_t)1U, size_t i0 = i; libcrux_ml_kem_vector_portable_vector_type_PortableVector coefficient = - to_unsigned_representative_08(re.coefficients[i0]); + to_unsigned_representative_13(re.coefficients[i0]); libcrux_ml_kem_vector_portable_vector_type_PortableVector coefficient_compressed = libcrux_ml_kem_vector_portable_compress_1_0d(coefficient); @@ -5405,18 +5460,18 @@ with const generics - U_COMPRESSION_FACTOR= 11 - V_COMPRESSION_FACTOR= 5 */ -static void decrypt_unpacked_76(IndCpaPrivateKeyUnpacked_42 *secret_key, +static void decrypt_unpacked_73(IndCpaPrivateKeyUnpacked_42 *secret_key, uint8_t *ciphertext, uint8_t ret[32U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 u_as_ntt[4U]; - deserialize_then_decompress_u_4d(ciphertext, u_as_ntt); + deserialize_then_decompress_u_d0(ciphertext, u_as_ntt); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 v = - deserialize_then_decompress_ring_element_v_03( + deserialize_then_decompress_ring_element_v_5d( Eurydice_array_to_subslice_from((size_t)1568U, ciphertext, (size_t)1408U, uint8_t, size_t)); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 message = - compute_message_15(&v, secret_key->secret_as_ntt, u_as_ntt); + compute_message_b7(&v, secret_key->secret_as_ntt, u_as_ntt); uint8_t ret0[32U]; - compress_then_serialize_message_f9(message, ret0); + compress_then_serialize_message_1a(message, ret0); memcpy(ret, ret0, (size_t)32U * sizeof(uint8_t)); } @@ -5430,10 +5485,10 @@ with const generics - U_COMPRESSION_FACTOR= 11 - V_COMPRESSION_FACTOR= 5 */ -static void decrypt_031(Eurydice_slice secret_key, uint8_t *ciphertext, +static void decrypt_e31(Eurydice_slice secret_key, uint8_t *ciphertext, uint8_t ret[32U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 secret_as_ntt[4U]; - deserialize_secret_key_a21(secret_key, secret_as_ntt); + deserialize_secret_key_181(secret_key, secret_as_ntt); /* Passing arrays by value in Rust generates a copy in C */ libcrux_ml_kem_polynomial_PolynomialRingElement_f0 copy_of_secret_as_ntt[4U]; memcpy( @@ -5444,7 +5499,7 @@ static void decrypt_031(Eurydice_slice secret_key, uint8_t *ciphertext, secret_key_unpacked.secret_as_ntt, copy_of_secret_as_ntt, (size_t)4U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); uint8_t ret0[32U]; - decrypt_unpacked_76(&secret_key_unpacked, ciphertext, ret0); + decrypt_unpacked_73(&secret_key_unpacked, ciphertext, ret0); memcpy(ret, ret0, (size_t)32U * sizeof(uint8_t)); } @@ -5496,7 +5551,7 @@ libcrux_ml_kem_variant_MlKem with const generics - ETA2_RANDOMNESS_SIZE= 128 - IMPLICIT_REJECTION_HASH_INPUT_SIZE= 1600 */ -void libcrux_ml_kem_ind_cca_decapsulate_6a1( +void libcrux_ml_kem_ind_cca_decapsulate_1d1( libcrux_ml_kem_types_MlKemPrivateKey_95 *private_key, libcrux_ml_kem_types_MlKemCiphertext_1f *ciphertext, uint8_t ret[32U]) { Eurydice_slice_uint8_t_x2 uu____0 = Eurydice_slice_split_at( @@ -5514,7 +5569,7 @@ void libcrux_ml_kem_ind_cca_decapsulate_6a1( Eurydice_slice ind_cpa_public_key_hash = uu____2.fst; Eurydice_slice implicit_rejection_value = uu____2.snd; uint8_t decrypted[32U]; - decrypt_031(ind_cpa_secret_key, ciphertext->value, decrypted); + decrypt_e31(ind_cpa_secret_key, ciphertext->value, decrypted); uint8_t to_hash0[64U]; libcrux_ml_kem_utils_into_padded_array_42( Eurydice_array_to_slice((size_t)32U, decrypted, uint8_t), to_hash0); @@ -5536,7 +5591,7 @@ void libcrux_ml_kem_ind_cca_decapsulate_6a1( Eurydice_slice uu____4 = Eurydice_array_to_subslice_from( (size_t)1600U, to_hash, LIBCRUX_ML_KEM_CONSTANTS_SHARED_SECRET_SIZE, uint8_t, size_t); - Eurydice_slice_copy(uu____4, libcrux_ml_kem_types_as_ref_fd_ed(ciphertext), + Eurydice_slice_copy(uu____4, libcrux_ml_kem_types_as_ref_fd_f7(ciphertext), uint8_t); uint8_t implicit_rejection_shared_secret0[32U]; PRF_f1_9d(Eurydice_array_to_slice((size_t)1600U, to_hash, uint8_t), @@ -5546,17 +5601,17 @@ void libcrux_ml_kem_ind_cca_decapsulate_6a1( uint8_t copy_of_decrypted[32U]; memcpy(copy_of_decrypted, decrypted, (size_t)32U * sizeof(uint8_t)); uint8_t expected_ciphertext[1568U]; - encrypt_ec1(uu____5, copy_of_decrypted, pseudorandomness, + encrypt_8f1(uu____5, copy_of_decrypted, pseudorandomness, expected_ciphertext); uint8_t implicit_rejection_shared_secret[32U]; - kdf_d8_89(Eurydice_array_to_slice((size_t)32U, + kdf_d8_21(Eurydice_array_to_slice((size_t)32U, implicit_rejection_shared_secret0, uint8_t), implicit_rejection_shared_secret); uint8_t shared_secret[32U]; - kdf_d8_89(shared_secret0, shared_secret); + kdf_d8_21(shared_secret0, shared_secret); uint8_t ret0[32U]; libcrux_ml_kem_constant_time_ops_compare_ciphertexts_select_shared_secret_in_constant_time( - libcrux_ml_kem_types_as_ref_fd_ed(ciphertext), + libcrux_ml_kem_types_as_ref_fd_f7(ciphertext), Eurydice_array_to_slice((size_t)1568U, expected_ciphertext, uint8_t), Eurydice_array_to_slice((size_t)32U, shared_secret, uint8_t), Eurydice_array_to_slice((size_t)32U, implicit_rejection_shared_secret, @@ -5575,7 +5630,7 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - PUBLIC_KEY_SIZE= 800 - K= 2 */ -static KRML_MUSTINLINE void deserialize_ring_elements_reduced_1b3( +static KRML_MUSTINLINE void deserialize_ring_elements_reduced_233( Eurydice_slice public_key, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *deserialized_pk) { for (size_t i = (size_t)0U; @@ -5589,7 +5644,7 @@ static KRML_MUSTINLINE void deserialize_ring_elements_reduced_1b3( LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT, uint8_t); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 uu____0 = - deserialize_to_reduced_ring_element_f6(ring_element); + deserialize_to_reduced_ring_element_52(ring_element); deserialized_pk[i0] = uu____0; } } @@ -5607,13 +5662,13 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - PUBLIC_KEY_SIZE= 800 - K= 2 */ -static KRML_MUSTINLINE void deserialize_ring_elements_reduced_out_6b0( +static KRML_MUSTINLINE void deserialize_ring_elements_reduced_out_840( Eurydice_slice public_key, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 ret[2U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 deserialized_pk[2U]; KRML_MAYBE_FOR2(i, (size_t)0U, (size_t)2U, (size_t)1U, deserialized_pk[i] = ZERO_d6_19();); - deserialize_ring_elements_reduced_1b3(public_key, deserialized_pk); + deserialize_ring_elements_reduced_233(public_key, deserialized_pk); memcpy( ret, deserialized_pk, (size_t)2U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); @@ -5629,7 +5684,7 @@ with const generics - K= 2 - OUT_LEN= 768 */ -static KRML_MUSTINLINE void serialize_secret_key_8c0( +static KRML_MUSTINLINE void serialize_secret_key_f20( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *key, uint8_t ret[768U]) { uint8_t out[768U] = {0U}; @@ -5647,7 +5702,7 @@ static KRML_MUSTINLINE void serialize_secret_key_8c0( (i0 + (size_t)1U) * LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT, uint8_t); uint8_t ret0[384U]; - serialize_uncompressed_ring_element_16(&re, ret0); + serialize_uncompressed_ring_element_81(&re, ret0); Eurydice_slice_copy( uu____0, Eurydice_array_to_slice((size_t)384U, ret0, uint8_t), uint8_t); } @@ -5665,13 +5720,13 @@ with const generics - RANKED_BYTES_PER_RING_ELEMENT= 768 - PUBLIC_KEY_SIZE= 800 */ -static KRML_MUSTINLINE void serialize_public_key_mut_460( +static KRML_MUSTINLINE void serialize_public_key_mut_980( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *t_as_ntt, Eurydice_slice seed_for_a, uint8_t *serialized) { Eurydice_slice uu____0 = Eurydice_array_to_subslice2(serialized, (size_t)0U, (size_t)768U, uint8_t); uint8_t ret[768U]; - serialize_secret_key_8c0(t_as_ntt, ret); + serialize_secret_key_f20(t_as_ntt, ret); Eurydice_slice_copy( uu____0, Eurydice_array_to_slice((size_t)768U, ret, uint8_t), uint8_t); Eurydice_slice_copy( @@ -5691,11 +5746,11 @@ with const generics - RANKED_BYTES_PER_RING_ELEMENT= 768 - PUBLIC_KEY_SIZE= 800 */ -static KRML_MUSTINLINE void serialize_public_key_eb0( +static KRML_MUSTINLINE void serialize_public_key_cf0( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *t_as_ntt, Eurydice_slice seed_for_a, uint8_t ret[800U]) { uint8_t public_key_serialized[800U] = {0U}; - serialize_public_key_mut_460(t_as_ntt, seed_for_a, public_key_serialized); + serialize_public_key_mut_980(t_as_ntt, seed_for_a, public_key_serialized); memcpy(ret, public_key_serialized, (size_t)800U * sizeof(uint8_t)); } @@ -5714,15 +5769,15 @@ with const generics - RANKED_BYTES_PER_RING_ELEMENT= 768 - PUBLIC_KEY_SIZE= 800 */ -bool libcrux_ml_kem_ind_cca_validate_public_key_950(uint8_t *public_key) { +bool libcrux_ml_kem_ind_cca_validate_public_key_830(uint8_t *public_key) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 deserialized_pk[2U]; - deserialize_ring_elements_reduced_out_6b0( + deserialize_ring_elements_reduced_out_840( Eurydice_array_to_subslice_to((size_t)800U, public_key, (size_t)768U, uint8_t, size_t), deserialized_pk); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *uu____0 = deserialized_pk; uint8_t public_key_serialized[800U]; - serialize_public_key_eb0( + serialize_public_key_cf0( uu____0, Eurydice_array_to_subslice_from((size_t)800U, public_key, (size_t)768U, uint8_t, size_t), @@ -5759,7 +5814,7 @@ with const generics - SECRET_KEY_SIZE= 1632 - CIPHERTEXT_SIZE= 768 */ -bool libcrux_ml_kem_ind_cca_validate_private_key_3d( +bool libcrux_ml_kem_ind_cca_validate_private_key_8f( libcrux_ml_kem_types_MlKemPrivateKey_5e *private_key, libcrux_ml_kem_types_MlKemCiphertext_e8 *_ciphertext) { uint8_t t[32U]; @@ -5795,7 +5850,7 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 2 */ -static IndCpaPrivateKeyUnpacked_ae default_1a_a30(void) { +static IndCpaPrivateKeyUnpacked_ae default_1a_cf0(void) { IndCpaPrivateKeyUnpacked_ae lit; lit.secret_as_ntt[0U] = ZERO_d6_19(); lit.secret_as_ntt[1U] = ZERO_d6_19(); @@ -5825,7 +5880,7 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 2 */ -static IndCpaPublicKeyUnpacked_ae default_8d_6b0(void) { +static IndCpaPublicKeyUnpacked_ae default_8d_b30(void) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 uu____0[2U]; KRML_MAYBE_FOR2(i, (size_t)0U, (size_t)2U, (size_t)1U, uu____0[i] = ZERO_d6_19();); @@ -5865,7 +5920,7 @@ with types libcrux_ml_kem_hash_functions_portable_PortableHash[[$2size_t]] with const generics - K= 2 */ -static KRML_MUSTINLINE void cpa_keygen_seed_d8_07( +static KRML_MUSTINLINE void cpa_keygen_seed_d8_66( Eurydice_slice key_generation_seed, uint8_t ret[64U]) { uint8_t seed[33U] = {0U}; Eurydice_slice_copy( @@ -6013,7 +6068,7 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 2 - N= 504 */ -static KRML_MUSTINLINE bool sample_from_uniform_distribution_next_fb1( +static KRML_MUSTINLINE bool sample_from_uniform_distribution_next_951( uint8_t randomness[2U][504U], size_t *sampled_coefficients, int16_t (*out)[272U]) { KRML_MAYBE_FOR2( @@ -6125,7 +6180,7 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 2 - N= 168 */ -static KRML_MUSTINLINE bool sample_from_uniform_distribution_next_fb2( +static KRML_MUSTINLINE bool sample_from_uniform_distribution_next_952( uint8_t randomness[2U][168U], size_t *sampled_coefficients, int16_t (*out)[272U]) { KRML_MAYBE_FOR2( @@ -6164,9 +6219,9 @@ libcrux_ml_kem_hash_functions_portable_PortableHash[[$2size_t]] with const generics - K= 2 */ -static libcrux_ml_kem_polynomial_PolynomialRingElement_f0 closure_ba0( +static libcrux_ml_kem_polynomial_PolynomialRingElement_f0 closure_780( int16_t s[272U]) { - return from_i16_array_d6_bb( + return from_i16_array_d6_ae( Eurydice_array_to_subslice2(s, (size_t)0U, (size_t)256U, int16_t)); } @@ -6177,7 +6232,7 @@ libcrux_ml_kem_hash_functions_portable_PortableHash[[$2size_t]] with const generics - K= 2 */ -static KRML_MUSTINLINE void sample_from_xof_490( +static KRML_MUSTINLINE void sample_from_xof_c70( uint8_t seeds[2U][34U], libcrux_ml_kem_polynomial_PolynomialRingElement_f0 ret[2U]) { size_t sampled_coefficients[2U] = {0U}; @@ -6191,7 +6246,7 @@ static KRML_MUSTINLINE void sample_from_xof_490( /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness0[2U][504U]; memcpy(copy_of_randomness0, randomness0, (size_t)2U * sizeof(uint8_t[504U])); - bool done = sample_from_uniform_distribution_next_fb1( + bool done = sample_from_uniform_distribution_next_951( copy_of_randomness0, sampled_coefficients, out); while (true) { if (done) { @@ -6203,7 +6258,7 @@ static KRML_MUSTINLINE void sample_from_xof_490( uint8_t copy_of_randomness[2U][168U]; memcpy(copy_of_randomness, randomness, (size_t)2U * sizeof(uint8_t[168U])); - done = sample_from_uniform_distribution_next_fb2( + done = sample_from_uniform_distribution_next_952( copy_of_randomness, sampled_coefficients, out); } } @@ -6212,7 +6267,7 @@ static KRML_MUSTINLINE void sample_from_xof_490( memcpy(copy_of_out, out, (size_t)2U * sizeof(int16_t[272U])); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 ret0[2U]; KRML_MAYBE_FOR2(i, (size_t)0U, (size_t)2U, (size_t)1U, - ret0[i] = closure_ba0(copy_of_out[i]);); + ret0[i] = closure_780(copy_of_out[i]);); memcpy( ret, ret0, (size_t)2U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); @@ -6225,7 +6280,7 @@ libcrux_ml_kem_hash_functions_portable_PortableHash[[$2size_t]] with const generics - K= 2 */ -static KRML_MUSTINLINE void sample_matrix_A_ae0( +static KRML_MUSTINLINE void sample_matrix_A_960( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 (*A_transpose)[2U], uint8_t seed[34U], bool transpose) { KRML_MAYBE_FOR2( @@ -6242,7 +6297,7 @@ static KRML_MUSTINLINE void sample_matrix_A_ae0( uint8_t copy_of_seeds[2U][34U]; memcpy(copy_of_seeds, seeds, (size_t)2U * sizeof(uint8_t[34U])); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 sampled[2U]; - sample_from_xof_490(copy_of_seeds, sampled); + sample_from_xof_c70(copy_of_seeds, sampled); for (size_t i = (size_t)0U; i < Eurydice_slice_len( Eurydice_array_to_slice( @@ -6301,8 +6356,8 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - ETA= 3 */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -sample_from_binomial_distribution_dd0(Eurydice_slice randomness) { - return sample_from_binomial_distribution_3_a6(randomness); +sample_from_binomial_distribution_560(Eurydice_slice randomness) { + return sample_from_binomial_distribution_3_6b(randomness); } /** @@ -6318,7 +6373,7 @@ generics - ETA= 3 - ETA_RANDOMNESS_SIZE= 192 */ -static KRML_MUSTINLINE uint8_t sample_vector_cbd_then_ntt_830( +static KRML_MUSTINLINE uint8_t sample_vector_cbd_then_ntt_dd0( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re_as_ntt, uint8_t prf_input[33U], uint8_t domain_separator) { /* Passing arrays by value in Rust generates a copy in C */ @@ -6335,9 +6390,9 @@ static KRML_MUSTINLINE uint8_t sample_vector_cbd_then_ntt_830( PRFxN_f1_9f0(prf_inputs, prf_outputs); KRML_MAYBE_FOR2( i, (size_t)0U, (size_t)2U, (size_t)1U, size_t i0 = i; - re_as_ntt[i0] = sample_from_binomial_distribution_dd0( + re_as_ntt[i0] = sample_from_binomial_distribution_560( Eurydice_array_to_slice((size_t)192U, prf_outputs[i0], uint8_t)); - ntt_binomially_sampled_ring_element_fb(&re_as_ntt[i0]);); + ntt_binomially_sampled_ring_element_d9(&re_as_ntt[i0]);); return domain_separator; } @@ -6361,7 +6416,7 @@ generics - ETA= 3 - ETA_RANDOMNESS_SIZE= 192 */ -static KRML_MUSTINLINE tuple_740 sample_vector_cbd_then_ntt_out_860( +static KRML_MUSTINLINE tuple_740 sample_vector_cbd_then_ntt_out_070( uint8_t prf_input[33U], uint8_t domain_separator) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re_as_ntt[2U]; KRML_MAYBE_FOR2(i, (size_t)0U, (size_t)2U, (size_t)1U, @@ -6370,7 +6425,7 @@ static KRML_MUSTINLINE tuple_740 sample_vector_cbd_then_ntt_out_860( uint8_t uu____1[33U]; memcpy(uu____1, prf_input, (size_t)33U * sizeof(uint8_t)); domain_separator = - sample_vector_cbd_then_ntt_830(uu____0, uu____1, domain_separator); + sample_vector_cbd_then_ntt_dd0(uu____0, uu____1, domain_separator); /* Passing arrays by value in Rust generates a copy in C */ libcrux_ml_kem_polynomial_PolynomialRingElement_f0 copy_of_re_as_ntt[2U]; memcpy( @@ -6399,7 +6454,7 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 2 */ -static KRML_MUSTINLINE void add_to_ring_element_d6_5d0( +static KRML_MUSTINLINE void add_to_ring_element_d6_650( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *self, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *rhs) { for (size_t i = (size_t)0U; @@ -6426,7 +6481,7 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 2 */ -static KRML_MUSTINLINE void compute_As_plus_e_000( +static KRML_MUSTINLINE void compute_As_plus_e_500( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *t_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 (*matrix_A)[2U], libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *s_as_ntt, @@ -6453,10 +6508,10 @@ static KRML_MUSTINLINE void compute_As_plus_e_000( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *matrix_element = &row[j]; libcrux_ml_kem_polynomial_PolynomialRingElement_f0 product = - ntt_multiply_d6_27(matrix_element, &s_as_ntt[j]); - add_to_ring_element_d6_5d0(&t_as_ntt[i0], &product); + ntt_multiply_d6_8f(matrix_element, &s_as_ntt[j]); + add_to_ring_element_d6_650(&t_as_ntt[i0], &product); } - add_standard_error_reduce_d6_aa(&t_as_ntt[i0], &error_as_ntt[i0]); + add_standard_error_reduce_d6_9b(&t_as_ntt[i0], &error_as_ntt[i0]); } } @@ -6510,12 +6565,12 @@ libcrux_ml_kem_variant_MlKem with const generics - ETA1= 3 - ETA1_RANDOMNESS_SIZE= 192 */ -static void generate_keypair_unpacked_740( +static void generate_keypair_unpacked_620( Eurydice_slice key_generation_seed, IndCpaPrivateKeyUnpacked_ae *private_key, IndCpaPublicKeyUnpacked_ae *public_key) { uint8_t hashed[64U]; - cpa_keygen_seed_d8_07(key_generation_seed, hashed); + cpa_keygen_seed_d8_66(key_generation_seed, hashed); Eurydice_slice_uint8_t_x2 uu____0 = Eurydice_slice_split_at( Eurydice_array_to_slice((size_t)64U, hashed, uint8_t), (size_t)32U, uint8_t, Eurydice_slice_uint8_t_x2); @@ -6525,7 +6580,7 @@ static void generate_keypair_unpacked_740( public_key->A; uint8_t ret[34U]; libcrux_ml_kem_utils_into_padded_array_422(seed_for_A, ret); - sample_matrix_A_ae0(uu____1, ret, true); + sample_matrix_A_960(uu____1, ret, true); uint8_t prf_input[33U]; libcrux_ml_kem_utils_into_padded_array_421(seed_for_secret_and_error, prf_input); @@ -6535,17 +6590,17 @@ static void generate_keypair_unpacked_740( uint8_t copy_of_prf_input0[33U]; memcpy(copy_of_prf_input0, prf_input, (size_t)33U * sizeof(uint8_t)); uint8_t domain_separator = - sample_vector_cbd_then_ntt_830(uu____2, copy_of_prf_input0, 0U); + sample_vector_cbd_then_ntt_dd0(uu____2, copy_of_prf_input0, 0U); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_prf_input[33U]; memcpy(copy_of_prf_input, prf_input, (size_t)33U * sizeof(uint8_t)); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 error_as_ntt[2U]; memcpy( error_as_ntt, - sample_vector_cbd_then_ntt_out_860(copy_of_prf_input, domain_separator) + sample_vector_cbd_then_ntt_out_070(copy_of_prf_input, domain_separator) .fst, (size_t)2U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); - compute_As_plus_e_000(public_key->t_as_ntt, public_key->A, + compute_As_plus_e_500(public_key->t_as_ntt, public_key->A, private_key->secret_as_ntt, error_as_ntt); uint8_t uu____5[32U]; core_result_Result_00 dst; @@ -6566,18 +6621,18 @@ libcrux_ml_kem_variant_MlKem with const generics - ETA1= 3 - ETA1_RANDOMNESS_SIZE= 192 */ -static libcrux_ml_kem_utils_extraction_helper_Keypair512 generate_keypair_520( +static libcrux_ml_kem_utils_extraction_helper_Keypair512 generate_keypair_480( Eurydice_slice key_generation_seed) { - IndCpaPrivateKeyUnpacked_ae private_key = default_1a_a30(); - IndCpaPublicKeyUnpacked_ae public_key = default_8d_6b0(); - generate_keypair_unpacked_740(key_generation_seed, &private_key, &public_key); + IndCpaPrivateKeyUnpacked_ae private_key = default_1a_cf0(); + IndCpaPublicKeyUnpacked_ae public_key = default_8d_b30(); + generate_keypair_unpacked_620(key_generation_seed, &private_key, &public_key); uint8_t public_key_serialized[800U]; - serialize_public_key_eb0( + serialize_public_key_cf0( public_key.t_as_ntt, Eurydice_array_to_slice((size_t)32U, public_key.seed_for_A, uint8_t), public_key_serialized); uint8_t secret_key_serialized[768U]; - serialize_secret_key_8c0(private_key.secret_as_ntt, secret_key_serialized); + serialize_secret_key_f20(private_key.secret_as_ntt, secret_key_serialized); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_secret_key_serialized[768U]; memcpy(copy_of_secret_key_serialized, secret_key_serialized, @@ -6604,7 +6659,7 @@ with const generics - K= 2 - SERIALIZED_KEY_LEN= 1632 */ -static KRML_MUSTINLINE void serialize_kem_secret_key_83( +static KRML_MUSTINLINE void serialize_kem_secret_key_77( Eurydice_slice private_key, Eurydice_slice public_key, Eurydice_slice implicit_rejection_value, uint8_t ret[1632U]) { uint8_t out[1632U] = {0U}; @@ -6668,7 +6723,7 @@ libcrux_ml_kem_variant_MlKem with const generics - ETA1_RANDOMNESS_SIZE= 192 */ libcrux_ml_kem_types_MlKemKeyPair_cb -libcrux_ml_kem_ind_cca_generate_keypair_540(uint8_t randomness[64U]) { +libcrux_ml_kem_ind_cca_generate_keypair_790(uint8_t randomness[64U]) { Eurydice_slice ind_cpa_keypair_randomness = Eurydice_array_to_subslice2( randomness, (size_t)0U, LIBCRUX_ML_KEM_CONSTANTS_CPA_PKE_KEY_GENERATION_SEED_SIZE, uint8_t); @@ -6677,13 +6732,13 @@ libcrux_ml_kem_ind_cca_generate_keypair_540(uint8_t randomness[64U]) { LIBCRUX_ML_KEM_CONSTANTS_CPA_PKE_KEY_GENERATION_SEED_SIZE, uint8_t, size_t); libcrux_ml_kem_utils_extraction_helper_Keypair512 uu____0 = - generate_keypair_520(ind_cpa_keypair_randomness); + generate_keypair_480(ind_cpa_keypair_randomness); uint8_t ind_cpa_private_key[768U]; memcpy(ind_cpa_private_key, uu____0.fst, (size_t)768U * sizeof(uint8_t)); uint8_t public_key[800U]; memcpy(public_key, uu____0.snd, (size_t)800U * sizeof(uint8_t)); uint8_t secret_key_serialized[1632U]; - serialize_kem_secret_key_83( + serialize_kem_secret_key_77( Eurydice_array_to_slice((size_t)768U, ind_cpa_private_key, uint8_t), Eurydice_array_to_slice((size_t)800U, public_key, uint8_t), implicit_rejection_value, secret_key_serialized); @@ -6692,13 +6747,13 @@ libcrux_ml_kem_ind_cca_generate_keypair_540(uint8_t randomness[64U]) { memcpy(copy_of_secret_key_serialized, secret_key_serialized, (size_t)1632U * sizeof(uint8_t)); libcrux_ml_kem_types_MlKemPrivateKey_5e private_key = - libcrux_ml_kem_types_from_88_2d(copy_of_secret_key_serialized); + libcrux_ml_kem_types_from_88_58(copy_of_secret_key_serialized); libcrux_ml_kem_types_MlKemPrivateKey_5e uu____2 = private_key; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_public_key[800U]; memcpy(copy_of_public_key, public_key, (size_t)800U * sizeof(uint8_t)); - return libcrux_ml_kem_types_from_17_8b( - uu____2, libcrux_ml_kem_types_from_40_60(copy_of_public_key)); + return libcrux_ml_kem_types_from_17_dc( + uu____2, libcrux_ml_kem_types_from_40_cb(copy_of_public_key)); } /** @@ -6711,7 +6766,7 @@ with types libcrux_ml_kem_hash_functions_portable_PortableHash[[$2size_t]] with const generics - K= 2 */ -static KRML_MUSTINLINE void entropy_preprocess_d8_3b(Eurydice_slice randomness, +static KRML_MUSTINLINE void entropy_preprocess_d8_43(Eurydice_slice randomness, uint8_t ret[32U]) { uint8_t out[32U] = {0U}; Eurydice_slice_copy(Eurydice_array_to_slice((size_t)32U, out, uint8_t), @@ -6729,7 +6784,7 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - PUBLIC_KEY_SIZE= 768 - K= 2 */ -static KRML_MUSTINLINE void deserialize_ring_elements_reduced_1b0( +static KRML_MUSTINLINE void deserialize_ring_elements_reduced_230( Eurydice_slice public_key, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *deserialized_pk) { for (size_t i = (size_t)0U; @@ -6743,7 +6798,7 @@ static KRML_MUSTINLINE void deserialize_ring_elements_reduced_1b0( LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT, uint8_t); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 uu____0 = - deserialize_to_reduced_ring_element_f6(ring_element); + deserialize_to_reduced_ring_element_52(ring_element); deserialized_pk[i0] = uu____0; } } @@ -6793,7 +6848,7 @@ generics - ETA2= 2 */ static KRML_MUSTINLINE tuple_740 -sample_ring_element_cbd_af0(uint8_t prf_input[33U], uint8_t domain_separator) { +sample_ring_element_cbd_a00(uint8_t prf_input[33U], uint8_t domain_separator) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 error_1[2U]; KRML_MAYBE_FOR2(i, (size_t)0U, (size_t)2U, (size_t)1U, error_1[i] = ZERO_d6_19();); @@ -6812,7 +6867,7 @@ sample_ring_element_cbd_af0(uint8_t prf_input[33U], uint8_t domain_separator) { KRML_MAYBE_FOR2( i, (size_t)0U, (size_t)2U, (size_t)1U, size_t i0 = i; libcrux_ml_kem_polynomial_PolynomialRingElement_f0 uu____1 = - sample_from_binomial_distribution_dd( + sample_from_binomial_distribution_56( Eurydice_array_to_slice((size_t)128U, prf_outputs[i0], uint8_t)); error_1[i0] = uu____1;); /* Passing arrays by value in Rust generates a copy in C */ @@ -6849,18 +6904,18 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 2 */ -static KRML_MUSTINLINE void invert_ntt_montgomery_5f0( +static KRML_MUSTINLINE void invert_ntt_montgomery_c10( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re) { size_t zeta_i = LIBCRUX_ML_KEM_CONSTANTS_COEFFICIENTS_IN_RING_ELEMENT / (size_t)2U; - invert_ntt_at_layer_1_0d(&zeta_i, re); - invert_ntt_at_layer_2_4a(&zeta_i, re); - invert_ntt_at_layer_3_a9(&zeta_i, re); - invert_ntt_at_layer_4_plus_f5(&zeta_i, re, (size_t)4U); - invert_ntt_at_layer_4_plus_f5(&zeta_i, re, (size_t)5U); - invert_ntt_at_layer_4_plus_f5(&zeta_i, re, (size_t)6U); - invert_ntt_at_layer_4_plus_f5(&zeta_i, re, (size_t)7U); - poly_barrett_reduce_d6_a9(re); + invert_ntt_at_layer_1_43(&zeta_i, re); + invert_ntt_at_layer_2_da(&zeta_i, re); + invert_ntt_at_layer_3_e5(&zeta_i, re); + invert_ntt_at_layer_4_plus_e7(&zeta_i, re, (size_t)4U); + invert_ntt_at_layer_4_plus_e7(&zeta_i, re, (size_t)5U); + invert_ntt_at_layer_4_plus_e7(&zeta_i, re, (size_t)6U); + invert_ntt_at_layer_4_plus_e7(&zeta_i, re, (size_t)7U); + poly_barrett_reduce_d6_b3(re); } /** @@ -6872,7 +6927,7 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 2 */ -static KRML_MUSTINLINE void compute_vector_u_510( +static KRML_MUSTINLINE void compute_vector_u_da0( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 (*a_as_ntt)[2U], libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *r_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *error_1, @@ -6899,11 +6954,11 @@ static KRML_MUSTINLINE void compute_vector_u_510( size_t j = i; libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *a_element = &row[j]; libcrux_ml_kem_polynomial_PolynomialRingElement_f0 product = - ntt_multiply_d6_27(a_element, &r_as_ntt[j]); - add_to_ring_element_d6_5d0(&result[i1], &product); + ntt_multiply_d6_8f(a_element, &r_as_ntt[j]); + add_to_ring_element_d6_650(&result[i1], &product); } - invert_ntt_montgomery_5f0(&result[i1]); - add_error_reduce_d6_a3(&result[i1], &error_1[i1]); + invert_ntt_montgomery_c10(&result[i1]); + add_error_reduce_d6_45(&result[i1], &error_1[i1]); } memcpy( ret, result, @@ -6920,7 +6975,7 @@ with const generics - K= 2 */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -compute_ring_element_v_160( +compute_ring_element_v_6a0( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *t_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *r_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *error_2, @@ -6928,10 +6983,10 @@ compute_ring_element_v_160( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 result = ZERO_d6_19(); KRML_MAYBE_FOR2(i, (size_t)0U, (size_t)2U, (size_t)1U, size_t i0 = i; libcrux_ml_kem_polynomial_PolynomialRingElement_f0 product = - ntt_multiply_d6_27(&t_as_ntt[i0], &r_as_ntt[i0]); - add_to_ring_element_d6_5d0(&result, &product);); - invert_ntt_montgomery_5f0(&result); - result = add_message_error_reduce_d6_4d(error_2, message, result); + ntt_multiply_d6_8f(&t_as_ntt[i0], &r_as_ntt[i0]); + add_to_ring_element_d6_650(&result, &product);); + invert_ntt_montgomery_c10(&result); + result = add_message_error_reduce_d6_a2(error_2, message, result); return result; } @@ -6941,14 +6996,14 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - OUT_LEN= 320 */ -static KRML_MUSTINLINE void compress_then_serialize_10_470( +static KRML_MUSTINLINE void compress_then_serialize_10_ba0( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re, uint8_t ret[320U]) { uint8_t serialized[320U] = {0U}; for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { size_t i0 = i; libcrux_ml_kem_vector_portable_vector_type_PortableVector coefficient = - compress_0d_0c(to_unsigned_representative_08(re->coefficients[i0])); + compress_0d_00(to_unsigned_representative_13(re->coefficients[i0])); uint8_t bytes[20U]; libcrux_ml_kem_vector_portable_serialize_10_0d(coefficient, bytes); Eurydice_slice uu____0 = Eurydice_array_to_subslice2( @@ -6966,10 +7021,10 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - COMPRESSION_FACTOR= 10 - OUT_LEN= 320 */ -static KRML_MUSTINLINE void compress_then_serialize_ring_element_u_080( +static KRML_MUSTINLINE void compress_then_serialize_ring_element_u_500( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re, uint8_t ret[320U]) { uint8_t uu____0[320U]; - compress_then_serialize_10_470(re, uu____0); + compress_then_serialize_10_ba0(re, uu____0); memcpy(ret, uu____0, (size_t)320U * sizeof(uint8_t)); } @@ -6985,7 +7040,7 @@ with const generics - COMPRESSION_FACTOR= 10 - BLOCK_LEN= 320 */ -static void compress_then_serialize_u_2b0( +static void compress_then_serialize_u_3f0( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 input[2U], Eurydice_slice out) { for (size_t i = (size_t)0U; @@ -7001,7 +7056,7 @@ static void compress_then_serialize_u_2b0( out, i0 * ((size_t)640U / (size_t)2U), (i0 + (size_t)1U) * ((size_t)640U / (size_t)2U), uint8_t); uint8_t ret[320U]; - compress_then_serialize_ring_element_u_080(&re, ret); + compress_then_serialize_ring_element_u_500(&re, ret); Eurydice_slice_copy( uu____0, Eurydice_array_to_slice((size_t)320U, ret, uint8_t), uint8_t); } @@ -7014,9 +7069,9 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - COMPRESSION_FACTOR= 4 - OUT_LEN= 128 */ -static KRML_MUSTINLINE void compress_then_serialize_ring_element_v_b90( +static KRML_MUSTINLINE void compress_then_serialize_ring_element_v_6f0( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re, Eurydice_slice out) { - compress_then_serialize_4_d4(re, out); + compress_then_serialize_4_29(re, out); } /** @@ -7078,7 +7133,7 @@ generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -static void encrypt_unpacked_e70(IndCpaPublicKeyUnpacked_ae *public_key, +static void encrypt_unpacked_8c0(IndCpaPublicKeyUnpacked_ae *public_key, uint8_t message[32U], Eurydice_slice randomness, uint8_t ret[768U]) { uint8_t prf_input[33U]; @@ -7087,7 +7142,7 @@ static void encrypt_unpacked_e70(IndCpaPublicKeyUnpacked_ae *public_key, uint8_t copy_of_prf_input0[33U]; memcpy(copy_of_prf_input0, prf_input, (size_t)33U * sizeof(uint8_t)); tuple_740 uu____1 = - sample_vector_cbd_then_ntt_out_860(copy_of_prf_input0, 0U); + sample_vector_cbd_then_ntt_out_070(copy_of_prf_input0, 0U); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 r_as_ntt[2U]; memcpy( r_as_ntt, uu____1.fst, @@ -7097,7 +7152,7 @@ static void encrypt_unpacked_e70(IndCpaPublicKeyUnpacked_ae *public_key, uint8_t copy_of_prf_input[33U]; memcpy(copy_of_prf_input, prf_input, (size_t)33U * sizeof(uint8_t)); tuple_740 uu____3 = - sample_ring_element_cbd_af0(copy_of_prf_input, domain_separator0); + sample_ring_element_cbd_a00(copy_of_prf_input, domain_separator0); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 error_1[2U]; memcpy( error_1, uu____3.fst, @@ -7108,28 +7163,28 @@ static void encrypt_unpacked_e70(IndCpaPublicKeyUnpacked_ae *public_key, PRF_f1_9d2(Eurydice_array_to_slice((size_t)33U, prf_input, uint8_t), prf_output); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 error_2 = - sample_from_binomial_distribution_dd( + sample_from_binomial_distribution_56( Eurydice_array_to_slice((size_t)128U, prf_output, uint8_t)); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 u[2U]; - compute_vector_u_510(public_key->A, r_as_ntt, error_1, u); + compute_vector_u_da0(public_key->A, r_as_ntt, error_1, u); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_message[32U]; memcpy(copy_of_message, message, (size_t)32U * sizeof(uint8_t)); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 message_as_ring_element = - deserialize_then_decompress_message_40(copy_of_message); + deserialize_then_decompress_message_36(copy_of_message); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 v = - compute_ring_element_v_160(public_key->t_as_ntt, r_as_ntt, &error_2, + compute_ring_element_v_6a0(public_key->t_as_ntt, r_as_ntt, &error_2, &message_as_ring_element); uint8_t ciphertext[768U] = {0U}; libcrux_ml_kem_polynomial_PolynomialRingElement_f0 uu____5[2U]; memcpy( uu____5, u, (size_t)2U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); - compress_then_serialize_u_2b0( + compress_then_serialize_u_3f0( uu____5, Eurydice_array_to_subslice2(ciphertext, (size_t)0U, (size_t)640U, uint8_t)); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 uu____6 = v; - compress_then_serialize_ring_element_v_b90( + compress_then_serialize_ring_element_v_6f0( uu____6, Eurydice_array_to_subslice_from((size_t)768U, ciphertext, (size_t)640U, uint8_t, size_t)); memcpy(ret, ciphertext, (size_t)768U * sizeof(uint8_t)); @@ -7153,10 +7208,10 @@ generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -static void encrypt_ec0(Eurydice_slice public_key, uint8_t message[32U], +static void encrypt_8f0(Eurydice_slice public_key, uint8_t message[32U], Eurydice_slice randomness, uint8_t ret[768U]) { - IndCpaPublicKeyUnpacked_ae unpacked_public_key = default_8d_6b0(); - deserialize_ring_elements_reduced_1b0( + IndCpaPublicKeyUnpacked_ae unpacked_public_key = default_8d_b30(); + deserialize_ring_elements_reduced_230( Eurydice_slice_subslice_to(public_key, (size_t)768U, uint8_t, size_t), unpacked_public_key.t_as_ntt); Eurydice_slice seed = @@ -7165,13 +7220,13 @@ static void encrypt_ec0(Eurydice_slice public_key, uint8_t message[32U], unpacked_public_key.A; uint8_t ret0[34U]; libcrux_ml_kem_utils_into_padded_array_422(seed, ret0); - sample_matrix_A_ae0(uu____0, ret0, false); + sample_matrix_A_960(uu____0, ret0, false); IndCpaPublicKeyUnpacked_ae *uu____1 = &unpacked_public_key; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_message[32U]; memcpy(copy_of_message, message, (size_t)32U * sizeof(uint8_t)); uint8_t ret1[768U]; - encrypt_unpacked_e70(uu____1, copy_of_message, randomness, ret1); + encrypt_unpacked_8c0(uu____1, copy_of_message, randomness, ret1); memcpy(ret, ret1, (size_t)768U * sizeof(uint8_t)); } @@ -7186,7 +7241,7 @@ with const generics - K= 2 - CIPHERTEXT_SIZE= 768 */ -static KRML_MUSTINLINE void kdf_d8_4d(Eurydice_slice shared_secret, +static KRML_MUSTINLINE void kdf_d8_4e(Eurydice_slice shared_secret, uint8_t ret[32U]) { uint8_t out[32U] = {0U}; Eurydice_slice_copy(Eurydice_array_to_slice((size_t)32U, out, uint8_t), @@ -7213,11 +7268,11 @@ libcrux_ml_kem_variant_MlKem with const generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -tuple_ec libcrux_ml_kem_ind_cca_encapsulate_b10( +tuple_ec libcrux_ml_kem_ind_cca_encapsulate_3a0( libcrux_ml_kem_types_MlKemPublicKey_be *public_key, uint8_t randomness[32U]) { uint8_t randomness0[32U]; - entropy_preprocess_d8_3b( + entropy_preprocess_d8_43( Eurydice_array_to_slice((size_t)32U, randomness, uint8_t), randomness0); uint8_t to_hash[64U]; libcrux_ml_kem_utils_into_padded_array_42( @@ -7227,7 +7282,7 @@ tuple_ec libcrux_ml_kem_ind_cca_encapsulate_b10( size_t); uint8_t ret[32U]; H_f1_c60(Eurydice_array_to_slice( - (size_t)800U, libcrux_ml_kem_types_as_slice_ba_120(public_key), + (size_t)800U, libcrux_ml_kem_types_as_slice_ba_660(public_key), uint8_t), ret); Eurydice_slice_copy( @@ -7241,19 +7296,19 @@ tuple_ec libcrux_ml_kem_ind_cca_encapsulate_b10( Eurydice_slice shared_secret = uu____1.fst; Eurydice_slice pseudorandomness = uu____1.snd; Eurydice_slice uu____2 = Eurydice_array_to_slice( - (size_t)800U, libcrux_ml_kem_types_as_slice_ba_120(public_key), uint8_t); + (size_t)800U, libcrux_ml_kem_types_as_slice_ba_660(public_key), uint8_t); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness0, (size_t)32U * sizeof(uint8_t)); uint8_t ciphertext[768U]; - encrypt_ec0(uu____2, copy_of_randomness, pseudorandomness, ciphertext); + encrypt_8f0(uu____2, copy_of_randomness, pseudorandomness, ciphertext); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_ciphertext[768U]; memcpy(copy_of_ciphertext, ciphertext, (size_t)768U * sizeof(uint8_t)); libcrux_ml_kem_types_MlKemCiphertext_e8 ciphertext0 = - libcrux_ml_kem_types_from_fc_360(copy_of_ciphertext); + libcrux_ml_kem_types_from_fc_0e0(copy_of_ciphertext); uint8_t shared_secret_array[32U]; - kdf_d8_4d(shared_secret, shared_secret_array); + kdf_d8_4e(shared_secret, shared_secret_array); libcrux_ml_kem_types_MlKemCiphertext_e8 uu____5 = ciphertext0; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_shared_secret_array[32U]; @@ -7274,7 +7329,7 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 2 */ -static KRML_MUSTINLINE void deserialize_secret_key_a20( +static KRML_MUSTINLINE void deserialize_secret_key_180( Eurydice_slice secret_key, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 ret[2U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 secret_as_ntt[2U]; @@ -7291,7 +7346,7 @@ static KRML_MUSTINLINE void deserialize_secret_key_a20( LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT, uint8_t); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 uu____0 = - deserialize_to_uncompressed_ring_element_7f(secret_bytes); + deserialize_to_uncompressed_ring_element_e1(secret_bytes); secret_as_ntt[i0] = uu____0; } memcpy( @@ -7306,8 +7361,8 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - COMPRESSION_FACTOR= 10 */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -deserialize_then_decompress_ring_element_u_050(Eurydice_slice serialized) { - return deserialize_then_decompress_10_cb(serialized); +deserialize_then_decompress_ring_element_u_440(Eurydice_slice serialized) { + return deserialize_then_decompress_10_39(serialized); } /** @@ -7316,17 +7371,17 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - VECTOR_U_COMPRESSION_FACTOR= 10 */ -static KRML_MUSTINLINE void ntt_vector_u_580( +static KRML_MUSTINLINE void ntt_vector_u_db0( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re) { size_t zeta_i = (size_t)0U; - ntt_at_layer_4_plus_35(&zeta_i, re, (size_t)7U); - ntt_at_layer_4_plus_35(&zeta_i, re, (size_t)6U); - ntt_at_layer_4_plus_35(&zeta_i, re, (size_t)5U); - ntt_at_layer_4_plus_35(&zeta_i, re, (size_t)4U); - ntt_at_layer_3_e9(&zeta_i, re); - ntt_at_layer_2_34(&zeta_i, re); - ntt_at_layer_1_bd(&zeta_i, re); - poly_barrett_reduce_d6_a9(re); + ntt_at_layer_4_plus_6b(&zeta_i, re, (size_t)7U); + ntt_at_layer_4_plus_6b(&zeta_i, re, (size_t)6U); + ntt_at_layer_4_plus_6b(&zeta_i, re, (size_t)5U); + ntt_at_layer_4_plus_6b(&zeta_i, re, (size_t)4U); + ntt_at_layer_3_5c(&zeta_i, re); + ntt_at_layer_2_a1(&zeta_i, re); + ntt_at_layer_1_4c(&zeta_i, re); + poly_barrett_reduce_d6_b3(re); } /** @@ -7341,7 +7396,7 @@ with const generics - CIPHERTEXT_SIZE= 768 - U_COMPRESSION_FACTOR= 10 */ -static KRML_MUSTINLINE void deserialize_then_decompress_u_4d0( +static KRML_MUSTINLINE void deserialize_then_decompress_u_d00( uint8_t *ciphertext, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 ret[2U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 u_as_ntt[2U]; @@ -7364,8 +7419,8 @@ static KRML_MUSTINLINE void deserialize_then_decompress_u_4d0( LIBCRUX_ML_KEM_CONSTANTS_COEFFICIENTS_IN_RING_ELEMENT * (size_t)10U / (size_t)8U, uint8_t); - u_as_ntt[i0] = deserialize_then_decompress_ring_element_u_050(u_bytes); - ntt_vector_u_580(&u_as_ntt[i0]); + u_as_ntt[i0] = deserialize_then_decompress_ring_element_u_440(u_bytes); + ntt_vector_u_db0(&u_as_ntt[i0]); } memcpy( ret, u_as_ntt, @@ -7379,8 +7434,8 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - COMPRESSION_FACTOR= 4 */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -deserialize_then_decompress_ring_element_v_030(Eurydice_slice serialized) { - return deserialize_then_decompress_4_ad(serialized); +deserialize_then_decompress_ring_element_v_5d0(Eurydice_slice serialized) { + return deserialize_then_decompress_4_69(serialized); } /** @@ -7396,17 +7451,17 @@ with const generics - K= 2 */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -compute_message_150( +compute_message_b70( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *v, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *secret_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *u_as_ntt) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 result = ZERO_d6_19(); KRML_MAYBE_FOR2(i, (size_t)0U, (size_t)2U, (size_t)1U, size_t i0 = i; libcrux_ml_kem_polynomial_PolynomialRingElement_f0 product = - ntt_multiply_d6_27(&secret_as_ntt[i0], &u_as_ntt[i0]); - add_to_ring_element_d6_5d0(&result, &product);); - invert_ntt_montgomery_5f0(&result); - result = subtract_reduce_d6_81(v, result); + ntt_multiply_d6_8f(&secret_as_ntt[i0], &u_as_ntt[i0]); + add_to_ring_element_d6_650(&result, &product);); + invert_ntt_montgomery_c10(&result); + result = subtract_reduce_d6_b1(v, result); return result; } @@ -7444,18 +7499,18 @@ with const generics - U_COMPRESSION_FACTOR= 10 - V_COMPRESSION_FACTOR= 4 */ -static void decrypt_unpacked_760(IndCpaPrivateKeyUnpacked_ae *secret_key, +static void decrypt_unpacked_730(IndCpaPrivateKeyUnpacked_ae *secret_key, uint8_t *ciphertext, uint8_t ret[32U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 u_as_ntt[2U]; - deserialize_then_decompress_u_4d0(ciphertext, u_as_ntt); + deserialize_then_decompress_u_d00(ciphertext, u_as_ntt); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 v = - deserialize_then_decompress_ring_element_v_030( + deserialize_then_decompress_ring_element_v_5d0( Eurydice_array_to_subslice_from((size_t)768U, ciphertext, (size_t)640U, uint8_t, size_t)); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 message = - compute_message_150(&v, secret_key->secret_as_ntt, u_as_ntt); + compute_message_b70(&v, secret_key->secret_as_ntt, u_as_ntt); uint8_t ret0[32U]; - compress_then_serialize_message_f9(message, ret0); + compress_then_serialize_message_1a(message, ret0); memcpy(ret, ret0, (size_t)32U * sizeof(uint8_t)); } @@ -7469,10 +7524,10 @@ with const generics - U_COMPRESSION_FACTOR= 10 - V_COMPRESSION_FACTOR= 4 */ -static void decrypt_030(Eurydice_slice secret_key, uint8_t *ciphertext, +static void decrypt_e30(Eurydice_slice secret_key, uint8_t *ciphertext, uint8_t ret[32U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 secret_as_ntt[2U]; - deserialize_secret_key_a20(secret_key, secret_as_ntt); + deserialize_secret_key_180(secret_key, secret_as_ntt); /* Passing arrays by value in Rust generates a copy in C */ libcrux_ml_kem_polynomial_PolynomialRingElement_f0 copy_of_secret_as_ntt[2U]; memcpy( @@ -7483,7 +7538,7 @@ static void decrypt_030(Eurydice_slice secret_key, uint8_t *ciphertext, secret_key_unpacked.secret_as_ntt, copy_of_secret_as_ntt, (size_t)2U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); uint8_t ret0[32U]; - decrypt_unpacked_760(&secret_key_unpacked, ciphertext, ret0); + decrypt_unpacked_730(&secret_key_unpacked, ciphertext, ret0); memcpy(ret, ret0, (size_t)32U * sizeof(uint8_t)); } @@ -7523,7 +7578,7 @@ libcrux_ml_kem_variant_MlKem with const generics - ETA2_RANDOMNESS_SIZE= 128 - IMPLICIT_REJECTION_HASH_INPUT_SIZE= 800 */ -void libcrux_ml_kem_ind_cca_decapsulate_6a0( +void libcrux_ml_kem_ind_cca_decapsulate_1d0( libcrux_ml_kem_types_MlKemPrivateKey_5e *private_key, libcrux_ml_kem_types_MlKemCiphertext_e8 *ciphertext, uint8_t ret[32U]) { Eurydice_slice_uint8_t_x2 uu____0 = Eurydice_slice_split_at( @@ -7541,7 +7596,7 @@ void libcrux_ml_kem_ind_cca_decapsulate_6a0( Eurydice_slice ind_cpa_public_key_hash = uu____2.fst; Eurydice_slice implicit_rejection_value = uu____2.snd; uint8_t decrypted[32U]; - decrypt_030(ind_cpa_secret_key, ciphertext->value, decrypted); + decrypt_e30(ind_cpa_secret_key, ciphertext->value, decrypted); uint8_t to_hash0[64U]; libcrux_ml_kem_utils_into_padded_array_42( Eurydice_array_to_slice((size_t)32U, decrypted, uint8_t), to_hash0); @@ -7563,7 +7618,7 @@ void libcrux_ml_kem_ind_cca_decapsulate_6a0( Eurydice_slice uu____4 = Eurydice_array_to_subslice_from( (size_t)800U, to_hash, LIBCRUX_ML_KEM_CONSTANTS_SHARED_SECRET_SIZE, uint8_t, size_t); - Eurydice_slice_copy(uu____4, libcrux_ml_kem_types_as_ref_fd_ed0(ciphertext), + Eurydice_slice_copy(uu____4, libcrux_ml_kem_types_as_ref_fd_f70(ciphertext), uint8_t); uint8_t implicit_rejection_shared_secret0[32U]; PRF_f1_9d1(Eurydice_array_to_slice((size_t)800U, to_hash, uint8_t), @@ -7573,17 +7628,17 @@ void libcrux_ml_kem_ind_cca_decapsulate_6a0( uint8_t copy_of_decrypted[32U]; memcpy(copy_of_decrypted, decrypted, (size_t)32U * sizeof(uint8_t)); uint8_t expected_ciphertext[768U]; - encrypt_ec0(uu____5, copy_of_decrypted, pseudorandomness, + encrypt_8f0(uu____5, copy_of_decrypted, pseudorandomness, expected_ciphertext); uint8_t implicit_rejection_shared_secret[32U]; - kdf_d8_4d(Eurydice_array_to_slice((size_t)32U, + kdf_d8_4e(Eurydice_array_to_slice((size_t)32U, implicit_rejection_shared_secret0, uint8_t), implicit_rejection_shared_secret); uint8_t shared_secret[32U]; - kdf_d8_4d(shared_secret0, shared_secret); + kdf_d8_4e(shared_secret0, shared_secret); uint8_t ret0[32U]; libcrux_ml_kem_constant_time_ops_compare_ciphertexts_select_shared_secret_in_constant_time( - libcrux_ml_kem_types_as_ref_fd_ed0(ciphertext), + libcrux_ml_kem_types_as_ref_fd_f70(ciphertext), Eurydice_array_to_slice((size_t)768U, expected_ciphertext, uint8_t), Eurydice_array_to_slice((size_t)32U, shared_secret, uint8_t), Eurydice_array_to_slice((size_t)32U, implicit_rejection_shared_secret, @@ -7602,7 +7657,7 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - PUBLIC_KEY_SIZE= 1184 - K= 3 */ -static KRML_MUSTINLINE void deserialize_ring_elements_reduced_1b2( +static KRML_MUSTINLINE void deserialize_ring_elements_reduced_232( Eurydice_slice public_key, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *deserialized_pk) { for (size_t i = (size_t)0U; @@ -7616,7 +7671,7 @@ static KRML_MUSTINLINE void deserialize_ring_elements_reduced_1b2( LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT, uint8_t); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 uu____0 = - deserialize_to_reduced_ring_element_f6(ring_element); + deserialize_to_reduced_ring_element_52(ring_element); deserialized_pk[i0] = uu____0; } } @@ -7634,13 +7689,13 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - PUBLIC_KEY_SIZE= 1184 - K= 3 */ -static KRML_MUSTINLINE void deserialize_ring_elements_reduced_out_6b( +static KRML_MUSTINLINE void deserialize_ring_elements_reduced_out_84( Eurydice_slice public_key, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 ret[3U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 deserialized_pk[3U]; KRML_MAYBE_FOR3(i, (size_t)0U, (size_t)3U, (size_t)1U, deserialized_pk[i] = ZERO_d6_19();); - deserialize_ring_elements_reduced_1b2(public_key, deserialized_pk); + deserialize_ring_elements_reduced_232(public_key, deserialized_pk); memcpy( ret, deserialized_pk, (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); @@ -7656,7 +7711,7 @@ with const generics - K= 3 - OUT_LEN= 1152 */ -static KRML_MUSTINLINE void serialize_secret_key_8c1( +static KRML_MUSTINLINE void serialize_secret_key_f21( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *key, uint8_t ret[1152U]) { uint8_t out[1152U] = {0U}; @@ -7674,7 +7729,7 @@ static KRML_MUSTINLINE void serialize_secret_key_8c1( (i0 + (size_t)1U) * LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT, uint8_t); uint8_t ret0[384U]; - serialize_uncompressed_ring_element_16(&re, ret0); + serialize_uncompressed_ring_element_81(&re, ret0); Eurydice_slice_copy( uu____0, Eurydice_array_to_slice((size_t)384U, ret0, uint8_t), uint8_t); } @@ -7692,13 +7747,13 @@ with const generics - RANKED_BYTES_PER_RING_ELEMENT= 1152 - PUBLIC_KEY_SIZE= 1184 */ -static KRML_MUSTINLINE void serialize_public_key_mut_461( +static KRML_MUSTINLINE void serialize_public_key_mut_981( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *t_as_ntt, Eurydice_slice seed_for_a, uint8_t *serialized) { Eurydice_slice uu____0 = Eurydice_array_to_subslice2(serialized, (size_t)0U, (size_t)1152U, uint8_t); uint8_t ret[1152U]; - serialize_secret_key_8c1(t_as_ntt, ret); + serialize_secret_key_f21(t_as_ntt, ret); Eurydice_slice_copy( uu____0, Eurydice_array_to_slice((size_t)1152U, ret, uint8_t), uint8_t); Eurydice_slice_copy( @@ -7718,11 +7773,11 @@ with const generics - RANKED_BYTES_PER_RING_ELEMENT= 1152 - PUBLIC_KEY_SIZE= 1184 */ -static KRML_MUSTINLINE void serialize_public_key_eb1( +static KRML_MUSTINLINE void serialize_public_key_cf1( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *t_as_ntt, Eurydice_slice seed_for_a, uint8_t ret[1184U]) { uint8_t public_key_serialized[1184U] = {0U}; - serialize_public_key_mut_461(t_as_ntt, seed_for_a, public_key_serialized); + serialize_public_key_mut_981(t_as_ntt, seed_for_a, public_key_serialized); memcpy(ret, public_key_serialized, (size_t)1184U * sizeof(uint8_t)); } @@ -7741,15 +7796,15 @@ with const generics - RANKED_BYTES_PER_RING_ELEMENT= 1152 - PUBLIC_KEY_SIZE= 1184 */ -bool libcrux_ml_kem_ind_cca_validate_public_key_95(uint8_t *public_key) { +bool libcrux_ml_kem_ind_cca_validate_public_key_83(uint8_t *public_key) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 deserialized_pk[3U]; - deserialize_ring_elements_reduced_out_6b( + deserialize_ring_elements_reduced_out_84( Eurydice_array_to_subslice_to((size_t)1184U, public_key, (size_t)1152U, uint8_t, size_t), deserialized_pk); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *uu____0 = deserialized_pk; uint8_t public_key_serialized[1184U]; - serialize_public_key_eb1( + serialize_public_key_cf1( uu____0, Eurydice_array_to_subslice_from((size_t)1184U, public_key, (size_t)1152U, uint8_t, size_t), @@ -7786,7 +7841,7 @@ with const generics - SECRET_KEY_SIZE= 2400 - CIPHERTEXT_SIZE= 1088 */ -bool libcrux_ml_kem_ind_cca_validate_private_key_46( +bool libcrux_ml_kem_ind_cca_validate_private_key_d2( libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *_ciphertext) { uint8_t t[32U]; @@ -7822,7 +7877,7 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 3 */ -static IndCpaPrivateKeyUnpacked_f8 default_1a_a31(void) { +static IndCpaPrivateKeyUnpacked_f8 default_1a_cf1(void) { IndCpaPrivateKeyUnpacked_f8 lit; lit.secret_as_ntt[0U] = ZERO_d6_19(); lit.secret_as_ntt[1U] = ZERO_d6_19(); @@ -7853,7 +7908,7 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 3 */ -static IndCpaPublicKeyUnpacked_f8 default_8d_6b1(void) { +static IndCpaPublicKeyUnpacked_f8 default_8d_b31(void) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 uu____0[3U]; KRML_MAYBE_FOR3(i, (size_t)0U, (size_t)3U, (size_t)1U, uu____0[i] = ZERO_d6_19();); @@ -7898,7 +7953,7 @@ with types libcrux_ml_kem_hash_functions_portable_PortableHash[[$3size_t]] with const generics - K= 3 */ -static KRML_MUSTINLINE void cpa_keygen_seed_d8_3b( +static KRML_MUSTINLINE void cpa_keygen_seed_d8_6b( Eurydice_slice key_generation_seed, uint8_t ret[64U]) { uint8_t seed[33U] = {0U}; Eurydice_slice_copy( @@ -8046,7 +8101,7 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 3 - N= 504 */ -static KRML_MUSTINLINE bool sample_from_uniform_distribution_next_fb3( +static KRML_MUSTINLINE bool sample_from_uniform_distribution_next_953( uint8_t randomness[3U][504U], size_t *sampled_coefficients, int16_t (*out)[272U]) { KRML_MAYBE_FOR3( @@ -8158,7 +8213,7 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 3 - N= 168 */ -static KRML_MUSTINLINE bool sample_from_uniform_distribution_next_fb4( +static KRML_MUSTINLINE bool sample_from_uniform_distribution_next_954( uint8_t randomness[3U][168U], size_t *sampled_coefficients, int16_t (*out)[272U]) { KRML_MAYBE_FOR3( @@ -8197,9 +8252,9 @@ libcrux_ml_kem_hash_functions_portable_PortableHash[[$3size_t]] with const generics - K= 3 */ -static libcrux_ml_kem_polynomial_PolynomialRingElement_f0 closure_ba1( +static libcrux_ml_kem_polynomial_PolynomialRingElement_f0 closure_781( int16_t s[272U]) { - return from_i16_array_d6_bb( + return from_i16_array_d6_ae( Eurydice_array_to_subslice2(s, (size_t)0U, (size_t)256U, int16_t)); } @@ -8210,7 +8265,7 @@ libcrux_ml_kem_hash_functions_portable_PortableHash[[$3size_t]] with const generics - K= 3 */ -static KRML_MUSTINLINE void sample_from_xof_491( +static KRML_MUSTINLINE void sample_from_xof_c71( uint8_t seeds[3U][34U], libcrux_ml_kem_polynomial_PolynomialRingElement_f0 ret[3U]) { size_t sampled_coefficients[3U] = {0U}; @@ -8224,7 +8279,7 @@ static KRML_MUSTINLINE void sample_from_xof_491( /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness0[3U][504U]; memcpy(copy_of_randomness0, randomness0, (size_t)3U * sizeof(uint8_t[504U])); - bool done = sample_from_uniform_distribution_next_fb3( + bool done = sample_from_uniform_distribution_next_953( copy_of_randomness0, sampled_coefficients, out); while (true) { if (done) { @@ -8236,7 +8291,7 @@ static KRML_MUSTINLINE void sample_from_xof_491( uint8_t copy_of_randomness[3U][168U]; memcpy(copy_of_randomness, randomness, (size_t)3U * sizeof(uint8_t[168U])); - done = sample_from_uniform_distribution_next_fb4( + done = sample_from_uniform_distribution_next_954( copy_of_randomness, sampled_coefficients, out); } } @@ -8245,7 +8300,7 @@ static KRML_MUSTINLINE void sample_from_xof_491( memcpy(copy_of_out, out, (size_t)3U * sizeof(int16_t[272U])); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 ret0[3U]; KRML_MAYBE_FOR3(i, (size_t)0U, (size_t)3U, (size_t)1U, - ret0[i] = closure_ba1(copy_of_out[i]);); + ret0[i] = closure_781(copy_of_out[i]);); memcpy( ret, ret0, (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); @@ -8258,7 +8313,7 @@ libcrux_ml_kem_hash_functions_portable_PortableHash[[$3size_t]] with const generics - K= 3 */ -static KRML_MUSTINLINE void sample_matrix_A_ae1( +static KRML_MUSTINLINE void sample_matrix_A_961( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 (*A_transpose)[3U], uint8_t seed[34U], bool transpose) { KRML_MAYBE_FOR3( @@ -8275,7 +8330,7 @@ static KRML_MUSTINLINE void sample_matrix_A_ae1( uint8_t copy_of_seeds[3U][34U]; memcpy(copy_of_seeds, seeds, (size_t)3U * sizeof(uint8_t[34U])); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 sampled[3U]; - sample_from_xof_491(copy_of_seeds, sampled); + sample_from_xof_c71(copy_of_seeds, sampled); for (size_t i = (size_t)0U; i < Eurydice_slice_len( Eurydice_array_to_slice( @@ -8340,7 +8395,7 @@ generics - ETA= 2 - ETA_RANDOMNESS_SIZE= 128 */ -static KRML_MUSTINLINE uint8_t sample_vector_cbd_then_ntt_831( +static KRML_MUSTINLINE uint8_t sample_vector_cbd_then_ntt_dd1( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re_as_ntt, uint8_t prf_input[33U], uint8_t domain_separator) { /* Passing arrays by value in Rust generates a copy in C */ @@ -8357,9 +8412,9 @@ static KRML_MUSTINLINE uint8_t sample_vector_cbd_then_ntt_831( PRFxN_f1_9f2(prf_inputs, prf_outputs); KRML_MAYBE_FOR3( i, (size_t)0U, (size_t)3U, (size_t)1U, size_t i0 = i; - re_as_ntt[i0] = sample_from_binomial_distribution_dd( + re_as_ntt[i0] = sample_from_binomial_distribution_56( Eurydice_array_to_slice((size_t)128U, prf_outputs[i0], uint8_t)); - ntt_binomially_sampled_ring_element_fb(&re_as_ntt[i0]);); + ntt_binomially_sampled_ring_element_d9(&re_as_ntt[i0]);); return domain_separator; } @@ -8383,7 +8438,7 @@ generics - ETA= 2 - ETA_RANDOMNESS_SIZE= 128 */ -static KRML_MUSTINLINE tuple_b00 sample_vector_cbd_then_ntt_out_861( +static KRML_MUSTINLINE tuple_b00 sample_vector_cbd_then_ntt_out_071( uint8_t prf_input[33U], uint8_t domain_separator) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re_as_ntt[3U]; KRML_MAYBE_FOR3(i, (size_t)0U, (size_t)3U, (size_t)1U, @@ -8392,7 +8447,7 @@ static KRML_MUSTINLINE tuple_b00 sample_vector_cbd_then_ntt_out_861( uint8_t uu____1[33U]; memcpy(uu____1, prf_input, (size_t)33U * sizeof(uint8_t)); domain_separator = - sample_vector_cbd_then_ntt_831(uu____0, uu____1, domain_separator); + sample_vector_cbd_then_ntt_dd1(uu____0, uu____1, domain_separator); /* Passing arrays by value in Rust generates a copy in C */ libcrux_ml_kem_polynomial_PolynomialRingElement_f0 copy_of_re_as_ntt[3U]; memcpy( @@ -8421,7 +8476,7 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 3 */ -static KRML_MUSTINLINE void add_to_ring_element_d6_5d1( +static KRML_MUSTINLINE void add_to_ring_element_d6_651( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *self, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *rhs) { for (size_t i = (size_t)0U; @@ -8448,7 +8503,7 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 3 */ -static KRML_MUSTINLINE void compute_As_plus_e_001( +static KRML_MUSTINLINE void compute_As_plus_e_501( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *t_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 (*matrix_A)[3U], libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *s_as_ntt, @@ -8475,10 +8530,10 @@ static KRML_MUSTINLINE void compute_As_plus_e_001( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *matrix_element = &row[j]; libcrux_ml_kem_polynomial_PolynomialRingElement_f0 product = - ntt_multiply_d6_27(matrix_element, &s_as_ntt[j]); - add_to_ring_element_d6_5d1(&t_as_ntt[i0], &product); + ntt_multiply_d6_8f(matrix_element, &s_as_ntt[j]); + add_to_ring_element_d6_651(&t_as_ntt[i0], &product); } - add_standard_error_reduce_d6_aa(&t_as_ntt[i0], &error_as_ntt[i0]); + add_standard_error_reduce_d6_9b(&t_as_ntt[i0], &error_as_ntt[i0]); } } @@ -8532,12 +8587,12 @@ libcrux_ml_kem_variant_MlKem with const generics - ETA1= 2 - ETA1_RANDOMNESS_SIZE= 128 */ -static void generate_keypair_unpacked_741( +static void generate_keypair_unpacked_621( Eurydice_slice key_generation_seed, IndCpaPrivateKeyUnpacked_f8 *private_key, IndCpaPublicKeyUnpacked_f8 *public_key) { uint8_t hashed[64U]; - cpa_keygen_seed_d8_3b(key_generation_seed, hashed); + cpa_keygen_seed_d8_6b(key_generation_seed, hashed); Eurydice_slice_uint8_t_x2 uu____0 = Eurydice_slice_split_at( Eurydice_array_to_slice((size_t)64U, hashed, uint8_t), (size_t)32U, uint8_t, Eurydice_slice_uint8_t_x2); @@ -8547,7 +8602,7 @@ static void generate_keypair_unpacked_741( public_key->A; uint8_t ret[34U]; libcrux_ml_kem_utils_into_padded_array_422(seed_for_A, ret); - sample_matrix_A_ae1(uu____1, ret, true); + sample_matrix_A_961(uu____1, ret, true); uint8_t prf_input[33U]; libcrux_ml_kem_utils_into_padded_array_421(seed_for_secret_and_error, prf_input); @@ -8557,17 +8612,17 @@ static void generate_keypair_unpacked_741( uint8_t copy_of_prf_input0[33U]; memcpy(copy_of_prf_input0, prf_input, (size_t)33U * sizeof(uint8_t)); uint8_t domain_separator = - sample_vector_cbd_then_ntt_831(uu____2, copy_of_prf_input0, 0U); + sample_vector_cbd_then_ntt_dd1(uu____2, copy_of_prf_input0, 0U); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_prf_input[33U]; memcpy(copy_of_prf_input, prf_input, (size_t)33U * sizeof(uint8_t)); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 error_as_ntt[3U]; memcpy( error_as_ntt, - sample_vector_cbd_then_ntt_out_861(copy_of_prf_input, domain_separator) + sample_vector_cbd_then_ntt_out_071(copy_of_prf_input, domain_separator) .fst, (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); - compute_As_plus_e_001(public_key->t_as_ntt, public_key->A, + compute_As_plus_e_501(public_key->t_as_ntt, public_key->A, private_key->secret_as_ntt, error_as_ntt); uint8_t uu____5[32U]; core_result_Result_00 dst; @@ -8588,18 +8643,18 @@ libcrux_ml_kem_variant_MlKem with const generics - ETA1= 2 - ETA1_RANDOMNESS_SIZE= 128 */ -static libcrux_ml_kem_utils_extraction_helper_Keypair768 generate_keypair_52( +static libcrux_ml_kem_utils_extraction_helper_Keypair768 generate_keypair_48( Eurydice_slice key_generation_seed) { - IndCpaPrivateKeyUnpacked_f8 private_key = default_1a_a31(); - IndCpaPublicKeyUnpacked_f8 public_key = default_8d_6b1(); - generate_keypair_unpacked_741(key_generation_seed, &private_key, &public_key); + IndCpaPrivateKeyUnpacked_f8 private_key = default_1a_cf1(); + IndCpaPublicKeyUnpacked_f8 public_key = default_8d_b31(); + generate_keypair_unpacked_621(key_generation_seed, &private_key, &public_key); uint8_t public_key_serialized[1184U]; - serialize_public_key_eb1( + serialize_public_key_cf1( public_key.t_as_ntt, Eurydice_array_to_slice((size_t)32U, public_key.seed_for_A, uint8_t), public_key_serialized); uint8_t secret_key_serialized[1152U]; - serialize_secret_key_8c1(private_key.secret_as_ntt, secret_key_serialized); + serialize_secret_key_f21(private_key.secret_as_ntt, secret_key_serialized); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_secret_key_serialized[1152U]; memcpy(copy_of_secret_key_serialized, secret_key_serialized, @@ -8626,7 +8681,7 @@ with const generics - K= 3 - SERIALIZED_KEY_LEN= 2400 */ -static KRML_MUSTINLINE void serialize_kem_secret_key_61( +static KRML_MUSTINLINE void serialize_kem_secret_key_a5( Eurydice_slice private_key, Eurydice_slice public_key, Eurydice_slice implicit_rejection_value, uint8_t ret[2400U]) { uint8_t out[2400U] = {0U}; @@ -8690,7 +8745,7 @@ libcrux_ml_kem_variant_MlKem with const generics - ETA1_RANDOMNESS_SIZE= 128 */ libcrux_ml_kem_mlkem768_MlKem768KeyPair -libcrux_ml_kem_ind_cca_generate_keypair_54(uint8_t randomness[64U]) { +libcrux_ml_kem_ind_cca_generate_keypair_79(uint8_t randomness[64U]) { Eurydice_slice ind_cpa_keypair_randomness = Eurydice_array_to_subslice2( randomness, (size_t)0U, LIBCRUX_ML_KEM_CONSTANTS_CPA_PKE_KEY_GENERATION_SEED_SIZE, uint8_t); @@ -8699,13 +8754,13 @@ libcrux_ml_kem_ind_cca_generate_keypair_54(uint8_t randomness[64U]) { LIBCRUX_ML_KEM_CONSTANTS_CPA_PKE_KEY_GENERATION_SEED_SIZE, uint8_t, size_t); libcrux_ml_kem_utils_extraction_helper_Keypair768 uu____0 = - generate_keypair_52(ind_cpa_keypair_randomness); + generate_keypair_48(ind_cpa_keypair_randomness); uint8_t ind_cpa_private_key[1152U]; memcpy(ind_cpa_private_key, uu____0.fst, (size_t)1152U * sizeof(uint8_t)); uint8_t public_key[1184U]; memcpy(public_key, uu____0.snd, (size_t)1184U * sizeof(uint8_t)); uint8_t secret_key_serialized[2400U]; - serialize_kem_secret_key_61( + serialize_kem_secret_key_a5( Eurydice_array_to_slice((size_t)1152U, ind_cpa_private_key, uint8_t), Eurydice_array_to_slice((size_t)1184U, public_key, uint8_t), implicit_rejection_value, secret_key_serialized); @@ -8714,13 +8769,13 @@ libcrux_ml_kem_ind_cca_generate_keypair_54(uint8_t randomness[64U]) { memcpy(copy_of_secret_key_serialized, secret_key_serialized, (size_t)2400U * sizeof(uint8_t)); libcrux_ml_kem_types_MlKemPrivateKey_55 private_key = - libcrux_ml_kem_types_from_88_2d0(copy_of_secret_key_serialized); + libcrux_ml_kem_types_from_88_580(copy_of_secret_key_serialized); libcrux_ml_kem_types_MlKemPrivateKey_55 uu____2 = private_key; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_public_key[1184U]; memcpy(copy_of_public_key, public_key, (size_t)1184U * sizeof(uint8_t)); - return libcrux_ml_kem_types_from_17_8b0( - uu____2, libcrux_ml_kem_types_from_40_600(copy_of_public_key)); + return libcrux_ml_kem_types_from_17_dc0( + uu____2, libcrux_ml_kem_types_from_40_cb0(copy_of_public_key)); } /** @@ -8733,7 +8788,7 @@ with types libcrux_ml_kem_hash_functions_portable_PortableHash[[$3size_t]] with const generics - K= 3 */ -static KRML_MUSTINLINE void entropy_preprocess_d8_b0(Eurydice_slice randomness, +static KRML_MUSTINLINE void entropy_preprocess_d8_33(Eurydice_slice randomness, uint8_t ret[32U]) { uint8_t out[32U] = {0U}; Eurydice_slice_copy(Eurydice_array_to_slice((size_t)32U, out, uint8_t), @@ -8751,7 +8806,7 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - PUBLIC_KEY_SIZE= 1152 - K= 3 */ -static KRML_MUSTINLINE void deserialize_ring_elements_reduced_1b1( +static KRML_MUSTINLINE void deserialize_ring_elements_reduced_231( Eurydice_slice public_key, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *deserialized_pk) { for (size_t i = (size_t)0U; @@ -8765,7 +8820,7 @@ static KRML_MUSTINLINE void deserialize_ring_elements_reduced_1b1( LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT, uint8_t); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 uu____0 = - deserialize_to_reduced_ring_element_f6(ring_element); + deserialize_to_reduced_ring_element_52(ring_element); deserialized_pk[i0] = uu____0; } } @@ -8783,7 +8838,7 @@ generics - ETA2= 2 */ static KRML_MUSTINLINE tuple_b00 -sample_ring_element_cbd_af1(uint8_t prf_input[33U], uint8_t domain_separator) { +sample_ring_element_cbd_a01(uint8_t prf_input[33U], uint8_t domain_separator) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 error_1[3U]; KRML_MAYBE_FOR3(i, (size_t)0U, (size_t)3U, (size_t)1U, error_1[i] = ZERO_d6_19();); @@ -8802,7 +8857,7 @@ sample_ring_element_cbd_af1(uint8_t prf_input[33U], uint8_t domain_separator) { KRML_MAYBE_FOR3( i, (size_t)0U, (size_t)3U, (size_t)1U, size_t i0 = i; libcrux_ml_kem_polynomial_PolynomialRingElement_f0 uu____1 = - sample_from_binomial_distribution_dd( + sample_from_binomial_distribution_56( Eurydice_array_to_slice((size_t)128U, prf_outputs[i0], uint8_t)); error_1[i0] = uu____1;); /* Passing arrays by value in Rust generates a copy in C */ @@ -8839,18 +8894,18 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 3 */ -static KRML_MUSTINLINE void invert_ntt_montgomery_5f1( +static KRML_MUSTINLINE void invert_ntt_montgomery_c11( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re) { size_t zeta_i = LIBCRUX_ML_KEM_CONSTANTS_COEFFICIENTS_IN_RING_ELEMENT / (size_t)2U; - invert_ntt_at_layer_1_0d(&zeta_i, re); - invert_ntt_at_layer_2_4a(&zeta_i, re); - invert_ntt_at_layer_3_a9(&zeta_i, re); - invert_ntt_at_layer_4_plus_f5(&zeta_i, re, (size_t)4U); - invert_ntt_at_layer_4_plus_f5(&zeta_i, re, (size_t)5U); - invert_ntt_at_layer_4_plus_f5(&zeta_i, re, (size_t)6U); - invert_ntt_at_layer_4_plus_f5(&zeta_i, re, (size_t)7U); - poly_barrett_reduce_d6_a9(re); + invert_ntt_at_layer_1_43(&zeta_i, re); + invert_ntt_at_layer_2_da(&zeta_i, re); + invert_ntt_at_layer_3_e5(&zeta_i, re); + invert_ntt_at_layer_4_plus_e7(&zeta_i, re, (size_t)4U); + invert_ntt_at_layer_4_plus_e7(&zeta_i, re, (size_t)5U); + invert_ntt_at_layer_4_plus_e7(&zeta_i, re, (size_t)6U); + invert_ntt_at_layer_4_plus_e7(&zeta_i, re, (size_t)7U); + poly_barrett_reduce_d6_b3(re); } /** @@ -8862,7 +8917,7 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 3 */ -static KRML_MUSTINLINE void compute_vector_u_511( +static KRML_MUSTINLINE void compute_vector_u_da1( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 (*a_as_ntt)[3U], libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *r_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *error_1, @@ -8889,11 +8944,11 @@ static KRML_MUSTINLINE void compute_vector_u_511( size_t j = i; libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *a_element = &row[j]; libcrux_ml_kem_polynomial_PolynomialRingElement_f0 product = - ntt_multiply_d6_27(a_element, &r_as_ntt[j]); - add_to_ring_element_d6_5d1(&result[i1], &product); + ntt_multiply_d6_8f(a_element, &r_as_ntt[j]); + add_to_ring_element_d6_651(&result[i1], &product); } - invert_ntt_montgomery_5f1(&result[i1]); - add_error_reduce_d6_a3(&result[i1], &error_1[i1]); + invert_ntt_montgomery_c11(&result[i1]); + add_error_reduce_d6_45(&result[i1], &error_1[i1]); } memcpy( ret, result, @@ -8910,7 +8965,7 @@ with const generics - K= 3 */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -compute_ring_element_v_161( +compute_ring_element_v_6a1( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *t_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *r_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *error_2, @@ -8918,10 +8973,10 @@ compute_ring_element_v_161( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 result = ZERO_d6_19(); KRML_MAYBE_FOR3(i, (size_t)0U, (size_t)3U, (size_t)1U, size_t i0 = i; libcrux_ml_kem_polynomial_PolynomialRingElement_f0 product = - ntt_multiply_d6_27(&t_as_ntt[i0], &r_as_ntt[i0]); - add_to_ring_element_d6_5d1(&result, &product);); - invert_ntt_montgomery_5f1(&result); - result = add_message_error_reduce_d6_4d(error_2, message, result); + ntt_multiply_d6_8f(&t_as_ntt[i0], &r_as_ntt[i0]); + add_to_ring_element_d6_651(&result, &product);); + invert_ntt_montgomery_c11(&result); + result = add_message_error_reduce_d6_a2(error_2, message, result); return result; } @@ -8937,7 +8992,7 @@ with const generics - COMPRESSION_FACTOR= 10 - BLOCK_LEN= 320 */ -static void compress_then_serialize_u_2b1( +static void compress_then_serialize_u_3f1( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 input[3U], Eurydice_slice out) { for (size_t i = (size_t)0U; @@ -8953,7 +9008,7 @@ static void compress_then_serialize_u_2b1( out, i0 * ((size_t)960U / (size_t)3U), (i0 + (size_t)1U) * ((size_t)960U / (size_t)3U), uint8_t); uint8_t ret[320U]; - compress_then_serialize_ring_element_u_080(&re, ret); + compress_then_serialize_ring_element_u_500(&re, ret); Eurydice_slice_copy( uu____0, Eurydice_array_to_slice((size_t)320U, ret, uint8_t), uint8_t); } @@ -9018,7 +9073,7 @@ generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -static void encrypt_unpacked_e71(IndCpaPublicKeyUnpacked_f8 *public_key, +static void encrypt_unpacked_8c1(IndCpaPublicKeyUnpacked_f8 *public_key, uint8_t message[32U], Eurydice_slice randomness, uint8_t ret[1088U]) { @@ -9028,7 +9083,7 @@ static void encrypt_unpacked_e71(IndCpaPublicKeyUnpacked_f8 *public_key, uint8_t copy_of_prf_input0[33U]; memcpy(copy_of_prf_input0, prf_input, (size_t)33U * sizeof(uint8_t)); tuple_b00 uu____1 = - sample_vector_cbd_then_ntt_out_861(copy_of_prf_input0, 0U); + sample_vector_cbd_then_ntt_out_071(copy_of_prf_input0, 0U); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 r_as_ntt[3U]; memcpy( r_as_ntt, uu____1.fst, @@ -9038,7 +9093,7 @@ static void encrypt_unpacked_e71(IndCpaPublicKeyUnpacked_f8 *public_key, uint8_t copy_of_prf_input[33U]; memcpy(copy_of_prf_input, prf_input, (size_t)33U * sizeof(uint8_t)); tuple_b00 uu____3 = - sample_ring_element_cbd_af1(copy_of_prf_input, domain_separator0); + sample_ring_element_cbd_a01(copy_of_prf_input, domain_separator0); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 error_1[3U]; memcpy( error_1, uu____3.fst, @@ -9049,28 +9104,28 @@ static void encrypt_unpacked_e71(IndCpaPublicKeyUnpacked_f8 *public_key, PRF_f1_9d4(Eurydice_array_to_slice((size_t)33U, prf_input, uint8_t), prf_output); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 error_2 = - sample_from_binomial_distribution_dd( + sample_from_binomial_distribution_56( Eurydice_array_to_slice((size_t)128U, prf_output, uint8_t)); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 u[3U]; - compute_vector_u_511(public_key->A, r_as_ntt, error_1, u); + compute_vector_u_da1(public_key->A, r_as_ntt, error_1, u); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_message[32U]; memcpy(copy_of_message, message, (size_t)32U * sizeof(uint8_t)); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 message_as_ring_element = - deserialize_then_decompress_message_40(copy_of_message); + deserialize_then_decompress_message_36(copy_of_message); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 v = - compute_ring_element_v_161(public_key->t_as_ntt, r_as_ntt, &error_2, + compute_ring_element_v_6a1(public_key->t_as_ntt, r_as_ntt, &error_2, &message_as_ring_element); uint8_t ciphertext[1088U] = {0U}; libcrux_ml_kem_polynomial_PolynomialRingElement_f0 uu____5[3U]; memcpy( uu____5, u, (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); - compress_then_serialize_u_2b1( + compress_then_serialize_u_3f1( uu____5, Eurydice_array_to_subslice2(ciphertext, (size_t)0U, (size_t)960U, uint8_t)); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 uu____6 = v; - compress_then_serialize_ring_element_v_b90( + compress_then_serialize_ring_element_v_6f0( uu____6, Eurydice_array_to_subslice_from((size_t)1088U, ciphertext, (size_t)960U, uint8_t, size_t)); memcpy(ret, ciphertext, (size_t)1088U * sizeof(uint8_t)); @@ -9094,10 +9149,10 @@ generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -static void encrypt_ec(Eurydice_slice public_key, uint8_t message[32U], +static void encrypt_8f(Eurydice_slice public_key, uint8_t message[32U], Eurydice_slice randomness, uint8_t ret[1088U]) { - IndCpaPublicKeyUnpacked_f8 unpacked_public_key = default_8d_6b1(); - deserialize_ring_elements_reduced_1b1( + IndCpaPublicKeyUnpacked_f8 unpacked_public_key = default_8d_b31(); + deserialize_ring_elements_reduced_231( Eurydice_slice_subslice_to(public_key, (size_t)1152U, uint8_t, size_t), unpacked_public_key.t_as_ntt); Eurydice_slice seed = @@ -9106,13 +9161,13 @@ static void encrypt_ec(Eurydice_slice public_key, uint8_t message[32U], unpacked_public_key.A; uint8_t ret0[34U]; libcrux_ml_kem_utils_into_padded_array_422(seed, ret0); - sample_matrix_A_ae1(uu____0, ret0, false); + sample_matrix_A_961(uu____0, ret0, false); IndCpaPublicKeyUnpacked_f8 *uu____1 = &unpacked_public_key; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_message[32U]; memcpy(copy_of_message, message, (size_t)32U * sizeof(uint8_t)); uint8_t ret1[1088U]; - encrypt_unpacked_e71(uu____1, copy_of_message, randomness, ret1); + encrypt_unpacked_8c1(uu____1, copy_of_message, randomness, ret1); memcpy(ret, ret1, (size_t)1088U * sizeof(uint8_t)); } @@ -9127,7 +9182,7 @@ with const generics - K= 3 - CIPHERTEXT_SIZE= 1088 */ -static KRML_MUSTINLINE void kdf_d8_a7(Eurydice_slice shared_secret, +static KRML_MUSTINLINE void kdf_d8_4a(Eurydice_slice shared_secret, uint8_t ret[32U]) { uint8_t out[32U] = {0U}; Eurydice_slice_copy(Eurydice_array_to_slice((size_t)32U, out, uint8_t), @@ -9154,11 +9209,11 @@ libcrux_ml_kem_variant_MlKem with const generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -tuple_3c libcrux_ml_kem_ind_cca_encapsulate_b1( +tuple_3c libcrux_ml_kem_ind_cca_encapsulate_3a( libcrux_ml_kem_types_MlKemPublicKey_15 *public_key, uint8_t randomness[32U]) { uint8_t randomness0[32U]; - entropy_preprocess_d8_b0( + entropy_preprocess_d8_33( Eurydice_array_to_slice((size_t)32U, randomness, uint8_t), randomness0); uint8_t to_hash[64U]; libcrux_ml_kem_utils_into_padded_array_42( @@ -9168,7 +9223,7 @@ tuple_3c libcrux_ml_kem_ind_cca_encapsulate_b1( size_t); uint8_t ret[32U]; H_f1_c61(Eurydice_array_to_slice( - (size_t)1184U, libcrux_ml_kem_types_as_slice_ba_121(public_key), + (size_t)1184U, libcrux_ml_kem_types_as_slice_ba_661(public_key), uint8_t), ret); Eurydice_slice_copy( @@ -9182,19 +9237,19 @@ tuple_3c libcrux_ml_kem_ind_cca_encapsulate_b1( Eurydice_slice shared_secret = uu____1.fst; Eurydice_slice pseudorandomness = uu____1.snd; Eurydice_slice uu____2 = Eurydice_array_to_slice( - (size_t)1184U, libcrux_ml_kem_types_as_slice_ba_121(public_key), uint8_t); + (size_t)1184U, libcrux_ml_kem_types_as_slice_ba_661(public_key), uint8_t); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness0, (size_t)32U * sizeof(uint8_t)); uint8_t ciphertext[1088U]; - encrypt_ec(uu____2, copy_of_randomness, pseudorandomness, ciphertext); + encrypt_8f(uu____2, copy_of_randomness, pseudorandomness, ciphertext); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_ciphertext[1088U]; memcpy(copy_of_ciphertext, ciphertext, (size_t)1088U * sizeof(uint8_t)); libcrux_ml_kem_mlkem768_MlKem768Ciphertext ciphertext0 = - libcrux_ml_kem_types_from_fc_361(copy_of_ciphertext); + libcrux_ml_kem_types_from_fc_0e1(copy_of_ciphertext); uint8_t shared_secret_array[32U]; - kdf_d8_a7(shared_secret, shared_secret_array); + kdf_d8_4a(shared_secret, shared_secret_array); libcrux_ml_kem_mlkem768_MlKem768Ciphertext uu____5 = ciphertext0; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_shared_secret_array[32U]; @@ -9215,7 +9270,7 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 3 */ -static KRML_MUSTINLINE void deserialize_secret_key_a2( +static KRML_MUSTINLINE void deserialize_secret_key_18( Eurydice_slice secret_key, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 ret[3U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 secret_as_ntt[3U]; @@ -9232,7 +9287,7 @@ static KRML_MUSTINLINE void deserialize_secret_key_a2( LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT, uint8_t); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 uu____0 = - deserialize_to_uncompressed_ring_element_7f(secret_bytes); + deserialize_to_uncompressed_ring_element_e1(secret_bytes); secret_as_ntt[i0] = uu____0; } memcpy( @@ -9252,7 +9307,7 @@ with const generics - CIPHERTEXT_SIZE= 1088 - U_COMPRESSION_FACTOR= 10 */ -static KRML_MUSTINLINE void deserialize_then_decompress_u_4d1( +static KRML_MUSTINLINE void deserialize_then_decompress_u_d01( uint8_t *ciphertext, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 ret[3U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 u_as_ntt[3U]; @@ -9275,8 +9330,8 @@ static KRML_MUSTINLINE void deserialize_then_decompress_u_4d1( LIBCRUX_ML_KEM_CONSTANTS_COEFFICIENTS_IN_RING_ELEMENT * (size_t)10U / (size_t)8U, uint8_t); - u_as_ntt[i0] = deserialize_then_decompress_ring_element_u_050(u_bytes); - ntt_vector_u_580(&u_as_ntt[i0]); + u_as_ntt[i0] = deserialize_then_decompress_ring_element_u_440(u_bytes); + ntt_vector_u_db0(&u_as_ntt[i0]); } memcpy( ret, u_as_ntt, @@ -9296,17 +9351,17 @@ with const generics - K= 3 */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -compute_message_151( +compute_message_b71( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *v, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *secret_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *u_as_ntt) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 result = ZERO_d6_19(); KRML_MAYBE_FOR3(i, (size_t)0U, (size_t)3U, (size_t)1U, size_t i0 = i; libcrux_ml_kem_polynomial_PolynomialRingElement_f0 product = - ntt_multiply_d6_27(&secret_as_ntt[i0], &u_as_ntt[i0]); - add_to_ring_element_d6_5d1(&result, &product);); - invert_ntt_montgomery_5f1(&result); - result = subtract_reduce_d6_81(v, result); + ntt_multiply_d6_8f(&secret_as_ntt[i0], &u_as_ntt[i0]); + add_to_ring_element_d6_651(&result, &product);); + invert_ntt_montgomery_c11(&result); + result = subtract_reduce_d6_b1(v, result); return result; } @@ -9344,18 +9399,18 @@ with const generics - U_COMPRESSION_FACTOR= 10 - V_COMPRESSION_FACTOR= 4 */ -static void decrypt_unpacked_761(IndCpaPrivateKeyUnpacked_f8 *secret_key, +static void decrypt_unpacked_731(IndCpaPrivateKeyUnpacked_f8 *secret_key, uint8_t *ciphertext, uint8_t ret[32U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 u_as_ntt[3U]; - deserialize_then_decompress_u_4d1(ciphertext, u_as_ntt); + deserialize_then_decompress_u_d01(ciphertext, u_as_ntt); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 v = - deserialize_then_decompress_ring_element_v_030( + deserialize_then_decompress_ring_element_v_5d0( Eurydice_array_to_subslice_from((size_t)1088U, ciphertext, (size_t)960U, uint8_t, size_t)); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 message = - compute_message_151(&v, secret_key->secret_as_ntt, u_as_ntt); + compute_message_b71(&v, secret_key->secret_as_ntt, u_as_ntt); uint8_t ret0[32U]; - compress_then_serialize_message_f9(message, ret0); + compress_then_serialize_message_1a(message, ret0); memcpy(ret, ret0, (size_t)32U * sizeof(uint8_t)); } @@ -9369,10 +9424,10 @@ with const generics - U_COMPRESSION_FACTOR= 10 - V_COMPRESSION_FACTOR= 4 */ -static void decrypt_03(Eurydice_slice secret_key, uint8_t *ciphertext, +static void decrypt_e3(Eurydice_slice secret_key, uint8_t *ciphertext, uint8_t ret[32U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 secret_as_ntt[3U]; - deserialize_secret_key_a2(secret_key, secret_as_ntt); + deserialize_secret_key_18(secret_key, secret_as_ntt); /* Passing arrays by value in Rust generates a copy in C */ libcrux_ml_kem_polynomial_PolynomialRingElement_f0 copy_of_secret_as_ntt[3U]; memcpy( @@ -9383,7 +9438,7 @@ static void decrypt_03(Eurydice_slice secret_key, uint8_t *ciphertext, secret_key_unpacked.secret_as_ntt, copy_of_secret_as_ntt, (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); uint8_t ret0[32U]; - decrypt_unpacked_761(&secret_key_unpacked, ciphertext, ret0); + decrypt_unpacked_731(&secret_key_unpacked, ciphertext, ret0); memcpy(ret, ret0, (size_t)32U * sizeof(uint8_t)); } @@ -9423,7 +9478,7 @@ libcrux_ml_kem_variant_MlKem with const generics - ETA2_RANDOMNESS_SIZE= 128 - IMPLICIT_REJECTION_HASH_INPUT_SIZE= 1120 */ -void libcrux_ml_kem_ind_cca_decapsulate_6a( +void libcrux_ml_kem_ind_cca_decapsulate_1d( libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext, uint8_t ret[32U]) { Eurydice_slice_uint8_t_x2 uu____0 = Eurydice_slice_split_at( @@ -9441,7 +9496,7 @@ void libcrux_ml_kem_ind_cca_decapsulate_6a( Eurydice_slice ind_cpa_public_key_hash = uu____2.fst; Eurydice_slice implicit_rejection_value = uu____2.snd; uint8_t decrypted[32U]; - decrypt_03(ind_cpa_secret_key, ciphertext->value, decrypted); + decrypt_e3(ind_cpa_secret_key, ciphertext->value, decrypted); uint8_t to_hash0[64U]; libcrux_ml_kem_utils_into_padded_array_42( Eurydice_array_to_slice((size_t)32U, decrypted, uint8_t), to_hash0); @@ -9463,7 +9518,7 @@ void libcrux_ml_kem_ind_cca_decapsulate_6a( Eurydice_slice uu____4 = Eurydice_array_to_subslice_from( (size_t)1120U, to_hash, LIBCRUX_ML_KEM_CONSTANTS_SHARED_SECRET_SIZE, uint8_t, size_t); - Eurydice_slice_copy(uu____4, libcrux_ml_kem_types_as_ref_fd_ed1(ciphertext), + Eurydice_slice_copy(uu____4, libcrux_ml_kem_types_as_ref_fd_f71(ciphertext), uint8_t); uint8_t implicit_rejection_shared_secret0[32U]; PRF_f1_9d3(Eurydice_array_to_slice((size_t)1120U, to_hash, uint8_t), @@ -9473,16 +9528,16 @@ void libcrux_ml_kem_ind_cca_decapsulate_6a( uint8_t copy_of_decrypted[32U]; memcpy(copy_of_decrypted, decrypted, (size_t)32U * sizeof(uint8_t)); uint8_t expected_ciphertext[1088U]; - encrypt_ec(uu____5, copy_of_decrypted, pseudorandomness, expected_ciphertext); + encrypt_8f(uu____5, copy_of_decrypted, pseudorandomness, expected_ciphertext); uint8_t implicit_rejection_shared_secret[32U]; - kdf_d8_a7(Eurydice_array_to_slice((size_t)32U, + kdf_d8_4a(Eurydice_array_to_slice((size_t)32U, implicit_rejection_shared_secret0, uint8_t), implicit_rejection_shared_secret); uint8_t shared_secret[32U]; - kdf_d8_a7(shared_secret0, shared_secret); + kdf_d8_4a(shared_secret0, shared_secret); uint8_t ret0[32U]; libcrux_ml_kem_constant_time_ops_compare_ciphertexts_select_shared_secret_in_constant_time( - libcrux_ml_kem_types_as_ref_fd_ed1(ciphertext), + libcrux_ml_kem_types_as_ref_fd_f71(ciphertext), Eurydice_array_to_slice((size_t)1088U, expected_ciphertext, uint8_t), Eurydice_array_to_slice((size_t)32U, shared_secret, uint8_t), Eurydice_array_to_slice((size_t)32U, implicit_rejection_shared_secret, diff --git a/libcrux-ml-kem/c/libcrux_mlkem_portable.h b/libcrux-ml-kem/c/libcrux_mlkem_portable.h index 6355ccd91..b88f59491 100644 --- a/libcrux-ml-kem/c/libcrux_mlkem_portable.h +++ b/libcrux-ml-kem/c/libcrux_mlkem_portable.h @@ -8,7 +8,7 @@ * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 * F*: 5643e656b989aca7629723653a2570c7df6252b9-dirty - * Libcrux: 97f7cefe14dabf275e4671ffea87e032d7779b71 + * Libcrux: 49c07712f755745796ce294c5267a1945b9e9b6b */ #ifndef __libcrux_mlkem_portable_H @@ -132,6 +132,25 @@ libcrux_ml_kem::vector::portable::vector_type::PortableVector)} libcrux_ml_kem_vector_portable_vector_type_PortableVector libcrux_ml_kem_vector_portable_ZERO_0d(void); +void libcrux_ml_kem_vector_portable_i16_to_be_bytes(int16_t x, uint8_t ret[2U]); + +/** +This function found in impl {(libcrux_ml_kem::vector::traits::Operations for +libcrux_ml_kem::vector::portable::vector_type::PortableVector)} +*/ +void libcrux_ml_kem_vector_portable_to_bytes_0d( + libcrux_ml_kem_vector_portable_vector_type_PortableVector x, + Eurydice_slice out); + +int16_t libcrux_ml_kem_vector_portable_bytes_to_i16(Eurydice_slice bytes); + +/** +This function found in impl {(libcrux_ml_kem::vector::traits::Operations for +libcrux_ml_kem::vector::portable::vector_type::PortableVector)} +*/ +libcrux_ml_kem_vector_portable_vector_type_PortableVector +libcrux_ml_kem_vector_portable_from_bytes_0d(Eurydice_slice bytes); + libcrux_ml_kem_vector_portable_vector_type_PortableVector libcrux_ml_kem_vector_portable_arithmetic_add( libcrux_ml_kem_vector_portable_vector_type_PortableVector lhs, diff --git a/libcrux-ml-kem/c/libcrux_sha3.h b/libcrux-ml-kem/c/libcrux_sha3.h index 1977dc044..7ab7c6182 100644 --- a/libcrux-ml-kem/c/libcrux_sha3.h +++ b/libcrux-ml-kem/c/libcrux_sha3.h @@ -8,7 +8,7 @@ * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 * F*: 5643e656b989aca7629723653a2570c7df6252b9-dirty - * Libcrux: 97f7cefe14dabf275e4671ffea87e032d7779b71 + * Libcrux: 49c07712f755745796ce294c5267a1945b9e9b6b */ #ifndef __libcrux_sha3_H diff --git a/libcrux-ml-kem/c/libcrux_sha3_avx2.c b/libcrux-ml-kem/c/libcrux_sha3_avx2.c index e8b21a2b6..f45e9e09b 100644 --- a/libcrux-ml-kem/c/libcrux_sha3_avx2.c +++ b/libcrux-ml-kem/c/libcrux_sha3_avx2.c @@ -8,7 +8,7 @@ * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 * F*: 5643e656b989aca7629723653a2570c7df6252b9-dirty - * Libcrux: 97f7cefe14dabf275e4671ffea87e032d7779b71 + * Libcrux: 49c07712f755745796ce294c5267a1945b9e9b6b */ #include "internal/libcrux_sha3_avx2.h" diff --git a/libcrux-ml-kem/c/libcrux_sha3_avx2.h b/libcrux-ml-kem/c/libcrux_sha3_avx2.h index 667db43e5..c297e21de 100644 --- a/libcrux-ml-kem/c/libcrux_sha3_avx2.h +++ b/libcrux-ml-kem/c/libcrux_sha3_avx2.h @@ -8,7 +8,7 @@ * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 * F*: 5643e656b989aca7629723653a2570c7df6252b9-dirty - * Libcrux: 97f7cefe14dabf275e4671ffea87e032d7779b71 + * Libcrux: 49c07712f755745796ce294c5267a1945b9e9b6b */ #ifndef __libcrux_sha3_avx2_H diff --git a/libcrux-ml-kem/c/libcrux_sha3_internal.h b/libcrux-ml-kem/c/libcrux_sha3_internal.h index bfee55ebe..a3866512a 100644 --- a/libcrux-ml-kem/c/libcrux_sha3_internal.h +++ b/libcrux-ml-kem/c/libcrux_sha3_internal.h @@ -8,7 +8,7 @@ * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 * F*: 5643e656b989aca7629723653a2570c7df6252b9-dirty - * Libcrux: 97f7cefe14dabf275e4671ffea87e032d7779b71 + * Libcrux: 49c07712f755745796ce294c5267a1945b9e9b6b */ #ifndef __libcrux_sha3_internal_H diff --git a/libcrux-ml-kem/c/libcrux_sha3_neon.c b/libcrux-ml-kem/c/libcrux_sha3_neon.c index 8cafd81d2..f3124d825 100644 --- a/libcrux-ml-kem/c/libcrux_sha3_neon.c +++ b/libcrux-ml-kem/c/libcrux_sha3_neon.c @@ -8,7 +8,7 @@ * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 * F*: 5643e656b989aca7629723653a2570c7df6252b9-dirty - * Libcrux: 97f7cefe14dabf275e4671ffea87e032d7779b71 + * Libcrux: 49c07712f755745796ce294c5267a1945b9e9b6b */ #include "libcrux_sha3_neon.h" diff --git a/libcrux-ml-kem/c/libcrux_sha3_neon.h b/libcrux-ml-kem/c/libcrux_sha3_neon.h index cfd01b11c..c7870911f 100644 --- a/libcrux-ml-kem/c/libcrux_sha3_neon.h +++ b/libcrux-ml-kem/c/libcrux_sha3_neon.h @@ -8,7 +8,7 @@ * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 * F*: 5643e656b989aca7629723653a2570c7df6252b9-dirty - * Libcrux: 97f7cefe14dabf275e4671ffea87e032d7779b71 + * Libcrux: 49c07712f755745796ce294c5267a1945b9e9b6b */ #ifndef __libcrux_sha3_neon_H diff --git a/libcrux-ml-kem/cg/code_gen.txt b/libcrux-ml-kem/cg/code_gen.txt index 464822a07..7535b1c7d 100644 --- a/libcrux-ml-kem/cg/code_gen.txt +++ b/libcrux-ml-kem/cg/code_gen.txt @@ -3,4 +3,4 @@ Charon: 28d543bfacc902ba9cc2a734b76baae9583892a4 Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 F*: 5643e656b989aca7629723653a2570c7df6252b9-dirty -Libcrux: 65d06b7e81ff34bcc90ca741249b4545ebcec5b3 +Libcrux: 49c07712f755745796ce294c5267a1945b9e9b6b diff --git a/libcrux-ml-kem/cg/libcrux_core.h b/libcrux-ml-kem/cg/libcrux_core.h index 7acff76f1..8b45c164e 100644 --- a/libcrux-ml-kem/cg/libcrux_core.h +++ b/libcrux-ml-kem/cg/libcrux_core.h @@ -8,7 +8,7 @@ * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 * F*: 5643e656b989aca7629723653a2570c7df6252b9-dirty - * Libcrux: 65d06b7e81ff34bcc90ca741249b4545ebcec5b3 + * Libcrux: 49c07712f755745796ce294c5267a1945b9e9b6b */ #ifndef __libcrux_core_H @@ -224,7 +224,7 @@ A monomorphic instance of libcrux_ml_kem.types.as_slice_07 with const generics - SIZE= 1088 */ -static inline uint8_t *libcrux_ml_kem_types_as_slice_07_4f( +static inline uint8_t *libcrux_ml_kem_types_as_slice_07_ff( libcrux_ml_kem_mlkem768_MlKem768Ciphertext *self) { return self->value; } @@ -248,7 +248,7 @@ with const generics - SIZE= 1184 */ static inline libcrux_ml_kem_types_MlKemPublicKey_15 -libcrux_ml_kem_types_from_40_60(uint8_t value[1184U]) { +libcrux_ml_kem_types_from_40_cb(uint8_t value[1184U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_value[1184U]; memcpy(copy_of_value, value, (size_t)1184U * sizeof(uint8_t)); @@ -285,7 +285,7 @@ with const generics - PUBLIC_KEY_SIZE= 1184 */ static inline libcrux_ml_kem_mlkem768_MlKem768KeyPair -libcrux_ml_kem_types_from_17_8b(libcrux_ml_kem_types_MlKemPrivateKey_55 sk, +libcrux_ml_kem_types_from_17_dc(libcrux_ml_kem_types_MlKemPrivateKey_55 sk, libcrux_ml_kem_types_MlKemPublicKey_15 pk) { return ( CLITERAL(libcrux_ml_kem_mlkem768_MlKem768KeyPair){.sk = sk, .pk = pk}); @@ -301,7 +301,7 @@ with const generics - SIZE= 2400 */ static inline libcrux_ml_kem_types_MlKemPrivateKey_55 -libcrux_ml_kem_types_from_88_2d(uint8_t value[2400U]) { +libcrux_ml_kem_types_from_88_58(uint8_t value[2400U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_value[2400U]; memcpy(copy_of_value, value, (size_t)2400U * sizeof(uint8_t)); @@ -365,7 +365,7 @@ with const generics - SIZE= 1088 */ static inline libcrux_ml_kem_mlkem768_MlKem768Ciphertext -libcrux_ml_kem_types_from_fc_cd(uint8_t value[1088U]) { +libcrux_ml_kem_types_from_fc_b5(uint8_t value[1088U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_value[1088U]; memcpy(copy_of_value, value, (size_t)1088U * sizeof(uint8_t)); @@ -385,7 +385,7 @@ A monomorphic instance of libcrux_ml_kem.types.as_slice_ba with const generics - SIZE= 1184 */ -static inline uint8_t *libcrux_ml_kem_types_as_slice_ba_91( +static inline uint8_t *libcrux_ml_kem_types_as_slice_ba_2c( libcrux_ml_kem_types_MlKemPublicKey_15 *self) { return self->value; } @@ -437,7 +437,7 @@ A monomorphic instance of libcrux_ml_kem.types.as_ref_fd with const generics - SIZE= 1088 */ -static inline Eurydice_slice libcrux_ml_kem_types_as_ref_fd_7b( +static inline Eurydice_slice libcrux_ml_kem_types_as_ref_fd_b7( libcrux_ml_kem_mlkem768_MlKem768Ciphertext *self) { return Eurydice_array_to_slice((size_t)1088U, self->value, uint8_t); } diff --git a/libcrux-ml-kem/cg/libcrux_ct_ops.h b/libcrux-ml-kem/cg/libcrux_ct_ops.h index 19ba7d8bc..4c308530f 100644 --- a/libcrux-ml-kem/cg/libcrux_ct_ops.h +++ b/libcrux-ml-kem/cg/libcrux_ct_ops.h @@ -8,7 +8,7 @@ * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 * F*: 5643e656b989aca7629723653a2570c7df6252b9-dirty - * Libcrux: 65d06b7e81ff34bcc90ca741249b4545ebcec5b3 + * Libcrux: 49c07712f755745796ce294c5267a1945b9e9b6b */ #ifndef __libcrux_ct_ops_H diff --git a/libcrux-ml-kem/cg/libcrux_mlkem768_avx2.h b/libcrux-ml-kem/cg/libcrux_mlkem768_avx2.h index f31221544..d67a08e4a 100644 --- a/libcrux-ml-kem/cg/libcrux_mlkem768_avx2.h +++ b/libcrux-ml-kem/cg/libcrux_mlkem768_avx2.h @@ -8,7 +8,7 @@ * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 * F*: 5643e656b989aca7629723653a2570c7df6252b9-dirty - * Libcrux: 65d06b7e81ff34bcc90ca741249b4545ebcec5b3 + * Libcrux: 49c07712f755745796ce294c5267a1945b9e9b6b */ #ifndef __libcrux_mlkem768_avx2_H @@ -95,6 +95,26 @@ static inline void libcrux_ml_kem_vector_avx2_to_i16_array_ea( libcrux_ml_kem_vector_avx2_to_i16_array(x, ret); } +/** +This function found in impl {(libcrux_ml_kem::vector::traits::Operations for +libcrux_ml_kem::vector::avx2::SIMD256Vector)} +*/ +KRML_ATTRIBUTE_TARGET("avx2") +static inline void libcrux_ml_kem_vector_avx2_to_bytes_ea(__m256i x, + Eurydice_slice out) { + libcrux_intrinsics_avx2_mm256_storeu_si256_u8(out, x); +} + +/** +This function found in impl {(libcrux_ml_kem::vector::traits::Operations for +libcrux_ml_kem::vector::avx2::SIMD256Vector)} +*/ +KRML_ATTRIBUTE_TARGET("avx2") +static inline __m256i libcrux_ml_kem_vector_avx2_from_bytes_ea( + Eurydice_slice bytes) { + return libcrux_intrinsics_avx2_mm256_loadu_si256_u8(bytes); +} + KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE __m256i libcrux_ml_kem_vector_avx2_arithmetic_add(__m256i lhs, __m256i rhs) { @@ -1233,7 +1253,7 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static inline libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -libcrux_ml_kem_ind_cpa_deserialize_secret_key_closure_03(size_t _) { +libcrux_ml_kem_ind_cpa_deserialize_secret_key_closure_87(size_t _) { return libcrux_ml_kem_polynomial_ZERO_d6_7d(); } @@ -1245,7 +1265,7 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -libcrux_ml_kem_serialize_deserialize_to_uncompressed_ring_element_31( +libcrux_ml_kem_serialize_deserialize_to_uncompressed_ring_element_67( Eurydice_slice serialized) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 re = libcrux_ml_kem_polynomial_ZERO_d6_7d(); @@ -1269,7 +1289,7 @@ with const generics - K= 3 */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_ml_kem_ind_cpa_deserialize_secret_key_14( +static KRML_MUSTINLINE void libcrux_ml_kem_ind_cpa_deserialize_secret_key_48( Eurydice_slice secret_key, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 ret[3U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 secret_as_ntt[3U]; @@ -1287,7 +1307,7 @@ static KRML_MUSTINLINE void libcrux_ml_kem_ind_cpa_deserialize_secret_key_14( LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT, uint8_t); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 uu____0 = - libcrux_ml_kem_serialize_deserialize_to_uncompressed_ring_element_31( + libcrux_ml_kem_serialize_deserialize_to_uncompressed_ring_element_67( secret_bytes); secret_as_ntt[i0] = uu____0; } @@ -1306,7 +1326,7 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static inline libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -libcrux_ml_kem_ind_cpa_deserialize_then_decompress_u_closure_85(size_t _) { +libcrux_ml_kem_ind_cpa_deserialize_then_decompress_u_closure_36(size_t _) { return libcrux_ml_kem_polynomial_ZERO_d6_7d(); } @@ -1318,7 +1338,7 @@ generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE __m256i -libcrux_ml_kem_vector_avx2_compress_decompress_ciphertext_coefficient_b0( +libcrux_ml_kem_vector_avx2_compress_decompress_ciphertext_coefficient_25( __m256i vector) { __m256i field_modulus = libcrux_intrinsics_avx2_mm256_set1_epi32( (int32_t)LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_MODULUS); @@ -1370,9 +1390,9 @@ generics */ KRML_ATTRIBUTE_TARGET("avx2") static inline __m256i -libcrux_ml_kem_vector_avx2_decompress_ciphertext_coefficient_ea_61( +libcrux_ml_kem_vector_avx2_decompress_ciphertext_coefficient_ea_c1( __m256i vector) { - return libcrux_ml_kem_vector_avx2_compress_decompress_ciphertext_coefficient_b0( + return libcrux_ml_kem_vector_avx2_compress_decompress_ciphertext_coefficient_25( vector); } @@ -1384,7 +1404,7 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -libcrux_ml_kem_serialize_deserialize_then_decompress_10_08( +libcrux_ml_kem_serialize_deserialize_then_decompress_10_37( Eurydice_slice serialized) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 re = libcrux_ml_kem_polynomial_ZERO_d6_7d(); @@ -1395,7 +1415,7 @@ libcrux_ml_kem_serialize_deserialize_then_decompress_10_08( serialized, i0 * (size_t)20U, i0 * (size_t)20U + (size_t)20U, uint8_t); __m256i coefficient = libcrux_ml_kem_vector_avx2_deserialize_10_ea(bytes); re.coefficients[i0] = - libcrux_ml_kem_vector_avx2_decompress_ciphertext_coefficient_ea_61( + libcrux_ml_kem_vector_avx2_decompress_ciphertext_coefficient_ea_c1( coefficient); } return re; @@ -1409,7 +1429,7 @@ generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE __m256i -libcrux_ml_kem_vector_avx2_compress_decompress_ciphertext_coefficient_b00( +libcrux_ml_kem_vector_avx2_compress_decompress_ciphertext_coefficient_250( __m256i vector) { __m256i field_modulus = libcrux_intrinsics_avx2_mm256_set1_epi32( (int32_t)LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_MODULUS); @@ -1461,9 +1481,9 @@ generics */ KRML_ATTRIBUTE_TARGET("avx2") static inline __m256i -libcrux_ml_kem_vector_avx2_decompress_ciphertext_coefficient_ea_610( +libcrux_ml_kem_vector_avx2_decompress_ciphertext_coefficient_ea_c10( __m256i vector) { - return libcrux_ml_kem_vector_avx2_compress_decompress_ciphertext_coefficient_b00( + return libcrux_ml_kem_vector_avx2_compress_decompress_ciphertext_coefficient_250( vector); } @@ -1475,7 +1495,7 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -libcrux_ml_kem_serialize_deserialize_then_decompress_11_0e( +libcrux_ml_kem_serialize_deserialize_then_decompress_11_c3( Eurydice_slice serialized) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 re = libcrux_ml_kem_polynomial_ZERO_d6_7d(); @@ -1486,7 +1506,7 @@ libcrux_ml_kem_serialize_deserialize_then_decompress_11_0e( serialized, i0 * (size_t)22U, i0 * (size_t)22U + (size_t)22U, uint8_t); __m256i coefficient = libcrux_ml_kem_vector_avx2_deserialize_11_ea(bytes); re.coefficients[i0] = - libcrux_ml_kem_vector_avx2_decompress_ciphertext_coefficient_ea_610( + libcrux_ml_kem_vector_avx2_decompress_ciphertext_coefficient_ea_c10( coefficient); } return re; @@ -1500,9 +1520,9 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -libcrux_ml_kem_serialize_deserialize_then_decompress_ring_element_u_62( +libcrux_ml_kem_serialize_deserialize_then_decompress_ring_element_u_75( Eurydice_slice serialized) { - return libcrux_ml_kem_serialize_deserialize_then_decompress_10_08(serialized); + return libcrux_ml_kem_serialize_deserialize_then_decompress_10_37(serialized); } typedef struct libcrux_ml_kem_vector_avx2_SIMD256Vector_x2_s { @@ -1517,7 +1537,7 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") -static inline __m256i libcrux_ml_kem_vector_traits_montgomery_multiply_fe_aa( +static inline __m256i libcrux_ml_kem_vector_traits_montgomery_multiply_fe_71( __m256i v, int16_t fer) { return libcrux_ml_kem_vector_avx2_montgomery_multiply_by_constant_ea(v, fer); } @@ -1530,9 +1550,9 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE libcrux_ml_kem_vector_avx2_SIMD256Vector_x2 -libcrux_ml_kem_ntt_ntt_layer_int_vec_step_c2(__m256i a, __m256i b, +libcrux_ml_kem_ntt_ntt_layer_int_vec_step_24(__m256i a, __m256i b, int16_t zeta_r) { - __m256i t = libcrux_ml_kem_vector_traits_montgomery_multiply_fe_aa(b, zeta_r); + __m256i t = libcrux_ml_kem_vector_traits_montgomery_multiply_fe_71(b, zeta_r); b = libcrux_ml_kem_vector_avx2_sub_ea(a, &t); a = libcrux_ml_kem_vector_avx2_add_ea(a, &t); return (CLITERAL(libcrux_ml_kem_vector_avx2_SIMD256Vector_x2){.fst = a, @@ -1546,7 +1566,7 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_ml_kem_ntt_ntt_at_layer_4_plus_b8( +static KRML_MUSTINLINE void libcrux_ml_kem_ntt_ntt_at_layer_4_plus_48( size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re, size_t layer, size_t _initial_coefficient_bound) { size_t step = (size_t)1U << (uint32_t)layer; @@ -1559,7 +1579,7 @@ static KRML_MUSTINLINE void libcrux_ml_kem_ntt_ntt_at_layer_4_plus_b8( for (size_t i = offset_vec; i < offset_vec + step_vec; i++) { size_t j = i; libcrux_ml_kem_vector_avx2_SIMD256Vector_x2 uu____0 = - libcrux_ml_kem_ntt_ntt_layer_int_vec_step_c2( + libcrux_ml_kem_ntt_ntt_layer_int_vec_step_24( re->coefficients[j], re->coefficients[j + step_vec], libcrux_ml_kem_polynomial_ZETAS_TIMES_MONTGOMERY_R[zeta_i[0U]]); __m256i x = uu____0.fst; @@ -1577,7 +1597,7 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_ml_kem_ntt_ntt_at_layer_3_5f( +static KRML_MUSTINLINE void libcrux_ml_kem_ntt_ntt_at_layer_3_c0( size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re, size_t _layer, size_t _initial_coefficient_bound) { for (size_t i = (size_t)0U; i < (size_t)16U; i++) { @@ -1596,7 +1616,7 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_ml_kem_ntt_ntt_at_layer_2_c2( +static KRML_MUSTINLINE void libcrux_ml_kem_ntt_ntt_at_layer_2_9a( size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re, size_t _layer, size_t _initial_coefficient_bound) { for (size_t i = (size_t)0U; i < (size_t)16U; i++) { @@ -1618,7 +1638,7 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_ml_kem_ntt_ntt_at_layer_1_60( +static KRML_MUSTINLINE void libcrux_ml_kem_ntt_ntt_at_layer_1_03( size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re, size_t _layer, size_t _initial_coefficient_bound) { for (size_t i = (size_t)0U; i < (size_t)16U; i++) { @@ -1649,7 +1669,7 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_ml_kem_polynomial_poly_barrett_reduce_d6_2b( +static KRML_MUSTINLINE void libcrux_ml_kem_polynomial_poly_barrett_reduce_d6_5c( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *self) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { @@ -1666,21 +1686,21 @@ with const generics - VECTOR_U_COMPRESSION_FACTOR= 10 */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_ml_kem_ntt_ntt_vector_u_72( +static KRML_MUSTINLINE void libcrux_ml_kem_ntt_ntt_vector_u_76( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re) { size_t zeta_i = (size_t)0U; - libcrux_ml_kem_ntt_ntt_at_layer_4_plus_b8(&zeta_i, re, (size_t)7U, + libcrux_ml_kem_ntt_ntt_at_layer_4_plus_48(&zeta_i, re, (size_t)7U, (size_t)3328U); - libcrux_ml_kem_ntt_ntt_at_layer_4_plus_b8(&zeta_i, re, (size_t)6U, + libcrux_ml_kem_ntt_ntt_at_layer_4_plus_48(&zeta_i, re, (size_t)6U, (size_t)3328U); - libcrux_ml_kem_ntt_ntt_at_layer_4_plus_b8(&zeta_i, re, (size_t)5U, + libcrux_ml_kem_ntt_ntt_at_layer_4_plus_48(&zeta_i, re, (size_t)5U, (size_t)3328U); - libcrux_ml_kem_ntt_ntt_at_layer_4_plus_b8(&zeta_i, re, (size_t)4U, + libcrux_ml_kem_ntt_ntt_at_layer_4_plus_48(&zeta_i, re, (size_t)4U, (size_t)3328U); - libcrux_ml_kem_ntt_ntt_at_layer_3_5f(&zeta_i, re, (size_t)3U, (size_t)3328U); - libcrux_ml_kem_ntt_ntt_at_layer_2_c2(&zeta_i, re, (size_t)2U, (size_t)3328U); - libcrux_ml_kem_ntt_ntt_at_layer_1_60(&zeta_i, re, (size_t)1U, (size_t)3328U); - libcrux_ml_kem_polynomial_poly_barrett_reduce_d6_2b(re); + libcrux_ml_kem_ntt_ntt_at_layer_3_c0(&zeta_i, re, (size_t)3U, (size_t)3328U); + libcrux_ml_kem_ntt_ntt_at_layer_2_9a(&zeta_i, re, (size_t)2U, (size_t)3328U); + libcrux_ml_kem_ntt_ntt_at_layer_1_03(&zeta_i, re, (size_t)1U, (size_t)3328U); + libcrux_ml_kem_polynomial_poly_barrett_reduce_d6_5c(re); } /** @@ -1697,7 +1717,7 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE void -libcrux_ml_kem_ind_cpa_deserialize_then_decompress_u_6c( +libcrux_ml_kem_ind_cpa_deserialize_then_decompress_u_0a( uint8_t *ciphertext, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 ret[3U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 u_as_ntt[3U]; @@ -1722,9 +1742,9 @@ libcrux_ml_kem_ind_cpa_deserialize_then_decompress_u_6c( (size_t)10U / (size_t)8U, uint8_t); u_as_ntt[i0] = - libcrux_ml_kem_serialize_deserialize_then_decompress_ring_element_u_62( + libcrux_ml_kem_serialize_deserialize_then_decompress_ring_element_u_75( u_bytes); - libcrux_ml_kem_ntt_ntt_vector_u_72(&u_as_ntt[i0]); + libcrux_ml_kem_ntt_ntt_vector_u_76(&u_as_ntt[i0]); } memcpy( ret, u_as_ntt, @@ -1739,7 +1759,7 @@ generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE __m256i -libcrux_ml_kem_vector_avx2_compress_decompress_ciphertext_coefficient_b01( +libcrux_ml_kem_vector_avx2_compress_decompress_ciphertext_coefficient_251( __m256i vector) { __m256i field_modulus = libcrux_intrinsics_avx2_mm256_set1_epi32( (int32_t)LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_MODULUS); @@ -1791,9 +1811,9 @@ generics */ KRML_ATTRIBUTE_TARGET("avx2") static inline __m256i -libcrux_ml_kem_vector_avx2_decompress_ciphertext_coefficient_ea_611( +libcrux_ml_kem_vector_avx2_decompress_ciphertext_coefficient_ea_c11( __m256i vector) { - return libcrux_ml_kem_vector_avx2_compress_decompress_ciphertext_coefficient_b01( + return libcrux_ml_kem_vector_avx2_compress_decompress_ciphertext_coefficient_251( vector); } @@ -1805,7 +1825,7 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -libcrux_ml_kem_serialize_deserialize_then_decompress_4_e1( +libcrux_ml_kem_serialize_deserialize_then_decompress_4_34( Eurydice_slice serialized) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 re = libcrux_ml_kem_polynomial_ZERO_d6_7d(); @@ -1816,7 +1836,7 @@ libcrux_ml_kem_serialize_deserialize_then_decompress_4_e1( serialized, i0 * (size_t)8U, i0 * (size_t)8U + (size_t)8U, uint8_t); __m256i coefficient = libcrux_ml_kem_vector_avx2_deserialize_4_ea(bytes); re.coefficients[i0] = - libcrux_ml_kem_vector_avx2_decompress_ciphertext_coefficient_ea_611( + libcrux_ml_kem_vector_avx2_decompress_ciphertext_coefficient_ea_c11( coefficient); } return re; @@ -1830,7 +1850,7 @@ generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE __m256i -libcrux_ml_kem_vector_avx2_compress_decompress_ciphertext_coefficient_b02( +libcrux_ml_kem_vector_avx2_compress_decompress_ciphertext_coefficient_252( __m256i vector) { __m256i field_modulus = libcrux_intrinsics_avx2_mm256_set1_epi32( (int32_t)LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_MODULUS); @@ -1882,9 +1902,9 @@ generics */ KRML_ATTRIBUTE_TARGET("avx2") static inline __m256i -libcrux_ml_kem_vector_avx2_decompress_ciphertext_coefficient_ea_612( +libcrux_ml_kem_vector_avx2_decompress_ciphertext_coefficient_ea_c12( __m256i vector) { - return libcrux_ml_kem_vector_avx2_compress_decompress_ciphertext_coefficient_b02( + return libcrux_ml_kem_vector_avx2_compress_decompress_ciphertext_coefficient_252( vector); } @@ -1896,7 +1916,7 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -libcrux_ml_kem_serialize_deserialize_then_decompress_5_4e( +libcrux_ml_kem_serialize_deserialize_then_decompress_5_ab( Eurydice_slice serialized) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 re = libcrux_ml_kem_polynomial_ZERO_d6_7d(); @@ -1907,7 +1927,7 @@ libcrux_ml_kem_serialize_deserialize_then_decompress_5_4e( serialized, i0 * (size_t)10U, i0 * (size_t)10U + (size_t)10U, uint8_t); re.coefficients[i0] = libcrux_ml_kem_vector_avx2_deserialize_5_ea(bytes); re.coefficients[i0] = - libcrux_ml_kem_vector_avx2_decompress_ciphertext_coefficient_ea_612( + libcrux_ml_kem_vector_avx2_decompress_ciphertext_coefficient_ea_c12( re.coefficients[i0]); } return re; @@ -1921,9 +1941,9 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -libcrux_ml_kem_serialize_deserialize_then_decompress_ring_element_v_86( +libcrux_ml_kem_serialize_deserialize_then_decompress_ring_element_v_8e( Eurydice_slice serialized) { - return libcrux_ml_kem_serialize_deserialize_then_decompress_4_e1(serialized); + return libcrux_ml_kem_serialize_deserialize_then_decompress_4_34(serialized); } /** @@ -1966,7 +1986,7 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -libcrux_ml_kem_polynomial_ntt_multiply_d6_f1( +libcrux_ml_kem_polynomial_ntt_multiply_d6_c4( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *self, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *rhs) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 out = @@ -2007,7 +2027,7 @@ with const generics - K= 3 */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_ml_kem_polynomial_add_to_ring_element_d6_b8( +static KRML_MUSTINLINE void libcrux_ml_kem_polynomial_add_to_ring_element_d6_86( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *self, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *rhs) { for (size_t i = (size_t)0U; @@ -2028,7 +2048,7 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_1_f2( +static KRML_MUSTINLINE void libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_1_6f( size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re, size_t _layer) { for (size_t i = (size_t)0U; i < (size_t)16U; i++) { @@ -2055,7 +2075,7 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_2_96( +static KRML_MUSTINLINE void libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_2_b3( size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re, size_t _layer) { for (size_t i = (size_t)0U; i < (size_t)16U; i++) { @@ -2078,7 +2098,7 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_3_26( +static KRML_MUSTINLINE void libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_3_09( size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re, size_t _layer) { for (size_t i = (size_t)0U; i < (size_t)16U; i++) { @@ -2099,13 +2119,13 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE libcrux_ml_kem_vector_avx2_SIMD256Vector_x2 -libcrux_ml_kem_invert_ntt_inv_ntt_layer_int_vec_step_reduce_f1(__m256i a, +libcrux_ml_kem_invert_ntt_inv_ntt_layer_int_vec_step_reduce_7c(__m256i a, __m256i b, int16_t zeta_r) { __m256i a_minus_b = libcrux_ml_kem_vector_avx2_sub_ea(b, &a); a = libcrux_ml_kem_vector_avx2_barrett_reduce_ea( libcrux_ml_kem_vector_avx2_add_ea(a, &b)); - b = libcrux_ml_kem_vector_traits_montgomery_multiply_fe_aa(a_minus_b, zeta_r); + b = libcrux_ml_kem_vector_traits_montgomery_multiply_fe_71(a_minus_b, zeta_r); return (CLITERAL(libcrux_ml_kem_vector_avx2_SIMD256Vector_x2){.fst = a, .snd = b}); } @@ -2118,7 +2138,7 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE void -libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_4_plus_bb( +libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_4_plus_6c( size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re, size_t layer) { size_t step = (size_t)1U << (uint32_t)layer; @@ -2133,7 +2153,7 @@ libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_4_plus_bb( for (size_t i = offset_vec; i < offset_vec + step_vec; i++) { size_t j = i; libcrux_ml_kem_vector_avx2_SIMD256Vector_x2 uu____0 = - libcrux_ml_kem_invert_ntt_inv_ntt_layer_int_vec_step_reduce_f1( + libcrux_ml_kem_invert_ntt_inv_ntt_layer_int_vec_step_reduce_7c( re->coefficients[j], re->coefficients[j + step_vec], libcrux_ml_kem_polynomial_ZETAS_TIMES_MONTGOMERY_R[zeta_i[0U]]); __m256i x = uu____0.fst; @@ -2151,22 +2171,22 @@ with const generics - K= 3 */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_ml_kem_invert_ntt_invert_ntt_montgomery_44( +static KRML_MUSTINLINE void libcrux_ml_kem_invert_ntt_invert_ntt_montgomery_ce( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re) { size_t zeta_i = LIBCRUX_ML_KEM_CONSTANTS_COEFFICIENTS_IN_RING_ELEMENT / (size_t)2U; - libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_1_f2(&zeta_i, re, (size_t)1U); - libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_2_96(&zeta_i, re, (size_t)2U); - libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_3_26(&zeta_i, re, (size_t)3U); - libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_4_plus_bb(&zeta_i, re, + libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_1_6f(&zeta_i, re, (size_t)1U); + libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_2_b3(&zeta_i, re, (size_t)2U); + libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_3_09(&zeta_i, re, (size_t)3U); + libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_4_plus_6c(&zeta_i, re, (size_t)4U); - libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_4_plus_bb(&zeta_i, re, + libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_4_plus_6c(&zeta_i, re, (size_t)5U); - libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_4_plus_bb(&zeta_i, re, + libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_4_plus_6c(&zeta_i, re, (size_t)6U); - libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_4_plus_bb(&zeta_i, re, + libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_4_plus_6c(&zeta_i, re, (size_t)7U); - libcrux_ml_kem_polynomial_poly_barrett_reduce_d6_2b(re); + libcrux_ml_kem_polynomial_poly_barrett_reduce_d6_5c(re); } /** @@ -2182,7 +2202,7 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -libcrux_ml_kem_polynomial_subtract_reduce_d6_c9( +libcrux_ml_kem_polynomial_subtract_reduce_d6_69( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *self, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 b) { for (size_t i = (size_t)0U; @@ -2212,7 +2232,7 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -libcrux_ml_kem_matrix_compute_message_4a( +libcrux_ml_kem_matrix_compute_message_b0( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *v, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *secret_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *u_as_ntt) { @@ -2221,12 +2241,12 @@ libcrux_ml_kem_matrix_compute_message_4a( for (size_t i = (size_t)0U; i < (size_t)3U; i++) { size_t i0 = i; libcrux_ml_kem_polynomial_PolynomialRingElement_d2 product = - libcrux_ml_kem_polynomial_ntt_multiply_d6_f1(&secret_as_ntt[i0], + libcrux_ml_kem_polynomial_ntt_multiply_d6_c4(&secret_as_ntt[i0], &u_as_ntt[i0]); - libcrux_ml_kem_polynomial_add_to_ring_element_d6_b8(&result, &product); + libcrux_ml_kem_polynomial_add_to_ring_element_d6_86(&result, &product); } - libcrux_ml_kem_invert_ntt_invert_ntt_montgomery_44(&result); - result = libcrux_ml_kem_polynomial_subtract_reduce_d6_c9(v, result); + libcrux_ml_kem_invert_ntt_invert_ntt_montgomery_ce(&result); + result = libcrux_ml_kem_polynomial_subtract_reduce_d6_69(v, result); return result; } @@ -2237,7 +2257,7 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE __m256i -libcrux_ml_kem_vector_avx2_arithmetic_shift_right_7f(__m256i vector) { +libcrux_ml_kem_vector_avx2_arithmetic_shift_right_b1(__m256i vector) { return libcrux_intrinsics_avx2_mm256_srai_epi16((int32_t)15, vector, __m256i); } @@ -2251,9 +2271,9 @@ with const generics - SHIFT_BY= 15 */ KRML_ATTRIBUTE_TARGET("avx2") -static inline __m256i libcrux_ml_kem_vector_avx2_shift_right_ea_cf( +static inline __m256i libcrux_ml_kem_vector_avx2_shift_right_ea_70( __m256i vector) { - return libcrux_ml_kem_vector_avx2_arithmetic_shift_right_7f(vector); + return libcrux_ml_kem_vector_avx2_arithmetic_shift_right_b1(vector); } /** @@ -2264,8 +2284,8 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static inline __m256i -libcrux_ml_kem_vector_traits_to_unsigned_representative_c0(__m256i a) { - __m256i t = libcrux_ml_kem_vector_avx2_shift_right_ea_cf(a); +libcrux_ml_kem_vector_traits_to_unsigned_representative_09(__m256i a) { + __m256i t = libcrux_ml_kem_vector_avx2_shift_right_ea_70(a); __m256i fm = libcrux_ml_kem_vector_avx2_bitwise_and_with_constant_ea( t, LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_MODULUS); return libcrux_ml_kem_vector_avx2_add_ea(a, &fm); @@ -2279,13 +2299,13 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE void -libcrux_ml_kem_serialize_compress_then_serialize_message_a4( +libcrux_ml_kem_serialize_compress_then_serialize_message_6f( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 re, uint8_t ret[32U]) { uint8_t serialized[32U] = {0U}; for (size_t i = (size_t)0U; i < (size_t)16U; i++) { size_t i0 = i; __m256i coefficient = - libcrux_ml_kem_vector_traits_to_unsigned_representative_c0( + libcrux_ml_kem_vector_traits_to_unsigned_representative_09( re.coefficients[i0]); __m256i coefficient_compressed = libcrux_ml_kem_vector_avx2_compress_1_ea(coefficient); @@ -2334,20 +2354,20 @@ with const generics - V_COMPRESSION_FACTOR= 4 */ KRML_ATTRIBUTE_TARGET("avx2") -static inline void libcrux_ml_kem_ind_cpa_decrypt_unpacked_40( +static inline void libcrux_ml_kem_ind_cpa_decrypt_unpacked_d2( libcrux_ml_kem_ind_cpa_unpacked_IndCpaPrivateKeyUnpacked_a0 *secret_key, uint8_t *ciphertext, uint8_t ret[32U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 u_as_ntt[3U]; - libcrux_ml_kem_ind_cpa_deserialize_then_decompress_u_6c(ciphertext, u_as_ntt); + libcrux_ml_kem_ind_cpa_deserialize_then_decompress_u_0a(ciphertext, u_as_ntt); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 v = - libcrux_ml_kem_serialize_deserialize_then_decompress_ring_element_v_86( + libcrux_ml_kem_serialize_deserialize_then_decompress_ring_element_v_8e( Eurydice_array_to_subslice_from((size_t)1088U, ciphertext, (size_t)960U, uint8_t, size_t)); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 message = - libcrux_ml_kem_matrix_compute_message_4a(&v, secret_key->secret_as_ntt, + libcrux_ml_kem_matrix_compute_message_b0(&v, secret_key->secret_as_ntt, u_as_ntt); uint8_t ret0[32U]; - libcrux_ml_kem_serialize_compress_then_serialize_message_a4(message, ret0); + libcrux_ml_kem_serialize_compress_then_serialize_message_6f(message, ret0); memcpy(ret, ret0, (size_t)32U * sizeof(uint8_t)); } @@ -2362,11 +2382,11 @@ with const generics - V_COMPRESSION_FACTOR= 4 */ KRML_ATTRIBUTE_TARGET("avx2") -static inline void libcrux_ml_kem_ind_cpa_decrypt_5e(Eurydice_slice secret_key, +static inline void libcrux_ml_kem_ind_cpa_decrypt_18(Eurydice_slice secret_key, uint8_t *ciphertext, uint8_t ret[32U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 secret_as_ntt[3U]; - libcrux_ml_kem_ind_cpa_deserialize_secret_key_14(secret_key, secret_as_ntt); + libcrux_ml_kem_ind_cpa_deserialize_secret_key_48(secret_key, secret_as_ntt); /* Passing arrays by value in Rust generates a copy in C */ libcrux_ml_kem_polynomial_PolynomialRingElement_d2 copy_of_secret_as_ntt[3U]; memcpy( @@ -2378,7 +2398,7 @@ static inline void libcrux_ml_kem_ind_cpa_decrypt_5e(Eurydice_slice secret_key, secret_key_unpacked.secret_as_ntt, copy_of_secret_as_ntt, (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); uint8_t ret0[32U]; - libcrux_ml_kem_ind_cpa_decrypt_unpacked_40(&secret_key_unpacked, ciphertext, + libcrux_ml_kem_ind_cpa_decrypt_unpacked_d2(&secret_key_unpacked, ciphertext, ret0); memcpy(ret, ret0, (size_t)32U * sizeof(uint8_t)); } @@ -2441,7 +2461,7 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static inline libcrux_ml_kem_ind_cpa_unpacked_IndCpaPublicKeyUnpacked_a0 -libcrux_ml_kem_ind_cpa_unpacked_default_8d_80(void) { +libcrux_ml_kem_ind_cpa_unpacked_default_8d_20(void) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 uu____0[3U]; for (size_t i = (size_t)0U; i < (size_t)3U; i++) { uu____0[i] = libcrux_ml_kem_polynomial_ZERO_d6_7d(); @@ -2478,7 +2498,7 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -libcrux_ml_kem_serialize_deserialize_to_reduced_ring_element_49( +libcrux_ml_kem_serialize_deserialize_to_reduced_ring_element_38( Eurydice_slice serialized) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 re = libcrux_ml_kem_polynomial_ZERO_d6_7d(); @@ -2506,7 +2526,7 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE void -libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_75( +libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_96( Eurydice_slice public_key, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *deserialized_pk) { for (size_t i = (size_t)0U; @@ -2520,7 +2540,7 @@ libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_75( LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT, uint8_t); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 uu____0 = - libcrux_ml_kem_serialize_deserialize_to_reduced_ring_element_49( + libcrux_ml_kem_serialize_deserialize_to_reduced_ring_element_38( ring_element); deserialized_pk[i0] = uu____0; } @@ -2668,7 +2688,7 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE bool -libcrux_ml_kem_sampling_sample_from_uniform_distribution_next_74( +libcrux_ml_kem_sampling_sample_from_uniform_distribution_next_b8( uint8_t randomness[3U][504U], size_t *sampled_coefficients, int16_t (*out)[272U]) { for (size_t i0 = (size_t)0U; i0 < (size_t)3U; i0++) { @@ -2800,7 +2820,7 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE bool -libcrux_ml_kem_sampling_sample_from_uniform_distribution_next_740( +libcrux_ml_kem_sampling_sample_from_uniform_distribution_next_b80( uint8_t randomness[3U][168U], size_t *sampled_coefficients, int16_t (*out)[272U]) { for (size_t i0 = (size_t)0U; i0 < (size_t)3U; i0++) { @@ -2848,7 +2868,7 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -libcrux_ml_kem_polynomial_from_i16_array_d6_14(Eurydice_slice a) { +libcrux_ml_kem_polynomial_from_i16_array_d6_df(Eurydice_slice a) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 result = libcrux_ml_kem_polynomial_ZERO_d6_7d(); for (size_t i = (size_t)0U; @@ -2869,8 +2889,8 @@ libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static inline libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -libcrux_ml_kem_sampling_sample_from_xof_closure_e4(int16_t s[272U]) { - return libcrux_ml_kem_polynomial_from_i16_array_d6_14( +libcrux_ml_kem_sampling_sample_from_xof_closure_f9(int16_t s[272U]) { + return libcrux_ml_kem_polynomial_from_i16_array_d6_df( Eurydice_array_to_subslice2(s, (size_t)0U, (size_t)256U, int16_t)); } @@ -2881,7 +2901,7 @@ libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics - K= 3 */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_ml_kem_sampling_sample_from_xof_67( +static KRML_MUSTINLINE void libcrux_ml_kem_sampling_sample_from_xof_a3( uint8_t seeds[3U][34U], libcrux_ml_kem_polynomial_PolynomialRingElement_d2 ret[3U]) { size_t sampled_coefficients[3U] = {0U}; @@ -2898,7 +2918,7 @@ static KRML_MUSTINLINE void libcrux_ml_kem_sampling_sample_from_xof_67( /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness0[3U][504U]; memcpy(copy_of_randomness0, randomness0, (size_t)3U * sizeof(uint8_t[504U])); - bool done = libcrux_ml_kem_sampling_sample_from_uniform_distribution_next_74( + bool done = libcrux_ml_kem_sampling_sample_from_uniform_distribution_next_b8( copy_of_randomness0, sampled_coefficients, out); while (true) { if (done) { @@ -2911,7 +2931,7 @@ static KRML_MUSTINLINE void libcrux_ml_kem_sampling_sample_from_xof_67( uint8_t copy_of_randomness[3U][168U]; memcpy(copy_of_randomness, randomness, (size_t)3U * sizeof(uint8_t[168U])); - done = libcrux_ml_kem_sampling_sample_from_uniform_distribution_next_740( + done = libcrux_ml_kem_sampling_sample_from_uniform_distribution_next_b80( copy_of_randomness, sampled_coefficients, out); } } @@ -2921,7 +2941,7 @@ static KRML_MUSTINLINE void libcrux_ml_kem_sampling_sample_from_xof_67( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 ret0[3U]; for (size_t i = (size_t)0U; i < (size_t)3U; i++) { ret0[i] = - libcrux_ml_kem_sampling_sample_from_xof_closure_e4(copy_of_out[i]); + libcrux_ml_kem_sampling_sample_from_xof_closure_f9(copy_of_out[i]); } memcpy( ret, ret0, @@ -2935,7 +2955,7 @@ libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics - K= 3 */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_ml_kem_matrix_sample_matrix_A_34( +static KRML_MUSTINLINE void libcrux_ml_kem_matrix_sample_matrix_A_8e( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 (*A_transpose)[3U], uint8_t seed[34U], bool transpose) { for (size_t i0 = (size_t)0U; i0 < (size_t)3U; i0++) { @@ -2956,7 +2976,7 @@ static KRML_MUSTINLINE void libcrux_ml_kem_matrix_sample_matrix_A_34( uint8_t copy_of_seeds[3U][34U]; memcpy(copy_of_seeds, seeds, (size_t)3U * sizeof(uint8_t[34U])); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 sampled[3U]; - libcrux_ml_kem_sampling_sample_from_xof_67(copy_of_seeds, sampled); + libcrux_ml_kem_sampling_sample_from_xof_a3(copy_of_seeds, sampled); for (size_t i = (size_t)0U; i < Eurydice_slice_len( Eurydice_array_to_slice( @@ -2997,7 +3017,7 @@ libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static inline libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_out_closure_61(size_t _i) { +libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_out_closure_36(size_t _i) { return libcrux_ml_kem_polynomial_ZERO_d6_7d(); } @@ -3109,7 +3129,7 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -libcrux_ml_kem_sampling_sample_from_binomial_distribution_2_ea( +libcrux_ml_kem_sampling_sample_from_binomial_distribution_2_43( Eurydice_slice randomness) { int16_t sampled_i16s[256U] = {0U}; for (size_t i0 = (size_t)0U; @@ -3144,7 +3164,7 @@ libcrux_ml_kem_sampling_sample_from_binomial_distribution_2_ea( sampled_i16s[(size_t)8U * chunk_number + offset] = outcome_1 - outcome_2; } } - return libcrux_ml_kem_polynomial_from_i16_array_d6_14( + return libcrux_ml_kem_polynomial_from_i16_array_d6_df( Eurydice_array_to_slice((size_t)256U, sampled_i16s, int16_t)); } @@ -3156,7 +3176,7 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -libcrux_ml_kem_sampling_sample_from_binomial_distribution_3_3c( +libcrux_ml_kem_sampling_sample_from_binomial_distribution_3_a0( Eurydice_slice randomness) { int16_t sampled_i16s[256U] = {0U}; for (size_t i0 = (size_t)0U; @@ -3190,7 +3210,7 @@ libcrux_ml_kem_sampling_sample_from_binomial_distribution_3_3c( sampled_i16s[(size_t)4U * chunk_number + offset] = outcome_1 - outcome_2; } } - return libcrux_ml_kem_polynomial_from_i16_array_d6_14( + return libcrux_ml_kem_polynomial_from_i16_array_d6_df( Eurydice_array_to_slice((size_t)256U, sampled_i16s, int16_t)); } @@ -3202,9 +3222,9 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -libcrux_ml_kem_sampling_sample_from_binomial_distribution_af( +libcrux_ml_kem_sampling_sample_from_binomial_distribution_29( Eurydice_slice randomness) { - return libcrux_ml_kem_sampling_sample_from_binomial_distribution_2_ea( + return libcrux_ml_kem_sampling_sample_from_binomial_distribution_2_43( randomness); } @@ -3215,7 +3235,7 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_ml_kem_ntt_ntt_at_layer_7_ab( +static KRML_MUSTINLINE void libcrux_ml_kem_ntt_ntt_at_layer_7_c8( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re) { size_t step = LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT / (size_t)2U; for (size_t i = (size_t)0U; i < step; i++) { @@ -3237,20 +3257,20 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE void -libcrux_ml_kem_ntt_ntt_binomially_sampled_ring_element_d5( +libcrux_ml_kem_ntt_ntt_binomially_sampled_ring_element_7b( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re) { - libcrux_ml_kem_ntt_ntt_at_layer_7_ab(re); + libcrux_ml_kem_ntt_ntt_at_layer_7_c8(re); size_t zeta_i = (size_t)1U; - libcrux_ml_kem_ntt_ntt_at_layer_4_plus_b8(&zeta_i, re, (size_t)6U, + libcrux_ml_kem_ntt_ntt_at_layer_4_plus_48(&zeta_i, re, (size_t)6U, (size_t)3U); - libcrux_ml_kem_ntt_ntt_at_layer_4_plus_b8(&zeta_i, re, (size_t)5U, + libcrux_ml_kem_ntt_ntt_at_layer_4_plus_48(&zeta_i, re, (size_t)5U, (size_t)3U); - libcrux_ml_kem_ntt_ntt_at_layer_4_plus_b8(&zeta_i, re, (size_t)4U, + libcrux_ml_kem_ntt_ntt_at_layer_4_plus_48(&zeta_i, re, (size_t)4U, (size_t)3U); - libcrux_ml_kem_ntt_ntt_at_layer_3_5f(&zeta_i, re, (size_t)3U, (size_t)3U); - libcrux_ml_kem_ntt_ntt_at_layer_2_c2(&zeta_i, re, (size_t)2U, (size_t)3U); - libcrux_ml_kem_ntt_ntt_at_layer_1_60(&zeta_i, re, (size_t)1U, (size_t)3U); - libcrux_ml_kem_polynomial_poly_barrett_reduce_d6_2b(re); + libcrux_ml_kem_ntt_ntt_at_layer_3_c0(&zeta_i, re, (size_t)3U, (size_t)3U); + libcrux_ml_kem_ntt_ntt_at_layer_2_9a(&zeta_i, re, (size_t)2U, (size_t)3U); + libcrux_ml_kem_ntt_ntt_at_layer_1_03(&zeta_i, re, (size_t)1U, (size_t)3U); + libcrux_ml_kem_polynomial_poly_barrett_reduce_d6_5c(re); } /** @@ -3267,7 +3287,7 @@ libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE uint8_t -libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_ee( +libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_5f( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re_as_ntt, uint8_t prf_input[33U], uint8_t domain_separator) { /* Passing arrays by value in Rust generates a copy in C */ @@ -3287,9 +3307,9 @@ libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_ee( for (size_t i = (size_t)0U; i < (size_t)3U; i++) { size_t i0 = i; re_as_ntt[i0] = - libcrux_ml_kem_sampling_sample_from_binomial_distribution_af( + libcrux_ml_kem_sampling_sample_from_binomial_distribution_29( Eurydice_array_to_slice((size_t)128U, prf_outputs[i0], uint8_t)); - libcrux_ml_kem_ntt_ntt_binomially_sampled_ring_element_d5(&re_as_ntt[i0]); + libcrux_ml_kem_ntt_ntt_binomially_sampled_ring_element_7b(&re_as_ntt[i0]); } return domain_separator; } @@ -3304,7 +3324,7 @@ libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE tuple_b00 -libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_out_7f( +libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_out_35( uint8_t prf_input[33U], uint8_t domain_separator) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 re_as_ntt[3U]; for (size_t i = (size_t)0U; i < (size_t)3U; i++) { @@ -3313,7 +3333,7 @@ libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_out_7f( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *uu____0 = re_as_ntt; uint8_t uu____1[33U]; memcpy(uu____1, prf_input, (size_t)33U * sizeof(uint8_t)); - domain_separator = libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_ee( + domain_separator = libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_5f( uu____0, uu____1, domain_separator); /* Passing arrays by value in Rust generates a copy in C */ libcrux_ml_kem_polynomial_PolynomialRingElement_d2 copy_of_re_as_ntt[3U]; @@ -3338,7 +3358,7 @@ libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static inline libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -libcrux_ml_kem_ind_cpa_sample_ring_element_cbd_closure_a1(size_t _i) { +libcrux_ml_kem_ind_cpa_sample_ring_element_cbd_closure_b7(size_t _i) { return libcrux_ml_kem_polynomial_ZERO_d6_7d(); } @@ -3355,7 +3375,7 @@ libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE tuple_b00 -libcrux_ml_kem_ind_cpa_sample_ring_element_cbd_61(uint8_t prf_input[33U], +libcrux_ml_kem_ind_cpa_sample_ring_element_cbd_7b(uint8_t prf_input[33U], uint8_t domain_separator) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 error_1[3U]; for (size_t i = (size_t)0U; i < (size_t)3U; i++) { @@ -3378,7 +3398,7 @@ libcrux_ml_kem_ind_cpa_sample_ring_element_cbd_61(uint8_t prf_input[33U], for (size_t i = (size_t)0U; i < (size_t)3U; i++) { size_t i0 = i; libcrux_ml_kem_polynomial_PolynomialRingElement_d2 uu____1 = - libcrux_ml_kem_sampling_sample_from_binomial_distribution_af( + libcrux_ml_kem_sampling_sample_from_binomial_distribution_29( Eurydice_array_to_slice((size_t)128U, prf_outputs[i0], uint8_t)); error_1[i0] = uu____1; } @@ -3433,7 +3453,7 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static inline libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -libcrux_ml_kem_matrix_compute_vector_u_closure_02(size_t _i) { +libcrux_ml_kem_matrix_compute_vector_u_closure_e0(size_t _i) { return libcrux_ml_kem_polynomial_ZERO_d6_7d(); } @@ -3449,7 +3469,7 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_ml_kem_polynomial_add_error_reduce_d6_b5( +static KRML_MUSTINLINE void libcrux_ml_kem_polynomial_add_error_reduce_d6_61( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *self, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *error) { for (size_t i = (size_t)0U; @@ -3474,7 +3494,7 @@ with const generics - K= 3 */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_ml_kem_matrix_compute_vector_u_fe( +static KRML_MUSTINLINE void libcrux_ml_kem_matrix_compute_vector_u_8d( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 (*a_as_ntt)[3U], libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *r_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *error_1, @@ -3502,12 +3522,12 @@ static KRML_MUSTINLINE void libcrux_ml_kem_matrix_compute_vector_u_fe( size_t j = i; libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *a_element = &row[j]; libcrux_ml_kem_polynomial_PolynomialRingElement_d2 product = - libcrux_ml_kem_polynomial_ntt_multiply_d6_f1(a_element, &r_as_ntt[j]); - libcrux_ml_kem_polynomial_add_to_ring_element_d6_b8(&result[i1], + libcrux_ml_kem_polynomial_ntt_multiply_d6_c4(a_element, &r_as_ntt[j]); + libcrux_ml_kem_polynomial_add_to_ring_element_d6_86(&result[i1], &product); } - libcrux_ml_kem_invert_ntt_invert_ntt_montgomery_44(&result[i1]); - libcrux_ml_kem_polynomial_add_error_reduce_d6_b5(&result[i1], &error_1[i1]); + libcrux_ml_kem_invert_ntt_invert_ntt_montgomery_ce(&result[i1]); + libcrux_ml_kem_polynomial_add_error_reduce_d6_61(&result[i1], &error_1[i1]); } memcpy( ret, result, @@ -3521,7 +3541,7 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") -static inline __m256i libcrux_ml_kem_vector_traits_decompress_1_17(__m256i v) { +static inline __m256i libcrux_ml_kem_vector_traits_decompress_1_ef(__m256i v) { return libcrux_ml_kem_vector_avx2_bitwise_and_with_constant_ea( libcrux_ml_kem_vector_avx2_sub_ea(libcrux_ml_kem_vector_avx2_ZERO_ea(), &v), @@ -3536,7 +3556,7 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -libcrux_ml_kem_serialize_deserialize_then_decompress_message_df( +libcrux_ml_kem_serialize_deserialize_then_decompress_message_b3( uint8_t serialized[32U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 re = libcrux_ml_kem_polynomial_ZERO_d6_7d(); @@ -3547,7 +3567,7 @@ libcrux_ml_kem_serialize_deserialize_then_decompress_message_df( Eurydice_array_to_subslice2(serialized, (size_t)2U * i0, (size_t)2U * i0 + (size_t)2U, uint8_t)); re.coefficients[i0] = - libcrux_ml_kem_vector_traits_decompress_1_17(coefficient_compressed); + libcrux_ml_kem_vector_traits_decompress_1_ef(coefficient_compressed); } return re; } @@ -3565,7 +3585,7 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -libcrux_ml_kem_polynomial_add_message_error_reduce_d6_77( +libcrux_ml_kem_polynomial_add_message_error_reduce_d6_fa( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *self, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *message, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 result) { @@ -3596,7 +3616,7 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -libcrux_ml_kem_matrix_compute_ring_element_v_c1( +libcrux_ml_kem_matrix_compute_ring_element_v_f5( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *t_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *r_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *error_2, @@ -3606,12 +3626,12 @@ libcrux_ml_kem_matrix_compute_ring_element_v_c1( for (size_t i = (size_t)0U; i < (size_t)3U; i++) { size_t i0 = i; libcrux_ml_kem_polynomial_PolynomialRingElement_d2 product = - libcrux_ml_kem_polynomial_ntt_multiply_d6_f1(&t_as_ntt[i0], + libcrux_ml_kem_polynomial_ntt_multiply_d6_c4(&t_as_ntt[i0], &r_as_ntt[i0]); - libcrux_ml_kem_polynomial_add_to_ring_element_d6_b8(&result, &product); + libcrux_ml_kem_polynomial_add_to_ring_element_d6_86(&result, &product); } - libcrux_ml_kem_invert_ntt_invert_ntt_montgomery_44(&result); - result = libcrux_ml_kem_polynomial_add_message_error_reduce_d6_77( + libcrux_ml_kem_invert_ntt_invert_ntt_montgomery_ce(&result); + result = libcrux_ml_kem_polynomial_add_message_error_reduce_d6_fa( error_2, message, result); return result; } @@ -3624,7 +3644,7 @@ generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE __m256i -libcrux_ml_kem_vector_avx2_compress_compress_ciphertext_coefficient_cc( +libcrux_ml_kem_vector_avx2_compress_compress_ciphertext_coefficient_a0( __m256i vector) { __m256i field_modulus_halved = libcrux_intrinsics_avx2_mm256_set1_epi32( ((int32_t)LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_MODULUS - (int32_t)1) / @@ -3679,9 +3699,9 @@ with const generics - COEFFICIENT_BITS= 10 */ KRML_ATTRIBUTE_TARGET("avx2") -static inline __m256i libcrux_ml_kem_vector_avx2_compress_ea_66( +static inline __m256i libcrux_ml_kem_vector_avx2_compress_ea_69( __m256i vector) { - return libcrux_ml_kem_vector_avx2_compress_compress_ciphertext_coefficient_cc( + return libcrux_ml_kem_vector_avx2_compress_compress_ciphertext_coefficient_a0( vector); } @@ -3693,14 +3713,14 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE void -libcrux_ml_kem_serialize_compress_then_serialize_10_ba( +libcrux_ml_kem_serialize_compress_then_serialize_10_5d( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re, uint8_t ret[320U]) { uint8_t serialized[320U] = {0U}; for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { size_t i0 = i; - __m256i coefficient = libcrux_ml_kem_vector_avx2_compress_ea_66( - libcrux_ml_kem_vector_traits_to_unsigned_representative_c0( + __m256i coefficient = libcrux_ml_kem_vector_avx2_compress_ea_69( + libcrux_ml_kem_vector_traits_to_unsigned_representative_09( re->coefficients[i0])); uint8_t bytes[20U]; libcrux_ml_kem_vector_avx2_serialize_10_ea(coefficient, bytes); @@ -3720,7 +3740,7 @@ generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE __m256i -libcrux_ml_kem_vector_avx2_compress_compress_ciphertext_coefficient_cc0( +libcrux_ml_kem_vector_avx2_compress_compress_ciphertext_coefficient_a00( __m256i vector) { __m256i field_modulus_halved = libcrux_intrinsics_avx2_mm256_set1_epi32( ((int32_t)LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_MODULUS - (int32_t)1) / @@ -3775,9 +3795,9 @@ with const generics - COEFFICIENT_BITS= 11 */ KRML_ATTRIBUTE_TARGET("avx2") -static inline __m256i libcrux_ml_kem_vector_avx2_compress_ea_660( +static inline __m256i libcrux_ml_kem_vector_avx2_compress_ea_690( __m256i vector) { - return libcrux_ml_kem_vector_avx2_compress_compress_ciphertext_coefficient_cc0( + return libcrux_ml_kem_vector_avx2_compress_compress_ciphertext_coefficient_a00( vector); } @@ -3789,14 +3809,14 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE void -libcrux_ml_kem_serialize_compress_then_serialize_11_ce( +libcrux_ml_kem_serialize_compress_then_serialize_11_b7( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re, uint8_t ret[320U]) { uint8_t serialized[320U] = {0U}; for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { size_t i0 = i; - __m256i coefficient = libcrux_ml_kem_vector_avx2_compress_ea_660( - libcrux_ml_kem_vector_traits_to_unsigned_representative_c0( + __m256i coefficient = libcrux_ml_kem_vector_avx2_compress_ea_690( + libcrux_ml_kem_vector_traits_to_unsigned_representative_09( re->coefficients[i0])); uint8_t bytes[22U]; libcrux_ml_kem_vector_avx2_serialize_11_ea(coefficient, bytes); @@ -3817,10 +3837,10 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE void -libcrux_ml_kem_serialize_compress_then_serialize_ring_element_u_89( +libcrux_ml_kem_serialize_compress_then_serialize_ring_element_u_88( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re, uint8_t ret[320U]) { uint8_t uu____0[320U]; - libcrux_ml_kem_serialize_compress_then_serialize_10_ba(re, uu____0); + libcrux_ml_kem_serialize_compress_then_serialize_10_5d(re, uu____0); memcpy(ret, uu____0, (size_t)320U * sizeof(uint8_t)); } @@ -3837,7 +3857,7 @@ with const generics - BLOCK_LEN= 320 */ KRML_ATTRIBUTE_TARGET("avx2") -static inline void libcrux_ml_kem_ind_cpa_compress_then_serialize_u_e1( +static inline void libcrux_ml_kem_ind_cpa_compress_then_serialize_u_5d( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 input[3U], Eurydice_slice out) { for (size_t i = (size_t)0U; @@ -3853,7 +3873,7 @@ static inline void libcrux_ml_kem_ind_cpa_compress_then_serialize_u_e1( out, i0 * ((size_t)960U / (size_t)3U), (i0 + (size_t)1U) * ((size_t)960U / (size_t)3U), uint8_t); uint8_t ret[320U]; - libcrux_ml_kem_serialize_compress_then_serialize_ring_element_u_89(&re, + libcrux_ml_kem_serialize_compress_then_serialize_ring_element_u_88(&re, ret); Eurydice_slice_copy( uu____0, Eurydice_array_to_slice((size_t)320U, ret, uint8_t), uint8_t); @@ -3868,7 +3888,7 @@ generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE __m256i -libcrux_ml_kem_vector_avx2_compress_compress_ciphertext_coefficient_cc1( +libcrux_ml_kem_vector_avx2_compress_compress_ciphertext_coefficient_a01( __m256i vector) { __m256i field_modulus_halved = libcrux_intrinsics_avx2_mm256_set1_epi32( ((int32_t)LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_MODULUS - (int32_t)1) / @@ -3923,9 +3943,9 @@ with const generics - COEFFICIENT_BITS= 4 */ KRML_ATTRIBUTE_TARGET("avx2") -static inline __m256i libcrux_ml_kem_vector_avx2_compress_ea_661( +static inline __m256i libcrux_ml_kem_vector_avx2_compress_ea_691( __m256i vector) { - return libcrux_ml_kem_vector_avx2_compress_compress_ciphertext_coefficient_cc1( + return libcrux_ml_kem_vector_avx2_compress_compress_ciphertext_coefficient_a01( vector); } @@ -3937,14 +3957,14 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE void -libcrux_ml_kem_serialize_compress_then_serialize_4_1e( +libcrux_ml_kem_serialize_compress_then_serialize_4_a1( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 re, Eurydice_slice serialized) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { size_t i0 = i; - __m256i coefficient = libcrux_ml_kem_vector_avx2_compress_ea_661( - libcrux_ml_kem_vector_traits_to_unsigned_representative_c0( + __m256i coefficient = libcrux_ml_kem_vector_avx2_compress_ea_691( + libcrux_ml_kem_vector_traits_to_unsigned_representative_09( re.coefficients[i0])); uint8_t bytes[8U]; libcrux_ml_kem_vector_avx2_serialize_4_ea(coefficient, bytes); @@ -3963,7 +3983,7 @@ generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE __m256i -libcrux_ml_kem_vector_avx2_compress_compress_ciphertext_coefficient_cc2( +libcrux_ml_kem_vector_avx2_compress_compress_ciphertext_coefficient_a02( __m256i vector) { __m256i field_modulus_halved = libcrux_intrinsics_avx2_mm256_set1_epi32( ((int32_t)LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_MODULUS - (int32_t)1) / @@ -4018,9 +4038,9 @@ with const generics - COEFFICIENT_BITS= 5 */ KRML_ATTRIBUTE_TARGET("avx2") -static inline __m256i libcrux_ml_kem_vector_avx2_compress_ea_662( +static inline __m256i libcrux_ml_kem_vector_avx2_compress_ea_692( __m256i vector) { - return libcrux_ml_kem_vector_avx2_compress_compress_ciphertext_coefficient_cc2( + return libcrux_ml_kem_vector_avx2_compress_compress_ciphertext_coefficient_a02( vector); } @@ -4032,14 +4052,14 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE void -libcrux_ml_kem_serialize_compress_then_serialize_5_65( +libcrux_ml_kem_serialize_compress_then_serialize_5_63( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 re, Eurydice_slice serialized) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { size_t i0 = i; - __m256i coefficients = libcrux_ml_kem_vector_avx2_compress_ea_662( - libcrux_ml_kem_vector_traits_to_unsigned_representative_c0( + __m256i coefficients = libcrux_ml_kem_vector_avx2_compress_ea_692( + libcrux_ml_kem_vector_traits_to_unsigned_representative_09( re.coefficients[i0])); uint8_t bytes[10U]; libcrux_ml_kem_vector_avx2_serialize_5_ea(coefficients, bytes); @@ -4059,9 +4079,9 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE void -libcrux_ml_kem_serialize_compress_then_serialize_ring_element_v_e0( +libcrux_ml_kem_serialize_compress_then_serialize_ring_element_v_a4( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 re, Eurydice_slice out) { - libcrux_ml_kem_serialize_compress_then_serialize_4_1e(re, out); + libcrux_ml_kem_serialize_compress_then_serialize_4_a1(re, out); } /** @@ -4123,7 +4143,7 @@ libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics - ETA2_RANDOMNESS_SIZE= 128 */ KRML_ATTRIBUTE_TARGET("avx2") -static inline void libcrux_ml_kem_ind_cpa_encrypt_unpacked_e3( +static inline void libcrux_ml_kem_ind_cpa_encrypt_unpacked_0c( libcrux_ml_kem_ind_cpa_unpacked_IndCpaPublicKeyUnpacked_a0 *public_key, uint8_t message[32U], Eurydice_slice randomness, uint8_t ret[1088U]) { uint8_t prf_input[33U]; @@ -4131,7 +4151,7 @@ static inline void libcrux_ml_kem_ind_cpa_encrypt_unpacked_e3( /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_prf_input0[33U]; memcpy(copy_of_prf_input0, prf_input, (size_t)33U * sizeof(uint8_t)); - tuple_b00 uu____1 = libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_out_7f( + tuple_b00 uu____1 = libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_out_35( copy_of_prf_input0, 0U); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 r_as_ntt[3U]; memcpy( @@ -4141,7 +4161,7 @@ static inline void libcrux_ml_kem_ind_cpa_encrypt_unpacked_e3( /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_prf_input[33U]; memcpy(copy_of_prf_input, prf_input, (size_t)33U * sizeof(uint8_t)); - tuple_b00 uu____3 = libcrux_ml_kem_ind_cpa_sample_ring_element_cbd_61( + tuple_b00 uu____3 = libcrux_ml_kem_ind_cpa_sample_ring_element_cbd_7b( copy_of_prf_input, domain_separator0); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 error_1[3U]; memcpy( @@ -4153,30 +4173,30 @@ static inline void libcrux_ml_kem_ind_cpa_encrypt_unpacked_e3( libcrux_ml_kem_hash_functions_avx2_PRF_a9_420( Eurydice_array_to_slice((size_t)33U, prf_input, uint8_t), prf_output); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 error_2 = - libcrux_ml_kem_sampling_sample_from_binomial_distribution_af( + libcrux_ml_kem_sampling_sample_from_binomial_distribution_29( Eurydice_array_to_slice((size_t)128U, prf_output, uint8_t)); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 u[3U]; - libcrux_ml_kem_matrix_compute_vector_u_fe(public_key->A, r_as_ntt, error_1, + libcrux_ml_kem_matrix_compute_vector_u_8d(public_key->A, r_as_ntt, error_1, u); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_message[32U]; memcpy(copy_of_message, message, (size_t)32U * sizeof(uint8_t)); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 message_as_ring_element = - libcrux_ml_kem_serialize_deserialize_then_decompress_message_df( + libcrux_ml_kem_serialize_deserialize_then_decompress_message_b3( copy_of_message); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 v = - libcrux_ml_kem_matrix_compute_ring_element_v_c1( + libcrux_ml_kem_matrix_compute_ring_element_v_f5( public_key->t_as_ntt, r_as_ntt, &error_2, &message_as_ring_element); uint8_t ciphertext[1088U] = {0U}; libcrux_ml_kem_polynomial_PolynomialRingElement_d2 uu____5[3U]; memcpy( uu____5, u, (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); - libcrux_ml_kem_ind_cpa_compress_then_serialize_u_e1( + libcrux_ml_kem_ind_cpa_compress_then_serialize_u_5d( uu____5, Eurydice_array_to_subslice2(ciphertext, (size_t)0U, (size_t)960U, uint8_t)); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 uu____6 = v; - libcrux_ml_kem_serialize_compress_then_serialize_ring_element_v_e0( + libcrux_ml_kem_serialize_compress_then_serialize_ring_element_v_a4( uu____6, Eurydice_array_to_subslice_from((size_t)1088U, ciphertext, (size_t)960U, uint8_t, size_t)); memcpy(ret, ciphertext, (size_t)1088U * sizeof(uint8_t)); @@ -4200,13 +4220,13 @@ libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics - ETA2_RANDOMNESS_SIZE= 128 */ KRML_ATTRIBUTE_TARGET("avx2") -static inline void libcrux_ml_kem_ind_cpa_encrypt_3b(Eurydice_slice public_key, +static inline void libcrux_ml_kem_ind_cpa_encrypt_ea(Eurydice_slice public_key, uint8_t message[32U], Eurydice_slice randomness, uint8_t ret[1088U]) { libcrux_ml_kem_ind_cpa_unpacked_IndCpaPublicKeyUnpacked_a0 - unpacked_public_key = libcrux_ml_kem_ind_cpa_unpacked_default_8d_80(); - libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_75( + unpacked_public_key = libcrux_ml_kem_ind_cpa_unpacked_default_8d_20(); + libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_96( Eurydice_slice_subslice_to(public_key, (size_t)1152U, uint8_t, size_t), unpacked_public_key.t_as_ntt); Eurydice_slice seed = @@ -4215,14 +4235,14 @@ static inline void libcrux_ml_kem_ind_cpa_encrypt_3b(Eurydice_slice public_key, unpacked_public_key.A; uint8_t ret0[34U]; libcrux_ml_kem_utils_into_padded_array_421(seed, ret0); - libcrux_ml_kem_matrix_sample_matrix_A_34(uu____0, ret0, false); + libcrux_ml_kem_matrix_sample_matrix_A_8e(uu____0, ret0, false); libcrux_ml_kem_ind_cpa_unpacked_IndCpaPublicKeyUnpacked_a0 *uu____1 = &unpacked_public_key; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_message[32U]; memcpy(copy_of_message, message, (size_t)32U * sizeof(uint8_t)); uint8_t ret1[1088U]; - libcrux_ml_kem_ind_cpa_encrypt_unpacked_e3(uu____1, copy_of_message, + libcrux_ml_kem_ind_cpa_encrypt_unpacked_0c(uu____1, copy_of_message, randomness, ret1); memcpy(ret, ret1, (size_t)1088U * sizeof(uint8_t)); } @@ -4239,7 +4259,7 @@ with const generics - CIPHERTEXT_SIZE= 1088 */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_ml_kem_variant_kdf_d8_e9( +static KRML_MUSTINLINE void libcrux_ml_kem_variant_kdf_d8_48( Eurydice_slice shared_secret, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *_, uint8_t ret[32U]) { uint8_t out[32U] = {0U}; @@ -4271,7 +4291,7 @@ with const generics - IMPLICIT_REJECTION_HASH_INPUT_SIZE= 1120 */ KRML_ATTRIBUTE_TARGET("avx2") -static inline void libcrux_ml_kem_ind_cca_decapsulate_a6( +static inline void libcrux_ml_kem_ind_cca_decapsulate_ee( libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext, uint8_t ret[32U]) { Eurydice_slice_uint8_t_x2 uu____0 = Eurydice_slice_split_at( @@ -4289,7 +4309,7 @@ static inline void libcrux_ml_kem_ind_cca_decapsulate_a6( Eurydice_slice ind_cpa_public_key_hash = uu____2.fst; Eurydice_slice implicit_rejection_value = uu____2.snd; uint8_t decrypted[32U]; - libcrux_ml_kem_ind_cpa_decrypt_5e(ind_cpa_secret_key, ciphertext->value, + libcrux_ml_kem_ind_cpa_decrypt_18(ind_cpa_secret_key, ciphertext->value, decrypted); uint8_t to_hash0[64U]; libcrux_ml_kem_utils_into_padded_array_42( @@ -4313,7 +4333,7 @@ static inline void libcrux_ml_kem_ind_cca_decapsulate_a6( Eurydice_slice uu____4 = Eurydice_array_to_subslice_from( (size_t)1120U, to_hash, LIBCRUX_ML_KEM_CONSTANTS_SHARED_SECRET_SIZE, uint8_t, size_t); - Eurydice_slice_copy(uu____4, libcrux_ml_kem_types_as_ref_fd_7b(ciphertext), + Eurydice_slice_copy(uu____4, libcrux_ml_kem_types_as_ref_fd_b7(ciphertext), uint8_t); uint8_t implicit_rejection_shared_secret0[32U]; libcrux_ml_kem_hash_functions_avx2_PRF_a9_42( @@ -4324,18 +4344,18 @@ static inline void libcrux_ml_kem_ind_cca_decapsulate_a6( uint8_t copy_of_decrypted[32U]; memcpy(copy_of_decrypted, decrypted, (size_t)32U * sizeof(uint8_t)); uint8_t expected_ciphertext[1088U]; - libcrux_ml_kem_ind_cpa_encrypt_3b(uu____5, copy_of_decrypted, + libcrux_ml_kem_ind_cpa_encrypt_ea(uu____5, copy_of_decrypted, pseudorandomness, expected_ciphertext); uint8_t implicit_rejection_shared_secret[32U]; - libcrux_ml_kem_variant_kdf_d8_e9( + libcrux_ml_kem_variant_kdf_d8_48( Eurydice_array_to_slice((size_t)32U, implicit_rejection_shared_secret0, uint8_t), ciphertext, implicit_rejection_shared_secret); uint8_t shared_secret[32U]; - libcrux_ml_kem_variant_kdf_d8_e9(shared_secret0, ciphertext, shared_secret); + libcrux_ml_kem_variant_kdf_d8_48(shared_secret0, ciphertext, shared_secret); uint8_t ret0[32U]; libcrux_ml_kem_constant_time_ops_compare_ciphertexts_select_shared_secret_in_constant_time( - libcrux_ml_kem_types_as_ref_fd_7b(ciphertext), + libcrux_ml_kem_types_as_ref_fd_b7(ciphertext), Eurydice_array_to_slice((size_t)1088U, expected_ciphertext, uint8_t), Eurydice_array_to_slice((size_t)32U, shared_secret, uint8_t), Eurydice_array_to_slice((size_t)32U, implicit_rejection_shared_secret, @@ -4368,10 +4388,10 @@ with const generics - IMPLICIT_REJECTION_HASH_INPUT_SIZE= 1120 */ KRML_ATTRIBUTE_TARGET("avx2") -static inline void libcrux_ml_kem_ind_cca_instantiations_avx2_decapsulate_99( +static inline void libcrux_ml_kem_ind_cca_instantiations_avx2_decapsulate_f7( libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext, uint8_t ret[32U]) { - libcrux_ml_kem_ind_cca_decapsulate_a6(private_key, ciphertext, ret); + libcrux_ml_kem_ind_cca_decapsulate_ee(private_key, ciphertext, ret); } /** @@ -4385,7 +4405,7 @@ KRML_ATTRIBUTE_TARGET("avx2") static inline void libcrux_ml_kem_mlkem768_avx2_decapsulate( libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext, uint8_t ret[32U]) { - libcrux_ml_kem_ind_cca_instantiations_avx2_decapsulate_99(private_key, + libcrux_ml_kem_ind_cca_instantiations_avx2_decapsulate_f7(private_key, ciphertext, ret); } @@ -4400,7 +4420,7 @@ with const generics - K= 3 */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_ml_kem_variant_entropy_preprocess_d8_96( +static KRML_MUSTINLINE void libcrux_ml_kem_variant_entropy_preprocess_d8_cd( Eurydice_slice randomness, uint8_t ret[32U]) { uint8_t out[32U] = {0U}; Eurydice_slice_copy(Eurydice_array_to_slice((size_t)32U, out, uint8_t), @@ -4443,11 +4463,11 @@ with const generics - ETA2_RANDOMNESS_SIZE= 128 */ KRML_ATTRIBUTE_TARGET("avx2") -static inline tuple_3c libcrux_ml_kem_ind_cca_encapsulate_01( +static inline tuple_3c libcrux_ml_kem_ind_cca_encapsulate_cb( libcrux_ml_kem_types_MlKemPublicKey_15 *public_key, uint8_t randomness[32U]) { uint8_t randomness0[32U]; - libcrux_ml_kem_variant_entropy_preprocess_d8_96( + libcrux_ml_kem_variant_entropy_preprocess_d8_cd( Eurydice_array_to_slice((size_t)32U, randomness, uint8_t), randomness0); uint8_t to_hash[64U]; libcrux_ml_kem_utils_into_padded_array_42( @@ -4458,7 +4478,7 @@ static inline tuple_3c libcrux_ml_kem_ind_cca_encapsulate_01( uint8_t ret[32U]; libcrux_ml_kem_hash_functions_avx2_H_a9_16( Eurydice_array_to_slice((size_t)1184U, - libcrux_ml_kem_types_as_slice_ba_91(public_key), + libcrux_ml_kem_types_as_slice_ba_2c(public_key), uint8_t), ret); Eurydice_slice_copy( @@ -4473,20 +4493,20 @@ static inline tuple_3c libcrux_ml_kem_ind_cca_encapsulate_01( Eurydice_slice shared_secret = uu____1.fst; Eurydice_slice pseudorandomness = uu____1.snd; Eurydice_slice uu____2 = Eurydice_array_to_slice( - (size_t)1184U, libcrux_ml_kem_types_as_slice_ba_91(public_key), uint8_t); + (size_t)1184U, libcrux_ml_kem_types_as_slice_ba_2c(public_key), uint8_t); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness0, (size_t)32U * sizeof(uint8_t)); uint8_t ciphertext[1088U]; - libcrux_ml_kem_ind_cpa_encrypt_3b(uu____2, copy_of_randomness, + libcrux_ml_kem_ind_cpa_encrypt_ea(uu____2, copy_of_randomness, pseudorandomness, ciphertext); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_ciphertext[1088U]; memcpy(copy_of_ciphertext, ciphertext, (size_t)1088U * sizeof(uint8_t)); libcrux_ml_kem_mlkem768_MlKem768Ciphertext ciphertext0 = - libcrux_ml_kem_types_from_fc_cd(copy_of_ciphertext); + libcrux_ml_kem_types_from_fc_b5(copy_of_ciphertext); uint8_t shared_secret_array[32U]; - libcrux_ml_kem_variant_kdf_d8_e9(shared_secret, &ciphertext0, + libcrux_ml_kem_variant_kdf_d8_48(shared_secret, &ciphertext0, shared_secret_array); libcrux_ml_kem_mlkem768_MlKem768Ciphertext uu____5 = ciphertext0; /* Passing arrays by value in Rust generates a copy in C */ @@ -4518,14 +4538,14 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static inline tuple_3c -libcrux_ml_kem_ind_cca_instantiations_avx2_encapsulate_57( +libcrux_ml_kem_ind_cca_instantiations_avx2_encapsulate_f6( libcrux_ml_kem_types_MlKemPublicKey_15 *public_key, uint8_t randomness[32U]) { libcrux_ml_kem_types_MlKemPublicKey_15 *uu____0 = public_key; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness, (size_t)32U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_encapsulate_01(uu____0, copy_of_randomness); + return libcrux_ml_kem_ind_cca_encapsulate_cb(uu____0, copy_of_randomness); } /** @@ -4543,7 +4563,7 @@ static inline tuple_3c libcrux_ml_kem_mlkem768_avx2_encapsulate( /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness, (size_t)32U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_instantiations_avx2_encapsulate_57( + return libcrux_ml_kem_ind_cca_instantiations_avx2_encapsulate_f6( uu____0, copy_of_randomness); } @@ -4560,7 +4580,7 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static inline libcrux_ml_kem_ind_cpa_unpacked_IndCpaPrivateKeyUnpacked_a0 -libcrux_ml_kem_ind_cpa_unpacked_default_1a_19(void) { +libcrux_ml_kem_ind_cpa_unpacked_default_1a_bf(void) { libcrux_ml_kem_ind_cpa_unpacked_IndCpaPrivateKeyUnpacked_a0 lit; lit.secret_as_ntt[0U] = libcrux_ml_kem_polynomial_ZERO_d6_7d(); lit.secret_as_ntt[1U] = libcrux_ml_kem_polynomial_ZERO_d6_7d(); @@ -4579,7 +4599,7 @@ with const generics - K= 3 */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_ml_kem_variant_cpa_keygen_seed_d8_e1( +static KRML_MUSTINLINE void libcrux_ml_kem_variant_cpa_keygen_seed_d8_af( Eurydice_slice key_generation_seed, uint8_t ret[64U]) { uint8_t seed[33U] = {0U}; Eurydice_slice_copy( @@ -4602,7 +4622,7 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") -static inline __m256i libcrux_ml_kem_vector_traits_to_standard_domain_bd0( +static inline __m256i libcrux_ml_kem_vector_traits_to_standard_domain_ba( __m256i v) { return libcrux_ml_kem_vector_avx2_montgomery_multiply_by_constant_ea( v, LIBCRUX_ML_KEM_VECTOR_TRAITS_MONTGOMERY_R_SQUARED_MOD_FIELD_MODULUS); @@ -4621,14 +4641,14 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE void -libcrux_ml_kem_polynomial_add_standard_error_reduce_d6_a7( +libcrux_ml_kem_polynomial_add_standard_error_reduce_d6_4e( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *self, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *error) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { size_t j = i; __m256i coefficient_normal_form = - libcrux_ml_kem_vector_traits_to_standard_domain_bd0( + libcrux_ml_kem_vector_traits_to_standard_domain_ba( self->coefficients[j]); self->coefficients[j] = libcrux_ml_kem_vector_avx2_barrett_reduce_ea( libcrux_ml_kem_vector_avx2_add_ea(coefficient_normal_form, @@ -4646,7 +4666,7 @@ with const generics - K= 3 */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_ml_kem_matrix_compute_As_plus_e_a2( +static KRML_MUSTINLINE void libcrux_ml_kem_matrix_compute_As_plus_e_91( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *t_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 (*matrix_A)[3U], libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *s_as_ntt, @@ -4674,12 +4694,12 @@ static KRML_MUSTINLINE void libcrux_ml_kem_matrix_compute_As_plus_e_a2( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *matrix_element = &row[j]; libcrux_ml_kem_polynomial_PolynomialRingElement_d2 product = - libcrux_ml_kem_polynomial_ntt_multiply_d6_f1(matrix_element, + libcrux_ml_kem_polynomial_ntt_multiply_d6_c4(matrix_element, &s_as_ntt[j]); - libcrux_ml_kem_polynomial_add_to_ring_element_d6_b8(&t_as_ntt[i0], + libcrux_ml_kem_polynomial_add_to_ring_element_d6_86(&t_as_ntt[i0], &product); } - libcrux_ml_kem_polynomial_add_standard_error_reduce_d6_a7( + libcrux_ml_kem_polynomial_add_standard_error_reduce_d6_4e( &t_as_ntt[i0], &error_as_ntt[i0]); } } @@ -4735,12 +4755,12 @@ with const generics - ETA1_RANDOMNESS_SIZE= 128 */ KRML_ATTRIBUTE_TARGET("avx2") -static inline void libcrux_ml_kem_ind_cpa_generate_keypair_unpacked_81( +static inline void libcrux_ml_kem_ind_cpa_generate_keypair_unpacked_35( Eurydice_slice key_generation_seed, libcrux_ml_kem_ind_cpa_unpacked_IndCpaPrivateKeyUnpacked_a0 *private_key, libcrux_ml_kem_ind_cpa_unpacked_IndCpaPublicKeyUnpacked_a0 *public_key) { uint8_t hashed[64U]; - libcrux_ml_kem_variant_cpa_keygen_seed_d8_e1(key_generation_seed, hashed); + libcrux_ml_kem_variant_cpa_keygen_seed_d8_af(key_generation_seed, hashed); Eurydice_slice_uint8_t_x2 uu____0 = Eurydice_slice_split_at( Eurydice_array_to_slice((size_t)64U, hashed, uint8_t), (size_t)32U, uint8_t, Eurydice_slice_uint8_t_x2); @@ -4750,7 +4770,7 @@ static inline void libcrux_ml_kem_ind_cpa_generate_keypair_unpacked_81( public_key->A; uint8_t ret[34U]; libcrux_ml_kem_utils_into_padded_array_421(seed_for_A, ret); - libcrux_ml_kem_matrix_sample_matrix_A_34(uu____1, ret, true); + libcrux_ml_kem_matrix_sample_matrix_A_8e(uu____1, ret, true); uint8_t prf_input[33U]; libcrux_ml_kem_utils_into_padded_array_422(seed_for_secret_and_error, prf_input); @@ -4760,7 +4780,7 @@ static inline void libcrux_ml_kem_ind_cpa_generate_keypair_unpacked_81( uint8_t copy_of_prf_input0[33U]; memcpy(copy_of_prf_input0, prf_input, (size_t)33U * sizeof(uint8_t)); uint8_t domain_separator = - libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_ee( + libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_5f( uu____2, copy_of_prf_input0, 0U); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_prf_input[33U]; @@ -4768,11 +4788,11 @@ static inline void libcrux_ml_kem_ind_cpa_generate_keypair_unpacked_81( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 error_as_ntt[3U]; memcpy( error_as_ntt, - libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_out_7f( + libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_out_35( copy_of_prf_input, domain_separator) .fst, (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); - libcrux_ml_kem_matrix_compute_As_plus_e_a2( + libcrux_ml_kem_matrix_compute_As_plus_e_91( public_key->t_as_ntt, public_key->A, private_key->secret_as_ntt, error_as_ntt); uint8_t uu____5[32U]; @@ -4790,14 +4810,14 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE void -libcrux_ml_kem_serialize_serialize_uncompressed_ring_element_53( +libcrux_ml_kem_serialize_serialize_uncompressed_ring_element_a3( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *re, uint8_t ret[384U]) { uint8_t serialized[384U] = {0U}; for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { size_t i0 = i; __m256i coefficient = - libcrux_ml_kem_vector_traits_to_unsigned_representative_c0( + libcrux_ml_kem_vector_traits_to_unsigned_representative_09( re->coefficients[i0]); uint8_t bytes[24U]; libcrux_ml_kem_vector_avx2_serialize_12_ea(coefficient, bytes); @@ -4820,7 +4840,7 @@ with const generics - OUT_LEN= 1152 */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_ml_kem_ind_cpa_serialize_secret_key_5f( +static KRML_MUSTINLINE void libcrux_ml_kem_ind_cpa_serialize_secret_key_17( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *key, uint8_t ret[1152U]) { uint8_t out[1152U] = {0U}; @@ -4838,7 +4858,7 @@ static KRML_MUSTINLINE void libcrux_ml_kem_ind_cpa_serialize_secret_key_5f( (i0 + (size_t)1U) * LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT, uint8_t); uint8_t ret0[384U]; - libcrux_ml_kem_serialize_serialize_uncompressed_ring_element_53(&re, ret0); + libcrux_ml_kem_serialize_serialize_uncompressed_ring_element_a3(&re, ret0); Eurydice_slice_copy( uu____0, Eurydice_array_to_slice((size_t)384U, ret0, uint8_t), uint8_t); } @@ -4857,13 +4877,13 @@ with const generics - PUBLIC_KEY_SIZE= 1184 */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_ml_kem_ind_cpa_serialize_public_key_mut_c2( +static KRML_MUSTINLINE void libcrux_ml_kem_ind_cpa_serialize_public_key_mut_34( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *t_as_ntt, Eurydice_slice seed_for_a, uint8_t *serialized) { Eurydice_slice uu____0 = Eurydice_array_to_subslice2(serialized, (size_t)0U, (size_t)1152U, uint8_t); uint8_t ret[1152U]; - libcrux_ml_kem_ind_cpa_serialize_secret_key_5f(t_as_ntt, ret); + libcrux_ml_kem_ind_cpa_serialize_secret_key_17(t_as_ntt, ret); Eurydice_slice_copy( uu____0, Eurydice_array_to_slice((size_t)1152U, ret, uint8_t), uint8_t); Eurydice_slice_copy( @@ -4884,11 +4904,11 @@ with const generics - PUBLIC_KEY_SIZE= 1184 */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_ml_kem_ind_cpa_serialize_public_key_02( +static KRML_MUSTINLINE void libcrux_ml_kem_ind_cpa_serialize_public_key_3b( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *t_as_ntt, Eurydice_slice seed_for_a, uint8_t ret[1184U]) { uint8_t public_key_serialized[1184U] = {0U}; - libcrux_ml_kem_ind_cpa_serialize_public_key_mut_c2(t_as_ntt, seed_for_a, + libcrux_ml_kem_ind_cpa_serialize_public_key_mut_34(t_as_ntt, seed_for_a, public_key_serialized); memcpy(ret, public_key_serialized, (size_t)1184U * sizeof(uint8_t)); } @@ -4907,20 +4927,20 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static inline libcrux_ml_kem_utils_extraction_helper_Keypair768 -libcrux_ml_kem_ind_cpa_generate_keypair_2f(Eurydice_slice key_generation_seed) { +libcrux_ml_kem_ind_cpa_generate_keypair_31(Eurydice_slice key_generation_seed) { libcrux_ml_kem_ind_cpa_unpacked_IndCpaPrivateKeyUnpacked_a0 private_key = - libcrux_ml_kem_ind_cpa_unpacked_default_1a_19(); + libcrux_ml_kem_ind_cpa_unpacked_default_1a_bf(); libcrux_ml_kem_ind_cpa_unpacked_IndCpaPublicKeyUnpacked_a0 public_key = - libcrux_ml_kem_ind_cpa_unpacked_default_8d_80(); - libcrux_ml_kem_ind_cpa_generate_keypair_unpacked_81( + libcrux_ml_kem_ind_cpa_unpacked_default_8d_20(); + libcrux_ml_kem_ind_cpa_generate_keypair_unpacked_35( key_generation_seed, &private_key, &public_key); uint8_t public_key_serialized[1184U]; - libcrux_ml_kem_ind_cpa_serialize_public_key_02( + libcrux_ml_kem_ind_cpa_serialize_public_key_3b( public_key.t_as_ntt, Eurydice_array_to_slice((size_t)32U, public_key.seed_for_A, uint8_t), public_key_serialized); uint8_t secret_key_serialized[1152U]; - libcrux_ml_kem_ind_cpa_serialize_secret_key_5f(private_key.secret_as_ntt, + libcrux_ml_kem_ind_cpa_serialize_secret_key_17(private_key.secret_as_ntt, secret_key_serialized); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_secret_key_serialized[1152U]; @@ -4949,7 +4969,7 @@ with const generics - SERIALIZED_KEY_LEN= 2400 */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_ml_kem_ind_cca_serialize_kem_secret_key_0a( +static KRML_MUSTINLINE void libcrux_ml_kem_ind_cca_serialize_kem_secret_key_7a( Eurydice_slice private_key, Eurydice_slice public_key, Eurydice_slice implicit_rejection_value, uint8_t ret[2400U]) { uint8_t out[2400U] = {0U}; @@ -5014,7 +5034,7 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static inline libcrux_ml_kem_mlkem768_MlKem768KeyPair -libcrux_ml_kem_ind_cca_generate_keypair_51(uint8_t randomness[64U]) { +libcrux_ml_kem_ind_cca_generate_keypair_cb(uint8_t randomness[64U]) { Eurydice_slice ind_cpa_keypair_randomness = Eurydice_array_to_subslice2( randomness, (size_t)0U, LIBCRUX_ML_KEM_CONSTANTS_CPA_PKE_KEY_GENERATION_SEED_SIZE, uint8_t); @@ -5023,13 +5043,13 @@ libcrux_ml_kem_ind_cca_generate_keypair_51(uint8_t randomness[64U]) { LIBCRUX_ML_KEM_CONSTANTS_CPA_PKE_KEY_GENERATION_SEED_SIZE, uint8_t, size_t); libcrux_ml_kem_utils_extraction_helper_Keypair768 uu____0 = - libcrux_ml_kem_ind_cpa_generate_keypair_2f(ind_cpa_keypair_randomness); + libcrux_ml_kem_ind_cpa_generate_keypair_31(ind_cpa_keypair_randomness); uint8_t ind_cpa_private_key[1152U]; memcpy(ind_cpa_private_key, uu____0.fst, (size_t)1152U * sizeof(uint8_t)); uint8_t public_key[1184U]; memcpy(public_key, uu____0.snd, (size_t)1184U * sizeof(uint8_t)); uint8_t secret_key_serialized[2400U]; - libcrux_ml_kem_ind_cca_serialize_kem_secret_key_0a( + libcrux_ml_kem_ind_cca_serialize_kem_secret_key_7a( Eurydice_array_to_slice((size_t)1152U, ind_cpa_private_key, uint8_t), Eurydice_array_to_slice((size_t)1184U, public_key, uint8_t), implicit_rejection_value, secret_key_serialized); @@ -5038,13 +5058,13 @@ libcrux_ml_kem_ind_cca_generate_keypair_51(uint8_t randomness[64U]) { memcpy(copy_of_secret_key_serialized, secret_key_serialized, (size_t)2400U * sizeof(uint8_t)); libcrux_ml_kem_types_MlKemPrivateKey_55 private_key = - libcrux_ml_kem_types_from_88_2d(copy_of_secret_key_serialized); + libcrux_ml_kem_types_from_88_58(copy_of_secret_key_serialized); libcrux_ml_kem_types_MlKemPrivateKey_55 uu____2 = private_key; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_public_key[1184U]; memcpy(copy_of_public_key, public_key, (size_t)1184U * sizeof(uint8_t)); - return libcrux_ml_kem_types_from_17_8b( - uu____2, libcrux_ml_kem_types_from_40_60(copy_of_public_key)); + return libcrux_ml_kem_types_from_17_dc( + uu____2, libcrux_ml_kem_types_from_40_cb(copy_of_public_key)); } /** @@ -5063,12 +5083,12 @@ libcrux_ml_kem.ind_cca.instantiations.avx2.generate_keypair with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static inline libcrux_ml_kem_mlkem768_MlKem768KeyPair -libcrux_ml_kem_ind_cca_instantiations_avx2_generate_keypair_3f( +libcrux_ml_kem_ind_cca_instantiations_avx2_generate_keypair_93( uint8_t randomness[64U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[64U]; memcpy(copy_of_randomness, randomness, (size_t)64U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_generate_keypair_51(copy_of_randomness); + return libcrux_ml_kem_ind_cca_generate_keypair_cb(copy_of_randomness); } /** @@ -5080,7 +5100,7 @@ libcrux_ml_kem_mlkem768_avx2_generate_key_pair(uint8_t randomness[64U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[64U]; memcpy(copy_of_randomness, randomness, (size_t)64U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_instantiations_avx2_generate_keypair_3f( + return libcrux_ml_kem_ind_cca_instantiations_avx2_generate_keypair_93( copy_of_randomness); } @@ -5096,7 +5116,7 @@ with const generics - CIPHERTEXT_SIZE= 1088 */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_ml_kem_variant_kdf_33_1d( +static KRML_MUSTINLINE void libcrux_ml_kem_variant_kdf_33_41( Eurydice_slice shared_secret, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext, uint8_t ret[32U]) { uint8_t kdf_input[64U]; @@ -5107,7 +5127,7 @@ static KRML_MUSTINLINE void libcrux_ml_kem_variant_kdf_33_1d( uint8_t ret0[32U]; libcrux_ml_kem_hash_functions_avx2_H_a9_16( Eurydice_array_to_slice((size_t)1088U, - libcrux_ml_kem_types_as_slice_07_4f(ciphertext), + libcrux_ml_kem_types_as_slice_07_ff(ciphertext), uint8_t), ret0); Eurydice_slice_copy( @@ -5141,7 +5161,7 @@ with const generics - IMPLICIT_REJECTION_HASH_INPUT_SIZE= 1120 */ KRML_ATTRIBUTE_TARGET("avx2") -static inline void libcrux_ml_kem_ind_cca_decapsulate_a60( +static inline void libcrux_ml_kem_ind_cca_decapsulate_ee0( libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext, uint8_t ret[32U]) { Eurydice_slice_uint8_t_x2 uu____0 = Eurydice_slice_split_at( @@ -5159,7 +5179,7 @@ static inline void libcrux_ml_kem_ind_cca_decapsulate_a60( Eurydice_slice ind_cpa_public_key_hash = uu____2.fst; Eurydice_slice implicit_rejection_value = uu____2.snd; uint8_t decrypted[32U]; - libcrux_ml_kem_ind_cpa_decrypt_5e(ind_cpa_secret_key, ciphertext->value, + libcrux_ml_kem_ind_cpa_decrypt_18(ind_cpa_secret_key, ciphertext->value, decrypted); uint8_t to_hash0[64U]; libcrux_ml_kem_utils_into_padded_array_42( @@ -5183,7 +5203,7 @@ static inline void libcrux_ml_kem_ind_cca_decapsulate_a60( Eurydice_slice uu____4 = Eurydice_array_to_subslice_from( (size_t)1120U, to_hash, LIBCRUX_ML_KEM_CONSTANTS_SHARED_SECRET_SIZE, uint8_t, size_t); - Eurydice_slice_copy(uu____4, libcrux_ml_kem_types_as_ref_fd_7b(ciphertext), + Eurydice_slice_copy(uu____4, libcrux_ml_kem_types_as_ref_fd_b7(ciphertext), uint8_t); uint8_t implicit_rejection_shared_secret0[32U]; libcrux_ml_kem_hash_functions_avx2_PRF_a9_42( @@ -5194,18 +5214,18 @@ static inline void libcrux_ml_kem_ind_cca_decapsulate_a60( uint8_t copy_of_decrypted[32U]; memcpy(copy_of_decrypted, decrypted, (size_t)32U * sizeof(uint8_t)); uint8_t expected_ciphertext[1088U]; - libcrux_ml_kem_ind_cpa_encrypt_3b(uu____5, copy_of_decrypted, + libcrux_ml_kem_ind_cpa_encrypt_ea(uu____5, copy_of_decrypted, pseudorandomness, expected_ciphertext); uint8_t implicit_rejection_shared_secret[32U]; - libcrux_ml_kem_variant_kdf_33_1d( + libcrux_ml_kem_variant_kdf_33_41( Eurydice_array_to_slice((size_t)32U, implicit_rejection_shared_secret0, uint8_t), ciphertext, implicit_rejection_shared_secret); uint8_t shared_secret[32U]; - libcrux_ml_kem_variant_kdf_33_1d(shared_secret0, ciphertext, shared_secret); + libcrux_ml_kem_variant_kdf_33_41(shared_secret0, ciphertext, shared_secret); uint8_t ret0[32U]; libcrux_ml_kem_constant_time_ops_compare_ciphertexts_select_shared_secret_in_constant_time( - libcrux_ml_kem_types_as_ref_fd_7b(ciphertext), + libcrux_ml_kem_types_as_ref_fd_b7(ciphertext), Eurydice_array_to_slice((size_t)1088U, expected_ciphertext, uint8_t), Eurydice_array_to_slice((size_t)32U, shared_secret, uint8_t), Eurydice_array_to_slice((size_t)32U, implicit_rejection_shared_secret, @@ -5239,10 +5259,10 @@ libcrux_ml_kem.ind_cca.instantiations.avx2.kyber_decapsulate with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static inline void -libcrux_ml_kem_ind_cca_instantiations_avx2_kyber_decapsulate_29( +libcrux_ml_kem_ind_cca_instantiations_avx2_kyber_decapsulate_1e( libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext, uint8_t ret[32U]) { - libcrux_ml_kem_ind_cca_decapsulate_a60(private_key, ciphertext, ret); + libcrux_ml_kem_ind_cca_decapsulate_ee0(private_key, ciphertext, ret); } /** @@ -5256,7 +5276,7 @@ KRML_ATTRIBUTE_TARGET("avx2") static inline void libcrux_ml_kem_mlkem768_avx2_kyber_decapsulate( libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext, uint8_t ret[32U]) { - libcrux_ml_kem_ind_cca_instantiations_avx2_kyber_decapsulate_29( + libcrux_ml_kem_ind_cca_instantiations_avx2_kyber_decapsulate_1e( private_key, ciphertext, ret); } @@ -5271,7 +5291,7 @@ with const generics - K= 3 */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_ml_kem_variant_entropy_preprocess_33_52( +static KRML_MUSTINLINE void libcrux_ml_kem_variant_entropy_preprocess_33_27( Eurydice_slice randomness, uint8_t ret[32U]) { libcrux_ml_kem_hash_functions_avx2_H_a9_16(randomness, ret); } @@ -5296,11 +5316,11 @@ with const generics - ETA2_RANDOMNESS_SIZE= 128 */ KRML_ATTRIBUTE_TARGET("avx2") -static inline tuple_3c libcrux_ml_kem_ind_cca_encapsulate_010( +static inline tuple_3c libcrux_ml_kem_ind_cca_encapsulate_cb0( libcrux_ml_kem_types_MlKemPublicKey_15 *public_key, uint8_t randomness[32U]) { uint8_t randomness0[32U]; - libcrux_ml_kem_variant_entropy_preprocess_33_52( + libcrux_ml_kem_variant_entropy_preprocess_33_27( Eurydice_array_to_slice((size_t)32U, randomness, uint8_t), randomness0); uint8_t to_hash[64U]; libcrux_ml_kem_utils_into_padded_array_42( @@ -5311,7 +5331,7 @@ static inline tuple_3c libcrux_ml_kem_ind_cca_encapsulate_010( uint8_t ret[32U]; libcrux_ml_kem_hash_functions_avx2_H_a9_16( Eurydice_array_to_slice((size_t)1184U, - libcrux_ml_kem_types_as_slice_ba_91(public_key), + libcrux_ml_kem_types_as_slice_ba_2c(public_key), uint8_t), ret); Eurydice_slice_copy( @@ -5326,20 +5346,20 @@ static inline tuple_3c libcrux_ml_kem_ind_cca_encapsulate_010( Eurydice_slice shared_secret = uu____1.fst; Eurydice_slice pseudorandomness = uu____1.snd; Eurydice_slice uu____2 = Eurydice_array_to_slice( - (size_t)1184U, libcrux_ml_kem_types_as_slice_ba_91(public_key), uint8_t); + (size_t)1184U, libcrux_ml_kem_types_as_slice_ba_2c(public_key), uint8_t); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness0, (size_t)32U * sizeof(uint8_t)); uint8_t ciphertext[1088U]; - libcrux_ml_kem_ind_cpa_encrypt_3b(uu____2, copy_of_randomness, + libcrux_ml_kem_ind_cpa_encrypt_ea(uu____2, copy_of_randomness, pseudorandomness, ciphertext); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_ciphertext[1088U]; memcpy(copy_of_ciphertext, ciphertext, (size_t)1088U * sizeof(uint8_t)); libcrux_ml_kem_mlkem768_MlKem768Ciphertext ciphertext0 = - libcrux_ml_kem_types_from_fc_cd(copy_of_ciphertext); + libcrux_ml_kem_types_from_fc_b5(copy_of_ciphertext); uint8_t shared_secret_array[32U]; - libcrux_ml_kem_variant_kdf_33_1d(shared_secret, &ciphertext0, + libcrux_ml_kem_variant_kdf_33_41(shared_secret, &ciphertext0, shared_secret_array); libcrux_ml_kem_mlkem768_MlKem768Ciphertext uu____5 = ciphertext0; /* Passing arrays by value in Rust generates a copy in C */ @@ -5374,14 +5394,14 @@ libcrux_ml_kem.ind_cca.instantiations.avx2.kyber_encapsulate with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static inline tuple_3c -libcrux_ml_kem_ind_cca_instantiations_avx2_kyber_encapsulate_ce( +libcrux_ml_kem_ind_cca_instantiations_avx2_kyber_encapsulate_b6( libcrux_ml_kem_types_MlKemPublicKey_15 *public_key, uint8_t randomness[32U]) { libcrux_ml_kem_types_MlKemPublicKey_15 *uu____0 = public_key; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness, (size_t)32U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_encapsulate_010(uu____0, copy_of_randomness); + return libcrux_ml_kem_ind_cca_encapsulate_cb0(uu____0, copy_of_randomness); } /** @@ -5399,7 +5419,7 @@ static inline tuple_3c libcrux_ml_kem_mlkem768_avx2_kyber_encapsulate( /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness, (size_t)32U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_instantiations_avx2_kyber_encapsulate_ce( + return libcrux_ml_kem_ind_cca_instantiations_avx2_kyber_encapsulate_b6( uu____0, copy_of_randomness); } @@ -5414,7 +5434,7 @@ with const generics - K= 3 */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE void libcrux_ml_kem_variant_cpa_keygen_seed_33_47( +static KRML_MUSTINLINE void libcrux_ml_kem_variant_cpa_keygen_seed_33_5c( Eurydice_slice key_generation_seed, uint8_t ret[64U]) { libcrux_ml_kem_hash_functions_avx2_G_a9_67(key_generation_seed, ret); } @@ -5470,12 +5490,12 @@ with const generics - ETA1_RANDOMNESS_SIZE= 128 */ KRML_ATTRIBUTE_TARGET("avx2") -static inline void libcrux_ml_kem_ind_cpa_generate_keypair_unpacked_810( +static inline void libcrux_ml_kem_ind_cpa_generate_keypair_unpacked_350( Eurydice_slice key_generation_seed, libcrux_ml_kem_ind_cpa_unpacked_IndCpaPrivateKeyUnpacked_a0 *private_key, libcrux_ml_kem_ind_cpa_unpacked_IndCpaPublicKeyUnpacked_a0 *public_key) { uint8_t hashed[64U]; - libcrux_ml_kem_variant_cpa_keygen_seed_33_47(key_generation_seed, hashed); + libcrux_ml_kem_variant_cpa_keygen_seed_33_5c(key_generation_seed, hashed); Eurydice_slice_uint8_t_x2 uu____0 = Eurydice_slice_split_at( Eurydice_array_to_slice((size_t)64U, hashed, uint8_t), (size_t)32U, uint8_t, Eurydice_slice_uint8_t_x2); @@ -5485,7 +5505,7 @@ static inline void libcrux_ml_kem_ind_cpa_generate_keypair_unpacked_810( public_key->A; uint8_t ret[34U]; libcrux_ml_kem_utils_into_padded_array_421(seed_for_A, ret); - libcrux_ml_kem_matrix_sample_matrix_A_34(uu____1, ret, true); + libcrux_ml_kem_matrix_sample_matrix_A_8e(uu____1, ret, true); uint8_t prf_input[33U]; libcrux_ml_kem_utils_into_padded_array_422(seed_for_secret_and_error, prf_input); @@ -5495,7 +5515,7 @@ static inline void libcrux_ml_kem_ind_cpa_generate_keypair_unpacked_810( uint8_t copy_of_prf_input0[33U]; memcpy(copy_of_prf_input0, prf_input, (size_t)33U * sizeof(uint8_t)); uint8_t domain_separator = - libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_ee( + libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_5f( uu____2, copy_of_prf_input0, 0U); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_prf_input[33U]; @@ -5503,11 +5523,11 @@ static inline void libcrux_ml_kem_ind_cpa_generate_keypair_unpacked_810( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 error_as_ntt[3U]; memcpy( error_as_ntt, - libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_out_7f( + libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_out_35( copy_of_prf_input, domain_separator) .fst, (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2)); - libcrux_ml_kem_matrix_compute_As_plus_e_a2( + libcrux_ml_kem_matrix_compute_As_plus_e_91( public_key->t_as_ntt, public_key->A, private_key->secret_as_ntt, error_as_ntt); uint8_t uu____5[32U]; @@ -5531,21 +5551,21 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static inline libcrux_ml_kem_utils_extraction_helper_Keypair768 -libcrux_ml_kem_ind_cpa_generate_keypair_2f0( +libcrux_ml_kem_ind_cpa_generate_keypair_310( Eurydice_slice key_generation_seed) { libcrux_ml_kem_ind_cpa_unpacked_IndCpaPrivateKeyUnpacked_a0 private_key = - libcrux_ml_kem_ind_cpa_unpacked_default_1a_19(); + libcrux_ml_kem_ind_cpa_unpacked_default_1a_bf(); libcrux_ml_kem_ind_cpa_unpacked_IndCpaPublicKeyUnpacked_a0 public_key = - libcrux_ml_kem_ind_cpa_unpacked_default_8d_80(); - libcrux_ml_kem_ind_cpa_generate_keypair_unpacked_810( + libcrux_ml_kem_ind_cpa_unpacked_default_8d_20(); + libcrux_ml_kem_ind_cpa_generate_keypair_unpacked_350( key_generation_seed, &private_key, &public_key); uint8_t public_key_serialized[1184U]; - libcrux_ml_kem_ind_cpa_serialize_public_key_02( + libcrux_ml_kem_ind_cpa_serialize_public_key_3b( public_key.t_as_ntt, Eurydice_array_to_slice((size_t)32U, public_key.seed_for_A, uint8_t), public_key_serialized); uint8_t secret_key_serialized[1152U]; - libcrux_ml_kem_ind_cpa_serialize_secret_key_5f(private_key.secret_as_ntt, + libcrux_ml_kem_ind_cpa_serialize_secret_key_17(private_key.secret_as_ntt, secret_key_serialized); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_secret_key_serialized[1152U]; @@ -5586,7 +5606,7 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static inline libcrux_ml_kem_mlkem768_MlKem768KeyPair -libcrux_ml_kem_ind_cca_generate_keypair_510(uint8_t randomness[64U]) { +libcrux_ml_kem_ind_cca_generate_keypair_cb0(uint8_t randomness[64U]) { Eurydice_slice ind_cpa_keypair_randomness = Eurydice_array_to_subslice2( randomness, (size_t)0U, LIBCRUX_ML_KEM_CONSTANTS_CPA_PKE_KEY_GENERATION_SEED_SIZE, uint8_t); @@ -5595,13 +5615,13 @@ libcrux_ml_kem_ind_cca_generate_keypair_510(uint8_t randomness[64U]) { LIBCRUX_ML_KEM_CONSTANTS_CPA_PKE_KEY_GENERATION_SEED_SIZE, uint8_t, size_t); libcrux_ml_kem_utils_extraction_helper_Keypair768 uu____0 = - libcrux_ml_kem_ind_cpa_generate_keypair_2f0(ind_cpa_keypair_randomness); + libcrux_ml_kem_ind_cpa_generate_keypair_310(ind_cpa_keypair_randomness); uint8_t ind_cpa_private_key[1152U]; memcpy(ind_cpa_private_key, uu____0.fst, (size_t)1152U * sizeof(uint8_t)); uint8_t public_key[1184U]; memcpy(public_key, uu____0.snd, (size_t)1184U * sizeof(uint8_t)); uint8_t secret_key_serialized[2400U]; - libcrux_ml_kem_ind_cca_serialize_kem_secret_key_0a( + libcrux_ml_kem_ind_cca_serialize_kem_secret_key_7a( Eurydice_array_to_slice((size_t)1152U, ind_cpa_private_key, uint8_t), Eurydice_array_to_slice((size_t)1184U, public_key, uint8_t), implicit_rejection_value, secret_key_serialized); @@ -5610,13 +5630,13 @@ libcrux_ml_kem_ind_cca_generate_keypair_510(uint8_t randomness[64U]) { memcpy(copy_of_secret_key_serialized, secret_key_serialized, (size_t)2400U * sizeof(uint8_t)); libcrux_ml_kem_types_MlKemPrivateKey_55 private_key = - libcrux_ml_kem_types_from_88_2d(copy_of_secret_key_serialized); + libcrux_ml_kem_types_from_88_58(copy_of_secret_key_serialized); libcrux_ml_kem_types_MlKemPrivateKey_55 uu____2 = private_key; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_public_key[1184U]; memcpy(copy_of_public_key, public_key, (size_t)1184U * sizeof(uint8_t)); - return libcrux_ml_kem_types_from_17_8b( - uu____2, libcrux_ml_kem_types_from_40_60(copy_of_public_key)); + return libcrux_ml_kem_types_from_17_dc( + uu____2, libcrux_ml_kem_types_from_40_cb(copy_of_public_key)); } /** @@ -5633,12 +5653,12 @@ generics */ KRML_ATTRIBUTE_TARGET("avx2") static inline libcrux_ml_kem_mlkem768_MlKem768KeyPair -libcrux_ml_kem_ind_cca_instantiations_avx2_kyber_generate_keypair_2d( +libcrux_ml_kem_ind_cca_instantiations_avx2_kyber_generate_keypair_26( uint8_t randomness[64U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[64U]; memcpy(copy_of_randomness, randomness, (size_t)64U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_generate_keypair_510(copy_of_randomness); + return libcrux_ml_kem_ind_cca_generate_keypair_cb0(copy_of_randomness); } /** @@ -5650,7 +5670,7 @@ libcrux_ml_kem_mlkem768_avx2_kyber_generate_key_pair(uint8_t randomness[64U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[64U]; memcpy(copy_of_randomness, randomness, (size_t)64U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_instantiations_avx2_kyber_generate_keypair_2d( + return libcrux_ml_kem_ind_cca_instantiations_avx2_kyber_generate_keypair_26( copy_of_randomness); } @@ -5670,7 +5690,7 @@ with const generics - CIPHERTEXT_SIZE= 1088 */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE bool libcrux_ml_kem_ind_cca_validate_private_key_ea( +static KRML_MUSTINLINE bool libcrux_ml_kem_ind_cca_validate_private_key_bc( libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *_ciphertext) { uint8_t t[32U]; @@ -5699,10 +5719,10 @@ generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE bool -libcrux_ml_kem_ind_cca_instantiations_avx2_validate_private_key_dc( +libcrux_ml_kem_ind_cca_instantiations_avx2_validate_private_key_c0( libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext) { - return libcrux_ml_kem_ind_cca_validate_private_key_ea(private_key, + return libcrux_ml_kem_ind_cca_validate_private_key_bc(private_key, ciphertext); } @@ -5715,7 +5735,7 @@ KRML_ATTRIBUTE_TARGET("avx2") static inline bool libcrux_ml_kem_mlkem768_avx2_validate_private_key( libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext) { - return libcrux_ml_kem_ind_cca_instantiations_avx2_validate_private_key_dc( + return libcrux_ml_kem_ind_cca_instantiations_avx2_validate_private_key_c0( private_key, ciphertext); } @@ -5728,7 +5748,7 @@ types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static inline libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_out_closure_ea( +libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_out_closure_40( size_t _i) { return libcrux_ml_kem_polynomial_ZERO_d6_7d(); } @@ -5745,7 +5765,7 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE void -libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_750( +libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_960( Eurydice_slice public_key, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *deserialized_pk) { for (size_t i = (size_t)0U; @@ -5759,7 +5779,7 @@ libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_750( LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT, uint8_t); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 uu____0 = - libcrux_ml_kem_serialize_deserialize_to_reduced_ring_element_49( + libcrux_ml_kem_serialize_deserialize_to_reduced_ring_element_38( ring_element); deserialized_pk[i0] = uu____0; } @@ -5780,14 +5800,14 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE void -libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_out_a5( +libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_out_b6( Eurydice_slice public_key, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 ret[3U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 deserialized_pk[3U]; for (size_t i = (size_t)0U; i < (size_t)3U; i++) { deserialized_pk[i] = libcrux_ml_kem_polynomial_ZERO_d6_7d(); } - libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_750( + libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_960( public_key, deserialized_pk); memcpy( ret, deserialized_pk, @@ -5810,16 +5830,16 @@ with const generics - PUBLIC_KEY_SIZE= 1184 */ KRML_ATTRIBUTE_TARGET("avx2") -static KRML_MUSTINLINE bool libcrux_ml_kem_ind_cca_validate_public_key_19( +static KRML_MUSTINLINE bool libcrux_ml_kem_ind_cca_validate_public_key_f0( uint8_t *public_key) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 deserialized_pk[3U]; - libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_out_a5( + libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_out_b6( Eurydice_array_to_subslice_to((size_t)1184U, public_key, (size_t)1152U, uint8_t, size_t), deserialized_pk); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *uu____0 = deserialized_pk; uint8_t public_key_serialized[1184U]; - libcrux_ml_kem_ind_cpa_serialize_public_key_02( + libcrux_ml_kem_ind_cpa_serialize_public_key_3b( uu____0, Eurydice_array_to_subslice_from((size_t)1184U, public_key, (size_t)1152U, uint8_t, size_t), @@ -5841,9 +5861,9 @@ generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE bool -libcrux_ml_kem_ind_cca_instantiations_avx2_validate_public_key_8d( +libcrux_ml_kem_ind_cca_instantiations_avx2_validate_public_key_5f( uint8_t *public_key) { - return libcrux_ml_kem_ind_cca_validate_public_key_19(public_key); + return libcrux_ml_kem_ind_cca_validate_public_key_f0(public_key); } /** @@ -5854,7 +5874,7 @@ libcrux_ml_kem_ind_cca_instantiations_avx2_validate_public_key_8d( KRML_ATTRIBUTE_TARGET("avx2") static inline bool libcrux_ml_kem_mlkem768_avx2_validate_public_key( libcrux_ml_kem_types_MlKemPublicKey_15 *public_key) { - return libcrux_ml_kem_ind_cca_instantiations_avx2_validate_public_key_8d( + return libcrux_ml_kem_ind_cca_instantiations_avx2_validate_public_key_5f( public_key->value); } @@ -5880,11 +5900,11 @@ libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics - IMPLICIT_REJECTION_HASH_INPUT_SIZE= 1120 */ KRML_ATTRIBUTE_TARGET("avx2") -static inline void libcrux_ml_kem_ind_cca_unpacked_decapsulate_5c( +static inline void libcrux_ml_kem_ind_cca_unpacked_decapsulate_a9( libcrux_ml_kem_mlkem768_avx2_unpacked_MlKem768KeyPairUnpacked *key_pair, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext, uint8_t ret[32U]) { uint8_t decrypted[32U]; - libcrux_ml_kem_ind_cpa_decrypt_unpacked_40( + libcrux_ml_kem_ind_cpa_decrypt_unpacked_d2( &key_pair->private_key.ind_cpa_private_key, ciphertext->value, decrypted); uint8_t to_hash0[64U]; libcrux_ml_kem_utils_into_padded_array_42( @@ -5914,7 +5934,7 @@ static inline void libcrux_ml_kem_ind_cca_unpacked_decapsulate_5c( Eurydice_slice uu____2 = Eurydice_array_to_subslice_from( (size_t)1120U, to_hash, LIBCRUX_ML_KEM_CONSTANTS_SHARED_SECRET_SIZE, uint8_t, size_t); - Eurydice_slice_copy(uu____2, libcrux_ml_kem_types_as_ref_fd_7b(ciphertext), + Eurydice_slice_copy(uu____2, libcrux_ml_kem_types_as_ref_fd_b7(ciphertext), uint8_t); uint8_t implicit_rejection_shared_secret[32U]; libcrux_ml_kem_hash_functions_avx2_PRF_a9_42( @@ -5926,11 +5946,11 @@ static inline void libcrux_ml_kem_ind_cca_unpacked_decapsulate_5c( uint8_t copy_of_decrypted[32U]; memcpy(copy_of_decrypted, decrypted, (size_t)32U * sizeof(uint8_t)); uint8_t expected_ciphertext[1088U]; - libcrux_ml_kem_ind_cpa_encrypt_unpacked_e3( + libcrux_ml_kem_ind_cpa_encrypt_unpacked_0c( uu____3, copy_of_decrypted, pseudorandomness, expected_ciphertext); uint8_t selector = libcrux_ml_kem_constant_time_ops_compare_ciphertexts_in_constant_time( - libcrux_ml_kem_types_as_ref_fd_7b(ciphertext), + libcrux_ml_kem_types_as_ref_fd_b7(ciphertext), Eurydice_array_to_slice((size_t)1088U, expected_ciphertext, uint8_t)); uint8_t ret0[32U]; libcrux_ml_kem_constant_time_ops_select_shared_secret_in_constant_time( @@ -5967,10 +5987,10 @@ generics */ KRML_ATTRIBUTE_TARGET("avx2") static inline void -libcrux_ml_kem_ind_cca_instantiations_avx2_unpacked_decapsulate_ed( +libcrux_ml_kem_ind_cca_instantiations_avx2_unpacked_decapsulate_31( libcrux_ml_kem_mlkem768_avx2_unpacked_MlKem768KeyPairUnpacked *key_pair, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext, uint8_t ret[32U]) { - libcrux_ml_kem_ind_cca_unpacked_decapsulate_5c(key_pair, ciphertext, ret); + libcrux_ml_kem_ind_cca_unpacked_decapsulate_a9(key_pair, ciphertext, ret); } /** @@ -5984,7 +6004,7 @@ KRML_ATTRIBUTE_TARGET("avx2") static inline void libcrux_ml_kem_mlkem768_avx2_unpacked_decapsulate( libcrux_ml_kem_mlkem768_avx2_unpacked_MlKem768KeyPairUnpacked *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext, uint8_t ret[32U]) { - libcrux_ml_kem_ind_cca_instantiations_avx2_unpacked_decapsulate_ed( + libcrux_ml_kem_ind_cca_instantiations_avx2_unpacked_decapsulate_31( private_key, ciphertext, ret); } @@ -6007,7 +6027,7 @@ libcrux_ml_kem_hash_functions_avx2_Simd256Hash with const generics - ETA2_RANDOMNESS_SIZE= 128 */ KRML_ATTRIBUTE_TARGET("avx2") -static inline tuple_3c libcrux_ml_kem_ind_cca_unpacked_encapsulate_d6( +static inline tuple_3c libcrux_ml_kem_ind_cca_unpacked_encapsulate_03( libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_a0 *public_key, uint8_t randomness[32U]) { uint8_t to_hash[64U]; @@ -6035,7 +6055,7 @@ static inline tuple_3c libcrux_ml_kem_ind_cca_unpacked_encapsulate_d6( uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness, (size_t)32U * sizeof(uint8_t)); uint8_t ciphertext[1088U]; - libcrux_ml_kem_ind_cpa_encrypt_unpacked_e3(uu____2, copy_of_randomness, + libcrux_ml_kem_ind_cpa_encrypt_unpacked_0c(uu____2, copy_of_randomness, pseudorandomness, ciphertext); uint8_t shared_secret_array[32U] = {0U}; Eurydice_slice_copy( @@ -6045,7 +6065,7 @@ static inline tuple_3c libcrux_ml_kem_ind_cca_unpacked_encapsulate_d6( uint8_t copy_of_ciphertext[1088U]; memcpy(copy_of_ciphertext, ciphertext, (size_t)1088U * sizeof(uint8_t)); libcrux_ml_kem_mlkem768_MlKem768Ciphertext uu____5 = - libcrux_ml_kem_types_from_fc_cd(copy_of_ciphertext); + libcrux_ml_kem_types_from_fc_b5(copy_of_ciphertext); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_shared_secret_array[32U]; memcpy(copy_of_shared_secret_array, shared_secret_array, @@ -6079,7 +6099,7 @@ generics */ KRML_ATTRIBUTE_TARGET("avx2") static inline tuple_3c -libcrux_ml_kem_ind_cca_instantiations_avx2_unpacked_encapsulate_ad( +libcrux_ml_kem_ind_cca_instantiations_avx2_unpacked_encapsulate_59( libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_a0 *public_key, uint8_t randomness[32U]) { libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_a0 *uu____0 = @@ -6087,7 +6107,7 @@ libcrux_ml_kem_ind_cca_instantiations_avx2_unpacked_encapsulate_ad( /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness, (size_t)32U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_unpacked_encapsulate_d6(uu____0, + return libcrux_ml_kem_ind_cca_unpacked_encapsulate_03(uu____0, copy_of_randomness); } @@ -6108,10 +6128,181 @@ static inline tuple_3c libcrux_ml_kem_mlkem768_avx2_unpacked_encapsulate( /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness, (size_t)32U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_instantiations_avx2_unpacked_encapsulate_ad( + return libcrux_ml_kem_ind_cca_instantiations_avx2_unpacked_encapsulate_59( uu____0, copy_of_randomness); } +/** + Read the bytes into an unpacked key pair. +*/ +/** +This function found in impl +{libcrux_ml_kem::ind_cca::unpacked::MlKemPublicKeyUnpacked[TraitClause@0, TraitClause@1]} +*/ +/** +A monomorphic instance of libcrux_ml_kem.ind_cca.unpacked.from_bytes_dd +with types libcrux_ml_kem_vector_avx2_SIMD256Vector +with const generics +- K= 3 +*/ +KRML_ATTRIBUTE_TARGET("avx2") +static inline libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_a0 +libcrux_ml_kem_ind_cca_unpacked_from_bytes_dd_e9(Eurydice_slice bytes) { + size_t p = (size_t)0U; + libcrux_ml_kem_ind_cpa_unpacked_IndCpaPublicKeyUnpacked_a0 + ind_cpa_public_key = libcrux_ml_kem_ind_cpa_unpacked_default_8d_20(); + for (size_t i0 = (size_t)0U; + i0 < Eurydice_slice_len( + Eurydice_array_to_slice( + (size_t)3U, ind_cpa_public_key.t_as_ntt, + libcrux_ml_kem_polynomial_PolynomialRingElement_d2), + libcrux_ml_kem_polynomial_PolynomialRingElement_d2); + i0++) { + size_t i1 = i0; + for (size_t i = (size_t)0U; + i < Eurydice_slice_len( + Eurydice_array_to_slice( + (size_t)16U, ind_cpa_public_key.t_as_ntt[i1].coefficients, + __m256i), + __m256i); + i++) { + size_t j = i; + ind_cpa_public_key.t_as_ntt[i1].coefficients[j] = + libcrux_ml_kem_vector_avx2_from_bytes_ea( + Eurydice_slice_subslice2(bytes, p, p + (size_t)32U, uint8_t)); + p = p + (size_t)32U; + } + } + Eurydice_slice_copy( + Eurydice_array_to_slice((size_t)32U, ind_cpa_public_key.seed_for_A, + uint8_t), + Eurydice_slice_subslice2(bytes, p, p + (size_t)32U, uint8_t), uint8_t); + p = p + (size_t)32U; + for (size_t i0 = (size_t)0U; + i0 < Eurydice_slice_len( + Eurydice_array_to_slice( + (size_t)3U, ind_cpa_public_key.A, + libcrux_ml_kem_polynomial_PolynomialRingElement_d2[3U]), + libcrux_ml_kem_polynomial_PolynomialRingElement_d2[3U]); + i0++) { + size_t i1 = i0; + for (size_t i2 = (size_t)0U; + i2 < Eurydice_slice_len( + Eurydice_array_to_slice( + (size_t)3U, ind_cpa_public_key.A[i1], + libcrux_ml_kem_polynomial_PolynomialRingElement_d2), + libcrux_ml_kem_polynomial_PolynomialRingElement_d2); + i2++) { + size_t j = i2; + for (size_t i = (size_t)0U; + i < Eurydice_slice_len( + Eurydice_array_to_slice( + (size_t)16U, ind_cpa_public_key.A[i1][j].coefficients, + __m256i), + __m256i); + i++) { + size_t k = i; + ind_cpa_public_key.A[i1][j].coefficients[k] = + libcrux_ml_kem_vector_avx2_from_bytes_ea( + Eurydice_slice_subslice2(bytes, p, p + (size_t)32U, uint8_t)); + p = p + (size_t)32U; + } + } + } + uint8_t public_key_hash[32U] = {0U}; + Eurydice_slice_copy( + Eurydice_array_to_slice((size_t)32U, public_key_hash, uint8_t), + Eurydice_slice_subslice2(bytes, p, p + (size_t)32U, uint8_t), uint8_t); + libcrux_ml_kem_ind_cpa_unpacked_IndCpaPublicKeyUnpacked_a0 uu____0 = + ind_cpa_public_key; + /* Passing arrays by value in Rust generates a copy in C */ + uint8_t copy_of_public_key_hash[32U]; + memcpy(copy_of_public_key_hash, public_key_hash, + (size_t)32U * sizeof(uint8_t)); + libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_a0 lit; + lit.ind_cpa_public_key = uu____0; + memcpy(lit.public_key_hash, copy_of_public_key_hash, + (size_t)32U * sizeof(uint8_t)); + return lit; +} + +/** + Read the bytes into an unpacked key pair. +*/ +/** +This function found in impl +{libcrux_ml_kem::ind_cca::unpacked::MlKemKeyPairUnpacked[TraitClause@0, TraitClause@1]#1} +*/ +/** +A monomorphic instance of libcrux_ml_kem.ind_cca.unpacked.from_bytes_f8 +with types libcrux_ml_kem_vector_avx2_SIMD256Vector +with const generics +- K= 3 +*/ +KRML_ATTRIBUTE_TARGET("avx2") +static inline libcrux_ml_kem_mlkem768_avx2_unpacked_MlKem768KeyPairUnpacked +libcrux_ml_kem_ind_cca_unpacked_from_bytes_f8_c8(Eurydice_slice bytes) { + size_t p = (size_t)0U; + libcrux_ml_kem_ind_cpa_unpacked_IndCpaPrivateKeyUnpacked_a0 + ind_cpa_private_key = libcrux_ml_kem_ind_cpa_unpacked_default_1a_bf(); + for (size_t i0 = (size_t)0U; + i0 < Eurydice_slice_len( + Eurydice_array_to_slice( + (size_t)3U, ind_cpa_private_key.secret_as_ntt, + libcrux_ml_kem_polynomial_PolynomialRingElement_d2), + libcrux_ml_kem_polynomial_PolynomialRingElement_d2); + i0++) { + size_t i1 = i0; + for (size_t i = (size_t)0U; + i < + Eurydice_slice_len( + Eurydice_array_to_slice( + (size_t)16U, + ind_cpa_private_key.secret_as_ntt[i1].coefficients, __m256i), + __m256i); + i++) { + size_t j = i; + ind_cpa_private_key.secret_as_ntt[i1].coefficients[j] = + libcrux_ml_kem_vector_avx2_from_bytes_ea( + Eurydice_slice_subslice2(bytes, p, p + (size_t)32U, uint8_t)); + p = p + (size_t)32U; + } + } + uint8_t implicit_rejection_value[32U] = {0U}; + Eurydice_slice_copy( + Eurydice_array_to_slice((size_t)32U, implicit_rejection_value, uint8_t), + Eurydice_slice_subslice2(bytes, p, p + (size_t)32U, uint8_t), uint8_t); + p = p + (size_t)32U; + libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_a0 public_key = + libcrux_ml_kem_ind_cca_unpacked_from_bytes_dd_e9( + Eurydice_slice_subslice_from(bytes, p, uint8_t, size_t)); + libcrux_ml_kem_ind_cpa_unpacked_IndCpaPrivateKeyUnpacked_a0 uu____0 = + ind_cpa_private_key; + /* Passing arrays by value in Rust generates a copy in C */ + uint8_t copy_of_implicit_rejection_value[32U]; + memcpy(copy_of_implicit_rejection_value, implicit_rejection_value, + (size_t)32U * sizeof(uint8_t)); + libcrux_ml_kem_mlkem768_avx2_unpacked_MlKem768KeyPairUnpacked lit; + lit.private_key.ind_cpa_private_key = uu____0; + memcpy(lit.private_key.implicit_rejection_value, + copy_of_implicit_rejection_value, (size_t)32U * sizeof(uint8_t)); + lit.public_key = public_key; + return lit; +} + +/** + Read bytes into the key pair. + + `bytes` has to point to at least 7776 bytes. +*/ +KRML_ATTRIBUTE_TARGET("avx2") +static inline libcrux_ml_kem_mlkem768_avx2_unpacked_MlKem768KeyPairUnpacked +libcrux_ml_kem_mlkem768_avx2_unpacked_from_bytes(Eurydice_slice bytes) { + return libcrux_ml_kem_ind_cca_unpacked_from_bytes_f8_c8(bytes); +} + /** A monomorphic instance of libcrux_ml_kem.ind_cca.unpacked.generate_keypair.closure.closure with types @@ -6128,7 +6319,7 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static inline libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -libcrux_ml_kem_ind_cca_unpacked_generate_keypair_closure_closure_58(size_t _j) { +libcrux_ml_kem_ind_cca_unpacked_generate_keypair_closure_closure_89(size_t _j) { return libcrux_ml_kem_polynomial_ZERO_d6_7d(); } @@ -6147,7 +6338,7 @@ with const generics - ETA1_RANDOMNESS_SIZE= 128 */ KRML_ATTRIBUTE_TARGET("avx2") -static inline void libcrux_ml_kem_ind_cca_unpacked_generate_keypair_closure_00( +static inline void libcrux_ml_kem_ind_cca_unpacked_generate_keypair_closure_47( size_t _i, libcrux_ml_kem_polynomial_PolynomialRingElement_d2 ret[3U]) { for (size_t i = (size_t)0U; i < (size_t)3U; i++) { ret[i] = libcrux_ml_kem_polynomial_ZERO_d6_7d(); @@ -6167,7 +6358,7 @@ with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static inline libcrux_ml_kem_polynomial_PolynomialRingElement_d2 -libcrux_ml_kem_polynomial_clone_17_8c( +libcrux_ml_kem_polynomial_clone_17_7b( libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *self) { libcrux_ml_kem_polynomial_PolynomialRingElement_d2 lit; __m256i ret[16U]; @@ -6194,7 +6385,7 @@ with const generics - ETA1_RANDOMNESS_SIZE= 128 */ KRML_ATTRIBUTE_TARGET("avx2") -static inline void libcrux_ml_kem_ind_cca_unpacked_generate_keypair_05( +static inline void libcrux_ml_kem_ind_cca_unpacked_generate_keypair_6e( uint8_t randomness[64U], libcrux_ml_kem_mlkem768_avx2_unpacked_MlKem768KeyPairUnpacked *out) { Eurydice_slice ind_cpa_keypair_randomness = Eurydice_array_to_subslice2( @@ -6204,19 +6395,19 @@ static inline void libcrux_ml_kem_ind_cca_unpacked_generate_keypair_05( (size_t)64U, randomness, LIBCRUX_ML_KEM_CONSTANTS_CPA_PKE_KEY_GENERATION_SEED_SIZE, uint8_t, size_t); - libcrux_ml_kem_ind_cpa_generate_keypair_unpacked_81( + libcrux_ml_kem_ind_cpa_generate_keypair_unpacked_35( ind_cpa_keypair_randomness, &out->private_key.ind_cpa_private_key, &out->public_key.ind_cpa_public_key); libcrux_ml_kem_polynomial_PolynomialRingElement_d2 A[3U][3U]; for (size_t i = (size_t)0U; i < (size_t)3U; i++) { - libcrux_ml_kem_ind_cca_unpacked_generate_keypair_closure_00(i, A[i]); + libcrux_ml_kem_ind_cca_unpacked_generate_keypair_closure_47(i, A[i]); } for (size_t i0 = (size_t)0U; i0 < (size_t)3U; i0++) { size_t i1 = i0; for (size_t i = (size_t)0U; i < (size_t)3U; i++) { size_t j = i; libcrux_ml_kem_polynomial_PolynomialRingElement_d2 uu____0 = - libcrux_ml_kem_polynomial_clone_17_8c( + libcrux_ml_kem_polynomial_clone_17_7b( &out->public_key.ind_cpa_public_key.A[j][i1]); A[i1][j] = uu____0; } @@ -6229,7 +6420,7 @@ static inline void libcrux_ml_kem_ind_cca_unpacked_generate_keypair_05( (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_d2[3U])); uint8_t pk_serialized[1184U]; - libcrux_ml_kem_ind_cpa_serialize_public_key_02( + libcrux_ml_kem_ind_cpa_serialize_public_key_3b( out->public_key.ind_cpa_public_key.t_as_ntt, Eurydice_array_to_slice( (size_t)32U, out->public_key.ind_cpa_public_key.seed_for_A, uint8_t), @@ -6265,13 +6456,13 @@ generics */ KRML_ATTRIBUTE_TARGET("avx2") static inline void -libcrux_ml_kem_ind_cca_instantiations_avx2_unpacked_generate_keypair_25( +libcrux_ml_kem_ind_cca_instantiations_avx2_unpacked_generate_keypair_b6( uint8_t randomness[64U], libcrux_ml_kem_mlkem768_avx2_unpacked_MlKem768KeyPairUnpacked *out) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[64U]; memcpy(copy_of_randomness, randomness, (size_t)64U * sizeof(uint8_t)); - libcrux_ml_kem_ind_cca_unpacked_generate_keypair_05(copy_of_randomness, out); + libcrux_ml_kem_ind_cca_unpacked_generate_keypair_6e(copy_of_randomness, out); } /** @@ -6284,26 +6475,26 @@ static inline void libcrux_ml_kem_mlkem768_avx2_unpacked_generate_key_pair( /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[64U]; memcpy(copy_of_randomness, randomness, (size_t)64U * sizeof(uint8_t)); - libcrux_ml_kem_ind_cca_instantiations_avx2_unpacked_generate_keypair_25( + libcrux_ml_kem_ind_cca_instantiations_avx2_unpacked_generate_keypair_b6( copy_of_randomness, key_pair); } /** This function found in impl {(core::default::Default for libcrux_ml_kem::ind_cca::unpacked::MlKemPublicKeyUnpacked[TraitClause@0, TraitClause@1])#1} +K>[TraitClause@0, TraitClause@1])#3} */ /** -A monomorphic instance of libcrux_ml_kem.ind_cca.unpacked.default_1c +A monomorphic instance of libcrux_ml_kem.ind_cca.unpacked.default_82 with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - K= 3 */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_a0 -libcrux_ml_kem_ind_cca_unpacked_default_1c_5d(void) { +libcrux_ml_kem_ind_cca_unpacked_default_82_97(void) { libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_a0 lit; - lit.ind_cpa_public_key = libcrux_ml_kem_ind_cpa_unpacked_default_8d_80(); + lit.ind_cpa_public_key = libcrux_ml_kem_ind_cpa_unpacked_default_8d_20(); lit.public_key_hash[0U] = 0U; lit.public_key_hash[1U] = 0U; lit.public_key_hash[2U] = 0U; @@ -6342,10 +6533,10 @@ libcrux_ml_kem_ind_cca_unpacked_default_1c_5d(void) { /** This function found in impl {(core::default::Default for libcrux_ml_kem::ind_cca::unpacked::MlKemKeyPairUnpacked[TraitClause@0, TraitClause@1])#3} +K>[TraitClause@0, TraitClause@1])#5} */ /** -A monomorphic instance of libcrux_ml_kem.ind_cca.unpacked.default_07 +A monomorphic instance of libcrux_ml_kem.ind_cca.unpacked.default_ec with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - K= 3 @@ -6353,9 +6544,9 @@ with const generics KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE libcrux_ml_kem_mlkem768_avx2_unpacked_MlKem768KeyPairUnpacked - libcrux_ml_kem_ind_cca_unpacked_default_07_c1(void) { + libcrux_ml_kem_ind_cca_unpacked_default_ec_7a(void) { libcrux_ml_kem_ind_cca_unpacked_MlKemPrivateKeyUnpacked_a0 uu____0; - uu____0.ind_cpa_private_key = libcrux_ml_kem_ind_cpa_unpacked_default_1a_19(); + uu____0.ind_cpa_private_key = libcrux_ml_kem_ind_cpa_unpacked_default_1a_bf(); uu____0.implicit_rejection_value[0U] = 0U; uu____0.implicit_rejection_value[1U] = 0U; uu____0.implicit_rejection_value[2U] = 0U; @@ -6391,7 +6582,7 @@ static KRML_MUSTINLINE return ( CLITERAL(libcrux_ml_kem_mlkem768_avx2_unpacked_MlKem768KeyPairUnpacked){ .private_key = uu____0, - .public_key = libcrux_ml_kem_ind_cca_unpacked_default_1c_5d()}); + .public_key = libcrux_ml_kem_ind_cca_unpacked_default_82_97()}); } /** @@ -6400,7 +6591,7 @@ static KRML_MUSTINLINE KRML_ATTRIBUTE_TARGET("avx2") static inline libcrux_ml_kem_mlkem768_avx2_unpacked_MlKem768KeyPairUnpacked libcrux_ml_kem_mlkem768_avx2_unpacked_init_key_pair(void) { - return libcrux_ml_kem_ind_cca_unpacked_default_07_c1(); + return libcrux_ml_kem_ind_cca_unpacked_default_ec_7a(); } /** @@ -6409,7 +6600,19 @@ libcrux_ml_kem_mlkem768_avx2_unpacked_init_key_pair(void) { KRML_ATTRIBUTE_TARGET("avx2") static inline libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_a0 libcrux_ml_kem_mlkem768_avx2_unpacked_init_public_key(void) { - return libcrux_ml_kem_ind_cca_unpacked_default_1c_5d(); + return libcrux_ml_kem_ind_cca_unpacked_default_82_97(); +} + +/** + Read the key pair from `bytes``. + + `bytes` has to point to at least 7776 bytes. +*/ +KRML_ATTRIBUTE_TARGET("avx2") +static inline libcrux_ml_kem_mlkem768_avx2_unpacked_MlKem768KeyPairUnpacked +libcrux_ml_kem_mlkem768_avx2_unpacked_key_pair_from_bytes( + Eurydice_slice bytes) { + return libcrux_ml_kem_ind_cca_unpacked_from_bytes_f8_c8(bytes); } /** @@ -6418,11 +6621,11 @@ libcrux_ml_kem_mlkem768_avx2_unpacked_init_public_key(void) { /** This function found in impl {libcrux_ml_kem::ind_cca::unpacked::MlKemPublicKeyUnpacked[TraitClause@0, TraitClause@1]} +K>[TraitClause@0, TraitClause@1]#2} */ /** A monomorphic instance of -libcrux_ml_kem.ind_cca.unpacked.serialized_public_key_mut_dd with types +libcrux_ml_kem.ind_cca.unpacked.serialized_public_key_mut_ba with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - K= 3 - RANKED_BYTES_PER_RING_ELEMENT= 1152 @@ -6430,10 +6633,10 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE void -libcrux_ml_kem_ind_cca_unpacked_serialized_public_key_mut_dd_68( +libcrux_ml_kem_ind_cca_unpacked_serialized_public_key_mut_ba_cb( libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_a0 *self, libcrux_ml_kem_types_MlKemPublicKey_15 *serialized) { - libcrux_ml_kem_ind_cpa_serialize_public_key_mut_c2( + libcrux_ml_kem_ind_cpa_serialize_public_key_mut_34( self->ind_cpa_public_key.t_as_ntt, Eurydice_array_to_slice((size_t)32U, self->ind_cpa_public_key.seed_for_A, uint8_t), @@ -6446,11 +6649,11 @@ libcrux_ml_kem_ind_cca_unpacked_serialized_public_key_mut_dd_68( /** This function found in impl {libcrux_ml_kem::ind_cca::unpacked::MlKemKeyPairUnpacked[TraitClause@0, TraitClause@1]#2} +K>[TraitClause@0, TraitClause@1]#4} */ /** A monomorphic instance of -libcrux_ml_kem.ind_cca.unpacked.serialized_public_key_mut_de with types +libcrux_ml_kem.ind_cca.unpacked.serialized_public_key_mut_fc with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - K= 3 - RANKED_BYTES_PER_RING_ELEMENT= 1152 @@ -6458,10 +6661,10 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE void -libcrux_ml_kem_ind_cca_unpacked_serialized_public_key_mut_de_c0( +libcrux_ml_kem_ind_cca_unpacked_serialized_public_key_mut_fc_2a( libcrux_ml_kem_mlkem768_avx2_unpacked_MlKem768KeyPairUnpacked *self, libcrux_ml_kem_types_MlKemPublicKey_15 *serialized) { - libcrux_ml_kem_ind_cca_unpacked_serialized_public_key_mut_dd_68( + libcrux_ml_kem_ind_cca_unpacked_serialized_public_key_mut_ba_cb( &self->public_key, serialized); } @@ -6473,10 +6676,161 @@ static inline void libcrux_ml_kem_mlkem768_avx2_unpacked_key_pair_serialized_public_key( libcrux_ml_kem_mlkem768_avx2_unpacked_MlKem768KeyPairUnpacked *key_pair, libcrux_ml_kem_types_MlKemPublicKey_15 *serialized) { - libcrux_ml_kem_ind_cca_unpacked_serialized_public_key_mut_de_c0(key_pair, + libcrux_ml_kem_ind_cca_unpacked_serialized_public_key_mut_fc_2a(key_pair, serialized); } +/** + Write the key into the `out` buffer. +*/ +/** +This function found in impl +{libcrux_ml_kem::ind_cca::unpacked::MlKemPublicKeyUnpacked[TraitClause@0, TraitClause@1]} +*/ +/** +A monomorphic instance of libcrux_ml_kem.ind_cca.unpacked.to_bytes_dd +with types libcrux_ml_kem_vector_avx2_SIMD256Vector +with const generics +- K= 3 +*/ +KRML_ATTRIBUTE_TARGET("avx2") +static inline void libcrux_ml_kem_ind_cca_unpacked_to_bytes_dd_cc( + libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_a0 *self, + Eurydice_slice out) { + size_t p = (size_t)0U; + for (size_t i0 = (size_t)0U; + i0 < Eurydice_slice_len( + Eurydice_array_to_slice( + (size_t)3U, self->ind_cpa_public_key.t_as_ntt, + libcrux_ml_kem_polynomial_PolynomialRingElement_d2), + libcrux_ml_kem_polynomial_PolynomialRingElement_d2); + i0++) { + size_t i1 = i0; + libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *t = + &self->ind_cpa_public_key.t_as_ntt[i1]; + for (size_t i = (size_t)0U; + i < Eurydice_slice_len( + Eurydice_array_to_slice((size_t)16U, t->coefficients, __m256i), + __m256i); + i++) { + size_t j = i; + libcrux_ml_kem_vector_avx2_to_bytes_ea( + t->coefficients[j], + Eurydice_slice_subslice2(out, p, p + (size_t)32U, uint8_t)); + p = p + (size_t)32U; + } + } + Eurydice_slice_copy( + Eurydice_slice_subslice2(out, p, p + (size_t)32U, uint8_t), + Eurydice_array_to_slice((size_t)32U, self->ind_cpa_public_key.seed_for_A, + uint8_t), + uint8_t); + p = p + (size_t)32U; + for (size_t i0 = (size_t)0U; + i0 < Eurydice_slice_len( + Eurydice_array_to_slice( + (size_t)3U, self->ind_cpa_public_key.A, + libcrux_ml_kem_polynomial_PolynomialRingElement_d2[3U]), + libcrux_ml_kem_polynomial_PolynomialRingElement_d2[3U]); + i0++) { + size_t i1 = i0; + libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *a1 = + self->ind_cpa_public_key.A[i1]; + for (size_t i2 = (size_t)0U; + i2 < Eurydice_slice_len( + Eurydice_array_to_slice( + (size_t)3U, a1, + libcrux_ml_kem_polynomial_PolynomialRingElement_d2), + libcrux_ml_kem_polynomial_PolynomialRingElement_d2); + i2++) { + size_t j = i2; + libcrux_ml_kem_polynomial_PolynomialRingElement_d2 a = a1[j]; + for (size_t i = (size_t)0U; + i < Eurydice_slice_len(Eurydice_array_to_slice( + (size_t)16U, a.coefficients, __m256i), + __m256i); + i++) { + size_t k = i; + libcrux_ml_kem_vector_avx2_to_bytes_ea( + a.coefficients[k], + Eurydice_slice_subslice2(out, p, p + (size_t)32U, uint8_t)); + p = p + (size_t)32U; + } + } + } + Eurydice_slice_copy( + Eurydice_slice_subslice2(out, p, p + (size_t)32U, uint8_t), + Eurydice_array_to_slice((size_t)32U, self->public_key_hash, uint8_t), + uint8_t); +} + +/** + Write the key into the `out` buffer. +*/ +/** +This function found in impl +{libcrux_ml_kem::ind_cca::unpacked::MlKemKeyPairUnpacked[TraitClause@0, TraitClause@1]#1} +*/ +/** +A monomorphic instance of libcrux_ml_kem.ind_cca.unpacked.to_bytes_f8 +with types libcrux_ml_kem_vector_avx2_SIMD256Vector +with const generics +- K= 3 +*/ +KRML_ATTRIBUTE_TARGET("avx2") +static inline void libcrux_ml_kem_ind_cca_unpacked_to_bytes_f8_4e( + libcrux_ml_kem_mlkem768_avx2_unpacked_MlKem768KeyPairUnpacked *self, + Eurydice_slice out) { + size_t p = (size_t)0U; + for (size_t i0 = (size_t)0U; + i0 < + Eurydice_slice_len( + Eurydice_array_to_slice( + (size_t)3U, self->private_key.ind_cpa_private_key.secret_as_ntt, + libcrux_ml_kem_polynomial_PolynomialRingElement_d2), + libcrux_ml_kem_polynomial_PolynomialRingElement_d2); + i0++) { + size_t i1 = i0; + libcrux_ml_kem_polynomial_PolynomialRingElement_d2 *s = + &self->private_key.ind_cpa_private_key.secret_as_ntt[i1]; + for (size_t i = (size_t)0U; + i < Eurydice_slice_len( + Eurydice_array_to_slice((size_t)16U, s->coefficients, __m256i), + __m256i); + i++) { + size_t j = i; + libcrux_ml_kem_vector_avx2_to_bytes_ea( + s->coefficients[j], + Eurydice_slice_subslice2(out, p, p + (size_t)32U, uint8_t)); + p = p + (size_t)32U; + } + } + Eurydice_slice_copy( + Eurydice_slice_subslice2(out, p, p + (size_t)32U, uint8_t), + Eurydice_array_to_slice( + (size_t)32U, self->private_key.implicit_rejection_value, uint8_t), + uint8_t); + p = p + (size_t)32U; + libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_a0 *uu____0 = + &self->public_key; + libcrux_ml_kem_ind_cca_unpacked_to_bytes_dd_cc( + uu____0, Eurydice_slice_subslice_from(out, p, uint8_t, size_t)); +} + +/** + Write out the key pair. + + `out` has to point to at least 7776 bytes. +*/ +KRML_ATTRIBUTE_TARGET("avx2") +static inline void libcrux_ml_kem_mlkem768_avx2_unpacked_key_pair_to_bytes( + libcrux_ml_kem_mlkem768_avx2_unpacked_MlKem768KeyPairUnpacked *key_pair, + Eurydice_slice out) { + libcrux_ml_kem_ind_cca_unpacked_to_bytes_f8_4e(key_pair, out); +} + /** This function found in impl {(core::clone::Clone for libcrux_ml_kem::ind_cpa::unpacked::IndCpaPublicKeyUnpacked[TraitClause@0, TraitClause@2])#4} +K>[TraitClause@0, TraitClause@2])#6} */ /** -A monomorphic instance of libcrux_ml_kem.ind_cca.unpacked.clone_28 +A monomorphic instance of libcrux_ml_kem.ind_cca.unpacked.clone_d2 with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - K= 3 */ KRML_ATTRIBUTE_TARGET("avx2") static inline libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_a0 -libcrux_ml_kem_ind_cca_unpacked_clone_28_d0( +libcrux_ml_kem_ind_cca_unpacked_clone_d2_49( libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_a0 *self) { libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_a0 lit; lit.ind_cpa_public_key = - libcrux_ml_kem_ind_cpa_unpacked_clone_ef_6f(&self->ind_cpa_public_key); + libcrux_ml_kem_ind_cpa_unpacked_clone_ef_19(&self->ind_cpa_public_key); uint8_t ret[32U]; core_array___core__clone__Clone_for__Array_T__N___20__clone( (size_t)32U, self->public_key_hash, ret, uint8_t, void *); @@ -6545,17 +6899,17 @@ libcrux_ml_kem_ind_cca_unpacked_clone_28_d0( /** This function found in impl {libcrux_ml_kem::ind_cca::unpacked::MlKemKeyPairUnpacked[TraitClause@0, TraitClause@1]#2} +K>[TraitClause@0, TraitClause@1]#4} */ /** -A monomorphic instance of libcrux_ml_kem.ind_cca.unpacked.public_key_de +A monomorphic instance of libcrux_ml_kem.ind_cca.unpacked.public_key_fc with types libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics - K= 3 */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_a0 * -libcrux_ml_kem_ind_cca_unpacked_public_key_de_42( +libcrux_ml_kem_ind_cca_unpacked_public_key_fc_70( libcrux_ml_kem_mlkem768_avx2_unpacked_MlKem768KeyPairUnpacked *self) { return &self->public_key; } @@ -6568,11 +6922,35 @@ static inline void libcrux_ml_kem_mlkem768_avx2_unpacked_public_key( libcrux_ml_kem_mlkem768_avx2_unpacked_MlKem768KeyPairUnpacked *key_pair, libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_a0 *pk) { libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_a0 uu____0 = - libcrux_ml_kem_ind_cca_unpacked_clone_28_d0( - libcrux_ml_kem_ind_cca_unpacked_public_key_de_42(key_pair)); + libcrux_ml_kem_ind_cca_unpacked_clone_d2_49( + libcrux_ml_kem_ind_cca_unpacked_public_key_fc_70(key_pair)); pk[0U] = uu____0; } +/** + Read the public key from `bytes``. + + `bytes` has to point to at least 6208 bytes. +*/ +KRML_ATTRIBUTE_TARGET("avx2") +static inline libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_a0 +libcrux_ml_kem_mlkem768_avx2_unpacked_public_key_from_bytes( + Eurydice_slice bytes) { + return libcrux_ml_kem_ind_cca_unpacked_from_bytes_dd_e9(bytes); +} + +/** + Write out the public key. + + `out` has to point to at least 6208 bytes. +*/ +KRML_ATTRIBUTE_TARGET("avx2") +static inline void libcrux_ml_kem_mlkem768_avx2_unpacked_public_key_to_bytes( + libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_a0 *key, + Eurydice_slice out) { + libcrux_ml_kem_ind_cca_unpacked_to_bytes_dd_cc(key, out); +} + /** Get the serialized public key. */ @@ -6580,7 +6958,7 @@ KRML_ATTRIBUTE_TARGET("avx2") static inline void libcrux_ml_kem_mlkem768_avx2_unpacked_serialized_public_key( libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_a0 *public_key, libcrux_ml_kem_types_MlKemPublicKey_15 *serialized) { - libcrux_ml_kem_ind_cca_unpacked_serialized_public_key_mut_dd_68(public_key, + libcrux_ml_kem_ind_cca_unpacked_serialized_public_key_mut_ba_cb(public_key, serialized); } @@ -6598,13 +6976,13 @@ libcrux_ml_kem_vector_avx2_SIMD256Vector with const generics */ KRML_ATTRIBUTE_TARGET("avx2") static KRML_MUSTINLINE void -libcrux_ml_kem_ind_cca_unpacked_unpack_public_key_4c( +libcrux_ml_kem_ind_cca_unpacked_unpack_public_key_5e( libcrux_ml_kem_types_MlKemPublicKey_15 *public_key, libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_a0 *unpacked_public_key) { Eurydice_slice uu____0 = Eurydice_array_to_subslice_to( (size_t)1184U, public_key->value, (size_t)1152U, uint8_t, size_t); - libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_75( + libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_96( uu____0, unpacked_public_key->ind_cpa_public_key.t_as_ntt); uint8_t uu____1[32U]; libcrux_ml_kem_utils_into_padded_array_423( @@ -6620,11 +6998,11 @@ libcrux_ml_kem_ind_cca_unpacked_unpack_public_key_4c( Eurydice_array_to_subslice_from((size_t)1184U, public_key->value, (size_t)1152U, uint8_t, size_t), ret); - libcrux_ml_kem_matrix_sample_matrix_A_34(uu____2, ret, false); + libcrux_ml_kem_matrix_sample_matrix_A_8e(uu____2, ret, false); uint8_t uu____3[32U]; libcrux_ml_kem_hash_functions_avx2_H_a9_16( Eurydice_array_to_slice((size_t)1184U, - libcrux_ml_kem_types_as_slice_ba_91(public_key), + libcrux_ml_kem_types_as_slice_ba_2c(public_key), uint8_t), uu____3); memcpy(unpacked_public_key->public_key_hash, uu____3, @@ -6645,11 +7023,11 @@ generics */ KRML_ATTRIBUTE_TARGET("avx2") static inline void -libcrux_ml_kem_ind_cca_instantiations_avx2_unpacked_unpack_public_key_f9( +libcrux_ml_kem_ind_cca_instantiations_avx2_unpacked_unpack_public_key_dc( libcrux_ml_kem_types_MlKemPublicKey_15 *public_key, libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_a0 *unpacked_public_key) { - libcrux_ml_kem_ind_cca_unpacked_unpack_public_key_4c(public_key, + libcrux_ml_kem_ind_cca_unpacked_unpack_public_key_5e(public_key, unpacked_public_key); } @@ -6661,7 +7039,7 @@ static inline void libcrux_ml_kem_mlkem768_avx2_unpacked_unpacked_public_key( libcrux_ml_kem_types_MlKemPublicKey_15 *public_key, libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_a0 *unpacked_public_key) { - libcrux_ml_kem_ind_cca_instantiations_avx2_unpacked_unpack_public_key_f9( + libcrux_ml_kem_ind_cca_instantiations_avx2_unpacked_unpack_public_key_dc( public_key, unpacked_public_key); } diff --git a/libcrux-ml-kem/cg/libcrux_mlkem768_avx2_types.h b/libcrux-ml-kem/cg/libcrux_mlkem768_avx2_types.h index d612a20b5..6f6ffdfec 100644 --- a/libcrux-ml-kem/cg/libcrux_mlkem768_avx2_types.h +++ b/libcrux-ml-kem/cg/libcrux_mlkem768_avx2_types.h @@ -8,7 +8,7 @@ * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 * F*: 5643e656b989aca7629723653a2570c7df6252b9-dirty - * Libcrux: 65d06b7e81ff34bcc90ca741249b4545ebcec5b3 + * Libcrux: 49c07712f755745796ce294c5267a1945b9e9b6b */ #ifndef __libcrux_mlkem768_avx2_types_H diff --git a/libcrux-ml-kem/cg/libcrux_mlkem768_portable.h b/libcrux-ml-kem/cg/libcrux_mlkem768_portable.h index 5cef8c3ea..6a9653d01 100644 --- a/libcrux-ml-kem/cg/libcrux_mlkem768_portable.h +++ b/libcrux-ml-kem/cg/libcrux_mlkem768_portable.h @@ -8,7 +8,7 @@ * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 * F*: 5643e656b989aca7629723653a2570c7df6252b9-dirty - * Libcrux: 65d06b7e81ff34bcc90ca741249b4545ebcec5b3 + * Libcrux: 49c07712f755745796ce294c5267a1945b9e9b6b */ #ifndef __libcrux_mlkem768_portable_H @@ -932,6 +932,61 @@ libcrux_ml_kem_vector_portable_ZERO_0d(void) { return libcrux_ml_kem_vector_portable_vector_type_zero(); } +static KRML_MUSTINLINE void libcrux_ml_kem_vector_portable_i16_to_be_bytes( + int16_t x, uint8_t ret[2U]) { + ret[0U] = (uint8_t)(x >> 8U); + ret[1U] = (uint8_t)(x & (int16_t)255); +} + +/** +This function found in impl {(libcrux_ml_kem::vector::traits::Operations for +libcrux_ml_kem::vector::portable::vector_type::PortableVector)} +*/ +static inline void libcrux_ml_kem_vector_portable_to_bytes_0d( + libcrux_ml_kem_vector_portable_vector_type_PortableVector x, + Eurydice_slice out) { + size_t p = (size_t)0U; + for (size_t i = (size_t)0U; + i < + Eurydice_slice_len( + Eurydice_array_to_slice((size_t)16U, x.elements, int16_t), int16_t); + i++) { + size_t i0 = i; + Eurydice_slice uu____0 = + Eurydice_slice_subslice2(out, p, p + (size_t)2U, uint8_t); + uint8_t ret[2U]; + libcrux_ml_kem_vector_portable_i16_to_be_bytes(x.elements[i0], ret); + Eurydice_slice_copy( + uu____0, Eurydice_array_to_slice((size_t)2U, ret, uint8_t), uint8_t); + p = p + (size_t)2U; + } +} + +static KRML_MUSTINLINE int16_t +libcrux_ml_kem_vector_portable_bytes_to_i16(Eurydice_slice bytes) { + return (int16_t)Eurydice_slice_index(bytes, (size_t)0U, uint8_t, uint8_t *) + << 8U | + (int16_t)Eurydice_slice_index(bytes, (size_t)1U, uint8_t, uint8_t *); +} + +/** +This function found in impl {(libcrux_ml_kem::vector::traits::Operations for +libcrux_ml_kem::vector::portable::vector_type::PortableVector)} +*/ +static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector +libcrux_ml_kem_vector_portable_from_bytes_0d(Eurydice_slice bytes) { + libcrux_ml_kem_vector_portable_vector_type_PortableVector out = + libcrux_ml_kem_vector_portable_vector_type_zero(); + for (size_t i = (size_t)0U; + i < Eurydice_slice_len(bytes, uint8_t) / (size_t)2U; i++) { + size_t i0 = i; + Eurydice_slice chunk = Eurydice_slice_subslice2( + bytes, i0 * (size_t)2U, i0 * (size_t)2U + (size_t)2U, uint8_t); + out.elements[i0] = libcrux_ml_kem_vector_portable_bytes_to_i16(chunk); + } + return out; +} + static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector libcrux_ml_kem_vector_portable_arithmetic_add( libcrux_ml_kem_vector_portable_vector_type_PortableVector lhs, @@ -2443,7 +2498,7 @@ with const generics - K= 3 */ static inline libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -libcrux_ml_kem_ind_cpa_deserialize_secret_key_closure_12(size_t _) { +libcrux_ml_kem_ind_cpa_deserialize_secret_key_closure_7e(size_t _) { return libcrux_ml_kem_polynomial_ZERO_d6_19(); } @@ -2454,7 +2509,7 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -libcrux_ml_kem_serialize_deserialize_to_uncompressed_ring_element_90( +libcrux_ml_kem_serialize_deserialize_to_uncompressed_ring_element_1a( Eurydice_slice serialized) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re = libcrux_ml_kem_polynomial_ZERO_d6_19(); @@ -2479,7 +2534,7 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 3 */ -static KRML_MUSTINLINE void libcrux_ml_kem_ind_cpa_deserialize_secret_key_e1( +static KRML_MUSTINLINE void libcrux_ml_kem_ind_cpa_deserialize_secret_key_ad( Eurydice_slice secret_key, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 ret[3U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 secret_as_ntt[3U]; @@ -2497,7 +2552,7 @@ static KRML_MUSTINLINE void libcrux_ml_kem_ind_cpa_deserialize_secret_key_e1( LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT, uint8_t); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 uu____0 = - libcrux_ml_kem_serialize_deserialize_to_uncompressed_ring_element_90( + libcrux_ml_kem_serialize_deserialize_to_uncompressed_ring_element_1a( secret_bytes); secret_as_ntt[i0] = uu____0; } @@ -2515,7 +2570,7 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - U_COMPRESSION_FACTOR= 10 */ static inline libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -libcrux_ml_kem_ind_cpa_deserialize_then_decompress_u_closure_2f(size_t _) { +libcrux_ml_kem_ind_cpa_deserialize_then_decompress_u_closure_a7(size_t _) { return libcrux_ml_kem_polynomial_ZERO_d6_19(); } @@ -2526,7 +2581,7 @@ const generics - COEFFICIENT_BITS= 10 */ static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_portable_compress_decompress_ciphertext_coefficient_1b( +libcrux_ml_kem_vector_portable_compress_decompress_ciphertext_coefficient_52( libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_ELEMENTS_IN_VECTOR; i++) { @@ -2551,9 +2606,9 @@ generics - COEFFICIENT_BITS= 10 */ static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_portable_decompress_ciphertext_coefficient_0d_7e( +libcrux_ml_kem_vector_portable_decompress_ciphertext_coefficient_0d_76( libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { - return libcrux_ml_kem_vector_portable_compress_decompress_ciphertext_coefficient_1b( + return libcrux_ml_kem_vector_portable_compress_decompress_ciphertext_coefficient_52( v); } @@ -2564,7 +2619,7 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -libcrux_ml_kem_serialize_deserialize_then_decompress_10_d0( +libcrux_ml_kem_serialize_deserialize_then_decompress_10_b6( Eurydice_slice serialized) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re = libcrux_ml_kem_polynomial_ZERO_d6_19(); @@ -2576,7 +2631,7 @@ libcrux_ml_kem_serialize_deserialize_then_decompress_10_d0( libcrux_ml_kem_vector_portable_vector_type_PortableVector coefficient = libcrux_ml_kem_vector_portable_deserialize_10_0d(bytes); libcrux_ml_kem_vector_portable_vector_type_PortableVector uu____0 = - libcrux_ml_kem_vector_portable_decompress_ciphertext_coefficient_0d_7e( + libcrux_ml_kem_vector_portable_decompress_ciphertext_coefficient_0d_76( coefficient); re.coefficients[i0] = uu____0; } @@ -2590,7 +2645,7 @@ const generics - COEFFICIENT_BITS= 11 */ static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_portable_compress_decompress_ciphertext_coefficient_1b0( +libcrux_ml_kem_vector_portable_compress_decompress_ciphertext_coefficient_520( libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_ELEMENTS_IN_VECTOR; i++) { @@ -2615,9 +2670,9 @@ generics - COEFFICIENT_BITS= 11 */ static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_portable_decompress_ciphertext_coefficient_0d_7e0( +libcrux_ml_kem_vector_portable_decompress_ciphertext_coefficient_0d_760( libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { - return libcrux_ml_kem_vector_portable_compress_decompress_ciphertext_coefficient_1b0( + return libcrux_ml_kem_vector_portable_compress_decompress_ciphertext_coefficient_520( v); } @@ -2628,7 +2683,7 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -libcrux_ml_kem_serialize_deserialize_then_decompress_11_58( +libcrux_ml_kem_serialize_deserialize_then_decompress_11_33( Eurydice_slice serialized) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re = libcrux_ml_kem_polynomial_ZERO_d6_19(); @@ -2640,7 +2695,7 @@ libcrux_ml_kem_serialize_deserialize_then_decompress_11_58( libcrux_ml_kem_vector_portable_vector_type_PortableVector coefficient = libcrux_ml_kem_vector_portable_deserialize_11_0d(bytes); libcrux_ml_kem_vector_portable_vector_type_PortableVector uu____0 = - libcrux_ml_kem_vector_portable_decompress_ciphertext_coefficient_0d_7e0( + libcrux_ml_kem_vector_portable_decompress_ciphertext_coefficient_0d_760( coefficient); re.coefficients[i0] = uu____0; } @@ -2654,9 +2709,9 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - COMPRESSION_FACTOR= 10 */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -libcrux_ml_kem_serialize_deserialize_then_decompress_ring_element_u_5f( +libcrux_ml_kem_serialize_deserialize_then_decompress_ring_element_u_e8( Eurydice_slice serialized) { - return libcrux_ml_kem_serialize_deserialize_then_decompress_10_d0(serialized); + return libcrux_ml_kem_serialize_deserialize_then_decompress_10_b6(serialized); } typedef struct libcrux_ml_kem_vector_portable_vector_type_PortableVector_x2_s { @@ -2671,7 +2726,7 @@ with const generics */ static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_traits_montgomery_multiply_fe_2c( +libcrux_ml_kem_vector_traits_montgomery_multiply_fe_44( libcrux_ml_kem_vector_portable_vector_type_PortableVector v, int16_t fer) { return libcrux_ml_kem_vector_portable_montgomery_multiply_by_constant_0d(v, fer); @@ -2685,12 +2740,12 @@ with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector_x2 - libcrux_ml_kem_ntt_ntt_layer_int_vec_step_02( + libcrux_ml_kem_ntt_ntt_layer_int_vec_step_2b( libcrux_ml_kem_vector_portable_vector_type_PortableVector a, libcrux_ml_kem_vector_portable_vector_type_PortableVector b, int16_t zeta_r) { libcrux_ml_kem_vector_portable_vector_type_PortableVector t = - libcrux_ml_kem_vector_traits_montgomery_multiply_fe_2c(b, zeta_r); + libcrux_ml_kem_vector_traits_montgomery_multiply_fe_44(b, zeta_r); b = libcrux_ml_kem_vector_portable_sub_0d(a, &t); a = libcrux_ml_kem_vector_portable_add_0d(a, &t); return ( @@ -2704,7 +2759,7 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static KRML_MUSTINLINE void libcrux_ml_kem_ntt_ntt_at_layer_4_plus_35( +static KRML_MUSTINLINE void libcrux_ml_kem_ntt_ntt_at_layer_4_plus_6b( size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re, size_t layer, size_t _initial_coefficient_bound) { size_t step = (size_t)1U << (uint32_t)layer; @@ -2717,7 +2772,7 @@ static KRML_MUSTINLINE void libcrux_ml_kem_ntt_ntt_at_layer_4_plus_35( for (size_t i = offset_vec; i < offset_vec + step_vec; i++) { size_t j = i; libcrux_ml_kem_vector_portable_vector_type_PortableVector_x2 uu____0 = - libcrux_ml_kem_ntt_ntt_layer_int_vec_step_02( + libcrux_ml_kem_ntt_ntt_layer_int_vec_step_2b( re->coefficients[j], re->coefficients[j + step_vec], libcrux_ml_kem_polynomial_ZETAS_TIMES_MONTGOMERY_R[zeta_i[0U]]); libcrux_ml_kem_vector_portable_vector_type_PortableVector x = uu____0.fst; @@ -2734,7 +2789,7 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static KRML_MUSTINLINE void libcrux_ml_kem_ntt_ntt_at_layer_3_e9( +static KRML_MUSTINLINE void libcrux_ml_kem_ntt_ntt_at_layer_3_5c( size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re, size_t _layer, size_t _initial_coefficient_bound) { for (size_t i = (size_t)0U; i < (size_t)16U; i++) { @@ -2754,7 +2809,7 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static KRML_MUSTINLINE void libcrux_ml_kem_ntt_ntt_at_layer_2_34( +static KRML_MUSTINLINE void libcrux_ml_kem_ntt_ntt_at_layer_2_a1( size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re, size_t _layer, size_t _initial_coefficient_bound) { for (size_t i = (size_t)0U; i < (size_t)16U; i++) { @@ -2776,7 +2831,7 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static KRML_MUSTINLINE void libcrux_ml_kem_ntt_ntt_at_layer_1_bd( +static KRML_MUSTINLINE void libcrux_ml_kem_ntt_ntt_at_layer_1_4c( size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re, size_t _layer, size_t _initial_coefficient_bound) { for (size_t i = (size_t)0U; i < (size_t)16U; i++) { @@ -2807,7 +2862,7 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static KRML_MUSTINLINE void libcrux_ml_kem_polynomial_poly_barrett_reduce_d6_a9( +static KRML_MUSTINLINE void libcrux_ml_kem_polynomial_poly_barrett_reduce_d6_b3( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *self) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { @@ -2825,21 +2880,21 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - VECTOR_U_COMPRESSION_FACTOR= 10 */ -static KRML_MUSTINLINE void libcrux_ml_kem_ntt_ntt_vector_u_b0( +static KRML_MUSTINLINE void libcrux_ml_kem_ntt_ntt_vector_u_44( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re) { size_t zeta_i = (size_t)0U; - libcrux_ml_kem_ntt_ntt_at_layer_4_plus_35(&zeta_i, re, (size_t)7U, + libcrux_ml_kem_ntt_ntt_at_layer_4_plus_6b(&zeta_i, re, (size_t)7U, (size_t)3328U); - libcrux_ml_kem_ntt_ntt_at_layer_4_plus_35(&zeta_i, re, (size_t)6U, + libcrux_ml_kem_ntt_ntt_at_layer_4_plus_6b(&zeta_i, re, (size_t)6U, (size_t)3328U); - libcrux_ml_kem_ntt_ntt_at_layer_4_plus_35(&zeta_i, re, (size_t)5U, + libcrux_ml_kem_ntt_ntt_at_layer_4_plus_6b(&zeta_i, re, (size_t)5U, (size_t)3328U); - libcrux_ml_kem_ntt_ntt_at_layer_4_plus_35(&zeta_i, re, (size_t)4U, + libcrux_ml_kem_ntt_ntt_at_layer_4_plus_6b(&zeta_i, re, (size_t)4U, (size_t)3328U); - libcrux_ml_kem_ntt_ntt_at_layer_3_e9(&zeta_i, re, (size_t)3U, (size_t)3328U); - libcrux_ml_kem_ntt_ntt_at_layer_2_34(&zeta_i, re, (size_t)2U, (size_t)3328U); - libcrux_ml_kem_ntt_ntt_at_layer_1_bd(&zeta_i, re, (size_t)1U, (size_t)3328U); - libcrux_ml_kem_polynomial_poly_barrett_reduce_d6_a9(re); + libcrux_ml_kem_ntt_ntt_at_layer_3_5c(&zeta_i, re, (size_t)3U, (size_t)3328U); + libcrux_ml_kem_ntt_ntt_at_layer_2_a1(&zeta_i, re, (size_t)2U, (size_t)3328U); + libcrux_ml_kem_ntt_ntt_at_layer_1_4c(&zeta_i, re, (size_t)1U, (size_t)3328U); + libcrux_ml_kem_polynomial_poly_barrett_reduce_d6_b3(re); } /** @@ -2855,7 +2910,7 @@ with const generics - U_COMPRESSION_FACTOR= 10 */ static KRML_MUSTINLINE void -libcrux_ml_kem_ind_cpa_deserialize_then_decompress_u_75( +libcrux_ml_kem_ind_cpa_deserialize_then_decompress_u_eb( uint8_t *ciphertext, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 ret[3U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 u_as_ntt[3U]; @@ -2880,9 +2935,9 @@ libcrux_ml_kem_ind_cpa_deserialize_then_decompress_u_75( (size_t)10U / (size_t)8U, uint8_t); u_as_ntt[i0] = - libcrux_ml_kem_serialize_deserialize_then_decompress_ring_element_u_5f( + libcrux_ml_kem_serialize_deserialize_then_decompress_ring_element_u_e8( u_bytes); - libcrux_ml_kem_ntt_ntt_vector_u_b0(&u_as_ntt[i0]); + libcrux_ml_kem_ntt_ntt_vector_u_44(&u_as_ntt[i0]); } memcpy( ret, u_as_ntt, @@ -2896,7 +2951,7 @@ const generics - COEFFICIENT_BITS= 4 */ static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_portable_compress_decompress_ciphertext_coefficient_1b1( +libcrux_ml_kem_vector_portable_compress_decompress_ciphertext_coefficient_521( libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_ELEMENTS_IN_VECTOR; i++) { @@ -2921,9 +2976,9 @@ generics - COEFFICIENT_BITS= 4 */ static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_portable_decompress_ciphertext_coefficient_0d_7e1( +libcrux_ml_kem_vector_portable_decompress_ciphertext_coefficient_0d_761( libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { - return libcrux_ml_kem_vector_portable_compress_decompress_ciphertext_coefficient_1b1( + return libcrux_ml_kem_vector_portable_compress_decompress_ciphertext_coefficient_521( v); } @@ -2934,7 +2989,7 @@ with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -libcrux_ml_kem_serialize_deserialize_then_decompress_4_ef( +libcrux_ml_kem_serialize_deserialize_then_decompress_4_f6( Eurydice_slice serialized) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re = libcrux_ml_kem_polynomial_ZERO_d6_19(); @@ -2946,7 +3001,7 @@ libcrux_ml_kem_serialize_deserialize_then_decompress_4_ef( libcrux_ml_kem_vector_portable_vector_type_PortableVector coefficient = libcrux_ml_kem_vector_portable_deserialize_4_0d(bytes); libcrux_ml_kem_vector_portable_vector_type_PortableVector uu____0 = - libcrux_ml_kem_vector_portable_decompress_ciphertext_coefficient_0d_7e1( + libcrux_ml_kem_vector_portable_decompress_ciphertext_coefficient_0d_761( coefficient); re.coefficients[i0] = uu____0; } @@ -2960,7 +3015,7 @@ const generics - COEFFICIENT_BITS= 5 */ static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_portable_compress_decompress_ciphertext_coefficient_1b2( +libcrux_ml_kem_vector_portable_compress_decompress_ciphertext_coefficient_522( libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_ELEMENTS_IN_VECTOR; i++) { @@ -2985,9 +3040,9 @@ generics - COEFFICIENT_BITS= 5 */ static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_portable_decompress_ciphertext_coefficient_0d_7e2( +libcrux_ml_kem_vector_portable_decompress_ciphertext_coefficient_0d_762( libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { - return libcrux_ml_kem_vector_portable_compress_decompress_ciphertext_coefficient_1b2( + return libcrux_ml_kem_vector_portable_compress_decompress_ciphertext_coefficient_522( v); } @@ -2998,7 +3053,7 @@ with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -libcrux_ml_kem_serialize_deserialize_then_decompress_5_5a( +libcrux_ml_kem_serialize_deserialize_then_decompress_5_2d( Eurydice_slice serialized) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re = libcrux_ml_kem_polynomial_ZERO_d6_19(); @@ -3010,7 +3065,7 @@ libcrux_ml_kem_serialize_deserialize_then_decompress_5_5a( re.coefficients[i0] = libcrux_ml_kem_vector_portable_deserialize_5_0d(bytes); libcrux_ml_kem_vector_portable_vector_type_PortableVector uu____1 = - libcrux_ml_kem_vector_portable_decompress_ciphertext_coefficient_0d_7e2( + libcrux_ml_kem_vector_portable_decompress_ciphertext_coefficient_0d_762( re.coefficients[i0]); re.coefficients[i0] = uu____1; } @@ -3024,9 +3079,9 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - COMPRESSION_FACTOR= 4 */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -libcrux_ml_kem_serialize_deserialize_then_decompress_ring_element_v_6e( +libcrux_ml_kem_serialize_deserialize_then_decompress_ring_element_v_19( Eurydice_slice serialized) { - return libcrux_ml_kem_serialize_deserialize_then_decompress_4_ef(serialized); + return libcrux_ml_kem_serialize_deserialize_then_decompress_4_f6(serialized); } /** @@ -3068,7 +3123,7 @@ with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -libcrux_ml_kem_polynomial_ntt_multiply_d6_27( +libcrux_ml_kem_polynomial_ntt_multiply_d6_8f( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *self, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *rhs) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 out = @@ -3110,7 +3165,7 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 3 */ -static KRML_MUSTINLINE void libcrux_ml_kem_polynomial_add_to_ring_element_d6_5d( +static KRML_MUSTINLINE void libcrux_ml_kem_polynomial_add_to_ring_element_d6_65( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *self, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *rhs) { for (size_t i = (size_t)0U; @@ -3134,7 +3189,7 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static KRML_MUSTINLINE void libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_1_e0( +static KRML_MUSTINLINE void libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_1_61( size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re, size_t _layer) { for (size_t i = (size_t)0U; i < (size_t)16U; i++) { @@ -3160,7 +3215,7 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static KRML_MUSTINLINE void libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_2_53( +static KRML_MUSTINLINE void libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_2_34( size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re, size_t _layer) { for (size_t i = (size_t)0U; i < (size_t)16U; i++) { @@ -3182,7 +3237,7 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static KRML_MUSTINLINE void libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_3_29( +static KRML_MUSTINLINE void libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_3_dc( size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re, size_t _layer) { for (size_t i = (size_t)0U; i < (size_t)16U; i++) { @@ -3204,7 +3259,7 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector_x2 - libcrux_ml_kem_invert_ntt_inv_ntt_layer_int_vec_step_reduce_35( + libcrux_ml_kem_invert_ntt_inv_ntt_layer_int_vec_step_reduce_68( libcrux_ml_kem_vector_portable_vector_type_PortableVector a, libcrux_ml_kem_vector_portable_vector_type_PortableVector b, int16_t zeta_r) { @@ -3212,7 +3267,7 @@ static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_sub_0d(b, &a); a = libcrux_ml_kem_vector_portable_barrett_reduce_0d( libcrux_ml_kem_vector_portable_add_0d(a, &b)); - b = libcrux_ml_kem_vector_traits_montgomery_multiply_fe_2c(a_minus_b, zeta_r); + b = libcrux_ml_kem_vector_traits_montgomery_multiply_fe_44(a_minus_b, zeta_r); return ( CLITERAL(libcrux_ml_kem_vector_portable_vector_type_PortableVector_x2){ .fst = a, .snd = b}); @@ -3225,7 +3280,7 @@ with const generics */ static KRML_MUSTINLINE void -libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_4_plus_13( +libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_4_plus_3f( size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re, size_t layer) { size_t step = (size_t)1U << (uint32_t)layer; @@ -3240,7 +3295,7 @@ libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_4_plus_13( for (size_t i = offset_vec; i < offset_vec + step_vec; i++) { size_t j = i; libcrux_ml_kem_vector_portable_vector_type_PortableVector_x2 uu____0 = - libcrux_ml_kem_invert_ntt_inv_ntt_layer_int_vec_step_reduce_35( + libcrux_ml_kem_invert_ntt_inv_ntt_layer_int_vec_step_reduce_68( re->coefficients[j], re->coefficients[j + step_vec], libcrux_ml_kem_polynomial_ZETAS_TIMES_MONTGOMERY_R[zeta_i[0U]]); libcrux_ml_kem_vector_portable_vector_type_PortableVector x = uu____0.fst; @@ -3257,22 +3312,22 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 3 */ -static KRML_MUSTINLINE void libcrux_ml_kem_invert_ntt_invert_ntt_montgomery_bc( +static KRML_MUSTINLINE void libcrux_ml_kem_invert_ntt_invert_ntt_montgomery_a4( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re) { size_t zeta_i = LIBCRUX_ML_KEM_CONSTANTS_COEFFICIENTS_IN_RING_ELEMENT / (size_t)2U; - libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_1_e0(&zeta_i, re, (size_t)1U); - libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_2_53(&zeta_i, re, (size_t)2U); - libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_3_29(&zeta_i, re, (size_t)3U); - libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_4_plus_13(&zeta_i, re, + libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_1_61(&zeta_i, re, (size_t)1U); + libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_2_34(&zeta_i, re, (size_t)2U); + libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_3_dc(&zeta_i, re, (size_t)3U); + libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_4_plus_3f(&zeta_i, re, (size_t)4U); - libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_4_plus_13(&zeta_i, re, + libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_4_plus_3f(&zeta_i, re, (size_t)5U); - libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_4_plus_13(&zeta_i, re, + libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_4_plus_3f(&zeta_i, re, (size_t)6U); - libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_4_plus_13(&zeta_i, re, + libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_4_plus_3f(&zeta_i, re, (size_t)7U); - libcrux_ml_kem_polynomial_poly_barrett_reduce_d6_a9(re); + libcrux_ml_kem_polynomial_poly_barrett_reduce_d6_b3(re); } /** @@ -3287,7 +3342,7 @@ with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -libcrux_ml_kem_polynomial_subtract_reduce_d6_5f( +libcrux_ml_kem_polynomial_subtract_reduce_d6_27( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *self, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 b) { for (size_t i = (size_t)0U; @@ -3319,7 +3374,7 @@ with const generics - K= 3 */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -libcrux_ml_kem_matrix_compute_message_5b( +libcrux_ml_kem_matrix_compute_message_83( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *v, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *secret_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *u_as_ntt) { @@ -3328,12 +3383,12 @@ libcrux_ml_kem_matrix_compute_message_5b( for (size_t i = (size_t)0U; i < (size_t)3U; i++) { size_t i0 = i; libcrux_ml_kem_polynomial_PolynomialRingElement_f0 product = - libcrux_ml_kem_polynomial_ntt_multiply_d6_27(&secret_as_ntt[i0], + libcrux_ml_kem_polynomial_ntt_multiply_d6_8f(&secret_as_ntt[i0], &u_as_ntt[i0]); - libcrux_ml_kem_polynomial_add_to_ring_element_d6_5d(&result, &product); + libcrux_ml_kem_polynomial_add_to_ring_element_d6_65(&result, &product); } - libcrux_ml_kem_invert_ntt_invert_ntt_montgomery_bc(&result); - result = libcrux_ml_kem_polynomial_subtract_reduce_d6_5f(v, result); + libcrux_ml_kem_invert_ntt_invert_ntt_montgomery_a4(&result); + result = libcrux_ml_kem_polynomial_subtract_reduce_d6_27(v, result); return result; } @@ -3343,7 +3398,7 @@ with const generics - SHIFT_BY= 15 */ static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_portable_arithmetic_shift_right_7d( +libcrux_ml_kem_vector_portable_arithmetic_shift_right_1d( libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_ELEMENTS_IN_VECTOR; i++) { @@ -3363,9 +3418,9 @@ with const generics - SHIFT_BY= 15 */ static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_portable_shift_right_0d_46( +libcrux_ml_kem_vector_portable_shift_right_0d_5f( libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { - return libcrux_ml_kem_vector_portable_arithmetic_shift_right_7d(v); + return libcrux_ml_kem_vector_portable_arithmetic_shift_right_1d(v); } /** @@ -3375,10 +3430,10 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_traits_to_unsigned_representative_08( +libcrux_ml_kem_vector_traits_to_unsigned_representative_13( libcrux_ml_kem_vector_portable_vector_type_PortableVector a) { libcrux_ml_kem_vector_portable_vector_type_PortableVector t = - libcrux_ml_kem_vector_portable_shift_right_0d_46(a); + libcrux_ml_kem_vector_portable_shift_right_0d_5f(a); libcrux_ml_kem_vector_portable_vector_type_PortableVector fm = libcrux_ml_kem_vector_portable_bitwise_and_with_constant_0d( t, LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_MODULUS); @@ -3392,13 +3447,13 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ static KRML_MUSTINLINE void -libcrux_ml_kem_serialize_compress_then_serialize_message_71( +libcrux_ml_kem_serialize_compress_then_serialize_message_f6( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re, uint8_t ret[32U]) { uint8_t serialized[32U] = {0U}; for (size_t i = (size_t)0U; i < (size_t)16U; i++) { size_t i0 = i; libcrux_ml_kem_vector_portable_vector_type_PortableVector coefficient = - libcrux_ml_kem_vector_traits_to_unsigned_representative_08( + libcrux_ml_kem_vector_traits_to_unsigned_representative_13( re.coefficients[i0]); libcrux_ml_kem_vector_portable_vector_type_PortableVector coefficient_compressed = @@ -3448,20 +3503,20 @@ with const generics - U_COMPRESSION_FACTOR= 10 - V_COMPRESSION_FACTOR= 4 */ -static inline void libcrux_ml_kem_ind_cpa_decrypt_unpacked_b6( +static inline void libcrux_ml_kem_ind_cpa_decrypt_unpacked_77( libcrux_ml_kem_ind_cpa_unpacked_IndCpaPrivateKeyUnpacked_f8 *secret_key, uint8_t *ciphertext, uint8_t ret[32U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 u_as_ntt[3U]; - libcrux_ml_kem_ind_cpa_deserialize_then_decompress_u_75(ciphertext, u_as_ntt); + libcrux_ml_kem_ind_cpa_deserialize_then_decompress_u_eb(ciphertext, u_as_ntt); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 v = - libcrux_ml_kem_serialize_deserialize_then_decompress_ring_element_v_6e( + libcrux_ml_kem_serialize_deserialize_then_decompress_ring_element_v_19( Eurydice_array_to_subslice_from((size_t)1088U, ciphertext, (size_t)960U, uint8_t, size_t)); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 message = - libcrux_ml_kem_matrix_compute_message_5b(&v, secret_key->secret_as_ntt, + libcrux_ml_kem_matrix_compute_message_83(&v, secret_key->secret_as_ntt, u_as_ntt); uint8_t ret0[32U]; - libcrux_ml_kem_serialize_compress_then_serialize_message_71(message, ret0); + libcrux_ml_kem_serialize_compress_then_serialize_message_f6(message, ret0); memcpy(ret, ret0, (size_t)32U * sizeof(uint8_t)); } @@ -3475,11 +3530,11 @@ with const generics - U_COMPRESSION_FACTOR= 10 - V_COMPRESSION_FACTOR= 4 */ -static inline void libcrux_ml_kem_ind_cpa_decrypt_75(Eurydice_slice secret_key, +static inline void libcrux_ml_kem_ind_cpa_decrypt_62(Eurydice_slice secret_key, uint8_t *ciphertext, uint8_t ret[32U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 secret_as_ntt[3U]; - libcrux_ml_kem_ind_cpa_deserialize_secret_key_e1(secret_key, secret_as_ntt); + libcrux_ml_kem_ind_cpa_deserialize_secret_key_ad(secret_key, secret_as_ntt); /* Passing arrays by value in Rust generates a copy in C */ libcrux_ml_kem_polynomial_PolynomialRingElement_f0 copy_of_secret_as_ntt[3U]; memcpy( @@ -3491,7 +3546,7 @@ static inline void libcrux_ml_kem_ind_cpa_decrypt_75(Eurydice_slice secret_key, secret_key_unpacked.secret_as_ntt, copy_of_secret_as_ntt, (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); uint8_t ret0[32U]; - libcrux_ml_kem_ind_cpa_decrypt_unpacked_b6(&secret_key_unpacked, ciphertext, + libcrux_ml_kem_ind_cpa_decrypt_unpacked_77(&secret_key_unpacked, ciphertext, ret0); memcpy(ret, ret0, (size_t)32U * sizeof(uint8_t)); } @@ -3550,7 +3605,7 @@ with const generics - K= 3 */ static inline libcrux_ml_kem_ind_cpa_unpacked_IndCpaPublicKeyUnpacked_f8 -libcrux_ml_kem_ind_cpa_unpacked_default_8d_6b(void) { +libcrux_ml_kem_ind_cpa_unpacked_default_8d_b3(void) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 uu____0[3U]; for (size_t i = (size_t)0U; i < (size_t)3U; i++) { uu____0[i] = libcrux_ml_kem_polynomial_ZERO_d6_19(); @@ -3586,7 +3641,7 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -libcrux_ml_kem_serialize_deserialize_to_reduced_ring_element_e4( +libcrux_ml_kem_serialize_deserialize_to_reduced_ring_element_8a( Eurydice_slice serialized) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re = libcrux_ml_kem_polynomial_ZERO_d6_19(); @@ -3615,7 +3670,7 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 3 */ static KRML_MUSTINLINE void -libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_e2( +libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_7e( Eurydice_slice public_key, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *deserialized_pk) { for (size_t i = (size_t)0U; @@ -3629,7 +3684,7 @@ libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_e2( LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT, uint8_t); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 uu____0 = - libcrux_ml_kem_serialize_deserialize_to_reduced_ring_element_e4( + libcrux_ml_kem_serialize_deserialize_to_reduced_ring_element_8a( ring_element); deserialized_pk[i0] = uu____0; } @@ -3779,7 +3834,7 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - N= 504 */ static KRML_MUSTINLINE bool -libcrux_ml_kem_sampling_sample_from_uniform_distribution_next_fb( +libcrux_ml_kem_sampling_sample_from_uniform_distribution_next_95( uint8_t randomness[3U][504U], size_t *sampled_coefficients, int16_t (*out)[272U]) { for (size_t i0 = (size_t)0U; i0 < (size_t)3U; i0++) { @@ -3900,7 +3955,7 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - N= 168 */ static KRML_MUSTINLINE bool -libcrux_ml_kem_sampling_sample_from_uniform_distribution_next_fb0( +libcrux_ml_kem_sampling_sample_from_uniform_distribution_next_950( uint8_t randomness[3U][168U], size_t *sampled_coefficients, int16_t (*out)[272U]) { for (size_t i0 = (size_t)0U; i0 < (size_t)3U; i0++) { @@ -3947,7 +4002,7 @@ with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -libcrux_ml_kem_polynomial_from_i16_array_d6_bb(Eurydice_slice a) { +libcrux_ml_kem_polynomial_from_i16_array_d6_ae(Eurydice_slice a) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 result = libcrux_ml_kem_polynomial_ZERO_d6_19(); for (size_t i = (size_t)0U; @@ -3970,8 +4025,8 @@ generics - K= 3 */ static inline libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -libcrux_ml_kem_sampling_sample_from_xof_closure_ba(int16_t s[272U]) { - return libcrux_ml_kem_polynomial_from_i16_array_d6_bb( +libcrux_ml_kem_sampling_sample_from_xof_closure_78(int16_t s[272U]) { + return libcrux_ml_kem_polynomial_from_i16_array_d6_ae( Eurydice_array_to_subslice2(s, (size_t)0U, (size_t)256U, int16_t)); } @@ -3982,7 +4037,7 @@ libcrux_ml_kem_hash_functions_portable_PortableHash[[$3size_t]] with const generics - K= 3 */ -static KRML_MUSTINLINE void libcrux_ml_kem_sampling_sample_from_xof_49( +static KRML_MUSTINLINE void libcrux_ml_kem_sampling_sample_from_xof_c7( uint8_t seeds[3U][34U], libcrux_ml_kem_polynomial_PolynomialRingElement_f0 ret[3U]) { size_t sampled_coefficients[3U] = {0U}; @@ -3999,7 +4054,7 @@ static KRML_MUSTINLINE void libcrux_ml_kem_sampling_sample_from_xof_49( /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness0[3U][504U]; memcpy(copy_of_randomness0, randomness0, (size_t)3U * sizeof(uint8_t[504U])); - bool done = libcrux_ml_kem_sampling_sample_from_uniform_distribution_next_fb( + bool done = libcrux_ml_kem_sampling_sample_from_uniform_distribution_next_95( copy_of_randomness0, sampled_coefficients, out); while (true) { if (done) { @@ -4012,7 +4067,7 @@ static KRML_MUSTINLINE void libcrux_ml_kem_sampling_sample_from_xof_49( uint8_t copy_of_randomness[3U][168U]; memcpy(copy_of_randomness, randomness, (size_t)3U * sizeof(uint8_t[168U])); - done = libcrux_ml_kem_sampling_sample_from_uniform_distribution_next_fb0( + done = libcrux_ml_kem_sampling_sample_from_uniform_distribution_next_950( copy_of_randomness, sampled_coefficients, out); } } @@ -4022,7 +4077,7 @@ static KRML_MUSTINLINE void libcrux_ml_kem_sampling_sample_from_xof_49( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 ret0[3U]; for (size_t i = (size_t)0U; i < (size_t)3U; i++) { ret0[i] = - libcrux_ml_kem_sampling_sample_from_xof_closure_ba(copy_of_out[i]); + libcrux_ml_kem_sampling_sample_from_xof_closure_78(copy_of_out[i]); } memcpy( ret, ret0, @@ -4036,7 +4091,7 @@ libcrux_ml_kem_hash_functions_portable_PortableHash[[$3size_t]] with const generics - K= 3 */ -static KRML_MUSTINLINE void libcrux_ml_kem_matrix_sample_matrix_A_ae( +static KRML_MUSTINLINE void libcrux_ml_kem_matrix_sample_matrix_A_96( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 (*A_transpose)[3U], uint8_t seed[34U], bool transpose) { for (size_t i0 = (size_t)0U; i0 < (size_t)3U; i0++) { @@ -4057,7 +4112,7 @@ static KRML_MUSTINLINE void libcrux_ml_kem_matrix_sample_matrix_A_ae( uint8_t copy_of_seeds[3U][34U]; memcpy(copy_of_seeds, seeds, (size_t)3U * sizeof(uint8_t[34U])); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 sampled[3U]; - libcrux_ml_kem_sampling_sample_from_xof_49(copy_of_seeds, sampled); + libcrux_ml_kem_sampling_sample_from_xof_c7(copy_of_seeds, sampled); for (size_t i = (size_t)0U; i < Eurydice_slice_len( Eurydice_array_to_slice( @@ -4098,7 +4153,7 @@ generics - ETA_RANDOMNESS_SIZE= 128 */ static inline libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_out_closure_52(size_t _i) { +libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_out_closure_3d(size_t _i) { return libcrux_ml_kem_polynomial_ZERO_d6_19(); } @@ -4191,7 +4246,7 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -libcrux_ml_kem_sampling_sample_from_binomial_distribution_2_d1( +libcrux_ml_kem_sampling_sample_from_binomial_distribution_2_31( Eurydice_slice randomness) { int16_t sampled_i16s[256U] = {0U}; for (size_t i0 = (size_t)0U; @@ -4226,7 +4281,7 @@ libcrux_ml_kem_sampling_sample_from_binomial_distribution_2_d1( sampled_i16s[(size_t)8U * chunk_number + offset] = outcome_1 - outcome_2; } } - return libcrux_ml_kem_polynomial_from_i16_array_d6_bb( + return libcrux_ml_kem_polynomial_from_i16_array_d6_ae( Eurydice_array_to_slice((size_t)256U, sampled_i16s, int16_t)); } @@ -4237,7 +4292,7 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -libcrux_ml_kem_sampling_sample_from_binomial_distribution_3_a6( +libcrux_ml_kem_sampling_sample_from_binomial_distribution_3_6b( Eurydice_slice randomness) { int16_t sampled_i16s[256U] = {0U}; for (size_t i0 = (size_t)0U; @@ -4271,7 +4326,7 @@ libcrux_ml_kem_sampling_sample_from_binomial_distribution_3_a6( sampled_i16s[(size_t)4U * chunk_number + offset] = outcome_1 - outcome_2; } } - return libcrux_ml_kem_polynomial_from_i16_array_d6_bb( + return libcrux_ml_kem_polynomial_from_i16_array_d6_ae( Eurydice_array_to_slice((size_t)256U, sampled_i16s, int16_t)); } @@ -4282,9 +4337,9 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - ETA= 2 */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -libcrux_ml_kem_sampling_sample_from_binomial_distribution_dd( +libcrux_ml_kem_sampling_sample_from_binomial_distribution_56( Eurydice_slice randomness) { - return libcrux_ml_kem_sampling_sample_from_binomial_distribution_2_d1( + return libcrux_ml_kem_sampling_sample_from_binomial_distribution_2_31( randomness); } @@ -4294,7 +4349,7 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static KRML_MUSTINLINE void libcrux_ml_kem_ntt_ntt_at_layer_7_98( +static KRML_MUSTINLINE void libcrux_ml_kem_ntt_ntt_at_layer_7_93( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re) { size_t step = LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT / (size_t)2U; for (size_t i = (size_t)0U; i < step; i++) { @@ -4317,20 +4372,20 @@ with const generics */ static KRML_MUSTINLINE void -libcrux_ml_kem_ntt_ntt_binomially_sampled_ring_element_fb( +libcrux_ml_kem_ntt_ntt_binomially_sampled_ring_element_d9( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re) { - libcrux_ml_kem_ntt_ntt_at_layer_7_98(re); + libcrux_ml_kem_ntt_ntt_at_layer_7_93(re); size_t zeta_i = (size_t)1U; - libcrux_ml_kem_ntt_ntt_at_layer_4_plus_35(&zeta_i, re, (size_t)6U, + libcrux_ml_kem_ntt_ntt_at_layer_4_plus_6b(&zeta_i, re, (size_t)6U, (size_t)3U); - libcrux_ml_kem_ntt_ntt_at_layer_4_plus_35(&zeta_i, re, (size_t)5U, + libcrux_ml_kem_ntt_ntt_at_layer_4_plus_6b(&zeta_i, re, (size_t)5U, (size_t)3U); - libcrux_ml_kem_ntt_ntt_at_layer_4_plus_35(&zeta_i, re, (size_t)4U, + libcrux_ml_kem_ntt_ntt_at_layer_4_plus_6b(&zeta_i, re, (size_t)4U, (size_t)3U); - libcrux_ml_kem_ntt_ntt_at_layer_3_e9(&zeta_i, re, (size_t)3U, (size_t)3U); - libcrux_ml_kem_ntt_ntt_at_layer_2_34(&zeta_i, re, (size_t)2U, (size_t)3U); - libcrux_ml_kem_ntt_ntt_at_layer_1_bd(&zeta_i, re, (size_t)1U, (size_t)3U); - libcrux_ml_kem_polynomial_poly_barrett_reduce_d6_a9(re); + libcrux_ml_kem_ntt_ntt_at_layer_3_5c(&zeta_i, re, (size_t)3U, (size_t)3U); + libcrux_ml_kem_ntt_ntt_at_layer_2_a1(&zeta_i, re, (size_t)2U, (size_t)3U); + libcrux_ml_kem_ntt_ntt_at_layer_1_4c(&zeta_i, re, (size_t)1U, (size_t)3U); + libcrux_ml_kem_polynomial_poly_barrett_reduce_d6_b3(re); } /** @@ -4347,7 +4402,7 @@ generics - ETA_RANDOMNESS_SIZE= 128 */ static KRML_MUSTINLINE uint8_t -libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_83( +libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_dd( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re_as_ntt, uint8_t prf_input[33U], uint8_t domain_separator) { /* Passing arrays by value in Rust generates a copy in C */ @@ -4367,9 +4422,9 @@ libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_83( for (size_t i = (size_t)0U; i < (size_t)3U; i++) { size_t i0 = i; re_as_ntt[i0] = - libcrux_ml_kem_sampling_sample_from_binomial_distribution_dd( + libcrux_ml_kem_sampling_sample_from_binomial_distribution_56( Eurydice_array_to_slice((size_t)128U, prf_outputs[i0], uint8_t)); - libcrux_ml_kem_ntt_ntt_binomially_sampled_ring_element_fb(&re_as_ntt[i0]); + libcrux_ml_kem_ntt_ntt_binomially_sampled_ring_element_d9(&re_as_ntt[i0]); } return domain_separator; } @@ -4384,7 +4439,7 @@ generics - ETA_RANDOMNESS_SIZE= 128 */ static KRML_MUSTINLINE tuple_b0 -libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_out_86( +libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_out_07( uint8_t prf_input[33U], uint8_t domain_separator) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re_as_ntt[3U]; for (size_t i = (size_t)0U; i < (size_t)3U; i++) { @@ -4393,7 +4448,7 @@ libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_out_86( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *uu____0 = re_as_ntt; uint8_t uu____1[33U]; memcpy(uu____1, prf_input, (size_t)33U * sizeof(uint8_t)); - domain_separator = libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_83( + domain_separator = libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_dd( uu____0, uu____1, domain_separator); /* Passing arrays by value in Rust generates a copy in C */ libcrux_ml_kem_polynomial_PolynomialRingElement_f0 copy_of_re_as_ntt[3U]; @@ -4418,7 +4473,7 @@ generics - ETA2= 2 */ static inline libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -libcrux_ml_kem_ind_cpa_sample_ring_element_cbd_closure_3a(size_t _i) { +libcrux_ml_kem_ind_cpa_sample_ring_element_cbd_closure_1d(size_t _i) { return libcrux_ml_kem_polynomial_ZERO_d6_19(); } @@ -4435,7 +4490,7 @@ generics - ETA2= 2 */ static KRML_MUSTINLINE tuple_b0 -libcrux_ml_kem_ind_cpa_sample_ring_element_cbd_2b(uint8_t prf_input[33U], +libcrux_ml_kem_ind_cpa_sample_ring_element_cbd_c6(uint8_t prf_input[33U], uint8_t domain_separator) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 error_1[3U]; for (size_t i = (size_t)0U; i < (size_t)3U; i++) { @@ -4458,7 +4513,7 @@ libcrux_ml_kem_ind_cpa_sample_ring_element_cbd_2b(uint8_t prf_input[33U], for (size_t i = (size_t)0U; i < (size_t)3U; i++) { size_t i0 = i; libcrux_ml_kem_polynomial_PolynomialRingElement_f0 uu____1 = - libcrux_ml_kem_sampling_sample_from_binomial_distribution_dd( + libcrux_ml_kem_sampling_sample_from_binomial_distribution_56( Eurydice_array_to_slice((size_t)128U, prf_outputs[i0], uint8_t)); error_1[i0] = uu____1; } @@ -4510,7 +4565,7 @@ with const generics - K= 3 */ static inline libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -libcrux_ml_kem_matrix_compute_vector_u_closure_e7(size_t _i) { +libcrux_ml_kem_matrix_compute_vector_u_closure_1d(size_t _i) { return libcrux_ml_kem_polynomial_ZERO_d6_19(); } @@ -4525,7 +4580,7 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ -static KRML_MUSTINLINE void libcrux_ml_kem_polynomial_add_error_reduce_d6_0d( +static KRML_MUSTINLINE void libcrux_ml_kem_polynomial_add_error_reduce_d6_15( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *self, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *error) { for (size_t i = (size_t)0U; @@ -4552,7 +4607,7 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 3 */ -static KRML_MUSTINLINE void libcrux_ml_kem_matrix_compute_vector_u_f7( +static KRML_MUSTINLINE void libcrux_ml_kem_matrix_compute_vector_u_df( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 (*a_as_ntt)[3U], libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *r_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *error_1, @@ -4580,12 +4635,12 @@ static KRML_MUSTINLINE void libcrux_ml_kem_matrix_compute_vector_u_f7( size_t j = i; libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *a_element = &row[j]; libcrux_ml_kem_polynomial_PolynomialRingElement_f0 product = - libcrux_ml_kem_polynomial_ntt_multiply_d6_27(a_element, &r_as_ntt[j]); - libcrux_ml_kem_polynomial_add_to_ring_element_d6_5d(&result[i1], + libcrux_ml_kem_polynomial_ntt_multiply_d6_8f(a_element, &r_as_ntt[j]); + libcrux_ml_kem_polynomial_add_to_ring_element_d6_65(&result[i1], &product); } - libcrux_ml_kem_invert_ntt_invert_ntt_montgomery_bc(&result[i1]); - libcrux_ml_kem_polynomial_add_error_reduce_d6_0d(&result[i1], &error_1[i1]); + libcrux_ml_kem_invert_ntt_invert_ntt_montgomery_a4(&result[i1]); + libcrux_ml_kem_polynomial_add_error_reduce_d6_15(&result[i1], &error_1[i1]); } memcpy( ret, result, @@ -4599,7 +4654,7 @@ with const generics */ static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_traits_decompress_1_94( +libcrux_ml_kem_vector_traits_decompress_1_bc( libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { libcrux_ml_kem_vector_portable_vector_type_PortableVector uu____0 = libcrux_ml_kem_vector_portable_ZERO_0d(); @@ -4614,7 +4669,7 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -libcrux_ml_kem_serialize_deserialize_then_decompress_message_4d( +libcrux_ml_kem_serialize_deserialize_then_decompress_message_87( uint8_t serialized[32U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re = libcrux_ml_kem_polynomial_ZERO_d6_19(); @@ -4627,7 +4682,7 @@ libcrux_ml_kem_serialize_deserialize_then_decompress_message_4d( (size_t)2U * i0 + (size_t)2U, uint8_t)); libcrux_ml_kem_vector_portable_vector_type_PortableVector uu____0 = - libcrux_ml_kem_vector_traits_decompress_1_94(coefficient_compressed); + libcrux_ml_kem_vector_traits_decompress_1_bc(coefficient_compressed); re.coefficients[i0] = uu____0; } return re; @@ -4645,7 +4700,7 @@ with const generics */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -libcrux_ml_kem_polynomial_add_message_error_reduce_d6_92( +libcrux_ml_kem_polynomial_add_message_error_reduce_d6_68( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *self, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *message, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 result) { @@ -4678,7 +4733,7 @@ with const generics - K= 3 */ static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -libcrux_ml_kem_matrix_compute_ring_element_v_04( +libcrux_ml_kem_matrix_compute_ring_element_v_98( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *t_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *r_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *error_2, @@ -4688,12 +4743,12 @@ libcrux_ml_kem_matrix_compute_ring_element_v_04( for (size_t i = (size_t)0U; i < (size_t)3U; i++) { size_t i0 = i; libcrux_ml_kem_polynomial_PolynomialRingElement_f0 product = - libcrux_ml_kem_polynomial_ntt_multiply_d6_27(&t_as_ntt[i0], + libcrux_ml_kem_polynomial_ntt_multiply_d6_8f(&t_as_ntt[i0], &r_as_ntt[i0]); - libcrux_ml_kem_polynomial_add_to_ring_element_d6_5d(&result, &product); + libcrux_ml_kem_polynomial_add_to_ring_element_d6_65(&result, &product); } - libcrux_ml_kem_invert_ntt_invert_ntt_montgomery_bc(&result); - result = libcrux_ml_kem_polynomial_add_message_error_reduce_d6_92( + libcrux_ml_kem_invert_ntt_invert_ntt_montgomery_a4(&result); + result = libcrux_ml_kem_polynomial_add_message_error_reduce_d6_68( error_2, message, result); return result; } @@ -4704,7 +4759,7 @@ with const generics - COEFFICIENT_BITS= 10 */ static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_portable_compress_compress_20( +libcrux_ml_kem_vector_portable_compress_compress_67( libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_ELEMENTS_IN_VECTOR; i++) { @@ -4727,9 +4782,9 @@ with const generics - COEFFICIENT_BITS= 10 */ static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_portable_compress_0d_0c( +libcrux_ml_kem_vector_portable_compress_0d_00( libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { - return libcrux_ml_kem_vector_portable_compress_compress_20(v); + return libcrux_ml_kem_vector_portable_compress_compress_67(v); } /** @@ -4739,15 +4794,15 @@ with const generics - OUT_LEN= 320 */ static KRML_MUSTINLINE void -libcrux_ml_kem_serialize_compress_then_serialize_10_95( +libcrux_ml_kem_serialize_compress_then_serialize_10_af( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re, uint8_t ret[320U]) { uint8_t serialized[320U] = {0U}; for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { size_t i0 = i; libcrux_ml_kem_vector_portable_vector_type_PortableVector coefficient = - libcrux_ml_kem_vector_portable_compress_0d_0c( - libcrux_ml_kem_vector_traits_to_unsigned_representative_08( + libcrux_ml_kem_vector_portable_compress_0d_00( + libcrux_ml_kem_vector_traits_to_unsigned_representative_13( re->coefficients[i0])); uint8_t bytes[20U]; libcrux_ml_kem_vector_portable_serialize_10_0d(coefficient, bytes); @@ -4765,7 +4820,7 @@ with const generics - COEFFICIENT_BITS= 11 */ static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_portable_compress_compress_200( +libcrux_ml_kem_vector_portable_compress_compress_670( libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_ELEMENTS_IN_VECTOR; i++) { @@ -4788,9 +4843,9 @@ with const generics - COEFFICIENT_BITS= 11 */ static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_portable_compress_0d_0c0( +libcrux_ml_kem_vector_portable_compress_0d_000( libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { - return libcrux_ml_kem_vector_portable_compress_compress_200(v); + return libcrux_ml_kem_vector_portable_compress_compress_670(v); } /** @@ -4800,15 +4855,15 @@ with const generics - OUT_LEN= 320 */ static KRML_MUSTINLINE void -libcrux_ml_kem_serialize_compress_then_serialize_11_c1( +libcrux_ml_kem_serialize_compress_then_serialize_11_0e( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re, uint8_t ret[320U]) { uint8_t serialized[320U] = {0U}; for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { size_t i0 = i; libcrux_ml_kem_vector_portable_vector_type_PortableVector coefficient = - libcrux_ml_kem_vector_portable_compress_0d_0c0( - libcrux_ml_kem_vector_traits_to_unsigned_representative_08( + libcrux_ml_kem_vector_portable_compress_0d_000( + libcrux_ml_kem_vector_traits_to_unsigned_representative_13( re->coefficients[i0])); uint8_t bytes[22U]; libcrux_ml_kem_vector_portable_serialize_11_0d(coefficient, bytes); @@ -4828,10 +4883,10 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - OUT_LEN= 320 */ static KRML_MUSTINLINE void -libcrux_ml_kem_serialize_compress_then_serialize_ring_element_u_9c( +libcrux_ml_kem_serialize_compress_then_serialize_ring_element_u_ba( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re, uint8_t ret[320U]) { uint8_t uu____0[320U]; - libcrux_ml_kem_serialize_compress_then_serialize_10_95(re, uu____0); + libcrux_ml_kem_serialize_compress_then_serialize_10_af(re, uu____0); memcpy(ret, uu____0, (size_t)320U * sizeof(uint8_t)); } @@ -4847,7 +4902,7 @@ with const generics - COMPRESSION_FACTOR= 10 - BLOCK_LEN= 320 */ -static inline void libcrux_ml_kem_ind_cpa_compress_then_serialize_u_c0( +static inline void libcrux_ml_kem_ind_cpa_compress_then_serialize_u_be( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 input[3U], Eurydice_slice out) { for (size_t i = (size_t)0U; @@ -4863,7 +4918,7 @@ static inline void libcrux_ml_kem_ind_cpa_compress_then_serialize_u_c0( out, i0 * ((size_t)960U / (size_t)3U), (i0 + (size_t)1U) * ((size_t)960U / (size_t)3U), uint8_t); uint8_t ret[320U]; - libcrux_ml_kem_serialize_compress_then_serialize_ring_element_u_9c(&re, + libcrux_ml_kem_serialize_compress_then_serialize_ring_element_u_ba(&re, ret); Eurydice_slice_copy( uu____0, Eurydice_array_to_slice((size_t)320U, ret, uint8_t), uint8_t); @@ -4876,7 +4931,7 @@ with const generics - COEFFICIENT_BITS= 4 */ static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_portable_compress_compress_201( +libcrux_ml_kem_vector_portable_compress_compress_671( libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_ELEMENTS_IN_VECTOR; i++) { @@ -4899,9 +4954,9 @@ with const generics - COEFFICIENT_BITS= 4 */ static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_portable_compress_0d_0c1( +libcrux_ml_kem_vector_portable_compress_0d_001( libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { - return libcrux_ml_kem_vector_portable_compress_compress_201(v); + return libcrux_ml_kem_vector_portable_compress_compress_671(v); } /** @@ -4911,15 +4966,15 @@ with const generics */ static KRML_MUSTINLINE void -libcrux_ml_kem_serialize_compress_then_serialize_4_c5( +libcrux_ml_kem_serialize_compress_then_serialize_4_9d( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re, Eurydice_slice serialized) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { size_t i0 = i; libcrux_ml_kem_vector_portable_vector_type_PortableVector coefficient = - libcrux_ml_kem_vector_portable_compress_0d_0c1( - libcrux_ml_kem_vector_traits_to_unsigned_representative_08( + libcrux_ml_kem_vector_portable_compress_0d_001( + libcrux_ml_kem_vector_traits_to_unsigned_representative_13( re.coefficients[i0])); uint8_t bytes[8U]; libcrux_ml_kem_vector_portable_serialize_4_0d(coefficient, bytes); @@ -4936,7 +4991,7 @@ with const generics - COEFFICIENT_BITS= 5 */ static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_portable_compress_compress_202( +libcrux_ml_kem_vector_portable_compress_compress_672( libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_ELEMENTS_IN_VECTOR; i++) { @@ -4959,9 +5014,9 @@ with const generics - COEFFICIENT_BITS= 5 */ static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_portable_compress_0d_0c2( +libcrux_ml_kem_vector_portable_compress_0d_002( libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { - return libcrux_ml_kem_vector_portable_compress_compress_202(v); + return libcrux_ml_kem_vector_portable_compress_compress_672(v); } /** @@ -4971,15 +5026,15 @@ with const generics */ static KRML_MUSTINLINE void -libcrux_ml_kem_serialize_compress_then_serialize_5_b5( +libcrux_ml_kem_serialize_compress_then_serialize_5_e6( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re, Eurydice_slice serialized) { for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { size_t i0 = i; libcrux_ml_kem_vector_portable_vector_type_PortableVector coefficients = - libcrux_ml_kem_vector_portable_compress_0d_0c2( - libcrux_ml_kem_vector_traits_to_unsigned_representative_08( + libcrux_ml_kem_vector_portable_compress_0d_002( + libcrux_ml_kem_vector_traits_to_unsigned_representative_13( re.coefficients[i0])); uint8_t bytes[10U]; libcrux_ml_kem_vector_portable_serialize_5_0d(coefficients, bytes); @@ -4998,9 +5053,9 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - OUT_LEN= 128 */ static KRML_MUSTINLINE void -libcrux_ml_kem_serialize_compress_then_serialize_ring_element_v_8b( +libcrux_ml_kem_serialize_compress_then_serialize_ring_element_v_c8( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re, Eurydice_slice out) { - libcrux_ml_kem_serialize_compress_then_serialize_4_c5(re, out); + libcrux_ml_kem_serialize_compress_then_serialize_4_9d(re, out); } /** @@ -5062,7 +5117,7 @@ generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -static inline void libcrux_ml_kem_ind_cpa_encrypt_unpacked_a3( +static inline void libcrux_ml_kem_ind_cpa_encrypt_unpacked_7b( libcrux_ml_kem_ind_cpa_unpacked_IndCpaPublicKeyUnpacked_f8 *public_key, uint8_t message[32U], Eurydice_slice randomness, uint8_t ret[1088U]) { uint8_t prf_input[33U]; @@ -5070,7 +5125,7 @@ static inline void libcrux_ml_kem_ind_cpa_encrypt_unpacked_a3( /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_prf_input0[33U]; memcpy(copy_of_prf_input0, prf_input, (size_t)33U * sizeof(uint8_t)); - tuple_b0 uu____1 = libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_out_86( + tuple_b0 uu____1 = libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_out_07( copy_of_prf_input0, 0U); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 r_as_ntt[3U]; memcpy( @@ -5080,7 +5135,7 @@ static inline void libcrux_ml_kem_ind_cpa_encrypt_unpacked_a3( /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_prf_input[33U]; memcpy(copy_of_prf_input, prf_input, (size_t)33U * sizeof(uint8_t)); - tuple_b0 uu____3 = libcrux_ml_kem_ind_cpa_sample_ring_element_cbd_2b( + tuple_b0 uu____3 = libcrux_ml_kem_ind_cpa_sample_ring_element_cbd_c6( copy_of_prf_input, domain_separator0); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 error_1[3U]; memcpy( @@ -5092,30 +5147,30 @@ static inline void libcrux_ml_kem_ind_cpa_encrypt_unpacked_a3( libcrux_ml_kem_hash_functions_portable_PRF_f1_9d0( Eurydice_array_to_slice((size_t)33U, prf_input, uint8_t), prf_output); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 error_2 = - libcrux_ml_kem_sampling_sample_from_binomial_distribution_dd( + libcrux_ml_kem_sampling_sample_from_binomial_distribution_56( Eurydice_array_to_slice((size_t)128U, prf_output, uint8_t)); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 u[3U]; - libcrux_ml_kem_matrix_compute_vector_u_f7(public_key->A, r_as_ntt, error_1, + libcrux_ml_kem_matrix_compute_vector_u_df(public_key->A, r_as_ntt, error_1, u); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_message[32U]; memcpy(copy_of_message, message, (size_t)32U * sizeof(uint8_t)); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 message_as_ring_element = - libcrux_ml_kem_serialize_deserialize_then_decompress_message_4d( + libcrux_ml_kem_serialize_deserialize_then_decompress_message_87( copy_of_message); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 v = - libcrux_ml_kem_matrix_compute_ring_element_v_04( + libcrux_ml_kem_matrix_compute_ring_element_v_98( public_key->t_as_ntt, r_as_ntt, &error_2, &message_as_ring_element); uint8_t ciphertext[1088U] = {0U}; libcrux_ml_kem_polynomial_PolynomialRingElement_f0 uu____5[3U]; memcpy( uu____5, u, (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); - libcrux_ml_kem_ind_cpa_compress_then_serialize_u_c0( + libcrux_ml_kem_ind_cpa_compress_then_serialize_u_be( uu____5, Eurydice_array_to_subslice2(ciphertext, (size_t)0U, (size_t)960U, uint8_t)); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 uu____6 = v; - libcrux_ml_kem_serialize_compress_then_serialize_ring_element_v_8b( + libcrux_ml_kem_serialize_compress_then_serialize_ring_element_v_c8( uu____6, Eurydice_array_to_subslice_from((size_t)1088U, ciphertext, (size_t)960U, uint8_t, size_t)); memcpy(ret, ciphertext, (size_t)1088U * sizeof(uint8_t)); @@ -5139,13 +5194,13 @@ generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -static inline void libcrux_ml_kem_ind_cpa_encrypt_d1(Eurydice_slice public_key, +static inline void libcrux_ml_kem_ind_cpa_encrypt_03(Eurydice_slice public_key, uint8_t message[32U], Eurydice_slice randomness, uint8_t ret[1088U]) { libcrux_ml_kem_ind_cpa_unpacked_IndCpaPublicKeyUnpacked_f8 - unpacked_public_key = libcrux_ml_kem_ind_cpa_unpacked_default_8d_6b(); - libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_e2( + unpacked_public_key = libcrux_ml_kem_ind_cpa_unpacked_default_8d_b3(); + libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_7e( Eurydice_slice_subslice_to(public_key, (size_t)1152U, uint8_t, size_t), unpacked_public_key.t_as_ntt); Eurydice_slice seed = @@ -5154,14 +5209,14 @@ static inline void libcrux_ml_kem_ind_cpa_encrypt_d1(Eurydice_slice public_key, unpacked_public_key.A; uint8_t ret0[34U]; libcrux_ml_kem_utils_into_padded_array_421(seed, ret0); - libcrux_ml_kem_matrix_sample_matrix_A_ae(uu____0, ret0, false); + libcrux_ml_kem_matrix_sample_matrix_A_96(uu____0, ret0, false); libcrux_ml_kem_ind_cpa_unpacked_IndCpaPublicKeyUnpacked_f8 *uu____1 = &unpacked_public_key; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_message[32U]; memcpy(copy_of_message, message, (size_t)32U * sizeof(uint8_t)); uint8_t ret1[1088U]; - libcrux_ml_kem_ind_cpa_encrypt_unpacked_a3(uu____1, copy_of_message, + libcrux_ml_kem_ind_cpa_encrypt_unpacked_7b(uu____1, copy_of_message, randomness, ret1); memcpy(ret, ret1, (size_t)1088U * sizeof(uint8_t)); } @@ -5177,7 +5232,7 @@ with const generics - K= 3 - CIPHERTEXT_SIZE= 1088 */ -static KRML_MUSTINLINE void libcrux_ml_kem_variant_kdf_d8_a7( +static KRML_MUSTINLINE void libcrux_ml_kem_variant_kdf_d8_4a( Eurydice_slice shared_secret, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *_, uint8_t ret[32U]) { uint8_t out[32U] = {0U}; @@ -5208,7 +5263,7 @@ libcrux_ml_kem_variant_MlKem with const generics - ETA2_RANDOMNESS_SIZE= 128 - IMPLICIT_REJECTION_HASH_INPUT_SIZE= 1120 */ -static inline void libcrux_ml_kem_ind_cca_decapsulate_b6( +static inline void libcrux_ml_kem_ind_cca_decapsulate_ff( libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext, uint8_t ret[32U]) { Eurydice_slice_uint8_t_x2 uu____0 = Eurydice_slice_split_at( @@ -5226,7 +5281,7 @@ static inline void libcrux_ml_kem_ind_cca_decapsulate_b6( Eurydice_slice ind_cpa_public_key_hash = uu____2.fst; Eurydice_slice implicit_rejection_value = uu____2.snd; uint8_t decrypted[32U]; - libcrux_ml_kem_ind_cpa_decrypt_75(ind_cpa_secret_key, ciphertext->value, + libcrux_ml_kem_ind_cpa_decrypt_62(ind_cpa_secret_key, ciphertext->value, decrypted); uint8_t to_hash0[64U]; libcrux_ml_kem_utils_into_padded_array_42( @@ -5250,7 +5305,7 @@ static inline void libcrux_ml_kem_ind_cca_decapsulate_b6( Eurydice_slice uu____4 = Eurydice_array_to_subslice_from( (size_t)1120U, to_hash, LIBCRUX_ML_KEM_CONSTANTS_SHARED_SECRET_SIZE, uint8_t, size_t); - Eurydice_slice_copy(uu____4, libcrux_ml_kem_types_as_ref_fd_7b(ciphertext), + Eurydice_slice_copy(uu____4, libcrux_ml_kem_types_as_ref_fd_b7(ciphertext), uint8_t); uint8_t implicit_rejection_shared_secret0[32U]; libcrux_ml_kem_hash_functions_portable_PRF_f1_9d( @@ -5261,18 +5316,18 @@ static inline void libcrux_ml_kem_ind_cca_decapsulate_b6( uint8_t copy_of_decrypted[32U]; memcpy(copy_of_decrypted, decrypted, (size_t)32U * sizeof(uint8_t)); uint8_t expected_ciphertext[1088U]; - libcrux_ml_kem_ind_cpa_encrypt_d1(uu____5, copy_of_decrypted, + libcrux_ml_kem_ind_cpa_encrypt_03(uu____5, copy_of_decrypted, pseudorandomness, expected_ciphertext); uint8_t implicit_rejection_shared_secret[32U]; - libcrux_ml_kem_variant_kdf_d8_a7( + libcrux_ml_kem_variant_kdf_d8_4a( Eurydice_array_to_slice((size_t)32U, implicit_rejection_shared_secret0, uint8_t), ciphertext, implicit_rejection_shared_secret); uint8_t shared_secret[32U]; - libcrux_ml_kem_variant_kdf_d8_a7(shared_secret0, ciphertext, shared_secret); + libcrux_ml_kem_variant_kdf_d8_4a(shared_secret0, ciphertext, shared_secret); uint8_t ret0[32U]; libcrux_ml_kem_constant_time_ops_compare_ciphertexts_select_shared_secret_in_constant_time( - libcrux_ml_kem_types_as_ref_fd_7b(ciphertext), + libcrux_ml_kem_types_as_ref_fd_b7(ciphertext), Eurydice_array_to_slice((size_t)1088U, expected_ciphertext, uint8_t), Eurydice_array_to_slice((size_t)32U, shared_secret, uint8_t), Eurydice_array_to_slice((size_t)32U, implicit_rejection_shared_secret, @@ -5305,10 +5360,10 @@ libcrux_ml_kem.ind_cca.instantiations.portable.decapsulate with const generics - IMPLICIT_REJECTION_HASH_INPUT_SIZE= 1120 */ static inline void -libcrux_ml_kem_ind_cca_instantiations_portable_decapsulate_8a( +libcrux_ml_kem_ind_cca_instantiations_portable_decapsulate_4e( libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext, uint8_t ret[32U]) { - libcrux_ml_kem_ind_cca_decapsulate_b6(private_key, ciphertext, ret); + libcrux_ml_kem_ind_cca_decapsulate_ff(private_key, ciphertext, ret); } /** @@ -5321,7 +5376,7 @@ libcrux_ml_kem_ind_cca_instantiations_portable_decapsulate_8a( static inline void libcrux_ml_kem_mlkem768_portable_decapsulate( libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext, uint8_t ret[32U]) { - libcrux_ml_kem_ind_cca_instantiations_portable_decapsulate_8a( + libcrux_ml_kem_ind_cca_instantiations_portable_decapsulate_4e( private_key, ciphertext, ret); } @@ -5335,7 +5390,7 @@ with types libcrux_ml_kem_hash_functions_portable_PortableHash[[$3size_t]] with const generics - K= 3 */ -static KRML_MUSTINLINE void libcrux_ml_kem_variant_entropy_preprocess_d8_b0( +static KRML_MUSTINLINE void libcrux_ml_kem_variant_entropy_preprocess_d8_33( Eurydice_slice randomness, uint8_t ret[32U]) { uint8_t out[32U] = {0U}; Eurydice_slice_copy(Eurydice_array_to_slice((size_t)32U, out, uint8_t), @@ -5376,11 +5431,11 @@ libcrux_ml_kem_variant_MlKem with const generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -static inline tuple_3c libcrux_ml_kem_ind_cca_encapsulate_c6( +static inline tuple_3c libcrux_ml_kem_ind_cca_encapsulate_95( libcrux_ml_kem_types_MlKemPublicKey_15 *public_key, uint8_t randomness[32U]) { uint8_t randomness0[32U]; - libcrux_ml_kem_variant_entropy_preprocess_d8_b0( + libcrux_ml_kem_variant_entropy_preprocess_d8_33( Eurydice_array_to_slice((size_t)32U, randomness, uint8_t), randomness0); uint8_t to_hash[64U]; libcrux_ml_kem_utils_into_padded_array_42( @@ -5391,7 +5446,7 @@ static inline tuple_3c libcrux_ml_kem_ind_cca_encapsulate_c6( uint8_t ret[32U]; libcrux_ml_kem_hash_functions_portable_H_f1_c6( Eurydice_array_to_slice((size_t)1184U, - libcrux_ml_kem_types_as_slice_ba_91(public_key), + libcrux_ml_kem_types_as_slice_ba_2c(public_key), uint8_t), ret); Eurydice_slice_copy( @@ -5406,20 +5461,20 @@ static inline tuple_3c libcrux_ml_kem_ind_cca_encapsulate_c6( Eurydice_slice shared_secret = uu____1.fst; Eurydice_slice pseudorandomness = uu____1.snd; Eurydice_slice uu____2 = Eurydice_array_to_slice( - (size_t)1184U, libcrux_ml_kem_types_as_slice_ba_91(public_key), uint8_t); + (size_t)1184U, libcrux_ml_kem_types_as_slice_ba_2c(public_key), uint8_t); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness0, (size_t)32U * sizeof(uint8_t)); uint8_t ciphertext[1088U]; - libcrux_ml_kem_ind_cpa_encrypt_d1(uu____2, copy_of_randomness, + libcrux_ml_kem_ind_cpa_encrypt_03(uu____2, copy_of_randomness, pseudorandomness, ciphertext); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_ciphertext[1088U]; memcpy(copy_of_ciphertext, ciphertext, (size_t)1088U * sizeof(uint8_t)); libcrux_ml_kem_mlkem768_MlKem768Ciphertext ciphertext0 = - libcrux_ml_kem_types_from_fc_cd(copy_of_ciphertext); + libcrux_ml_kem_types_from_fc_b5(copy_of_ciphertext); uint8_t shared_secret_array[32U]; - libcrux_ml_kem_variant_kdf_d8_a7(shared_secret, &ciphertext0, + libcrux_ml_kem_variant_kdf_d8_4a(shared_secret, &ciphertext0, shared_secret_array); libcrux_ml_kem_mlkem768_MlKem768Ciphertext uu____5 = ciphertext0; /* Passing arrays by value in Rust generates a copy in C */ @@ -5450,14 +5505,14 @@ libcrux_ml_kem.ind_cca.instantiations.portable.encapsulate with const generics - ETA2_RANDOMNESS_SIZE= 128 */ static inline tuple_3c -libcrux_ml_kem_ind_cca_instantiations_portable_encapsulate_95( +libcrux_ml_kem_ind_cca_instantiations_portable_encapsulate_0d( libcrux_ml_kem_types_MlKemPublicKey_15 *public_key, uint8_t randomness[32U]) { libcrux_ml_kem_types_MlKemPublicKey_15 *uu____0 = public_key; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness, (size_t)32U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_encapsulate_c6(uu____0, copy_of_randomness); + return libcrux_ml_kem_ind_cca_encapsulate_95(uu____0, copy_of_randomness); } /** @@ -5474,7 +5529,7 @@ static inline tuple_3c libcrux_ml_kem_mlkem768_portable_encapsulate( /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness, (size_t)32U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_instantiations_portable_encapsulate_95( + return libcrux_ml_kem_ind_cca_instantiations_portable_encapsulate_0d( uu____0, copy_of_randomness); } @@ -5490,7 +5545,7 @@ with const generics - K= 3 */ static inline libcrux_ml_kem_ind_cpa_unpacked_IndCpaPrivateKeyUnpacked_f8 -libcrux_ml_kem_ind_cpa_unpacked_default_1a_a3(void) { +libcrux_ml_kem_ind_cpa_unpacked_default_1a_cf(void) { libcrux_ml_kem_ind_cpa_unpacked_IndCpaPrivateKeyUnpacked_f8 lit; lit.secret_as_ntt[0U] = libcrux_ml_kem_polynomial_ZERO_d6_19(); lit.secret_as_ntt[1U] = libcrux_ml_kem_polynomial_ZERO_d6_19(); @@ -5508,7 +5563,7 @@ with types libcrux_ml_kem_hash_functions_portable_PortableHash[[$3size_t]] with const generics - K= 3 */ -static KRML_MUSTINLINE void libcrux_ml_kem_variant_cpa_keygen_seed_d8_3b( +static KRML_MUSTINLINE void libcrux_ml_kem_variant_cpa_keygen_seed_d8_6b( Eurydice_slice key_generation_seed, uint8_t ret[64U]) { uint8_t seed[33U] = {0U}; Eurydice_slice_copy( @@ -5531,7 +5586,7 @@ with const generics */ static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector -libcrux_ml_kem_vector_traits_to_standard_domain_bd( +libcrux_ml_kem_vector_traits_to_standard_domain_eb( libcrux_ml_kem_vector_portable_vector_type_PortableVector v) { return libcrux_ml_kem_vector_portable_montgomery_multiply_by_constant_0d( v, LIBCRUX_ML_KEM_VECTOR_TRAITS_MONTGOMERY_R_SQUARED_MOD_FIELD_MODULUS); @@ -5549,7 +5604,7 @@ with const generics */ static KRML_MUSTINLINE void -libcrux_ml_kem_polynomial_add_standard_error_reduce_d6_aa( +libcrux_ml_kem_polynomial_add_standard_error_reduce_d6_9b( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *self, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *error) { for (size_t i = (size_t)0U; @@ -5557,7 +5612,7 @@ libcrux_ml_kem_polynomial_add_standard_error_reduce_d6_aa( size_t j = i; libcrux_ml_kem_vector_portable_vector_type_PortableVector coefficient_normal_form = - libcrux_ml_kem_vector_traits_to_standard_domain_bd( + libcrux_ml_kem_vector_traits_to_standard_domain_eb( self->coefficients[j]); libcrux_ml_kem_vector_portable_vector_type_PortableVector uu____0 = libcrux_ml_kem_vector_portable_barrett_reduce_0d( @@ -5576,7 +5631,7 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 3 */ -static KRML_MUSTINLINE void libcrux_ml_kem_matrix_compute_As_plus_e_00( +static KRML_MUSTINLINE void libcrux_ml_kem_matrix_compute_As_plus_e_50( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *t_as_ntt, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 (*matrix_A)[3U], libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *s_as_ntt, @@ -5604,12 +5659,12 @@ static KRML_MUSTINLINE void libcrux_ml_kem_matrix_compute_As_plus_e_00( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *matrix_element = &row[j]; libcrux_ml_kem_polynomial_PolynomialRingElement_f0 product = - libcrux_ml_kem_polynomial_ntt_multiply_d6_27(matrix_element, + libcrux_ml_kem_polynomial_ntt_multiply_d6_8f(matrix_element, &s_as_ntt[j]); - libcrux_ml_kem_polynomial_add_to_ring_element_d6_5d(&t_as_ntt[i0], + libcrux_ml_kem_polynomial_add_to_ring_element_d6_65(&t_as_ntt[i0], &product); } - libcrux_ml_kem_polynomial_add_standard_error_reduce_d6_aa( + libcrux_ml_kem_polynomial_add_standard_error_reduce_d6_9b( &t_as_ntt[i0], &error_as_ntt[i0]); } } @@ -5664,12 +5719,12 @@ libcrux_ml_kem_variant_MlKem with const generics - ETA1= 2 - ETA1_RANDOMNESS_SIZE= 128 */ -static inline void libcrux_ml_kem_ind_cpa_generate_keypair_unpacked_74( +static inline void libcrux_ml_kem_ind_cpa_generate_keypair_unpacked_62( Eurydice_slice key_generation_seed, libcrux_ml_kem_ind_cpa_unpacked_IndCpaPrivateKeyUnpacked_f8 *private_key, libcrux_ml_kem_ind_cpa_unpacked_IndCpaPublicKeyUnpacked_f8 *public_key) { uint8_t hashed[64U]; - libcrux_ml_kem_variant_cpa_keygen_seed_d8_3b(key_generation_seed, hashed); + libcrux_ml_kem_variant_cpa_keygen_seed_d8_6b(key_generation_seed, hashed); Eurydice_slice_uint8_t_x2 uu____0 = Eurydice_slice_split_at( Eurydice_array_to_slice((size_t)64U, hashed, uint8_t), (size_t)32U, uint8_t, Eurydice_slice_uint8_t_x2); @@ -5679,7 +5734,7 @@ static inline void libcrux_ml_kem_ind_cpa_generate_keypair_unpacked_74( public_key->A; uint8_t ret[34U]; libcrux_ml_kem_utils_into_padded_array_421(seed_for_A, ret); - libcrux_ml_kem_matrix_sample_matrix_A_ae(uu____1, ret, true); + libcrux_ml_kem_matrix_sample_matrix_A_96(uu____1, ret, true); uint8_t prf_input[33U]; libcrux_ml_kem_utils_into_padded_array_422(seed_for_secret_and_error, prf_input); @@ -5689,7 +5744,7 @@ static inline void libcrux_ml_kem_ind_cpa_generate_keypair_unpacked_74( uint8_t copy_of_prf_input0[33U]; memcpy(copy_of_prf_input0, prf_input, (size_t)33U * sizeof(uint8_t)); uint8_t domain_separator = - libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_83( + libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_dd( uu____2, copy_of_prf_input0, 0U); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_prf_input[33U]; @@ -5697,11 +5752,11 @@ static inline void libcrux_ml_kem_ind_cpa_generate_keypair_unpacked_74( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 error_as_ntt[3U]; memcpy( error_as_ntt, - libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_out_86( + libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_out_07( copy_of_prf_input, domain_separator) .fst, (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); - libcrux_ml_kem_matrix_compute_As_plus_e_00( + libcrux_ml_kem_matrix_compute_As_plus_e_50( public_key->t_as_ntt, public_key->A, private_key->secret_as_ntt, error_as_ntt); uint8_t uu____5[32U]; @@ -5718,14 +5773,14 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics */ static KRML_MUSTINLINE void -libcrux_ml_kem_serialize_serialize_uncompressed_ring_element_16( +libcrux_ml_kem_serialize_serialize_uncompressed_ring_element_81( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re, uint8_t ret[384U]) { uint8_t serialized[384U] = {0U}; for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) { size_t i0 = i; libcrux_ml_kem_vector_portable_vector_type_PortableVector coefficient = - libcrux_ml_kem_vector_traits_to_unsigned_representative_08( + libcrux_ml_kem_vector_traits_to_unsigned_representative_13( re->coefficients[i0]); uint8_t bytes[24U]; libcrux_ml_kem_vector_portable_serialize_12_0d(coefficient, bytes); @@ -5747,7 +5802,7 @@ with const generics - K= 3 - OUT_LEN= 1152 */ -static KRML_MUSTINLINE void libcrux_ml_kem_ind_cpa_serialize_secret_key_8c( +static KRML_MUSTINLINE void libcrux_ml_kem_ind_cpa_serialize_secret_key_f2( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *key, uint8_t ret[1152U]) { uint8_t out[1152U] = {0U}; @@ -5765,7 +5820,7 @@ static KRML_MUSTINLINE void libcrux_ml_kem_ind_cpa_serialize_secret_key_8c( (i0 + (size_t)1U) * LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT, uint8_t); uint8_t ret0[384U]; - libcrux_ml_kem_serialize_serialize_uncompressed_ring_element_16(&re, ret0); + libcrux_ml_kem_serialize_serialize_uncompressed_ring_element_81(&re, ret0); Eurydice_slice_copy( uu____0, Eurydice_array_to_slice((size_t)384U, ret0, uint8_t), uint8_t); } @@ -5783,13 +5838,13 @@ with const generics - RANKED_BYTES_PER_RING_ELEMENT= 1152 - PUBLIC_KEY_SIZE= 1184 */ -static KRML_MUSTINLINE void libcrux_ml_kem_ind_cpa_serialize_public_key_mut_46( +static KRML_MUSTINLINE void libcrux_ml_kem_ind_cpa_serialize_public_key_mut_98( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *t_as_ntt, Eurydice_slice seed_for_a, uint8_t *serialized) { Eurydice_slice uu____0 = Eurydice_array_to_subslice2(serialized, (size_t)0U, (size_t)1152U, uint8_t); uint8_t ret[1152U]; - libcrux_ml_kem_ind_cpa_serialize_secret_key_8c(t_as_ntt, ret); + libcrux_ml_kem_ind_cpa_serialize_secret_key_f2(t_as_ntt, ret); Eurydice_slice_copy( uu____0, Eurydice_array_to_slice((size_t)1152U, ret, uint8_t), uint8_t); Eurydice_slice_copy( @@ -5809,11 +5864,11 @@ with const generics - RANKED_BYTES_PER_RING_ELEMENT= 1152 - PUBLIC_KEY_SIZE= 1184 */ -static KRML_MUSTINLINE void libcrux_ml_kem_ind_cpa_serialize_public_key_eb( +static KRML_MUSTINLINE void libcrux_ml_kem_ind_cpa_serialize_public_key_cf( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *t_as_ntt, Eurydice_slice seed_for_a, uint8_t ret[1184U]) { uint8_t public_key_serialized[1184U] = {0U}; - libcrux_ml_kem_ind_cpa_serialize_public_key_mut_46(t_as_ntt, seed_for_a, + libcrux_ml_kem_ind_cpa_serialize_public_key_mut_98(t_as_ntt, seed_for_a, public_key_serialized); memcpy(ret, public_key_serialized, (size_t)1184U * sizeof(uint8_t)); } @@ -5831,20 +5886,20 @@ libcrux_ml_kem_variant_MlKem with const generics - ETA1_RANDOMNESS_SIZE= 128 */ static inline libcrux_ml_kem_utils_extraction_helper_Keypair768 -libcrux_ml_kem_ind_cpa_generate_keypair_52(Eurydice_slice key_generation_seed) { +libcrux_ml_kem_ind_cpa_generate_keypair_48(Eurydice_slice key_generation_seed) { libcrux_ml_kem_ind_cpa_unpacked_IndCpaPrivateKeyUnpacked_f8 private_key = - libcrux_ml_kem_ind_cpa_unpacked_default_1a_a3(); + libcrux_ml_kem_ind_cpa_unpacked_default_1a_cf(); libcrux_ml_kem_ind_cpa_unpacked_IndCpaPublicKeyUnpacked_f8 public_key = - libcrux_ml_kem_ind_cpa_unpacked_default_8d_6b(); - libcrux_ml_kem_ind_cpa_generate_keypair_unpacked_74( + libcrux_ml_kem_ind_cpa_unpacked_default_8d_b3(); + libcrux_ml_kem_ind_cpa_generate_keypair_unpacked_62( key_generation_seed, &private_key, &public_key); uint8_t public_key_serialized[1184U]; - libcrux_ml_kem_ind_cpa_serialize_public_key_eb( + libcrux_ml_kem_ind_cpa_serialize_public_key_cf( public_key.t_as_ntt, Eurydice_array_to_slice((size_t)32U, public_key.seed_for_A, uint8_t), public_key_serialized); uint8_t secret_key_serialized[1152U]; - libcrux_ml_kem_ind_cpa_serialize_secret_key_8c(private_key.secret_as_ntt, + libcrux_ml_kem_ind_cpa_serialize_secret_key_f2(private_key.secret_as_ntt, secret_key_serialized); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_secret_key_serialized[1152U]; @@ -5872,7 +5927,7 @@ with const generics - K= 3 - SERIALIZED_KEY_LEN= 2400 */ -static KRML_MUSTINLINE void libcrux_ml_kem_ind_cca_serialize_kem_secret_key_61( +static KRML_MUSTINLINE void libcrux_ml_kem_ind_cca_serialize_kem_secret_key_a5( Eurydice_slice private_key, Eurydice_slice public_key, Eurydice_slice implicit_rejection_value, uint8_t ret[2400U]) { uint8_t out[2400U] = {0U}; @@ -5936,7 +5991,7 @@ libcrux_ml_kem_variant_MlKem with const generics - ETA1_RANDOMNESS_SIZE= 128 */ static inline libcrux_ml_kem_mlkem768_MlKem768KeyPair -libcrux_ml_kem_ind_cca_generate_keypair_54(uint8_t randomness[64U]) { +libcrux_ml_kem_ind_cca_generate_keypair_79(uint8_t randomness[64U]) { Eurydice_slice ind_cpa_keypair_randomness = Eurydice_array_to_subslice2( randomness, (size_t)0U, LIBCRUX_ML_KEM_CONSTANTS_CPA_PKE_KEY_GENERATION_SEED_SIZE, uint8_t); @@ -5945,13 +6000,13 @@ libcrux_ml_kem_ind_cca_generate_keypair_54(uint8_t randomness[64U]) { LIBCRUX_ML_KEM_CONSTANTS_CPA_PKE_KEY_GENERATION_SEED_SIZE, uint8_t, size_t); libcrux_ml_kem_utils_extraction_helper_Keypair768 uu____0 = - libcrux_ml_kem_ind_cpa_generate_keypair_52(ind_cpa_keypair_randomness); + libcrux_ml_kem_ind_cpa_generate_keypair_48(ind_cpa_keypair_randomness); uint8_t ind_cpa_private_key[1152U]; memcpy(ind_cpa_private_key, uu____0.fst, (size_t)1152U * sizeof(uint8_t)); uint8_t public_key[1184U]; memcpy(public_key, uu____0.snd, (size_t)1184U * sizeof(uint8_t)); uint8_t secret_key_serialized[2400U]; - libcrux_ml_kem_ind_cca_serialize_kem_secret_key_61( + libcrux_ml_kem_ind_cca_serialize_kem_secret_key_a5( Eurydice_array_to_slice((size_t)1152U, ind_cpa_private_key, uint8_t), Eurydice_array_to_slice((size_t)1184U, public_key, uint8_t), implicit_rejection_value, secret_key_serialized); @@ -5960,13 +6015,13 @@ libcrux_ml_kem_ind_cca_generate_keypair_54(uint8_t randomness[64U]) { memcpy(copy_of_secret_key_serialized, secret_key_serialized, (size_t)2400U * sizeof(uint8_t)); libcrux_ml_kem_types_MlKemPrivateKey_55 private_key = - libcrux_ml_kem_types_from_88_2d(copy_of_secret_key_serialized); + libcrux_ml_kem_types_from_88_58(copy_of_secret_key_serialized); libcrux_ml_kem_types_MlKemPrivateKey_55 uu____2 = private_key; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_public_key[1184U]; memcpy(copy_of_public_key, public_key, (size_t)1184U * sizeof(uint8_t)); - return libcrux_ml_kem_types_from_17_8b( - uu____2, libcrux_ml_kem_types_from_40_60(copy_of_public_key)); + return libcrux_ml_kem_types_from_17_dc( + uu____2, libcrux_ml_kem_types_from_40_cb(copy_of_public_key)); } /** @@ -5985,12 +6040,12 @@ generics - ETA1_RANDOMNESS_SIZE= 128 */ static inline libcrux_ml_kem_mlkem768_MlKem768KeyPair -libcrux_ml_kem_ind_cca_instantiations_portable_generate_keypair_6b( +libcrux_ml_kem_ind_cca_instantiations_portable_generate_keypair_6e( uint8_t randomness[64U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[64U]; memcpy(copy_of_randomness, randomness, (size_t)64U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_generate_keypair_54(copy_of_randomness); + return libcrux_ml_kem_ind_cca_generate_keypair_79(copy_of_randomness); } /** @@ -6001,7 +6056,7 @@ libcrux_ml_kem_mlkem768_portable_generate_key_pair(uint8_t randomness[64U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[64U]; memcpy(copy_of_randomness, randomness, (size_t)64U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_instantiations_portable_generate_keypair_6b( + return libcrux_ml_kem_ind_cca_instantiations_portable_generate_keypair_6e( copy_of_randomness); } @@ -6016,7 +6071,7 @@ with const generics - K= 3 - CIPHERTEXT_SIZE= 1088 */ -static KRML_MUSTINLINE void libcrux_ml_kem_variant_kdf_33_e0( +static KRML_MUSTINLINE void libcrux_ml_kem_variant_kdf_33_b8( Eurydice_slice shared_secret, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext, uint8_t ret[32U]) { uint8_t kdf_input[64U]; @@ -6027,7 +6082,7 @@ static KRML_MUSTINLINE void libcrux_ml_kem_variant_kdf_33_e0( uint8_t ret0[32U]; libcrux_ml_kem_hash_functions_portable_H_f1_c6( Eurydice_array_to_slice((size_t)1088U, - libcrux_ml_kem_types_as_slice_07_4f(ciphertext), + libcrux_ml_kem_types_as_slice_07_ff(ciphertext), uint8_t), ret0); Eurydice_slice_copy( @@ -6060,7 +6115,7 @@ libcrux_ml_kem_variant_Kyber with const generics - ETA2_RANDOMNESS_SIZE= 128 - IMPLICIT_REJECTION_HASH_INPUT_SIZE= 1120 */ -static inline void libcrux_ml_kem_ind_cca_decapsulate_b60( +static inline void libcrux_ml_kem_ind_cca_decapsulate_ff0( libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext, uint8_t ret[32U]) { Eurydice_slice_uint8_t_x2 uu____0 = Eurydice_slice_split_at( @@ -6078,7 +6133,7 @@ static inline void libcrux_ml_kem_ind_cca_decapsulate_b60( Eurydice_slice ind_cpa_public_key_hash = uu____2.fst; Eurydice_slice implicit_rejection_value = uu____2.snd; uint8_t decrypted[32U]; - libcrux_ml_kem_ind_cpa_decrypt_75(ind_cpa_secret_key, ciphertext->value, + libcrux_ml_kem_ind_cpa_decrypt_62(ind_cpa_secret_key, ciphertext->value, decrypted); uint8_t to_hash0[64U]; libcrux_ml_kem_utils_into_padded_array_42( @@ -6102,7 +6157,7 @@ static inline void libcrux_ml_kem_ind_cca_decapsulate_b60( Eurydice_slice uu____4 = Eurydice_array_to_subslice_from( (size_t)1120U, to_hash, LIBCRUX_ML_KEM_CONSTANTS_SHARED_SECRET_SIZE, uint8_t, size_t); - Eurydice_slice_copy(uu____4, libcrux_ml_kem_types_as_ref_fd_7b(ciphertext), + Eurydice_slice_copy(uu____4, libcrux_ml_kem_types_as_ref_fd_b7(ciphertext), uint8_t); uint8_t implicit_rejection_shared_secret0[32U]; libcrux_ml_kem_hash_functions_portable_PRF_f1_9d( @@ -6113,18 +6168,18 @@ static inline void libcrux_ml_kem_ind_cca_decapsulate_b60( uint8_t copy_of_decrypted[32U]; memcpy(copy_of_decrypted, decrypted, (size_t)32U * sizeof(uint8_t)); uint8_t expected_ciphertext[1088U]; - libcrux_ml_kem_ind_cpa_encrypt_d1(uu____5, copy_of_decrypted, + libcrux_ml_kem_ind_cpa_encrypt_03(uu____5, copy_of_decrypted, pseudorandomness, expected_ciphertext); uint8_t implicit_rejection_shared_secret[32U]; - libcrux_ml_kem_variant_kdf_33_e0( + libcrux_ml_kem_variant_kdf_33_b8( Eurydice_array_to_slice((size_t)32U, implicit_rejection_shared_secret0, uint8_t), ciphertext, implicit_rejection_shared_secret); uint8_t shared_secret[32U]; - libcrux_ml_kem_variant_kdf_33_e0(shared_secret0, ciphertext, shared_secret); + libcrux_ml_kem_variant_kdf_33_b8(shared_secret0, ciphertext, shared_secret); uint8_t ret0[32U]; libcrux_ml_kem_constant_time_ops_compare_ciphertexts_select_shared_secret_in_constant_time( - libcrux_ml_kem_types_as_ref_fd_7b(ciphertext), + libcrux_ml_kem_types_as_ref_fd_b7(ciphertext), Eurydice_array_to_slice((size_t)1088U, expected_ciphertext, uint8_t), Eurydice_array_to_slice((size_t)32U, shared_secret, uint8_t), Eurydice_array_to_slice((size_t)32U, implicit_rejection_shared_secret, @@ -6158,10 +6213,10 @@ generics - IMPLICIT_REJECTION_HASH_INPUT_SIZE= 1120 */ static inline void -libcrux_ml_kem_ind_cca_instantiations_portable_kyber_decapsulate_64( +libcrux_ml_kem_ind_cca_instantiations_portable_kyber_decapsulate_ac( libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext, uint8_t ret[32U]) { - libcrux_ml_kem_ind_cca_decapsulate_b60(private_key, ciphertext, ret); + libcrux_ml_kem_ind_cca_decapsulate_ff0(private_key, ciphertext, ret); } /** @@ -6174,7 +6229,7 @@ libcrux_ml_kem_ind_cca_instantiations_portable_kyber_decapsulate_64( static inline void libcrux_ml_kem_mlkem768_portable_kyber_decapsulate( libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext, uint8_t ret[32U]) { - libcrux_ml_kem_ind_cca_instantiations_portable_kyber_decapsulate_64( + libcrux_ml_kem_ind_cca_instantiations_portable_kyber_decapsulate_ac( private_key, ciphertext, ret); } @@ -6188,7 +6243,7 @@ with types libcrux_ml_kem_hash_functions_portable_PortableHash[[$3size_t]] with const generics - K= 3 */ -static KRML_MUSTINLINE void libcrux_ml_kem_variant_entropy_preprocess_33_c0( +static KRML_MUSTINLINE void libcrux_ml_kem_variant_entropy_preprocess_33_84( Eurydice_slice randomness, uint8_t ret[32U]) { libcrux_ml_kem_hash_functions_portable_H_f1_c6(randomness, ret); } @@ -6212,11 +6267,11 @@ libcrux_ml_kem_variant_Kyber with const generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -static inline tuple_3c libcrux_ml_kem_ind_cca_encapsulate_c60( +static inline tuple_3c libcrux_ml_kem_ind_cca_encapsulate_950( libcrux_ml_kem_types_MlKemPublicKey_15 *public_key, uint8_t randomness[32U]) { uint8_t randomness0[32U]; - libcrux_ml_kem_variant_entropy_preprocess_33_c0( + libcrux_ml_kem_variant_entropy_preprocess_33_84( Eurydice_array_to_slice((size_t)32U, randomness, uint8_t), randomness0); uint8_t to_hash[64U]; libcrux_ml_kem_utils_into_padded_array_42( @@ -6227,7 +6282,7 @@ static inline tuple_3c libcrux_ml_kem_ind_cca_encapsulate_c60( uint8_t ret[32U]; libcrux_ml_kem_hash_functions_portable_H_f1_c6( Eurydice_array_to_slice((size_t)1184U, - libcrux_ml_kem_types_as_slice_ba_91(public_key), + libcrux_ml_kem_types_as_slice_ba_2c(public_key), uint8_t), ret); Eurydice_slice_copy( @@ -6242,20 +6297,20 @@ static inline tuple_3c libcrux_ml_kem_ind_cca_encapsulate_c60( Eurydice_slice shared_secret = uu____1.fst; Eurydice_slice pseudorandomness = uu____1.snd; Eurydice_slice uu____2 = Eurydice_array_to_slice( - (size_t)1184U, libcrux_ml_kem_types_as_slice_ba_91(public_key), uint8_t); + (size_t)1184U, libcrux_ml_kem_types_as_slice_ba_2c(public_key), uint8_t); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness0, (size_t)32U * sizeof(uint8_t)); uint8_t ciphertext[1088U]; - libcrux_ml_kem_ind_cpa_encrypt_d1(uu____2, copy_of_randomness, + libcrux_ml_kem_ind_cpa_encrypt_03(uu____2, copy_of_randomness, pseudorandomness, ciphertext); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_ciphertext[1088U]; memcpy(copy_of_ciphertext, ciphertext, (size_t)1088U * sizeof(uint8_t)); libcrux_ml_kem_mlkem768_MlKem768Ciphertext ciphertext0 = - libcrux_ml_kem_types_from_fc_cd(copy_of_ciphertext); + libcrux_ml_kem_types_from_fc_b5(copy_of_ciphertext); uint8_t shared_secret_array[32U]; - libcrux_ml_kem_variant_kdf_33_e0(shared_secret, &ciphertext0, + libcrux_ml_kem_variant_kdf_33_b8(shared_secret, &ciphertext0, shared_secret_array); libcrux_ml_kem_mlkem768_MlKem768Ciphertext uu____5 = ciphertext0; /* Passing arrays by value in Rust generates a copy in C */ @@ -6290,14 +6345,14 @@ generics - ETA2_RANDOMNESS_SIZE= 128 */ static inline tuple_3c -libcrux_ml_kem_ind_cca_instantiations_portable_kyber_encapsulate_92( +libcrux_ml_kem_ind_cca_instantiations_portable_kyber_encapsulate_b7( libcrux_ml_kem_types_MlKemPublicKey_15 *public_key, uint8_t randomness[32U]) { libcrux_ml_kem_types_MlKemPublicKey_15 *uu____0 = public_key; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness, (size_t)32U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_encapsulate_c60(uu____0, copy_of_randomness); + return libcrux_ml_kem_ind_cca_encapsulate_950(uu____0, copy_of_randomness); } /** @@ -6314,7 +6369,7 @@ static inline tuple_3c libcrux_ml_kem_mlkem768_portable_kyber_encapsulate( /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness, (size_t)32U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_instantiations_portable_kyber_encapsulate_92( + return libcrux_ml_kem_ind_cca_instantiations_portable_kyber_encapsulate_b7( uu____0, copy_of_randomness); } @@ -6328,7 +6383,7 @@ with types libcrux_ml_kem_hash_functions_portable_PortableHash[[$3size_t]] with const generics - K= 3 */ -static KRML_MUSTINLINE void libcrux_ml_kem_variant_cpa_keygen_seed_33_c8( +static KRML_MUSTINLINE void libcrux_ml_kem_variant_cpa_keygen_seed_33_40( Eurydice_slice key_generation_seed, uint8_t ret[64U]) { libcrux_ml_kem_hash_functions_portable_G_f1_07(key_generation_seed, ret); } @@ -6383,12 +6438,12 @@ libcrux_ml_kem_variant_Kyber with const generics - ETA1= 2 - ETA1_RANDOMNESS_SIZE= 128 */ -static inline void libcrux_ml_kem_ind_cpa_generate_keypair_unpacked_740( +static inline void libcrux_ml_kem_ind_cpa_generate_keypair_unpacked_620( Eurydice_slice key_generation_seed, libcrux_ml_kem_ind_cpa_unpacked_IndCpaPrivateKeyUnpacked_f8 *private_key, libcrux_ml_kem_ind_cpa_unpacked_IndCpaPublicKeyUnpacked_f8 *public_key) { uint8_t hashed[64U]; - libcrux_ml_kem_variant_cpa_keygen_seed_33_c8(key_generation_seed, hashed); + libcrux_ml_kem_variant_cpa_keygen_seed_33_40(key_generation_seed, hashed); Eurydice_slice_uint8_t_x2 uu____0 = Eurydice_slice_split_at( Eurydice_array_to_slice((size_t)64U, hashed, uint8_t), (size_t)32U, uint8_t, Eurydice_slice_uint8_t_x2); @@ -6398,7 +6453,7 @@ static inline void libcrux_ml_kem_ind_cpa_generate_keypair_unpacked_740( public_key->A; uint8_t ret[34U]; libcrux_ml_kem_utils_into_padded_array_421(seed_for_A, ret); - libcrux_ml_kem_matrix_sample_matrix_A_ae(uu____1, ret, true); + libcrux_ml_kem_matrix_sample_matrix_A_96(uu____1, ret, true); uint8_t prf_input[33U]; libcrux_ml_kem_utils_into_padded_array_422(seed_for_secret_and_error, prf_input); @@ -6408,7 +6463,7 @@ static inline void libcrux_ml_kem_ind_cpa_generate_keypair_unpacked_740( uint8_t copy_of_prf_input0[33U]; memcpy(copy_of_prf_input0, prf_input, (size_t)33U * sizeof(uint8_t)); uint8_t domain_separator = - libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_83( + libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_dd( uu____2, copy_of_prf_input0, 0U); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_prf_input[33U]; @@ -6416,11 +6471,11 @@ static inline void libcrux_ml_kem_ind_cpa_generate_keypair_unpacked_740( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 error_as_ntt[3U]; memcpy( error_as_ntt, - libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_out_86( + libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_out_07( copy_of_prf_input, domain_separator) .fst, (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0)); - libcrux_ml_kem_matrix_compute_As_plus_e_00( + libcrux_ml_kem_matrix_compute_As_plus_e_50( public_key->t_as_ntt, public_key->A, private_key->secret_as_ntt, error_as_ntt); uint8_t uu____5[32U]; @@ -6443,21 +6498,21 @@ libcrux_ml_kem_variant_Kyber with const generics - ETA1_RANDOMNESS_SIZE= 128 */ static inline libcrux_ml_kem_utils_extraction_helper_Keypair768 -libcrux_ml_kem_ind_cpa_generate_keypair_520( +libcrux_ml_kem_ind_cpa_generate_keypair_480( Eurydice_slice key_generation_seed) { libcrux_ml_kem_ind_cpa_unpacked_IndCpaPrivateKeyUnpacked_f8 private_key = - libcrux_ml_kem_ind_cpa_unpacked_default_1a_a3(); + libcrux_ml_kem_ind_cpa_unpacked_default_1a_cf(); libcrux_ml_kem_ind_cpa_unpacked_IndCpaPublicKeyUnpacked_f8 public_key = - libcrux_ml_kem_ind_cpa_unpacked_default_8d_6b(); - libcrux_ml_kem_ind_cpa_generate_keypair_unpacked_740( + libcrux_ml_kem_ind_cpa_unpacked_default_8d_b3(); + libcrux_ml_kem_ind_cpa_generate_keypair_unpacked_620( key_generation_seed, &private_key, &public_key); uint8_t public_key_serialized[1184U]; - libcrux_ml_kem_ind_cpa_serialize_public_key_eb( + libcrux_ml_kem_ind_cpa_serialize_public_key_cf( public_key.t_as_ntt, Eurydice_array_to_slice((size_t)32U, public_key.seed_for_A, uint8_t), public_key_serialized); uint8_t secret_key_serialized[1152U]; - libcrux_ml_kem_ind_cpa_serialize_secret_key_8c(private_key.secret_as_ntt, + libcrux_ml_kem_ind_cpa_serialize_secret_key_f2(private_key.secret_as_ntt, secret_key_serialized); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_secret_key_serialized[1152U]; @@ -6497,7 +6552,7 @@ libcrux_ml_kem_variant_Kyber with const generics - ETA1_RANDOMNESS_SIZE= 128 */ static inline libcrux_ml_kem_mlkem768_MlKem768KeyPair -libcrux_ml_kem_ind_cca_generate_keypair_540(uint8_t randomness[64U]) { +libcrux_ml_kem_ind_cca_generate_keypair_790(uint8_t randomness[64U]) { Eurydice_slice ind_cpa_keypair_randomness = Eurydice_array_to_subslice2( randomness, (size_t)0U, LIBCRUX_ML_KEM_CONSTANTS_CPA_PKE_KEY_GENERATION_SEED_SIZE, uint8_t); @@ -6506,13 +6561,13 @@ libcrux_ml_kem_ind_cca_generate_keypair_540(uint8_t randomness[64U]) { LIBCRUX_ML_KEM_CONSTANTS_CPA_PKE_KEY_GENERATION_SEED_SIZE, uint8_t, size_t); libcrux_ml_kem_utils_extraction_helper_Keypair768 uu____0 = - libcrux_ml_kem_ind_cpa_generate_keypair_520(ind_cpa_keypair_randomness); + libcrux_ml_kem_ind_cpa_generate_keypair_480(ind_cpa_keypair_randomness); uint8_t ind_cpa_private_key[1152U]; memcpy(ind_cpa_private_key, uu____0.fst, (size_t)1152U * sizeof(uint8_t)); uint8_t public_key[1184U]; memcpy(public_key, uu____0.snd, (size_t)1184U * sizeof(uint8_t)); uint8_t secret_key_serialized[2400U]; - libcrux_ml_kem_ind_cca_serialize_kem_secret_key_61( + libcrux_ml_kem_ind_cca_serialize_kem_secret_key_a5( Eurydice_array_to_slice((size_t)1152U, ind_cpa_private_key, uint8_t), Eurydice_array_to_slice((size_t)1184U, public_key, uint8_t), implicit_rejection_value, secret_key_serialized); @@ -6521,13 +6576,13 @@ libcrux_ml_kem_ind_cca_generate_keypair_540(uint8_t randomness[64U]) { memcpy(copy_of_secret_key_serialized, secret_key_serialized, (size_t)2400U * sizeof(uint8_t)); libcrux_ml_kem_types_MlKemPrivateKey_55 private_key = - libcrux_ml_kem_types_from_88_2d(copy_of_secret_key_serialized); + libcrux_ml_kem_types_from_88_58(copy_of_secret_key_serialized); libcrux_ml_kem_types_MlKemPrivateKey_55 uu____2 = private_key; /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_public_key[1184U]; memcpy(copy_of_public_key, public_key, (size_t)1184U * sizeof(uint8_t)); - return libcrux_ml_kem_types_from_17_8b( - uu____2, libcrux_ml_kem_types_from_40_60(copy_of_public_key)); + return libcrux_ml_kem_types_from_17_dc( + uu____2, libcrux_ml_kem_types_from_40_cb(copy_of_public_key)); } /** @@ -6543,12 +6598,12 @@ generics - ETA1_RANDOMNESS_SIZE= 128 */ static inline libcrux_ml_kem_mlkem768_MlKem768KeyPair -libcrux_ml_kem_ind_cca_instantiations_portable_kyber_generate_keypair_31( +libcrux_ml_kem_ind_cca_instantiations_portable_kyber_generate_keypair_39( uint8_t randomness[64U]) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[64U]; memcpy(copy_of_randomness, randomness, (size_t)64U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_generate_keypair_540(copy_of_randomness); + return libcrux_ml_kem_ind_cca_generate_keypair_790(copy_of_randomness); } /** @@ -6560,7 +6615,7 @@ libcrux_ml_kem_mlkem768_portable_kyber_generate_key_pair( /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[64U]; memcpy(copy_of_randomness, randomness, (size_t)64U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_instantiations_portable_kyber_generate_keypair_31( + return libcrux_ml_kem_ind_cca_instantiations_portable_kyber_generate_keypair_39( copy_of_randomness); } @@ -6579,7 +6634,7 @@ with const generics - SECRET_KEY_SIZE= 2400 - CIPHERTEXT_SIZE= 1088 */ -static KRML_MUSTINLINE bool libcrux_ml_kem_ind_cca_validate_private_key_2f( +static KRML_MUSTINLINE bool libcrux_ml_kem_ind_cca_validate_private_key_89( libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *_ciphertext) { uint8_t t[32U]; @@ -6607,10 +6662,10 @@ generics - CIPHERTEXT_SIZE= 1088 */ static KRML_MUSTINLINE bool -libcrux_ml_kem_ind_cca_instantiations_portable_validate_private_key_77( +libcrux_ml_kem_ind_cca_instantiations_portable_validate_private_key_2e( libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext) { - return libcrux_ml_kem_ind_cca_validate_private_key_2f(private_key, + return libcrux_ml_kem_ind_cca_validate_private_key_89(private_key, ciphertext); } @@ -6622,7 +6677,7 @@ libcrux_ml_kem_ind_cca_instantiations_portable_validate_private_key_77( static inline bool libcrux_ml_kem_mlkem768_portable_validate_private_key( libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext) { - return libcrux_ml_kem_ind_cca_instantiations_portable_validate_private_key_77( + return libcrux_ml_kem_ind_cca_instantiations_portable_validate_private_key_2e( private_key, ciphertext); } @@ -6635,7 +6690,7 @@ generics - K= 3 */ static inline libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_out_closure_5a( +libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_out_closure_27( size_t _i) { return libcrux_ml_kem_polynomial_ZERO_d6_19(); } @@ -6651,7 +6706,7 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 3 */ static KRML_MUSTINLINE void -libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_e20( +libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_7e0( Eurydice_slice public_key, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *deserialized_pk) { for (size_t i = (size_t)0U; @@ -6665,7 +6720,7 @@ libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_e20( LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT, uint8_t); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 uu____0 = - libcrux_ml_kem_serialize_deserialize_to_reduced_ring_element_e4( + libcrux_ml_kem_serialize_deserialize_to_reduced_ring_element_8a( ring_element); deserialized_pk[i0] = uu____0; } @@ -6685,14 +6740,14 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 3 */ static KRML_MUSTINLINE void -libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_out_33( +libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_out_2f( Eurydice_slice public_key, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 ret[3U]) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 deserialized_pk[3U]; for (size_t i = (size_t)0U; i < (size_t)3U; i++) { deserialized_pk[i] = libcrux_ml_kem_polynomial_ZERO_d6_19(); } - libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_e20( + libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_7e0( public_key, deserialized_pk); memcpy( ret, deserialized_pk, @@ -6714,16 +6769,16 @@ with const generics - RANKED_BYTES_PER_RING_ELEMENT= 1152 - PUBLIC_KEY_SIZE= 1184 */ -static KRML_MUSTINLINE bool libcrux_ml_kem_ind_cca_validate_public_key_e3( +static KRML_MUSTINLINE bool libcrux_ml_kem_ind_cca_validate_public_key_36( uint8_t *public_key) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 deserialized_pk[3U]; - libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_out_33( + libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_out_2f( Eurydice_array_to_subslice_to((size_t)1184U, public_key, (size_t)1152U, uint8_t, size_t), deserialized_pk); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *uu____0 = deserialized_pk; uint8_t public_key_serialized[1184U]; - libcrux_ml_kem_ind_cpa_serialize_public_key_eb( + libcrux_ml_kem_ind_cpa_serialize_public_key_cf( uu____0, Eurydice_array_to_subslice_from((size_t)1184U, public_key, (size_t)1152U, uint8_t, size_t), @@ -6744,9 +6799,9 @@ generics - PUBLIC_KEY_SIZE= 1184 */ static KRML_MUSTINLINE bool -libcrux_ml_kem_ind_cca_instantiations_portable_validate_public_key_b0( +libcrux_ml_kem_ind_cca_instantiations_portable_validate_public_key_57( uint8_t *public_key) { - return libcrux_ml_kem_ind_cca_validate_public_key_e3(public_key); + return libcrux_ml_kem_ind_cca_validate_public_key_36(public_key); } /** @@ -6756,7 +6811,7 @@ libcrux_ml_kem_ind_cca_instantiations_portable_validate_public_key_b0( */ static inline bool libcrux_ml_kem_mlkem768_portable_validate_public_key( libcrux_ml_kem_types_MlKemPublicKey_15 *public_key) { - return libcrux_ml_kem_ind_cca_instantiations_portable_validate_public_key_b0( + return libcrux_ml_kem_ind_cca_instantiations_portable_validate_public_key_57( public_key->value); } @@ -6782,11 +6837,11 @@ generics - ETA2_RANDOMNESS_SIZE= 128 - IMPLICIT_REJECTION_HASH_INPUT_SIZE= 1120 */ -static inline void libcrux_ml_kem_ind_cca_unpacked_decapsulate_1a( +static inline void libcrux_ml_kem_ind_cca_unpacked_decapsulate_54( libcrux_ml_kem_mlkem768_portable_unpacked_MlKem768KeyPairUnpacked *key_pair, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext, uint8_t ret[32U]) { uint8_t decrypted[32U]; - libcrux_ml_kem_ind_cpa_decrypt_unpacked_b6( + libcrux_ml_kem_ind_cpa_decrypt_unpacked_77( &key_pair->private_key.ind_cpa_private_key, ciphertext->value, decrypted); uint8_t to_hash0[64U]; libcrux_ml_kem_utils_into_padded_array_42( @@ -6816,7 +6871,7 @@ static inline void libcrux_ml_kem_ind_cca_unpacked_decapsulate_1a( Eurydice_slice uu____2 = Eurydice_array_to_subslice_from( (size_t)1120U, to_hash, LIBCRUX_ML_KEM_CONSTANTS_SHARED_SECRET_SIZE, uint8_t, size_t); - Eurydice_slice_copy(uu____2, libcrux_ml_kem_types_as_ref_fd_7b(ciphertext), + Eurydice_slice_copy(uu____2, libcrux_ml_kem_types_as_ref_fd_b7(ciphertext), uint8_t); uint8_t implicit_rejection_shared_secret[32U]; libcrux_ml_kem_hash_functions_portable_PRF_f1_9d( @@ -6828,11 +6883,11 @@ static inline void libcrux_ml_kem_ind_cca_unpacked_decapsulate_1a( uint8_t copy_of_decrypted[32U]; memcpy(copy_of_decrypted, decrypted, (size_t)32U * sizeof(uint8_t)); uint8_t expected_ciphertext[1088U]; - libcrux_ml_kem_ind_cpa_encrypt_unpacked_a3( + libcrux_ml_kem_ind_cpa_encrypt_unpacked_7b( uu____3, copy_of_decrypted, pseudorandomness, expected_ciphertext); uint8_t selector = libcrux_ml_kem_constant_time_ops_compare_ciphertexts_in_constant_time( - libcrux_ml_kem_types_as_ref_fd_7b(ciphertext), + libcrux_ml_kem_types_as_ref_fd_b7(ciphertext), Eurydice_array_to_slice((size_t)1088U, expected_ciphertext, uint8_t)); uint8_t ret0[32U]; libcrux_ml_kem_constant_time_ops_select_shared_secret_in_constant_time( @@ -6868,10 +6923,10 @@ generics - IMPLICIT_REJECTION_HASH_INPUT_SIZE= 1120 */ static inline void -libcrux_ml_kem_ind_cca_instantiations_portable_unpacked_decapsulate_49( +libcrux_ml_kem_ind_cca_instantiations_portable_unpacked_decapsulate_a0( libcrux_ml_kem_mlkem768_portable_unpacked_MlKem768KeyPairUnpacked *key_pair, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext, uint8_t ret[32U]) { - libcrux_ml_kem_ind_cca_unpacked_decapsulate_1a(key_pair, ciphertext, ret); + libcrux_ml_kem_ind_cca_unpacked_decapsulate_54(key_pair, ciphertext, ret); } /** @@ -6885,7 +6940,7 @@ static inline void libcrux_ml_kem_mlkem768_portable_unpacked_decapsulate( libcrux_ml_kem_mlkem768_portable_unpacked_MlKem768KeyPairUnpacked *private_key, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext, uint8_t ret[32U]) { - libcrux_ml_kem_ind_cca_instantiations_portable_unpacked_decapsulate_49( + libcrux_ml_kem_ind_cca_instantiations_portable_unpacked_decapsulate_a0( private_key, ciphertext, ret); } @@ -6908,7 +6963,7 @@ generics - ETA2= 2 - ETA2_RANDOMNESS_SIZE= 128 */ -static inline tuple_3c libcrux_ml_kem_ind_cca_unpacked_encapsulate_28( +static inline tuple_3c libcrux_ml_kem_ind_cca_unpacked_encapsulate_ed( libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_f8 *public_key, uint8_t randomness[32U]) { uint8_t to_hash[64U]; @@ -6936,7 +6991,7 @@ static inline tuple_3c libcrux_ml_kem_ind_cca_unpacked_encapsulate_28( uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness, (size_t)32U * sizeof(uint8_t)); uint8_t ciphertext[1088U]; - libcrux_ml_kem_ind_cpa_encrypt_unpacked_a3(uu____2, copy_of_randomness, + libcrux_ml_kem_ind_cpa_encrypt_unpacked_7b(uu____2, copy_of_randomness, pseudorandomness, ciphertext); uint8_t shared_secret_array[32U] = {0U}; Eurydice_slice_copy( @@ -6946,7 +7001,7 @@ static inline tuple_3c libcrux_ml_kem_ind_cca_unpacked_encapsulate_28( uint8_t copy_of_ciphertext[1088U]; memcpy(copy_of_ciphertext, ciphertext, (size_t)1088U * sizeof(uint8_t)); libcrux_ml_kem_mlkem768_MlKem768Ciphertext uu____5 = - libcrux_ml_kem_types_from_fc_cd(copy_of_ciphertext); + libcrux_ml_kem_types_from_fc_b5(copy_of_ciphertext); /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_shared_secret_array[32U]; memcpy(copy_of_shared_secret_array, shared_secret_array, @@ -6979,7 +7034,7 @@ generics - ETA2_RANDOMNESS_SIZE= 128 */ static inline tuple_3c -libcrux_ml_kem_ind_cca_instantiations_portable_unpacked_encapsulate_67( +libcrux_ml_kem_ind_cca_instantiations_portable_unpacked_encapsulate_b6( libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_f8 *public_key, uint8_t randomness[32U]) { libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_f8 *uu____0 = @@ -6987,7 +7042,7 @@ libcrux_ml_kem_ind_cca_instantiations_portable_unpacked_encapsulate_67( /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness, (size_t)32U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_unpacked_encapsulate_28(uu____0, + return libcrux_ml_kem_ind_cca_unpacked_encapsulate_ed(uu____0, copy_of_randomness); } @@ -7007,10 +7062,179 @@ static inline tuple_3c libcrux_ml_kem_mlkem768_portable_unpacked_encapsulate( /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[32U]; memcpy(copy_of_randomness, randomness, (size_t)32U * sizeof(uint8_t)); - return libcrux_ml_kem_ind_cca_instantiations_portable_unpacked_encapsulate_67( + return libcrux_ml_kem_ind_cca_instantiations_portable_unpacked_encapsulate_b6( uu____0, copy_of_randomness); } +/** + Read the bytes into an unpacked key pair. +*/ +/** +This function found in impl +{libcrux_ml_kem::ind_cca::unpacked::MlKemPublicKeyUnpacked[TraitClause@0, TraitClause@1]} +*/ +/** +A monomorphic instance of libcrux_ml_kem.ind_cca.unpacked.from_bytes_dd +with types libcrux_ml_kem_vector_portable_vector_type_PortableVector +with const generics +- K= 3 +*/ +static inline libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_f8 +libcrux_ml_kem_ind_cca_unpacked_from_bytes_dd_9d(Eurydice_slice bytes) { + size_t p = (size_t)0U; + libcrux_ml_kem_ind_cpa_unpacked_IndCpaPublicKeyUnpacked_f8 + ind_cpa_public_key = libcrux_ml_kem_ind_cpa_unpacked_default_8d_b3(); + for (size_t i0 = (size_t)0U; + i0 < Eurydice_slice_len( + Eurydice_array_to_slice( + (size_t)3U, ind_cpa_public_key.t_as_ntt, + libcrux_ml_kem_polynomial_PolynomialRingElement_f0), + libcrux_ml_kem_polynomial_PolynomialRingElement_f0); + i0++) { + size_t i1 = i0; + for (size_t i = (size_t)0U; + i < Eurydice_slice_len( + Eurydice_array_to_slice( + (size_t)16U, ind_cpa_public_key.t_as_ntt[i1].coefficients, + libcrux_ml_kem_vector_portable_vector_type_PortableVector), + libcrux_ml_kem_vector_portable_vector_type_PortableVector); + i++) { + size_t j = i; + ind_cpa_public_key.t_as_ntt[i1].coefficients[j] = + libcrux_ml_kem_vector_portable_from_bytes_0d( + Eurydice_slice_subslice2(bytes, p, p + (size_t)32U, uint8_t)); + p = p + (size_t)32U; + } + } + Eurydice_slice_copy( + Eurydice_array_to_slice((size_t)32U, ind_cpa_public_key.seed_for_A, + uint8_t), + Eurydice_slice_subslice2(bytes, p, p + (size_t)32U, uint8_t), uint8_t); + p = p + (size_t)32U; + for (size_t i0 = (size_t)0U; + i0 < Eurydice_slice_len( + Eurydice_array_to_slice( + (size_t)3U, ind_cpa_public_key.A, + libcrux_ml_kem_polynomial_PolynomialRingElement_f0[3U]), + libcrux_ml_kem_polynomial_PolynomialRingElement_f0[3U]); + i0++) { + size_t i1 = i0; + for (size_t i2 = (size_t)0U; + i2 < Eurydice_slice_len( + Eurydice_array_to_slice( + (size_t)3U, ind_cpa_public_key.A[i1], + libcrux_ml_kem_polynomial_PolynomialRingElement_f0), + libcrux_ml_kem_polynomial_PolynomialRingElement_f0); + i2++) { + size_t j = i2; + for (size_t i = (size_t)0U; + i < + Eurydice_slice_len( + Eurydice_array_to_slice( + (size_t)16U, ind_cpa_public_key.A[i1][j].coefficients, + libcrux_ml_kem_vector_portable_vector_type_PortableVector), + libcrux_ml_kem_vector_portable_vector_type_PortableVector); + i++) { + size_t k = i; + ind_cpa_public_key.A[i1][j].coefficients[k] = + libcrux_ml_kem_vector_portable_from_bytes_0d( + Eurydice_slice_subslice2(bytes, p, p + (size_t)32U, uint8_t)); + p = p + (size_t)32U; + } + } + } + uint8_t public_key_hash[32U] = {0U}; + Eurydice_slice_copy( + Eurydice_array_to_slice((size_t)32U, public_key_hash, uint8_t), + Eurydice_slice_subslice2(bytes, p, p + (size_t)32U, uint8_t), uint8_t); + libcrux_ml_kem_ind_cpa_unpacked_IndCpaPublicKeyUnpacked_f8 uu____2 = + ind_cpa_public_key; + /* Passing arrays by value in Rust generates a copy in C */ + uint8_t copy_of_public_key_hash[32U]; + memcpy(copy_of_public_key_hash, public_key_hash, + (size_t)32U * sizeof(uint8_t)); + libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_f8 lit; + lit.ind_cpa_public_key = uu____2; + memcpy(lit.public_key_hash, copy_of_public_key_hash, + (size_t)32U * sizeof(uint8_t)); + return lit; +} + +/** + Read the bytes into an unpacked key pair. +*/ +/** +This function found in impl +{libcrux_ml_kem::ind_cca::unpacked::MlKemKeyPairUnpacked[TraitClause@0, TraitClause@1]#1} +*/ +/** +A monomorphic instance of libcrux_ml_kem.ind_cca.unpacked.from_bytes_f8 +with types libcrux_ml_kem_vector_portable_vector_type_PortableVector +with const generics +- K= 3 +*/ +static inline libcrux_ml_kem_mlkem768_portable_unpacked_MlKem768KeyPairUnpacked +libcrux_ml_kem_ind_cca_unpacked_from_bytes_f8_05(Eurydice_slice bytes) { + size_t p = (size_t)0U; + libcrux_ml_kem_ind_cpa_unpacked_IndCpaPrivateKeyUnpacked_f8 + ind_cpa_private_key = libcrux_ml_kem_ind_cpa_unpacked_default_1a_cf(); + for (size_t i0 = (size_t)0U; + i0 < Eurydice_slice_len( + Eurydice_array_to_slice( + (size_t)3U, ind_cpa_private_key.secret_as_ntt, + libcrux_ml_kem_polynomial_PolynomialRingElement_f0), + libcrux_ml_kem_polynomial_PolynomialRingElement_f0); + i0++) { + size_t i1 = i0; + for (size_t i = (size_t)0U; + i < Eurydice_slice_len( + Eurydice_array_to_slice( + (size_t)16U, + ind_cpa_private_key.secret_as_ntt[i1].coefficients, + libcrux_ml_kem_vector_portable_vector_type_PortableVector), + libcrux_ml_kem_vector_portable_vector_type_PortableVector); + i++) { + size_t j = i; + ind_cpa_private_key.secret_as_ntt[i1].coefficients[j] = + libcrux_ml_kem_vector_portable_from_bytes_0d( + Eurydice_slice_subslice2(bytes, p, p + (size_t)32U, uint8_t)); + p = p + (size_t)32U; + } + } + uint8_t implicit_rejection_value[32U] = {0U}; + Eurydice_slice_copy( + Eurydice_array_to_slice((size_t)32U, implicit_rejection_value, uint8_t), + Eurydice_slice_subslice2(bytes, p, p + (size_t)32U, uint8_t), uint8_t); + p = p + (size_t)32U; + libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_f8 public_key = + libcrux_ml_kem_ind_cca_unpacked_from_bytes_dd_9d( + Eurydice_slice_subslice_from(bytes, p, uint8_t, size_t)); + libcrux_ml_kem_ind_cpa_unpacked_IndCpaPrivateKeyUnpacked_f8 uu____1 = + ind_cpa_private_key; + /* Passing arrays by value in Rust generates a copy in C */ + uint8_t copy_of_implicit_rejection_value[32U]; + memcpy(copy_of_implicit_rejection_value, implicit_rejection_value, + (size_t)32U * sizeof(uint8_t)); + libcrux_ml_kem_mlkem768_portable_unpacked_MlKem768KeyPairUnpacked lit; + lit.private_key.ind_cpa_private_key = uu____1; + memcpy(lit.private_key.implicit_rejection_value, + copy_of_implicit_rejection_value, (size_t)32U * sizeof(uint8_t)); + lit.public_key = public_key; + return lit; +} + +/** + Read bytes into the key pair. + + `bytes` has to point to at least 7776 bytes. +*/ +static inline libcrux_ml_kem_mlkem768_portable_unpacked_MlKem768KeyPairUnpacked +libcrux_ml_kem_mlkem768_portable_unpacked_from_bytes(Eurydice_slice bytes) { + return libcrux_ml_kem_ind_cca_unpacked_from_bytes_f8_05(bytes); +} + /** A monomorphic instance of libcrux_ml_kem.ind_cca.unpacked.generate_keypair.closure.closure with types @@ -7026,7 +7250,7 @@ libcrux_ml_kem_variant_MlKem with const generics - ETA1_RANDOMNESS_SIZE= 128 */ static inline libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -libcrux_ml_kem_ind_cca_unpacked_generate_keypair_closure_closure_12(size_t _j) { +libcrux_ml_kem_ind_cca_unpacked_generate_keypair_closure_closure_af(size_t _j) { return libcrux_ml_kem_polynomial_ZERO_d6_19(); } @@ -7044,7 +7268,7 @@ libcrux_ml_kem_variant_MlKem with const generics - ETA1= 2 - ETA1_RANDOMNESS_SIZE= 128 */ -static inline void libcrux_ml_kem_ind_cca_unpacked_generate_keypair_closure_41( +static inline void libcrux_ml_kem_ind_cca_unpacked_generate_keypair_closure_07( size_t _i, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 ret[3U]) { for (size_t i = (size_t)0U; i < (size_t)3U; i++) { ret[i] = libcrux_ml_kem_polynomial_ZERO_d6_19(); @@ -7063,7 +7287,7 @@ with const generics */ static inline libcrux_ml_kem_polynomial_PolynomialRingElement_f0 -libcrux_ml_kem_polynomial_clone_17_19( +libcrux_ml_kem_polynomial_clone_17_14( libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *self) { libcrux_ml_kem_polynomial_PolynomialRingElement_f0 lit; libcrux_ml_kem_vector_portable_vector_type_PortableVector ret[16U]; @@ -7092,7 +7316,7 @@ libcrux_ml_kem_variant_MlKem with const generics - ETA1= 2 - ETA1_RANDOMNESS_SIZE= 128 */ -static inline void libcrux_ml_kem_ind_cca_unpacked_generate_keypair_39( +static inline void libcrux_ml_kem_ind_cca_unpacked_generate_keypair_da( uint8_t randomness[64U], libcrux_ml_kem_mlkem768_portable_unpacked_MlKem768KeyPairUnpacked *out) { Eurydice_slice ind_cpa_keypair_randomness = Eurydice_array_to_subslice2( @@ -7102,19 +7326,19 @@ static inline void libcrux_ml_kem_ind_cca_unpacked_generate_keypair_39( (size_t)64U, randomness, LIBCRUX_ML_KEM_CONSTANTS_CPA_PKE_KEY_GENERATION_SEED_SIZE, uint8_t, size_t); - libcrux_ml_kem_ind_cpa_generate_keypair_unpacked_74( + libcrux_ml_kem_ind_cpa_generate_keypair_unpacked_62( ind_cpa_keypair_randomness, &out->private_key.ind_cpa_private_key, &out->public_key.ind_cpa_public_key); libcrux_ml_kem_polynomial_PolynomialRingElement_f0 A[3U][3U]; for (size_t i = (size_t)0U; i < (size_t)3U; i++) { - libcrux_ml_kem_ind_cca_unpacked_generate_keypair_closure_41(i, A[i]); + libcrux_ml_kem_ind_cca_unpacked_generate_keypair_closure_07(i, A[i]); } for (size_t i0 = (size_t)0U; i0 < (size_t)3U; i0++) { size_t i1 = i0; for (size_t i = (size_t)0U; i < (size_t)3U; i++) { size_t j = i; libcrux_ml_kem_polynomial_PolynomialRingElement_f0 uu____0 = - libcrux_ml_kem_polynomial_clone_17_19( + libcrux_ml_kem_polynomial_clone_17_14( &out->public_key.ind_cpa_public_key.A[j][i1]); A[i1][j] = uu____0; } @@ -7127,7 +7351,7 @@ static inline void libcrux_ml_kem_ind_cca_unpacked_generate_keypair_39( (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0[3U])); uint8_t pk_serialized[1184U]; - libcrux_ml_kem_ind_cpa_serialize_public_key_eb( + libcrux_ml_kem_ind_cpa_serialize_public_key_cf( out->public_key.ind_cpa_public_key.t_as_ntt, Eurydice_array_to_slice( (size_t)32U, out->public_key.ind_cpa_public_key.seed_for_A, uint8_t), @@ -7162,13 +7386,13 @@ const generics - ETA1_RANDOMNESS_SIZE= 128 */ static inline void -libcrux_ml_kem_ind_cca_instantiations_portable_unpacked_generate_keypair_72( +libcrux_ml_kem_ind_cca_instantiations_portable_unpacked_generate_keypair_5b( uint8_t randomness[64U], libcrux_ml_kem_mlkem768_portable_unpacked_MlKem768KeyPairUnpacked *out) { /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[64U]; memcpy(copy_of_randomness, randomness, (size_t)64U * sizeof(uint8_t)); - libcrux_ml_kem_ind_cca_unpacked_generate_keypair_39(copy_of_randomness, out); + libcrux_ml_kem_ind_cca_unpacked_generate_keypair_da(copy_of_randomness, out); } /** @@ -7181,25 +7405,25 @@ static inline void libcrux_ml_kem_mlkem768_portable_unpacked_generate_key_pair( /* Passing arrays by value in Rust generates a copy in C */ uint8_t copy_of_randomness[64U]; memcpy(copy_of_randomness, randomness, (size_t)64U * sizeof(uint8_t)); - libcrux_ml_kem_ind_cca_instantiations_portable_unpacked_generate_keypair_72( + libcrux_ml_kem_ind_cca_instantiations_portable_unpacked_generate_keypair_5b( copy_of_randomness, key_pair); } /** This function found in impl {(core::default::Default for libcrux_ml_kem::ind_cca::unpacked::MlKemPublicKeyUnpacked[TraitClause@0, TraitClause@1])#1} +K>[TraitClause@0, TraitClause@1])#3} */ /** -A monomorphic instance of libcrux_ml_kem.ind_cca.unpacked.default_1c +A monomorphic instance of libcrux_ml_kem.ind_cca.unpacked.default_82 with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 3 */ static KRML_MUSTINLINE libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_f8 -libcrux_ml_kem_ind_cca_unpacked_default_1c_4f(void) { +libcrux_ml_kem_ind_cca_unpacked_default_82_c0(void) { libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_f8 lit; - lit.ind_cpa_public_key = libcrux_ml_kem_ind_cpa_unpacked_default_8d_6b(); + lit.ind_cpa_public_key = libcrux_ml_kem_ind_cpa_unpacked_default_8d_b3(); lit.public_key_hash[0U] = 0U; lit.public_key_hash[1U] = 0U; lit.public_key_hash[2U] = 0U; @@ -7238,19 +7462,19 @@ libcrux_ml_kem_ind_cca_unpacked_default_1c_4f(void) { /** This function found in impl {(core::default::Default for libcrux_ml_kem::ind_cca::unpacked::MlKemKeyPairUnpacked[TraitClause@0, TraitClause@1])#3} +K>[TraitClause@0, TraitClause@1])#5} */ /** -A monomorphic instance of libcrux_ml_kem.ind_cca.unpacked.default_07 +A monomorphic instance of libcrux_ml_kem.ind_cca.unpacked.default_ec with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 3 */ static KRML_MUSTINLINE libcrux_ml_kem_mlkem768_portable_unpacked_MlKem768KeyPairUnpacked - libcrux_ml_kem_ind_cca_unpacked_default_07_3d(void) { + libcrux_ml_kem_ind_cca_unpacked_default_ec_16(void) { libcrux_ml_kem_ind_cca_unpacked_MlKemPrivateKeyUnpacked_f8 uu____0; - uu____0.ind_cpa_private_key = libcrux_ml_kem_ind_cpa_unpacked_default_1a_a3(); + uu____0.ind_cpa_private_key = libcrux_ml_kem_ind_cpa_unpacked_default_1a_cf(); uu____0.implicit_rejection_value[0U] = 0U; uu____0.implicit_rejection_value[1U] = 0U; uu____0.implicit_rejection_value[2U] = 0U; @@ -7286,7 +7510,7 @@ static KRML_MUSTINLINE return (CLITERAL( libcrux_ml_kem_mlkem768_portable_unpacked_MlKem768KeyPairUnpacked){ .private_key = uu____0, - .public_key = libcrux_ml_kem_ind_cca_unpacked_default_1c_4f()}); + .public_key = libcrux_ml_kem_ind_cca_unpacked_default_82_c0()}); } /** @@ -7294,7 +7518,7 @@ static KRML_MUSTINLINE */ static inline libcrux_ml_kem_mlkem768_portable_unpacked_MlKem768KeyPairUnpacked libcrux_ml_kem_mlkem768_portable_unpacked_init_key_pair(void) { - return libcrux_ml_kem_ind_cca_unpacked_default_07_3d(); + return libcrux_ml_kem_ind_cca_unpacked_default_ec_16(); } /** @@ -7302,7 +7526,18 @@ libcrux_ml_kem_mlkem768_portable_unpacked_init_key_pair(void) { */ static inline libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_f8 libcrux_ml_kem_mlkem768_portable_unpacked_init_public_key(void) { - return libcrux_ml_kem_ind_cca_unpacked_default_1c_4f(); + return libcrux_ml_kem_ind_cca_unpacked_default_82_c0(); +} + +/** + Read the key pair from `bytes``. + + `bytes` has to point to at least 7776 bytes. +*/ +static inline libcrux_ml_kem_mlkem768_portable_unpacked_MlKem768KeyPairUnpacked +libcrux_ml_kem_mlkem768_portable_unpacked_key_pair_from_bytes( + Eurydice_slice bytes) { + return libcrux_ml_kem_ind_cca_unpacked_from_bytes_f8_05(bytes); } /** @@ -7311,21 +7546,21 @@ libcrux_ml_kem_mlkem768_portable_unpacked_init_public_key(void) { /** This function found in impl {libcrux_ml_kem::ind_cca::unpacked::MlKemPublicKeyUnpacked[TraitClause@0, TraitClause@1]} +K>[TraitClause@0, TraitClause@1]#2} */ /** A monomorphic instance of -libcrux_ml_kem.ind_cca.unpacked.serialized_public_key_mut_dd with types +libcrux_ml_kem.ind_cca.unpacked.serialized_public_key_mut_ba with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 3 - RANKED_BYTES_PER_RING_ELEMENT= 1152 - PUBLIC_KEY_SIZE= 1184 */ static KRML_MUSTINLINE void -libcrux_ml_kem_ind_cca_unpacked_serialized_public_key_mut_dd_e5( +libcrux_ml_kem_ind_cca_unpacked_serialized_public_key_mut_ba_76( libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_f8 *self, libcrux_ml_kem_types_MlKemPublicKey_15 *serialized) { - libcrux_ml_kem_ind_cpa_serialize_public_key_mut_46( + libcrux_ml_kem_ind_cpa_serialize_public_key_mut_98( self->ind_cpa_public_key.t_as_ntt, Eurydice_array_to_slice((size_t)32U, self->ind_cpa_public_key.seed_for_A, uint8_t), @@ -7338,21 +7573,21 @@ libcrux_ml_kem_ind_cca_unpacked_serialized_public_key_mut_dd_e5( /** This function found in impl {libcrux_ml_kem::ind_cca::unpacked::MlKemKeyPairUnpacked[TraitClause@0, TraitClause@1]#2} +K>[TraitClause@0, TraitClause@1]#4} */ /** A monomorphic instance of -libcrux_ml_kem.ind_cca.unpacked.serialized_public_key_mut_de with types +libcrux_ml_kem.ind_cca.unpacked.serialized_public_key_mut_fc with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 3 - RANKED_BYTES_PER_RING_ELEMENT= 1152 - PUBLIC_KEY_SIZE= 1184 */ static KRML_MUSTINLINE void -libcrux_ml_kem_ind_cca_unpacked_serialized_public_key_mut_de_1a( +libcrux_ml_kem_ind_cca_unpacked_serialized_public_key_mut_fc_bb( libcrux_ml_kem_mlkem768_portable_unpacked_MlKem768KeyPairUnpacked *self, libcrux_ml_kem_types_MlKemPublicKey_15 *serialized) { - libcrux_ml_kem_ind_cca_unpacked_serialized_public_key_mut_dd_e5( + libcrux_ml_kem_ind_cca_unpacked_serialized_public_key_mut_ba_76( &self->public_key, serialized); } @@ -7363,10 +7598,165 @@ static inline void libcrux_ml_kem_mlkem768_portable_unpacked_key_pair_serialized_public_key( libcrux_ml_kem_mlkem768_portable_unpacked_MlKem768KeyPairUnpacked *key_pair, libcrux_ml_kem_types_MlKemPublicKey_15 *serialized) { - libcrux_ml_kem_ind_cca_unpacked_serialized_public_key_mut_de_1a(key_pair, + libcrux_ml_kem_ind_cca_unpacked_serialized_public_key_mut_fc_bb(key_pair, serialized); } +/** + Write the key into the `out` buffer. +*/ +/** +This function found in impl +{libcrux_ml_kem::ind_cca::unpacked::MlKemPublicKeyUnpacked[TraitClause@0, TraitClause@1]} +*/ +/** +A monomorphic instance of libcrux_ml_kem.ind_cca.unpacked.to_bytes_dd +with types libcrux_ml_kem_vector_portable_vector_type_PortableVector +with const generics +- K= 3 +*/ +static inline void libcrux_ml_kem_ind_cca_unpacked_to_bytes_dd_1e( + libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_f8 *self, + Eurydice_slice out) { + size_t p = (size_t)0U; + for (size_t i0 = (size_t)0U; + i0 < Eurydice_slice_len( + Eurydice_array_to_slice( + (size_t)3U, self->ind_cpa_public_key.t_as_ntt, + libcrux_ml_kem_polynomial_PolynomialRingElement_f0), + libcrux_ml_kem_polynomial_PolynomialRingElement_f0); + i0++) { + size_t i1 = i0; + libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *t = + &self->ind_cpa_public_key.t_as_ntt[i1]; + for (size_t i = (size_t)0U; + i < Eurydice_slice_len( + Eurydice_array_to_slice( + (size_t)16U, t->coefficients, + libcrux_ml_kem_vector_portable_vector_type_PortableVector), + libcrux_ml_kem_vector_portable_vector_type_PortableVector); + i++) { + size_t j = i; + libcrux_ml_kem_vector_portable_to_bytes_0d( + t->coefficients[j], + Eurydice_slice_subslice2(out, p, p + (size_t)32U, uint8_t)); + p = p + (size_t)32U; + } + } + Eurydice_slice_copy( + Eurydice_slice_subslice2(out, p, p + (size_t)32U, uint8_t), + Eurydice_array_to_slice((size_t)32U, self->ind_cpa_public_key.seed_for_A, + uint8_t), + uint8_t); + p = p + (size_t)32U; + for (size_t i0 = (size_t)0U; + i0 < Eurydice_slice_len( + Eurydice_array_to_slice( + (size_t)3U, self->ind_cpa_public_key.A, + libcrux_ml_kem_polynomial_PolynomialRingElement_f0[3U]), + libcrux_ml_kem_polynomial_PolynomialRingElement_f0[3U]); + i0++) { + size_t i1 = i0; + libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *a1 = + self->ind_cpa_public_key.A[i1]; + for (size_t i2 = (size_t)0U; + i2 < Eurydice_slice_len( + Eurydice_array_to_slice( + (size_t)3U, a1, + libcrux_ml_kem_polynomial_PolynomialRingElement_f0), + libcrux_ml_kem_polynomial_PolynomialRingElement_f0); + i2++) { + size_t j = i2; + libcrux_ml_kem_polynomial_PolynomialRingElement_f0 a = a1[j]; + for (size_t i = (size_t)0U; + i < + Eurydice_slice_len( + Eurydice_array_to_slice( + (size_t)16U, a.coefficients, + libcrux_ml_kem_vector_portable_vector_type_PortableVector), + libcrux_ml_kem_vector_portable_vector_type_PortableVector); + i++) { + size_t k = i; + libcrux_ml_kem_vector_portable_to_bytes_0d( + a.coefficients[k], + Eurydice_slice_subslice2(out, p, p + (size_t)32U, uint8_t)); + p = p + (size_t)32U; + } + } + } + Eurydice_slice_copy( + Eurydice_slice_subslice2(out, p, p + (size_t)32U, uint8_t), + Eurydice_array_to_slice((size_t)32U, self->public_key_hash, uint8_t), + uint8_t); +} + +/** + Write the key into the `out` buffer. +*/ +/** +This function found in impl +{libcrux_ml_kem::ind_cca::unpacked::MlKemKeyPairUnpacked[TraitClause@0, TraitClause@1]#1} +*/ +/** +A monomorphic instance of libcrux_ml_kem.ind_cca.unpacked.to_bytes_f8 +with types libcrux_ml_kem_vector_portable_vector_type_PortableVector +with const generics +- K= 3 +*/ +static inline void libcrux_ml_kem_ind_cca_unpacked_to_bytes_f8_e4( + libcrux_ml_kem_mlkem768_portable_unpacked_MlKem768KeyPairUnpacked *self, + Eurydice_slice out) { + size_t p = (size_t)0U; + for (size_t i0 = (size_t)0U; + i0 < + Eurydice_slice_len( + Eurydice_array_to_slice( + (size_t)3U, self->private_key.ind_cpa_private_key.secret_as_ntt, + libcrux_ml_kem_polynomial_PolynomialRingElement_f0), + libcrux_ml_kem_polynomial_PolynomialRingElement_f0); + i0++) { + size_t i1 = i0; + libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *s = + &self->private_key.ind_cpa_private_key.secret_as_ntt[i1]; + for (size_t i = (size_t)0U; + i < Eurydice_slice_len( + Eurydice_array_to_slice( + (size_t)16U, s->coefficients, + libcrux_ml_kem_vector_portable_vector_type_PortableVector), + libcrux_ml_kem_vector_portable_vector_type_PortableVector); + i++) { + size_t j = i; + libcrux_ml_kem_vector_portable_to_bytes_0d( + s->coefficients[j], + Eurydice_slice_subslice2(out, p, p + (size_t)32U, uint8_t)); + p = p + (size_t)32U; + } + } + Eurydice_slice_copy( + Eurydice_slice_subslice2(out, p, p + (size_t)32U, uint8_t), + Eurydice_array_to_slice( + (size_t)32U, self->private_key.implicit_rejection_value, uint8_t), + uint8_t); + p = p + (size_t)32U; + libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_f8 *uu____0 = + &self->public_key; + libcrux_ml_kem_ind_cca_unpacked_to_bytes_dd_1e( + uu____0, Eurydice_slice_subslice_from(out, p, uint8_t, size_t)); +} + +/** + Write out the key pair. + + `out` has to point to at least 7776 bytes. +*/ +static inline void libcrux_ml_kem_mlkem768_portable_unpacked_key_pair_to_bytes( + libcrux_ml_kem_mlkem768_portable_unpacked_MlKem768KeyPairUnpacked *key_pair, + Eurydice_slice out) { + libcrux_ml_kem_ind_cca_unpacked_to_bytes_f8_e4(key_pair, out); +} + /** This function found in impl {(core::clone::Clone for libcrux_ml_kem::ind_cpa::unpacked::IndCpaPublicKeyUnpacked[TraitClause@0, TraitClause@2])#4} +K>[TraitClause@0, TraitClause@2])#6} */ /** -A monomorphic instance of libcrux_ml_kem.ind_cca.unpacked.clone_28 +A monomorphic instance of libcrux_ml_kem.ind_cca.unpacked.clone_d2 with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 3 */ static inline libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_f8 -libcrux_ml_kem_ind_cca_unpacked_clone_28_23( +libcrux_ml_kem_ind_cca_unpacked_clone_d2_16( libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_f8 *self) { libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_f8 lit; lit.ind_cpa_public_key = - libcrux_ml_kem_ind_cpa_unpacked_clone_ef_78(&self->ind_cpa_public_key); + libcrux_ml_kem_ind_cpa_unpacked_clone_ef_2f(&self->ind_cpa_public_key); uint8_t ret[32U]; core_array___core__clone__Clone_for__Array_T__N___20__clone( (size_t)32U, self->public_key_hash, ret, uint8_t, void *); @@ -7433,16 +7823,16 @@ libcrux_ml_kem_ind_cca_unpacked_clone_28_23( /** This function found in impl {libcrux_ml_kem::ind_cca::unpacked::MlKemKeyPairUnpacked[TraitClause@0, TraitClause@1]#2} +K>[TraitClause@0, TraitClause@1]#4} */ /** -A monomorphic instance of libcrux_ml_kem.ind_cca.unpacked.public_key_de +A monomorphic instance of libcrux_ml_kem.ind_cca.unpacked.public_key_fc with types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics - K= 3 */ static KRML_MUSTINLINE libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_f8 * -libcrux_ml_kem_ind_cca_unpacked_public_key_de_0a( +libcrux_ml_kem_ind_cca_unpacked_public_key_fc_6c( libcrux_ml_kem_mlkem768_portable_unpacked_MlKem768KeyPairUnpacked *self) { return &self->public_key; } @@ -7454,11 +7844,34 @@ static inline void libcrux_ml_kem_mlkem768_portable_unpacked_public_key( libcrux_ml_kem_mlkem768_portable_unpacked_MlKem768KeyPairUnpacked *key_pair, libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_f8 *pk) { libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_f8 uu____0 = - libcrux_ml_kem_ind_cca_unpacked_clone_28_23( - libcrux_ml_kem_ind_cca_unpacked_public_key_de_0a(key_pair)); + libcrux_ml_kem_ind_cca_unpacked_clone_d2_16( + libcrux_ml_kem_ind_cca_unpacked_public_key_fc_6c(key_pair)); pk[0U] = uu____0; } +/** + Read the public key from `bytes``. + + `bytes` has to point to at least 6208 bytes. +*/ +static inline libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_f8 +libcrux_ml_kem_mlkem768_portable_unpacked_public_key_from_bytes( + Eurydice_slice bytes) { + return libcrux_ml_kem_ind_cca_unpacked_from_bytes_dd_9d(bytes); +} + +/** + Write out the public key. + + `out` has to point to at least 6208 bytes. +*/ +static inline void +libcrux_ml_kem_mlkem768_portable_unpacked_public_key_to_bytes( + libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_f8 *key, + Eurydice_slice out) { + libcrux_ml_kem_ind_cca_unpacked_to_bytes_dd_1e(key, out); +} + /** Get the serialized public key. */ @@ -7466,7 +7879,7 @@ static inline void libcrux_ml_kem_mlkem768_portable_unpacked_serialized_public_key( libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_f8 *public_key, libcrux_ml_kem_types_MlKemPublicKey_15 *serialized) { - libcrux_ml_kem_ind_cca_unpacked_serialized_public_key_mut_dd_e5(public_key, + libcrux_ml_kem_ind_cca_unpacked_serialized_public_key_mut_ba_76(public_key, serialized); } @@ -7489,7 +7902,7 @@ libcrux_ml_kem_ind_cca_unpacked_unpack_public_key_40( *unpacked_public_key) { Eurydice_slice uu____0 = Eurydice_array_to_subslice_to( (size_t)1184U, public_key->value, (size_t)1152U, uint8_t, size_t); - libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_e2( + libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_7e( uu____0, unpacked_public_key->ind_cpa_public_key.t_as_ntt); uint8_t uu____1[32U]; libcrux_ml_kem_utils_into_padded_array_423( @@ -7505,11 +7918,11 @@ libcrux_ml_kem_ind_cca_unpacked_unpack_public_key_40( Eurydice_array_to_subslice_from((size_t)1184U, public_key->value, (size_t)1152U, uint8_t, size_t), ret); - libcrux_ml_kem_matrix_sample_matrix_A_ae(uu____2, ret, false); + libcrux_ml_kem_matrix_sample_matrix_A_96(uu____2, ret, false); uint8_t uu____3[32U]; libcrux_ml_kem_hash_functions_portable_H_f1_c6( Eurydice_array_to_slice((size_t)1184U, - libcrux_ml_kem_types_as_slice_ba_91(public_key), + libcrux_ml_kem_types_as_slice_ba_2c(public_key), uint8_t), uu____3); memcpy(unpacked_public_key->public_key_hash, uu____3, @@ -7529,7 +7942,7 @@ const generics - PUBLIC_KEY_SIZE= 1184 */ static inline void -libcrux_ml_kem_ind_cca_instantiations_portable_unpacked_unpack_public_key_50( +libcrux_ml_kem_ind_cca_instantiations_portable_unpacked_unpack_public_key_05( libcrux_ml_kem_types_MlKemPublicKey_15 *public_key, libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_f8 *unpacked_public_key) { @@ -7545,7 +7958,7 @@ libcrux_ml_kem_mlkem768_portable_unpacked_unpacked_public_key( libcrux_ml_kem_types_MlKemPublicKey_15 *public_key, libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_f8 *unpacked_public_key) { - libcrux_ml_kem_ind_cca_instantiations_portable_unpacked_unpack_public_key_50( + libcrux_ml_kem_ind_cca_instantiations_portable_unpacked_unpack_public_key_05( public_key, unpacked_public_key); } diff --git a/libcrux-ml-kem/cg/libcrux_mlkem768_portable_types.h b/libcrux-ml-kem/cg/libcrux_mlkem768_portable_types.h index d70f1bc80..84f7cb579 100644 --- a/libcrux-ml-kem/cg/libcrux_mlkem768_portable_types.h +++ b/libcrux-ml-kem/cg/libcrux_mlkem768_portable_types.h @@ -8,7 +8,7 @@ * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 * F*: 5643e656b989aca7629723653a2570c7df6252b9-dirty - * Libcrux: 65d06b7e81ff34bcc90ca741249b4545ebcec5b3 + * Libcrux: 49c07712f755745796ce294c5267a1945b9e9b6b */ #ifndef __libcrux_mlkem768_portable_types_H diff --git a/libcrux-ml-kem/cg/libcrux_sha3_avx2.h b/libcrux-ml-kem/cg/libcrux_sha3_avx2.h index a65942828..04ef1e933 100644 --- a/libcrux-ml-kem/cg/libcrux_sha3_avx2.h +++ b/libcrux-ml-kem/cg/libcrux_sha3_avx2.h @@ -8,7 +8,7 @@ * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 * F*: 5643e656b989aca7629723653a2570c7df6252b9-dirty - * Libcrux: 65d06b7e81ff34bcc90ca741249b4545ebcec5b3 + * Libcrux: 49c07712f755745796ce294c5267a1945b9e9b6b */ #ifndef __libcrux_sha3_avx2_H diff --git a/libcrux-ml-kem/cg/libcrux_sha3_portable.h b/libcrux-ml-kem/cg/libcrux_sha3_portable.h index fa18dd7da..34faa9977 100644 --- a/libcrux-ml-kem/cg/libcrux_sha3_portable.h +++ b/libcrux-ml-kem/cg/libcrux_sha3_portable.h @@ -8,7 +8,7 @@ * Eurydice: 1a65dbf3758fe310833718c645a64266294a29ac * Karamel: 15d4bce74a2d43e34a64f48f8311b7d9bcb0e152 * F*: 5643e656b989aca7629723653a2570c7df6252b9-dirty - * Libcrux: 65d06b7e81ff34bcc90ca741249b4545ebcec5b3 + * Libcrux: 49c07712f755745796ce294c5267a1945b9e9b6b */ #ifndef __libcrux_sha3_portable_H diff --git a/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Ind_cca.Instantiations.Avx2.Unpacked.fst b/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Ind_cca.Instantiations.Avx2.Unpacked.fst index cecdf9ad1..4fd8a27ab 100644 --- a/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Ind_cca.Instantiations.Avx2.Unpacked.fst +++ b/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Ind_cca.Instantiations.Avx2.Unpacked.fst @@ -6,8 +6,11 @@ open FStar.Mul let _ = (* This module has implicit dependencies, here we make them explicit. *) (* The implicit dependencies arise from typeclasses instances. *) + let open Libcrux_ml_kem.Hash_functions in let open Libcrux_ml_kem.Hash_functions.Avx2 in + let open Libcrux_ml_kem.Variant in let open Libcrux_ml_kem.Vector.Avx2 in + let open Libcrux_ml_kem.Vector.Traits in () let encapsulate @@ -80,7 +83,7 @@ let generate_keypair Libcrux_ml_kem.Ind_cca.Unpacked.generate_keypair v_K v_CPA_PRIVATE_KEY_SIZE v_PRIVATE_KEY_SIZE v_PUBLIC_KEY_SIZE v_BYTES_PER_RING_ELEMENT v_ETA1 v_ETA1_RANDOMNESS_SIZE #Libcrux_ml_kem.Vector.Avx2.t_SIMD256Vector #Libcrux_ml_kem.Hash_functions.Avx2.t_Simd256Hash - randomness out + #Libcrux_ml_kem.Variant.t_MlKem randomness out <: (Prims.unit & Libcrux_ml_kem.Ind_cca.Unpacked.t_MlKemKeyPairUnpacked v_K diff --git a/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Ind_cca.Instantiations.Avx2.Unpacked.fsti b/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Ind_cca.Instantiations.Avx2.Unpacked.fsti index 609428969..c1e1b08b5 100644 --- a/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Ind_cca.Instantiations.Avx2.Unpacked.fsti +++ b/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Ind_cca.Instantiations.Avx2.Unpacked.fsti @@ -6,8 +6,11 @@ open FStar.Mul let _ = (* This module has implicit dependencies, here we make them explicit. *) (* The implicit dependencies arise from typeclasses instances. *) + let open Libcrux_ml_kem.Hash_functions in let open Libcrux_ml_kem.Hash_functions.Avx2 in + let open Libcrux_ml_kem.Variant in let open Libcrux_ml_kem.Vector.Avx2 in + let open Libcrux_ml_kem.Vector.Traits in () /// Unpacked encapsulate diff --git a/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Ind_cca.Instantiations.Avx2.fst b/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Ind_cca.Instantiations.Avx2.fst index 9f5044e59..a930ffd1e 100644 --- a/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Ind_cca.Instantiations.Avx2.fst +++ b/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Ind_cca.Instantiations.Avx2.fst @@ -6,9 +6,11 @@ open FStar.Mul let _ = (* This module has implicit dependencies, here we make them explicit. *) (* The implicit dependencies arise from typeclasses instances. *) + let open Libcrux_ml_kem.Hash_functions in let open Libcrux_ml_kem.Hash_functions.Avx2 in let open Libcrux_ml_kem.Variant in let open Libcrux_ml_kem.Vector.Avx2 in + let open Libcrux_ml_kem.Vector.Traits in () let validate_private_key diff --git a/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Ind_cca.Instantiations.Avx2.fsti b/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Ind_cca.Instantiations.Avx2.fsti index c87425a91..f920bad04 100644 --- a/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Ind_cca.Instantiations.Avx2.fsti +++ b/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Ind_cca.Instantiations.Avx2.fsti @@ -6,9 +6,11 @@ open FStar.Mul let _ = (* This module has implicit dependencies, here we make them explicit. *) (* The implicit dependencies arise from typeclasses instances. *) + let open Libcrux_ml_kem.Hash_functions in let open Libcrux_ml_kem.Hash_functions.Avx2 in let open Libcrux_ml_kem.Variant in let open Libcrux_ml_kem.Vector.Avx2 in + let open Libcrux_ml_kem.Vector.Traits in () /// Portable private key validation diff --git a/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Ind_cca.Instantiations.Neon.Unpacked.fst b/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Ind_cca.Instantiations.Neon.Unpacked.fst index 91614ab24..c36f6c826 100644 --- a/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Ind_cca.Instantiations.Neon.Unpacked.fst +++ b/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Ind_cca.Instantiations.Neon.Unpacked.fst @@ -6,8 +6,11 @@ open FStar.Mul let _ = (* This module has implicit dependencies, here we make them explicit. *) (* The implicit dependencies arise from typeclasses instances. *) + let open Libcrux_ml_kem.Hash_functions in let open Libcrux_ml_kem.Hash_functions.Neon in + let open Libcrux_ml_kem.Variant in let open Libcrux_ml_kem.Vector.Neon in + let open Libcrux_ml_kem.Vector.Traits in () let encapsulate @@ -80,7 +83,8 @@ let generate_keypair Libcrux_ml_kem.Ind_cca.Unpacked.generate_keypair v_K v_CPA_PRIVATE_KEY_SIZE v_PRIVATE_KEY_SIZE v_PUBLIC_KEY_SIZE v_BYTES_PER_RING_ELEMENT v_ETA1 v_ETA1_RANDOMNESS_SIZE #Libcrux_ml_kem.Vector.Neon.Vector_type.t_SIMD128Vector - #Libcrux_ml_kem.Hash_functions.Neon.t_Simd128Hash randomness out + #Libcrux_ml_kem.Hash_functions.Neon.t_Simd128Hash #Libcrux_ml_kem.Variant.t_MlKem randomness + out <: (Prims.unit & Libcrux_ml_kem.Ind_cca.Unpacked.t_MlKemKeyPairUnpacked v_K diff --git a/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Ind_cca.Instantiations.Neon.Unpacked.fsti b/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Ind_cca.Instantiations.Neon.Unpacked.fsti index e602961e3..d7d649754 100644 --- a/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Ind_cca.Instantiations.Neon.Unpacked.fsti +++ b/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Ind_cca.Instantiations.Neon.Unpacked.fsti @@ -6,8 +6,11 @@ open FStar.Mul let _ = (* This module has implicit dependencies, here we make them explicit. *) (* The implicit dependencies arise from typeclasses instances. *) + let open Libcrux_ml_kem.Hash_functions in let open Libcrux_ml_kem.Hash_functions.Neon in + let open Libcrux_ml_kem.Variant in let open Libcrux_ml_kem.Vector.Neon in + let open Libcrux_ml_kem.Vector.Traits in () /// Unpacked encapsulate diff --git a/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Ind_cca.Instantiations.Neon.fst b/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Ind_cca.Instantiations.Neon.fst index b9ce4c8b5..8f4eac1ed 100644 --- a/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Ind_cca.Instantiations.Neon.fst +++ b/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Ind_cca.Instantiations.Neon.fst @@ -6,9 +6,11 @@ open FStar.Mul let _ = (* This module has implicit dependencies, here we make them explicit. *) (* The implicit dependencies arise from typeclasses instances. *) + let open Libcrux_ml_kem.Hash_functions in let open Libcrux_ml_kem.Hash_functions.Neon in let open Libcrux_ml_kem.Variant in let open Libcrux_ml_kem.Vector.Neon in + let open Libcrux_ml_kem.Vector.Traits in () let validate_private_key diff --git a/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Ind_cca.Instantiations.Neon.fsti b/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Ind_cca.Instantiations.Neon.fsti index 566639b4a..c5d48378e 100644 --- a/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Ind_cca.Instantiations.Neon.fsti +++ b/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Ind_cca.Instantiations.Neon.fsti @@ -6,9 +6,11 @@ open FStar.Mul let _ = (* This module has implicit dependencies, here we make them explicit. *) (* The implicit dependencies arise from typeclasses instances. *) + let open Libcrux_ml_kem.Hash_functions in let open Libcrux_ml_kem.Hash_functions.Neon in let open Libcrux_ml_kem.Variant in let open Libcrux_ml_kem.Vector.Neon in + let open Libcrux_ml_kem.Vector.Traits in () /// Portable private key validation diff --git a/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Ind_cca.Instantiations.Portable.Unpacked.fst b/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Ind_cca.Instantiations.Portable.Unpacked.fst index 3d5ed41ba..1c5b7b591 100644 --- a/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Ind_cca.Instantiations.Portable.Unpacked.fst +++ b/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Ind_cca.Instantiations.Portable.Unpacked.fst @@ -6,8 +6,11 @@ open FStar.Mul let _ = (* This module has implicit dependencies, here we make them explicit. *) (* The implicit dependencies arise from typeclasses instances. *) + let open Libcrux_ml_kem.Hash_functions in let open Libcrux_ml_kem.Hash_functions.Portable in + let open Libcrux_ml_kem.Variant in let open Libcrux_ml_kem.Vector.Portable in + let open Libcrux_ml_kem.Vector.Traits in () let encapsulate @@ -80,7 +83,8 @@ let generate_keypair Libcrux_ml_kem.Ind_cca.Unpacked.generate_keypair v_K v_CPA_PRIVATE_KEY_SIZE v_PRIVATE_KEY_SIZE v_PUBLIC_KEY_SIZE v_BYTES_PER_RING_ELEMENT v_ETA1 v_ETA1_RANDOMNESS_SIZE #Libcrux_ml_kem.Vector.Portable.Vector_type.t_PortableVector - #(Libcrux_ml_kem.Hash_functions.Portable.t_PortableHash v_K) randomness out + #(Libcrux_ml_kem.Hash_functions.Portable.t_PortableHash v_K) #Libcrux_ml_kem.Variant.t_MlKem + randomness out <: (Prims.unit & Libcrux_ml_kem.Ind_cca.Unpacked.t_MlKemKeyPairUnpacked v_K diff --git a/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Ind_cca.Instantiations.Portable.Unpacked.fsti b/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Ind_cca.Instantiations.Portable.Unpacked.fsti index ef16fb9d1..d32814c23 100644 --- a/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Ind_cca.Instantiations.Portable.Unpacked.fsti +++ b/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Ind_cca.Instantiations.Portable.Unpacked.fsti @@ -6,8 +6,11 @@ open FStar.Mul let _ = (* This module has implicit dependencies, here we make them explicit. *) (* The implicit dependencies arise from typeclasses instances. *) + let open Libcrux_ml_kem.Hash_functions in let open Libcrux_ml_kem.Hash_functions.Portable in + let open Libcrux_ml_kem.Variant in let open Libcrux_ml_kem.Vector.Portable in + let open Libcrux_ml_kem.Vector.Traits in () /// Unpacked encapsulate diff --git a/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Ind_cca.Instantiations.Portable.fst b/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Ind_cca.Instantiations.Portable.fst index 3ec3de8dc..317195665 100644 --- a/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Ind_cca.Instantiations.Portable.fst +++ b/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Ind_cca.Instantiations.Portable.fst @@ -6,9 +6,11 @@ open FStar.Mul let _ = (* This module has implicit dependencies, here we make them explicit. *) (* The implicit dependencies arise from typeclasses instances. *) + let open Libcrux_ml_kem.Hash_functions in let open Libcrux_ml_kem.Hash_functions.Portable in let open Libcrux_ml_kem.Variant in let open Libcrux_ml_kem.Vector.Portable in + let open Libcrux_ml_kem.Vector.Traits in () let validate_private_key diff --git a/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Ind_cca.Instantiations.Portable.fsti b/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Ind_cca.Instantiations.Portable.fsti index 5b75149d8..c01c64169 100644 --- a/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Ind_cca.Instantiations.Portable.fsti +++ b/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Ind_cca.Instantiations.Portable.fsti @@ -6,9 +6,11 @@ open FStar.Mul let _ = (* This module has implicit dependencies, here we make them explicit. *) (* The implicit dependencies arise from typeclasses instances. *) + let open Libcrux_ml_kem.Hash_functions in let open Libcrux_ml_kem.Hash_functions.Portable in let open Libcrux_ml_kem.Variant in let open Libcrux_ml_kem.Vector.Portable in + let open Libcrux_ml_kem.Vector.Traits in () /// Portable private key validation diff --git a/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Ind_cca.Unpacked.fst b/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Ind_cca.Unpacked.fst index d06fe9daa..3ffd0ffaa 100644 --- a/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Ind_cca.Unpacked.fst +++ b/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Ind_cca.Unpacked.fst @@ -10,10 +10,480 @@ let _ = let open Libcrux_ml_kem.Ind_cpa.Unpacked in let open Libcrux_ml_kem.Polynomial in let open Libcrux_ml_kem.Types in + let open Libcrux_ml_kem.Variant in let open Libcrux_ml_kem.Vector.Traits in () -let impl__serialized_public_key +let impl__from_bytes + (v_K: usize) + (#v_Vector: Type0) + (#[FStar.Tactics.Typeclasses.tcresolve ()] + i2: + Libcrux_ml_kem.Vector.Traits.t_Operations v_Vector) + (bytes: t_Slice u8) + = + let p:usize = sz 0 in + let ind_cpa_public_key:Libcrux_ml_kem.Ind_cpa.Unpacked.t_IndCpaPublicKeyUnpacked v_K v_Vector = + Core.Default.f_default #(Libcrux_ml_kem.Ind_cpa.Unpacked.t_IndCpaPublicKeyUnpacked v_K v_Vector) + #FStar.Tactics.Typeclasses.solve + () + in + let ind_cpa_public_key, p:(Libcrux_ml_kem.Ind_cpa.Unpacked.t_IndCpaPublicKeyUnpacked v_K v_Vector & + usize) = + Rust_primitives.Hax.Folds.fold_range (sz 0) + (Core.Slice.impl__len #(Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) + (ind_cpa_public_key.Libcrux_ml_kem.Ind_cpa.Unpacked.f_t_as_ntt + <: + t_Slice (Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector)) + <: + usize) + (fun temp_0_ temp_1_ -> + let ind_cpa_public_key, p:(Libcrux_ml_kem.Ind_cpa.Unpacked.t_IndCpaPublicKeyUnpacked v_K + v_Vector & + usize) = + temp_0_ + in + let _:usize = temp_1_ in + true) + (ind_cpa_public_key, p + <: + (Libcrux_ml_kem.Ind_cpa.Unpacked.t_IndCpaPublicKeyUnpacked v_K v_Vector & usize)) + (fun temp_0_ i -> + let ind_cpa_public_key, p:(Libcrux_ml_kem.Ind_cpa.Unpacked.t_IndCpaPublicKeyUnpacked v_K + v_Vector & + usize) = + temp_0_ + in + let i:usize = i in + Rust_primitives.Hax.Folds.fold_range (sz 0) + (Core.Slice.impl__len #v_Vector + ((ind_cpa_public_key.Libcrux_ml_kem.Ind_cpa.Unpacked.f_t_as_ntt.[ i ]) + .Libcrux_ml_kem.Polynomial.f_coefficients + <: + t_Slice v_Vector) + <: + usize) + (fun temp_0_ temp_1_ -> + let ind_cpa_public_key, p:(Libcrux_ml_kem.Ind_cpa.Unpacked.t_IndCpaPublicKeyUnpacked + v_K v_Vector & + usize) = + temp_0_ + in + let _:usize = temp_1_ in + true) + (ind_cpa_public_key, p + <: + (Libcrux_ml_kem.Ind_cpa.Unpacked.t_IndCpaPublicKeyUnpacked v_K v_Vector & usize)) + (fun temp_0_ j -> + let ind_cpa_public_key, p:(Libcrux_ml_kem.Ind_cpa.Unpacked.t_IndCpaPublicKeyUnpacked + v_K v_Vector & + usize) = + temp_0_ + in + let j:usize = j in + let ind_cpa_public_key:Libcrux_ml_kem.Ind_cpa.Unpacked.t_IndCpaPublicKeyUnpacked v_K + v_Vector = + { + ind_cpa_public_key with + Libcrux_ml_kem.Ind_cpa.Unpacked.f_t_as_ntt + = + Rust_primitives.Hax.Monomorphized_update_at.update_at_usize ind_cpa_public_key + .Libcrux_ml_kem.Ind_cpa.Unpacked.f_t_as_ntt + i + ({ + (ind_cpa_public_key.Libcrux_ml_kem.Ind_cpa.Unpacked.f_t_as_ntt.[ i ] + <: + Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) with + Libcrux_ml_kem.Polynomial.f_coefficients + = + Rust_primitives.Hax.Monomorphized_update_at.update_at_usize (ind_cpa_public_key + .Libcrux_ml_kem.Ind_cpa.Unpacked.f_t_as_ntt.[ i ] + <: + Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) + .Libcrux_ml_kem.Polynomial.f_coefficients + j + (Libcrux_ml_kem.Vector.Traits.f_from_bytes #v_Vector + #FStar.Tactics.Typeclasses.solve + (bytes.[ { + Core.Ops.Range.f_start = p; + Core.Ops.Range.f_end = p +! sz 32 <: usize + } + <: + Core.Ops.Range.t_Range usize ] + <: + t_Slice u8) + <: + v_Vector) + <: + t_Array v_Vector (sz 16) + } + <: + Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) + } + <: + Libcrux_ml_kem.Ind_cpa.Unpacked.t_IndCpaPublicKeyUnpacked v_K v_Vector + in + let p:usize = p +! sz 32 in + ind_cpa_public_key, p + <: + (Libcrux_ml_kem.Ind_cpa.Unpacked.t_IndCpaPublicKeyUnpacked v_K v_Vector & usize)) + <: + (Libcrux_ml_kem.Ind_cpa.Unpacked.t_IndCpaPublicKeyUnpacked v_K v_Vector & usize)) + in + let ind_cpa_public_key:Libcrux_ml_kem.Ind_cpa.Unpacked.t_IndCpaPublicKeyUnpacked v_K v_Vector = + { + ind_cpa_public_key with + Libcrux_ml_kem.Ind_cpa.Unpacked.f_seed_for_A + = + Core.Slice.impl__copy_from_slice #u8 + ind_cpa_public_key.Libcrux_ml_kem.Ind_cpa.Unpacked.f_seed_for_A + (bytes.[ { Core.Ops.Range.f_start = p; Core.Ops.Range.f_end = p +! sz 32 <: usize } + <: + Core.Ops.Range.t_Range usize ] + <: + t_Slice u8) + } + <: + Libcrux_ml_kem.Ind_cpa.Unpacked.t_IndCpaPublicKeyUnpacked v_K v_Vector + in + let p:usize = p +! sz 32 in + let ind_cpa_public_key, p:(Libcrux_ml_kem.Ind_cpa.Unpacked.t_IndCpaPublicKeyUnpacked v_K v_Vector & + usize) = + Rust_primitives.Hax.Folds.fold_range (sz 0) + (Core.Slice.impl__len #(t_Array (Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) + v_K) + (ind_cpa_public_key.Libcrux_ml_kem.Ind_cpa.Unpacked.f_A + <: + t_Slice (t_Array (Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) v_K)) + <: + usize) + (fun temp_0_ temp_1_ -> + let ind_cpa_public_key, p:(Libcrux_ml_kem.Ind_cpa.Unpacked.t_IndCpaPublicKeyUnpacked v_K + v_Vector & + usize) = + temp_0_ + in + let _:usize = temp_1_ in + true) + (ind_cpa_public_key, p + <: + (Libcrux_ml_kem.Ind_cpa.Unpacked.t_IndCpaPublicKeyUnpacked v_K v_Vector & usize)) + (fun temp_0_ i -> + let ind_cpa_public_key, p:(Libcrux_ml_kem.Ind_cpa.Unpacked.t_IndCpaPublicKeyUnpacked v_K + v_Vector & + usize) = + temp_0_ + in + let i:usize = i in + Rust_primitives.Hax.Folds.fold_range (sz 0) + (Core.Slice.impl__len #(Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) + (ind_cpa_public_key.Libcrux_ml_kem.Ind_cpa.Unpacked.f_A.[ i ] + <: + t_Slice (Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector)) + <: + usize) + (fun temp_0_ temp_1_ -> + let ind_cpa_public_key, p:(Libcrux_ml_kem.Ind_cpa.Unpacked.t_IndCpaPublicKeyUnpacked + v_K v_Vector & + usize) = + temp_0_ + in + let _:usize = temp_1_ in + true) + (ind_cpa_public_key, p + <: + (Libcrux_ml_kem.Ind_cpa.Unpacked.t_IndCpaPublicKeyUnpacked v_K v_Vector & usize)) + (fun temp_0_ j -> + let ind_cpa_public_key, p:(Libcrux_ml_kem.Ind_cpa.Unpacked.t_IndCpaPublicKeyUnpacked + v_K v_Vector & + usize) = + temp_0_ + in + let j:usize = j in + Rust_primitives.Hax.Folds.fold_range (sz 0) + (Core.Slice.impl__len #v_Vector + (((ind_cpa_public_key.Libcrux_ml_kem.Ind_cpa.Unpacked.f_A.[ i ] + <: + t_Array (Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) v_K + ).[ j ]) + .Libcrux_ml_kem.Polynomial.f_coefficients + <: + t_Slice v_Vector) + <: + usize) + (fun temp_0_ temp_1_ -> + let ind_cpa_public_key, p:(Libcrux_ml_kem.Ind_cpa.Unpacked.t_IndCpaPublicKeyUnpacked + v_K v_Vector & + usize) = + temp_0_ + in + let _:usize = temp_1_ in + true) + (ind_cpa_public_key, p + <: + (Libcrux_ml_kem.Ind_cpa.Unpacked.t_IndCpaPublicKeyUnpacked v_K v_Vector & usize) + ) + (fun temp_0_ k -> + let ind_cpa_public_key, p:(Libcrux_ml_kem.Ind_cpa.Unpacked.t_IndCpaPublicKeyUnpacked + v_K v_Vector & + usize) = + temp_0_ + in + let k:usize = k in + let ind_cpa_public_key:Libcrux_ml_kem.Ind_cpa.Unpacked.t_IndCpaPublicKeyUnpacked + v_K v_Vector = + { + ind_cpa_public_key with + Libcrux_ml_kem.Ind_cpa.Unpacked.f_A + = + Rust_primitives.Hax.Monomorphized_update_at.update_at_usize ind_cpa_public_key + .Libcrux_ml_kem.Ind_cpa.Unpacked.f_A + i + (Rust_primitives.Hax.Monomorphized_update_at.update_at_usize (ind_cpa_public_key + .Libcrux_ml_kem.Ind_cpa.Unpacked.f_A.[ i ] + <: + t_Array + (Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) v_K + ) + j + ({ + ((ind_cpa_public_key.Libcrux_ml_kem.Ind_cpa.Unpacked.f_A.[ i ] + <: + t_Array + (Libcrux_ml_kem.Polynomial.t_PolynomialRingElement + v_Vector) v_K).[ j ] + <: + Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) with + Libcrux_ml_kem.Polynomial.f_coefficients + = + Rust_primitives.Hax.Monomorphized_update_at.update_at_usize ((ind_cpa_public_key + .Libcrux_ml_kem.Ind_cpa.Unpacked.f_A.[ i ] + <: + t_Array + (Libcrux_ml_kem.Polynomial.t_PolynomialRingElement + v_Vector) v_K).[ j ] + <: + Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) + .Libcrux_ml_kem.Polynomial.f_coefficients + k + (Libcrux_ml_kem.Vector.Traits.f_from_bytes #v_Vector + #FStar.Tactics.Typeclasses.solve + (bytes.[ { + Core.Ops.Range.f_start = p; + Core.Ops.Range.f_end = p +! sz 32 <: usize + } + <: + Core.Ops.Range.t_Range usize ] + <: + t_Slice u8) + <: + v_Vector) + <: + t_Array v_Vector (sz 16) + } + <: + Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) + <: + t_Array (Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) + v_K) + } + <: + Libcrux_ml_kem.Ind_cpa.Unpacked.t_IndCpaPublicKeyUnpacked v_K v_Vector + in + let p:usize = p +! sz 32 in + ind_cpa_public_key, p + <: + (Libcrux_ml_kem.Ind_cpa.Unpacked.t_IndCpaPublicKeyUnpacked v_K v_Vector & + usize)) + <: + (Libcrux_ml_kem.Ind_cpa.Unpacked.t_IndCpaPublicKeyUnpacked v_K v_Vector & usize)) + <: + (Libcrux_ml_kem.Ind_cpa.Unpacked.t_IndCpaPublicKeyUnpacked v_K v_Vector & usize)) + in + let public_key_hash:t_Array u8 (sz 32) = Rust_primitives.Hax.repeat 0uy (sz 32) in + let public_key_hash:t_Array u8 (sz 32) = + Core.Slice.impl__copy_from_slice #u8 + public_key_hash + (bytes.[ { Core.Ops.Range.f_start = p; Core.Ops.Range.f_end = p +! sz 32 <: usize } + <: + Core.Ops.Range.t_Range usize ] + <: + t_Slice u8) + in + { f_ind_cpa_public_key = ind_cpa_public_key; f_public_key_hash = public_key_hash } + <: + t_MlKemPublicKeyUnpacked v_K v_Vector + +let impl__to_bytes + (v_K: usize) + (#v_Vector: Type0) + (#[FStar.Tactics.Typeclasses.tcresolve ()] + i1: + Libcrux_ml_kem.Vector.Traits.t_Operations v_Vector) + (self: t_MlKemPublicKeyUnpacked v_K v_Vector) + (out: t_Slice u8) + = + let p:usize = sz 0 in + let out, p:(t_Slice u8 & usize) = + Rust_primitives.Hax.Folds.fold_range (sz 0) + (Core.Slice.impl__len #(Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) + (self.f_ind_cpa_public_key.Libcrux_ml_kem.Ind_cpa.Unpacked.f_t_as_ntt + <: + t_Slice (Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector)) + <: + usize) + (fun temp_0_ temp_1_ -> + let out, p:(t_Slice u8 & usize) = temp_0_ in + let _:usize = temp_1_ in + true) + (out, p <: (t_Slice u8 & usize)) + (fun temp_0_ i -> + let out, p:(t_Slice u8 & usize) = temp_0_ in + let i:usize = i in + let t:Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector = + self.f_ind_cpa_public_key.Libcrux_ml_kem.Ind_cpa.Unpacked.f_t_as_ntt.[ i ] + in + Rust_primitives.Hax.Folds.fold_range (sz 0) + (Core.Slice.impl__len #v_Vector + (t.Libcrux_ml_kem.Polynomial.f_coefficients <: t_Slice v_Vector) + <: + usize) + (fun temp_0_ temp_1_ -> + let out, p:(t_Slice u8 & usize) = temp_0_ in + let _:usize = temp_1_ in + true) + (out, p <: (t_Slice u8 & usize)) + (fun temp_0_ j -> + let out, p:(t_Slice u8 & usize) = temp_0_ in + let j:usize = j in + let out:t_Slice u8 = + Rust_primitives.Hax.Monomorphized_update_at.update_at_range out + ({ Core.Ops.Range.f_start = p; Core.Ops.Range.f_end = p +! sz 32 <: usize } + <: + Core.Ops.Range.t_Range usize) + (Libcrux_ml_kem.Vector.Traits.f_to_bytes #v_Vector + #FStar.Tactics.Typeclasses.solve + (t.Libcrux_ml_kem.Polynomial.f_coefficients.[ j ] <: v_Vector) + (out.[ { + Core.Ops.Range.f_start = p; + Core.Ops.Range.f_end = p +! sz 32 <: usize + } + <: + Core.Ops.Range.t_Range usize ] + <: + t_Slice u8) + <: + t_Slice u8) + in + let p:usize = p +! sz 32 in + out, p <: (t_Slice u8 & usize))) + in + let out:t_Slice u8 = + Rust_primitives.Hax.Monomorphized_update_at.update_at_range out + ({ Core.Ops.Range.f_start = p; Core.Ops.Range.f_end = p +! sz 32 <: usize } + <: + Core.Ops.Range.t_Range usize) + (Core.Slice.impl__copy_from_slice #u8 + (out.[ { Core.Ops.Range.f_start = p; Core.Ops.Range.f_end = p +! sz 32 <: usize } + <: + Core.Ops.Range.t_Range usize ] + <: + t_Slice u8) + (self.f_ind_cpa_public_key.Libcrux_ml_kem.Ind_cpa.Unpacked.f_seed_for_A <: t_Slice u8) + <: + t_Slice u8) + in + let p:usize = p +! sz 32 in + let out, p:(t_Slice u8 & usize) = + Rust_primitives.Hax.Folds.fold_range (sz 0) + (Core.Slice.impl__len #(t_Array (Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) + v_K) + (self.f_ind_cpa_public_key.Libcrux_ml_kem.Ind_cpa.Unpacked.f_A + <: + t_Slice (t_Array (Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) v_K)) + <: + usize) + (fun temp_0_ temp_1_ -> + let out, p:(t_Slice u8 & usize) = temp_0_ in + let _:usize = temp_1_ in + true) + (out, p <: (t_Slice u8 & usize)) + (fun temp_0_ i -> + let out, p:(t_Slice u8 & usize) = temp_0_ in + let i:usize = i in + let a1:t_Array (Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) v_K = + self.f_ind_cpa_public_key.Libcrux_ml_kem.Ind_cpa.Unpacked.f_A.[ i ] + in + Rust_primitives.Hax.Folds.fold_range (sz 0) + (Core.Slice.impl__len #(Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) + (a1 <: t_Slice (Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector)) + <: + usize) + (fun temp_0_ temp_1_ -> + let out, p:(t_Slice u8 & usize) = temp_0_ in + let _:usize = temp_1_ in + true) + (out, p <: (t_Slice u8 & usize)) + (fun temp_0_ j -> + let out, p:(t_Slice u8 & usize) = temp_0_ in + let j:usize = j in + let a:Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector = a1.[ j ] in + Rust_primitives.Hax.Folds.fold_range (sz 0) + (Core.Slice.impl__len #v_Vector + (a.Libcrux_ml_kem.Polynomial.f_coefficients <: t_Slice v_Vector) + <: + usize) + (fun temp_0_ temp_1_ -> + let out, p:(t_Slice u8 & usize) = temp_0_ in + let _:usize = temp_1_ in + true) + (out, p <: (t_Slice u8 & usize)) + (fun temp_0_ k -> + let out, p:(t_Slice u8 & usize) = temp_0_ in + let k:usize = k in + let out:t_Slice u8 = + Rust_primitives.Hax.Monomorphized_update_at.update_at_range out + ({ + Core.Ops.Range.f_start = p; + Core.Ops.Range.f_end = p +! sz 32 <: usize + } + <: + Core.Ops.Range.t_Range usize) + (Libcrux_ml_kem.Vector.Traits.f_to_bytes #v_Vector + #FStar.Tactics.Typeclasses.solve + (a.Libcrux_ml_kem.Polynomial.f_coefficients.[ k ] <: v_Vector) + (out.[ { + Core.Ops.Range.f_start = p; + Core.Ops.Range.f_end = p +! sz 32 <: usize + } + <: + Core.Ops.Range.t_Range usize ] + <: + t_Slice u8) + <: + t_Slice u8) + in + let p:usize = p +! sz 32 in + out, p <: (t_Slice u8 & usize)))) + in + let out:t_Slice u8 = + Rust_primitives.Hax.Monomorphized_update_at.update_at_range out + ({ Core.Ops.Range.f_start = p; Core.Ops.Range.f_end = p +! sz 32 <: usize } + <: + Core.Ops.Range.t_Range usize) + (Core.Slice.impl__copy_from_slice #u8 + (out.[ { Core.Ops.Range.f_start = p; Core.Ops.Range.f_end = p +! sz 32 <: usize } + <: + Core.Ops.Range.t_Range usize ] + <: + t_Slice u8) + (self.f_public_key_hash <: t_Slice u8) + <: + t_Slice u8) + in + out + +let impl_2__serialized_public_key (v_K: usize) (#v_Vector: Type0) (v_RANKED_BYTES_PER_RING_ELEMENT v_PUBLIC_KEY_SIZE: usize) @@ -34,7 +504,7 @@ let impl__serialized_public_key <: t_Array u8 v_PUBLIC_KEY_SIZE) -let impl__serialized_public_key_mut +let impl_2__serialized_public_key_mut (v_K: usize) (#v_Vector: Type0) (v_RANKED_BYTES_PER_RING_ELEMENT v_PUBLIC_KEY_SIZE: usize) @@ -231,7 +701,248 @@ let unpack_public_key in unpacked_public_key -let impl_2__private_key +let impl_1__from_bytes + (v_K: usize) + (#v_Vector: Type0) + (#[FStar.Tactics.Typeclasses.tcresolve ()] + i2: + Libcrux_ml_kem.Vector.Traits.t_Operations v_Vector) + (bytes: t_Slice u8) + = + let p:usize = sz 0 in + let ind_cpa_private_key:Libcrux_ml_kem.Ind_cpa.Unpacked.t_IndCpaPrivateKeyUnpacked v_K v_Vector = + Core.Default.f_default #(Libcrux_ml_kem.Ind_cpa.Unpacked.t_IndCpaPrivateKeyUnpacked v_K v_Vector + ) + #FStar.Tactics.Typeclasses.solve + () + in + let ind_cpa_private_key, p:(Libcrux_ml_kem.Ind_cpa.Unpacked.t_IndCpaPrivateKeyUnpacked v_K + v_Vector & + usize) = + Rust_primitives.Hax.Folds.fold_range (sz 0) + (Core.Slice.impl__len #(Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) + (ind_cpa_private_key.Libcrux_ml_kem.Ind_cpa.Unpacked.f_secret_as_ntt + <: + t_Slice (Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector)) + <: + usize) + (fun temp_0_ temp_1_ -> + let ind_cpa_private_key, p:(Libcrux_ml_kem.Ind_cpa.Unpacked.t_IndCpaPrivateKeyUnpacked v_K + v_Vector & + usize) = + temp_0_ + in + let _:usize = temp_1_ in + true) + (ind_cpa_private_key, p + <: + (Libcrux_ml_kem.Ind_cpa.Unpacked.t_IndCpaPrivateKeyUnpacked v_K v_Vector & usize)) + (fun temp_0_ i -> + let ind_cpa_private_key, p:(Libcrux_ml_kem.Ind_cpa.Unpacked.t_IndCpaPrivateKeyUnpacked v_K + v_Vector & + usize) = + temp_0_ + in + let i:usize = i in + Rust_primitives.Hax.Folds.fold_range (sz 0) + (Core.Slice.impl__len #v_Vector + ((ind_cpa_private_key.Libcrux_ml_kem.Ind_cpa.Unpacked.f_secret_as_ntt.[ i ]) + .Libcrux_ml_kem.Polynomial.f_coefficients + <: + t_Slice v_Vector) + <: + usize) + (fun temp_0_ temp_1_ -> + let ind_cpa_private_key, p:(Libcrux_ml_kem.Ind_cpa.Unpacked.t_IndCpaPrivateKeyUnpacked + v_K v_Vector & + usize) = + temp_0_ + in + let _:usize = temp_1_ in + true) + (ind_cpa_private_key, p + <: + (Libcrux_ml_kem.Ind_cpa.Unpacked.t_IndCpaPrivateKeyUnpacked v_K v_Vector & usize)) + (fun temp_0_ j -> + let ind_cpa_private_key, p:(Libcrux_ml_kem.Ind_cpa.Unpacked.t_IndCpaPrivateKeyUnpacked + v_K v_Vector & + usize) = + temp_0_ + in + let j:usize = j in + let ind_cpa_private_key:Libcrux_ml_kem.Ind_cpa.Unpacked.t_IndCpaPrivateKeyUnpacked + v_K v_Vector = + { + ind_cpa_private_key with + Libcrux_ml_kem.Ind_cpa.Unpacked.f_secret_as_ntt + = + Rust_primitives.Hax.Monomorphized_update_at.update_at_usize ind_cpa_private_key + .Libcrux_ml_kem.Ind_cpa.Unpacked.f_secret_as_ntt + i + ({ + (ind_cpa_private_key.Libcrux_ml_kem.Ind_cpa.Unpacked.f_secret_as_ntt.[ i ] + <: + Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) with + Libcrux_ml_kem.Polynomial.f_coefficients + = + Rust_primitives.Hax.Monomorphized_update_at.update_at_usize (ind_cpa_private_key + .Libcrux_ml_kem.Ind_cpa.Unpacked.f_secret_as_ntt.[ i ] + <: + Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) + .Libcrux_ml_kem.Polynomial.f_coefficients + j + (Libcrux_ml_kem.Vector.Traits.f_from_bytes #v_Vector + #FStar.Tactics.Typeclasses.solve + (bytes.[ { + Core.Ops.Range.f_start = p; + Core.Ops.Range.f_end = p +! sz 32 <: usize + } + <: + Core.Ops.Range.t_Range usize ] + <: + t_Slice u8) + <: + v_Vector) + <: + t_Array v_Vector (sz 16) + } + <: + Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) + } + <: + Libcrux_ml_kem.Ind_cpa.Unpacked.t_IndCpaPrivateKeyUnpacked v_K v_Vector + in + let p:usize = p +! sz 32 in + ind_cpa_private_key, p + <: + (Libcrux_ml_kem.Ind_cpa.Unpacked.t_IndCpaPrivateKeyUnpacked v_K v_Vector & usize)) + <: + (Libcrux_ml_kem.Ind_cpa.Unpacked.t_IndCpaPrivateKeyUnpacked v_K v_Vector & usize)) + in + let implicit_rejection_value:t_Array u8 (sz 32) = Rust_primitives.Hax.repeat 0uy (sz 32) in + let implicit_rejection_value:t_Array u8 (sz 32) = + Core.Slice.impl__copy_from_slice #u8 + implicit_rejection_value + (bytes.[ { Core.Ops.Range.f_start = p; Core.Ops.Range.f_end = p +! sz 32 <: usize } + <: + Core.Ops.Range.t_Range usize ] + <: + t_Slice u8) + in + let p:usize = p +! sz 32 in + let public_key:t_MlKemPublicKeyUnpacked v_K v_Vector = + impl__from_bytes v_K + #v_Vector + (bytes.[ { Core.Ops.Range.f_start = p } <: Core.Ops.Range.t_RangeFrom usize ] <: t_Slice u8) + in + { + f_private_key + = + { + f_ind_cpa_private_key = ind_cpa_private_key; + f_implicit_rejection_value = implicit_rejection_value + } + <: + t_MlKemPrivateKeyUnpacked v_K v_Vector; + f_public_key = public_key + } + <: + t_MlKemKeyPairUnpacked v_K v_Vector + +let impl_1__to_bytes + (v_K: usize) + (#v_Vector: Type0) + (#[FStar.Tactics.Typeclasses.tcresolve ()] + i1: + Libcrux_ml_kem.Vector.Traits.t_Operations v_Vector) + (self: t_MlKemKeyPairUnpacked v_K v_Vector) + (out: t_Slice u8) + = + let p:usize = sz 0 in + let out, p:(t_Slice u8 & usize) = + Rust_primitives.Hax.Folds.fold_range (sz 0) + (Core.Slice.impl__len #(Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector) + (self.f_private_key.f_ind_cpa_private_key.Libcrux_ml_kem.Ind_cpa.Unpacked.f_secret_as_ntt + <: + t_Slice (Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector)) + <: + usize) + (fun temp_0_ temp_1_ -> + let out, p:(t_Slice u8 & usize) = temp_0_ in + let _:usize = temp_1_ in + true) + (out, p <: (t_Slice u8 & usize)) + (fun temp_0_ i -> + let out, p:(t_Slice u8 & usize) = temp_0_ in + let i:usize = i in + let s:Libcrux_ml_kem.Polynomial.t_PolynomialRingElement v_Vector = + self.f_private_key.f_ind_cpa_private_key.Libcrux_ml_kem.Ind_cpa.Unpacked.f_secret_as_ntt.[ + i ] + in + Rust_primitives.Hax.Folds.fold_range (sz 0) + (Core.Slice.impl__len #v_Vector + (s.Libcrux_ml_kem.Polynomial.f_coefficients <: t_Slice v_Vector) + <: + usize) + (fun temp_0_ temp_1_ -> + let out, p:(t_Slice u8 & usize) = temp_0_ in + let _:usize = temp_1_ in + true) + (out, p <: (t_Slice u8 & usize)) + (fun temp_0_ j -> + let out, p:(t_Slice u8 & usize) = temp_0_ in + let j:usize = j in + let out:t_Slice u8 = + Rust_primitives.Hax.Monomorphized_update_at.update_at_range out + ({ Core.Ops.Range.f_start = p; Core.Ops.Range.f_end = p +! sz 32 <: usize } + <: + Core.Ops.Range.t_Range usize) + (Libcrux_ml_kem.Vector.Traits.f_to_bytes #v_Vector + #FStar.Tactics.Typeclasses.solve + (s.Libcrux_ml_kem.Polynomial.f_coefficients.[ j ] <: v_Vector) + (out.[ { + Core.Ops.Range.f_start = p; + Core.Ops.Range.f_end = p +! sz 32 <: usize + } + <: + Core.Ops.Range.t_Range usize ] + <: + t_Slice u8) + <: + t_Slice u8) + in + let p:usize = p +! sz 32 in + out, p <: (t_Slice u8 & usize))) + in + let out:t_Slice u8 = + Rust_primitives.Hax.Monomorphized_update_at.update_at_range out + ({ Core.Ops.Range.f_start = p; Core.Ops.Range.f_end = p +! sz 32 <: usize } + <: + Core.Ops.Range.t_Range usize) + (Core.Slice.impl__copy_from_slice #u8 + (out.[ { Core.Ops.Range.f_start = p; Core.Ops.Range.f_end = p +! sz 32 <: usize } + <: + Core.Ops.Range.t_Range usize ] + <: + t_Slice u8) + (self.f_private_key.f_implicit_rejection_value <: t_Slice u8) + <: + t_Slice u8) + in + let p:usize = p +! sz 32 in + let out:t_Slice u8 = + Rust_primitives.Hax.Monomorphized_update_at.update_at_range_from out + ({ Core.Ops.Range.f_start = p } <: Core.Ops.Range.t_RangeFrom usize) + (impl__to_bytes v_K + #v_Vector + self.f_public_key + (out.[ { Core.Ops.Range.f_start = p } <: Core.Ops.Range.t_RangeFrom usize ] <: t_Slice u8) + <: + t_Slice u8) + in + out + +let impl_4__private_key (v_K: usize) (#v_Vector: Type0) (#[FStar.Tactics.Typeclasses.tcresolve ()] @@ -240,7 +951,7 @@ let impl_2__private_key (self: t_MlKemKeyPairUnpacked v_K v_Vector) = self.f_private_key -let impl_2__public_key +let impl_4__public_key (v_K: usize) (#v_Vector: Type0) (#[FStar.Tactics.Typeclasses.tcresolve ()] @@ -249,7 +960,7 @@ let impl_2__public_key (self: t_MlKemKeyPairUnpacked v_K v_Vector) = self.f_public_key -let impl_2__serialized_private_key +let impl_4__serialized_private_key (v_K: usize) (#v_Vector: Type0) (#[FStar.Tactics.Typeclasses.tcresolve ()] @@ -261,7 +972,7 @@ let impl_2__serialized_private_key <: Rust_primitives.Hax.t_Never) -let impl_2__serialized_public_key +let impl_4__serialized_public_key (v_K: usize) (#v_Vector: Type0) (v_RANKED_BYTES_PER_RING_ELEMENT v_PUBLIC_KEY_SIZE: usize) @@ -270,13 +981,13 @@ let impl_2__serialized_public_key Libcrux_ml_kem.Vector.Traits.t_Operations v_Vector) (self: t_MlKemKeyPairUnpacked v_K v_Vector) = - impl__serialized_public_key v_K + impl_2__serialized_public_key v_K #v_Vector v_RANKED_BYTES_PER_RING_ELEMENT v_PUBLIC_KEY_SIZE self.f_public_key -let impl_2__serialized_public_key_mut +let impl_4__serialized_public_key_mut (v_K: usize) (#v_Vector: Type0) (v_RANKED_BYTES_PER_RING_ELEMENT v_PUBLIC_KEY_SIZE: usize) @@ -289,7 +1000,7 @@ let impl_2__serialized_public_key_mut let hax_temp_output, serialized:(Prims.unit & Libcrux_ml_kem.Types.t_MlKemPublicKey v_PUBLIC_KEY_SIZE) = (), - impl__serialized_public_key_mut v_K + impl_2__serialized_public_key_mut v_K #v_Vector v_RANKED_BYTES_PER_RING_ELEMENT v_PUBLIC_KEY_SIZE @@ -300,7 +1011,7 @@ let impl_2__serialized_public_key_mut in serialized -let impl_2__new +let impl_4__new (v_K: usize) (#v_Vector: Type0) (#[FStar.Tactics.Typeclasses.tcresolve ()] @@ -417,13 +1128,14 @@ let decapsulate let generate_keypair (v_K v_CPA_PRIVATE_KEY_SIZE v_PRIVATE_KEY_SIZE v_PUBLIC_KEY_SIZE v_BYTES_PER_RING_ELEMENT v_ETA1 v_ETA1_RANDOMNESS_SIZE: usize) - (#v_Vector #v_Hasher: Type0) + (#v_Vector #v_Hasher #v_Scheme: Type0) (#[FStar.Tactics.Typeclasses.tcresolve ()] - i2: + i3: Libcrux_ml_kem.Vector.Traits.t_Operations v_Vector) (#[FStar.Tactics.Typeclasses.tcresolve ()] - i3: + i4: Libcrux_ml_kem.Hash_functions.t_Hash v_Hasher v_K) + (#[FStar.Tactics.Typeclasses.tcresolve ()] i5: Libcrux_ml_kem.Variant.t_Variant v_Scheme) (randomness: t_Array u8 (sz 64)) (out: t_MlKemKeyPairUnpacked v_K v_Vector) = @@ -449,6 +1161,7 @@ let generate_keypair v_ETA1_RANDOMNESS_SIZE #v_Vector #v_Hasher + #v_Scheme ind_cpa_keypair_randomness out.f_private_key.f_ind_cpa_private_key out.f_public_key.f_ind_cpa_public_key diff --git a/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Ind_cca.Unpacked.fsti b/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Ind_cca.Unpacked.fsti index fbd5de788..a18793b70 100644 --- a/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Ind_cca.Unpacked.fsti +++ b/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Ind_cca.Unpacked.fsti @@ -10,6 +10,7 @@ let _ = let open Libcrux_ml_kem.Ind_cpa.Unpacked in let open Libcrux_ml_kem.Polynomial in let open Libcrux_ml_kem.Types in + let open Libcrux_ml_kem.Variant in let open Libcrux_ml_kem.Vector.Traits in () @@ -29,8 +30,25 @@ type t_MlKemPublicKeyUnpacked f_public_key_hash:t_Array u8 (sz 32) } +/// Read the bytes into an unpacked key pair. +val impl__from_bytes + (v_K: usize) + (#v_Vector: Type0) + {| i2: Libcrux_ml_kem.Vector.Traits.t_Operations v_Vector |} + (bytes: t_Slice u8) + : Prims.Pure (t_MlKemPublicKeyUnpacked v_K v_Vector) Prims.l_True (fun _ -> Prims.l_True) + +/// Write the key into the `out` buffer. +val impl__to_bytes + (v_K: usize) + (#v_Vector: Type0) + {| i1: Libcrux_ml_kem.Vector.Traits.t_Operations v_Vector |} + (self: t_MlKemPublicKeyUnpacked v_K v_Vector) + (out: t_Slice u8) + : Prims.Pure (t_Slice u8) Prims.l_True (fun _ -> Prims.l_True) + /// Get the serialized public key. -val impl__serialized_public_key +val impl_2__serialized_public_key (v_K: usize) (#v_Vector: Type0) (v_RANKED_BYTES_PER_RING_ELEMENT v_PUBLIC_KEY_SIZE: usize) @@ -41,7 +59,7 @@ val impl__serialized_public_key (fun _ -> Prims.l_True) /// Get the serialized public key. -val impl__serialized_public_key_mut +val impl_2__serialized_public_key_mut (v_K: usize) (#v_Vector: Type0) (v_RANKED_BYTES_PER_RING_ELEMENT v_PUBLIC_KEY_SIZE: usize) @@ -53,7 +71,7 @@ val impl__serialized_public_key_mut (fun _ -> Prims.l_True) [@@ FStar.Tactics.Typeclasses.tcinstance] -let impl_1 +let impl_3 (v_K: usize) (#v_Vector: Type0) (#[FStar.Tactics.Typeclasses.tcresolve ()] @@ -109,8 +127,25 @@ type t_MlKemKeyPairUnpacked f_public_key:t_MlKemPublicKeyUnpacked v_K v_Vector } +/// Read the bytes into an unpacked key pair. +val impl_1__from_bytes + (v_K: usize) + (#v_Vector: Type0) + {| i2: Libcrux_ml_kem.Vector.Traits.t_Operations v_Vector |} + (bytes: t_Slice u8) + : Prims.Pure (t_MlKemKeyPairUnpacked v_K v_Vector) Prims.l_True (fun _ -> Prims.l_True) + +/// Write the key into the `out` buffer. +val impl_1__to_bytes + (v_K: usize) + (#v_Vector: Type0) + {| i1: Libcrux_ml_kem.Vector.Traits.t_Operations v_Vector |} + (self: t_MlKemKeyPairUnpacked v_K v_Vector) + (out: t_Slice u8) + : Prims.Pure (t_Slice u8) Prims.l_True (fun _ -> Prims.l_True) + /// Get the serialized public key. -val impl_2__private_key +val impl_4__private_key (v_K: usize) (#v_Vector: Type0) {| i2: Libcrux_ml_kem.Vector.Traits.t_Operations v_Vector |} @@ -118,7 +153,7 @@ val impl_2__private_key : Prims.Pure (t_MlKemPrivateKeyUnpacked v_K v_Vector) Prims.l_True (fun _ -> Prims.l_True) /// Get the serialized public key. -val impl_2__public_key +val impl_4__public_key (v_K: usize) (#v_Vector: Type0) {| i2: Libcrux_ml_kem.Vector.Traits.t_Operations v_Vector |} @@ -126,7 +161,7 @@ val impl_2__public_key : Prims.Pure (t_MlKemPublicKeyUnpacked v_K v_Vector) Prims.l_True (fun _ -> Prims.l_True) /// Get the serialized private key. -val impl_2__serialized_private_key +val impl_4__serialized_private_key (v_K: usize) (#v_Vector: Type0) {| i2: Libcrux_ml_kem.Vector.Traits.t_Operations v_Vector |} @@ -134,7 +169,7 @@ val impl_2__serialized_private_key : Prims.Pure (Libcrux_ml_kem.Types.t_MlKemPrivateKey v_K) Prims.l_True (fun _ -> Prims.l_True) /// Get the serialized public key. -val impl_2__serialized_public_key +val impl_4__serialized_public_key (v_K: usize) (#v_Vector: Type0) (v_RANKED_BYTES_PER_RING_ELEMENT v_PUBLIC_KEY_SIZE: usize) @@ -145,7 +180,7 @@ val impl_2__serialized_public_key (fun _ -> Prims.l_True) /// Get the serialized public key. -val impl_2__serialized_public_key_mut +val impl_4__serialized_public_key_mut (v_K: usize) (#v_Vector: Type0) (v_RANKED_BYTES_PER_RING_ELEMENT v_PUBLIC_KEY_SIZE: usize) @@ -157,7 +192,7 @@ val impl_2__serialized_public_key_mut (fun _ -> Prims.l_True) [@@ FStar.Tactics.Typeclasses.tcinstance] -let impl_3 +let impl_5 (v_K: usize) (#v_Vector: Type0) (#[FStar.Tactics.Typeclasses.tcresolve ()] @@ -195,7 +230,7 @@ let impl_3 } /// Create a new empty unpacked key pair. -val impl_2__new: +val impl_4__new: v_K: usize -> #v_Vector: Type0 -> {| i1: Libcrux_ml_kem.Vector.Traits.t_Operations v_Vector |} -> @@ -216,9 +251,10 @@ val decapsulate val generate_keypair (v_K v_CPA_PRIVATE_KEY_SIZE v_PRIVATE_KEY_SIZE v_PUBLIC_KEY_SIZE v_BYTES_PER_RING_ELEMENT v_ETA1 v_ETA1_RANDOMNESS_SIZE: usize) - (#v_Vector #v_Hasher: Type0) - {| i2: Libcrux_ml_kem.Vector.Traits.t_Operations v_Vector |} - {| i3: Libcrux_ml_kem.Hash_functions.t_Hash v_Hasher v_K |} + (#v_Vector #v_Hasher #v_Scheme: Type0) + {| i3: Libcrux_ml_kem.Vector.Traits.t_Operations v_Vector |} + {| i4: Libcrux_ml_kem.Hash_functions.t_Hash v_Hasher v_K |} + {| i5: Libcrux_ml_kem.Variant.t_Variant v_Scheme |} (randomness: t_Array u8 (sz 64)) (out: t_MlKemKeyPairUnpacked v_K v_Vector) : Prims.Pure (t_MlKemKeyPairUnpacked v_K v_Vector) Prims.l_True (fun _ -> Prims.l_True) diff --git a/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Ind_cpa.fst b/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Ind_cpa.fst index e905c5190..3a46e59c3 100644 --- a/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Ind_cpa.fst +++ b/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Ind_cpa.fst @@ -732,19 +732,20 @@ let encrypt let generate_keypair_unpacked (v_K v_ETA1 v_ETA1_RANDOMNESS_SIZE: usize) - (#v_Vector #v_Hasher: Type0) + (#v_Vector #v_Hasher #v_Scheme: Type0) (#[FStar.Tactics.Typeclasses.tcresolve ()] - i2: + i3: Libcrux_ml_kem.Vector.Traits.t_Operations v_Vector) (#[FStar.Tactics.Typeclasses.tcresolve ()] - i3: + i4: Libcrux_ml_kem.Hash_functions.t_Hash v_Hasher v_K) + (#[FStar.Tactics.Typeclasses.tcresolve ()] i5: Libcrux_ml_kem.Variant.t_Variant v_Scheme) (key_generation_seed: t_Slice u8) (private_key: Libcrux_ml_kem.Ind_cpa.Unpacked.t_IndCpaPrivateKeyUnpacked v_K v_Vector) (public_key: Libcrux_ml_kem.Ind_cpa.Unpacked.t_IndCpaPublicKeyUnpacked v_K v_Vector) = let hashed:t_Array u8 (sz 64) = - Libcrux_ml_kem.Variant.f_cpa_keygen_seed #Libcrux_ml_kem.Variant.t_MlKem + Libcrux_ml_kem.Variant.f_cpa_keygen_seed #v_Scheme #FStar.Tactics.Typeclasses.solve v_K #v_Hasher @@ -865,6 +866,7 @@ let generate_keypair v_ETA1_RANDOMNESS_SIZE #v_Vector #v_Hasher + #v_Scheme key_generation_seed private_key public_key diff --git a/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Ind_cpa.fsti b/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Ind_cpa.fsti index 90653fb7b..cecc84c5a 100644 --- a/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Ind_cpa.fsti +++ b/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Ind_cpa.fsti @@ -234,9 +234,10 @@ val encrypt /// . val generate_keypair_unpacked (v_K v_ETA1 v_ETA1_RANDOMNESS_SIZE: usize) - (#v_Vector #v_Hasher: Type0) - {| i2: Libcrux_ml_kem.Vector.Traits.t_Operations v_Vector |} - {| i3: Libcrux_ml_kem.Hash_functions.t_Hash v_Hasher v_K |} + (#v_Vector #v_Hasher #v_Scheme: Type0) + {| i3: Libcrux_ml_kem.Vector.Traits.t_Operations v_Vector |} + {| i4: Libcrux_ml_kem.Hash_functions.t_Hash v_Hasher v_K |} + {| i5: Libcrux_ml_kem.Variant.t_Variant v_Scheme |} (key_generation_seed: t_Slice u8) (private_key: Libcrux_ml_kem.Ind_cpa.Unpacked.t_IndCpaPrivateKeyUnpacked v_K v_Vector) (public_key: Libcrux_ml_kem.Ind_cpa.Unpacked.t_IndCpaPublicKeyUnpacked v_K v_Vector) diff --git a/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Mlkem1024.Avx2.Unpacked.fst b/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Mlkem1024.Avx2.Unpacked.fst index ca698a11d..800b40115 100644 --- a/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Mlkem1024.Avx2.Unpacked.fst +++ b/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Mlkem1024.Avx2.Unpacked.fst @@ -8,6 +8,7 @@ let _ = (* The implicit dependencies arise from typeclasses instances. *) let open Libcrux_ml_kem.Ind_cca.Unpacked in let open Libcrux_ml_kem.Vector.Avx2 in + let open Libcrux_ml_kem.Vector.Traits in () let encapsulate @@ -33,7 +34,7 @@ let serialized_public_key (serialized: Libcrux_ml_kem.Types.t_MlKemPublicKey (sz 1568)) = let serialized:Libcrux_ml_kem.Types.t_MlKemPublicKey (sz 1568) = - Libcrux_ml_kem.Ind_cca.Unpacked.impl__serialized_public_key_mut (sz 4) + Libcrux_ml_kem.Ind_cca.Unpacked.impl_2__serialized_public_key_mut (sz 4) #Libcrux_ml_kem.Vector.Avx2.t_SIMD256Vector (sz 1536) (sz 1568) @@ -106,3 +107,8 @@ let init_key_pair (_: Prims.unit) = Libcrux_ml_kem.Vector.Avx2.t_SIMD256Vector) #FStar.Tactics.Typeclasses.solve () + +let key_pair_from_bytes (bytes: t_Slice u8) = + Libcrux_ml_kem.Ind_cca.Unpacked.impl_1__from_bytes (sz 4) + #Libcrux_ml_kem.Vector.Avx2.t_SIMD256Vector + bytes diff --git a/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Mlkem1024.Avx2.Unpacked.fsti b/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Mlkem1024.Avx2.Unpacked.fsti index 98114aa20..88a176e80 100644 --- a/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Mlkem1024.Avx2.Unpacked.fsti +++ b/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Mlkem1024.Avx2.Unpacked.fsti @@ -8,6 +8,7 @@ let _ = (* The implicit dependencies arise from typeclasses instances. *) let open Libcrux_ml_kem.Ind_cca.Unpacked in let open Libcrux_ml_kem.Vector.Avx2 in + let open Libcrux_ml_kem.Vector.Traits in () let _ = @@ -84,3 +85,10 @@ val init_key_pair: Prims.unit -> Prims.Pure (Libcrux_ml_kem.Ind_cca.Unpacked.t_MlKemKeyPairUnpacked (sz 4) Libcrux_ml_kem.Vector.Avx2.t_SIMD256Vector) Prims.l_True (fun _ -> Prims.l_True) + +/// Read the key pair from `bytes``. +/// `bytes` has to point to at least ??? bytes. +val key_pair_from_bytes (bytes: t_Slice u8) + : Prims.Pure + (Libcrux_ml_kem.Ind_cca.Unpacked.t_MlKemKeyPairUnpacked (sz 4) + Libcrux_ml_kem.Vector.Avx2.t_SIMD256Vector) Prims.l_True (fun _ -> Prims.l_True) diff --git a/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Mlkem1024.Neon.Unpacked.fst b/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Mlkem1024.Neon.Unpacked.fst index 3b74c3b27..84081b8c7 100644 --- a/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Mlkem1024.Neon.Unpacked.fst +++ b/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Mlkem1024.Neon.Unpacked.fst @@ -8,6 +8,7 @@ let _ = (* The implicit dependencies arise from typeclasses instances. *) let open Libcrux_ml_kem.Ind_cca.Unpacked in let open Libcrux_ml_kem.Vector.Neon in + let open Libcrux_ml_kem.Vector.Traits in () let encapsulate @@ -33,7 +34,7 @@ let serialized_public_key (serialized: Libcrux_ml_kem.Types.t_MlKemPublicKey (sz 1568)) = let serialized:Libcrux_ml_kem.Types.t_MlKemPublicKey (sz 1568) = - Libcrux_ml_kem.Ind_cca.Unpacked.impl__serialized_public_key_mut (sz 4) + Libcrux_ml_kem.Ind_cca.Unpacked.impl_2__serialized_public_key_mut (sz 4) #Libcrux_ml_kem.Vector.Neon.Vector_type.t_SIMD128Vector (sz 1536) (sz 1568) @@ -106,3 +107,8 @@ let init_key_pair (_: Prims.unit) = Libcrux_ml_kem.Vector.Neon.Vector_type.t_SIMD128Vector) #FStar.Tactics.Typeclasses.solve () + +let key_pair_from_bytes (bytes: t_Slice u8) = + Libcrux_ml_kem.Ind_cca.Unpacked.impl_1__from_bytes (sz 4) + #Libcrux_ml_kem.Vector.Neon.Vector_type.t_SIMD128Vector + bytes diff --git a/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Mlkem1024.Neon.Unpacked.fsti b/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Mlkem1024.Neon.Unpacked.fsti index 46f643f14..736f89fce 100644 --- a/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Mlkem1024.Neon.Unpacked.fsti +++ b/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Mlkem1024.Neon.Unpacked.fsti @@ -8,6 +8,7 @@ let _ = (* The implicit dependencies arise from typeclasses instances. *) let open Libcrux_ml_kem.Ind_cca.Unpacked in let open Libcrux_ml_kem.Vector.Neon in + let open Libcrux_ml_kem.Vector.Traits in () let _ = @@ -92,3 +93,12 @@ val init_key_pair: Prims.unit Libcrux_ml_kem.Vector.Neon.Vector_type.t_SIMD128Vector) Prims.l_True (fun _ -> Prims.l_True) + +/// Read the key pair from `bytes``. +/// `bytes` has to point to at least ??? bytes. +val key_pair_from_bytes (bytes: t_Slice u8) + : Prims.Pure + (Libcrux_ml_kem.Ind_cca.Unpacked.t_MlKemKeyPairUnpacked (sz 4) + Libcrux_ml_kem.Vector.Neon.Vector_type.t_SIMD128Vector) + Prims.l_True + (fun _ -> Prims.l_True) diff --git a/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Mlkem1024.Portable.Unpacked.fst b/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Mlkem1024.Portable.Unpacked.fst index b77d33651..3c37f4db3 100644 --- a/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Mlkem1024.Portable.Unpacked.fst +++ b/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Mlkem1024.Portable.Unpacked.fst @@ -8,6 +8,7 @@ let _ = (* The implicit dependencies arise from typeclasses instances. *) let open Libcrux_ml_kem.Ind_cca.Unpacked in let open Libcrux_ml_kem.Vector.Portable in + let open Libcrux_ml_kem.Vector.Traits in () let encapsulate @@ -33,7 +34,7 @@ let serialized_public_key (serialized: Libcrux_ml_kem.Types.t_MlKemPublicKey (sz 1568)) = let serialized:Libcrux_ml_kem.Types.t_MlKemPublicKey (sz 1568) = - Libcrux_ml_kem.Ind_cca.Unpacked.impl__serialized_public_key_mut (sz 4) + Libcrux_ml_kem.Ind_cca.Unpacked.impl_2__serialized_public_key_mut (sz 4) #Libcrux_ml_kem.Vector.Portable.Vector_type.t_PortableVector (sz 1536) (sz 1568) @@ -106,3 +107,8 @@ let init_key_pair (_: Prims.unit) = Libcrux_ml_kem.Vector.Portable.Vector_type.t_PortableVector) #FStar.Tactics.Typeclasses.solve () + +let key_pair_from_bytes (bytes: t_Slice u8) = + Libcrux_ml_kem.Ind_cca.Unpacked.impl_1__from_bytes (sz 4) + #Libcrux_ml_kem.Vector.Portable.Vector_type.t_PortableVector + bytes diff --git a/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Mlkem1024.Portable.Unpacked.fsti b/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Mlkem1024.Portable.Unpacked.fsti index fdc651118..34bb8bde0 100644 --- a/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Mlkem1024.Portable.Unpacked.fsti +++ b/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Mlkem1024.Portable.Unpacked.fsti @@ -8,6 +8,7 @@ let _ = (* The implicit dependencies arise from typeclasses instances. *) let open Libcrux_ml_kem.Ind_cca.Unpacked in let open Libcrux_ml_kem.Vector.Portable in + let open Libcrux_ml_kem.Vector.Traits in () let _ = @@ -92,3 +93,12 @@ val init_key_pair: Prims.unit Libcrux_ml_kem.Vector.Portable.Vector_type.t_PortableVector) Prims.l_True (fun _ -> Prims.l_True) + +/// Read the key pair from `bytes``. +/// `bytes` has to point to at least ??? bytes. +val key_pair_from_bytes (bytes: t_Slice u8) + : Prims.Pure + (Libcrux_ml_kem.Ind_cca.Unpacked.t_MlKemKeyPairUnpacked (sz 4) + Libcrux_ml_kem.Vector.Portable.Vector_type.t_PortableVector) + Prims.l_True + (fun _ -> Prims.l_True) diff --git a/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Mlkem512.Avx2.Unpacked.fst b/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Mlkem512.Avx2.Unpacked.fst index 6fc3cda34..6e56bfc8d 100644 --- a/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Mlkem512.Avx2.Unpacked.fst +++ b/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Mlkem512.Avx2.Unpacked.fst @@ -8,6 +8,7 @@ let _ = (* The implicit dependencies arise from typeclasses instances. *) let open Libcrux_ml_kem.Ind_cca.Unpacked in let open Libcrux_ml_kem.Vector.Avx2 in + let open Libcrux_ml_kem.Vector.Traits in () let encapsulate @@ -33,7 +34,7 @@ let serialized_public_key = let hax_temp_output, serialized:(Prims.unit & Libcrux_ml_kem.Types.t_MlKemPublicKey (sz 800)) = (), - Libcrux_ml_kem.Ind_cca.Unpacked.impl__serialized_public_key_mut (sz 2) + Libcrux_ml_kem.Ind_cca.Unpacked.impl_2__serialized_public_key_mut (sz 2) #Libcrux_ml_kem.Vector.Avx2.t_SIMD256Vector (sz 768) (sz 800) @@ -102,3 +103,8 @@ let init_key_pair (_: Prims.unit) = Libcrux_ml_kem.Vector.Avx2.t_SIMD256Vector) #FStar.Tactics.Typeclasses.solve () + +let key_pair_from_bytes (bytes: t_Slice u8) = + Libcrux_ml_kem.Ind_cca.Unpacked.impl_1__from_bytes (sz 2) + #Libcrux_ml_kem.Vector.Avx2.t_SIMD256Vector + bytes diff --git a/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Mlkem512.Avx2.Unpacked.fsti b/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Mlkem512.Avx2.Unpacked.fsti index cd0cb965f..ec38929c9 100644 --- a/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Mlkem512.Avx2.Unpacked.fsti +++ b/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Mlkem512.Avx2.Unpacked.fsti @@ -8,6 +8,7 @@ let _ = (* The implicit dependencies arise from typeclasses instances. *) let open Libcrux_ml_kem.Ind_cca.Unpacked in let open Libcrux_ml_kem.Vector.Avx2 in + let open Libcrux_ml_kem.Vector.Traits in () let _ = @@ -82,3 +83,10 @@ val init_key_pair: Prims.unit -> Prims.Pure (Libcrux_ml_kem.Ind_cca.Unpacked.t_MlKemKeyPairUnpacked (sz 2) Libcrux_ml_kem.Vector.Avx2.t_SIMD256Vector) Prims.l_True (fun _ -> Prims.l_True) + +/// Read the key pair from `bytes``. +/// `bytes` has to point to at least ??? bytes. +val key_pair_from_bytes (bytes: t_Slice u8) + : Prims.Pure + (Libcrux_ml_kem.Ind_cca.Unpacked.t_MlKemKeyPairUnpacked (sz 2) + Libcrux_ml_kem.Vector.Avx2.t_SIMD256Vector) Prims.l_True (fun _ -> Prims.l_True) diff --git a/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Mlkem512.Neon.Unpacked.fst b/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Mlkem512.Neon.Unpacked.fst index 273041027..67123ab77 100644 --- a/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Mlkem512.Neon.Unpacked.fst +++ b/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Mlkem512.Neon.Unpacked.fst @@ -8,6 +8,7 @@ let _ = (* The implicit dependencies arise from typeclasses instances. *) let open Libcrux_ml_kem.Ind_cca.Unpacked in let open Libcrux_ml_kem.Vector.Neon in + let open Libcrux_ml_kem.Vector.Traits in () let encapsulate @@ -33,7 +34,7 @@ let serialized_public_key = let hax_temp_output, serialized:(Prims.unit & Libcrux_ml_kem.Types.t_MlKemPublicKey (sz 800)) = (), - Libcrux_ml_kem.Ind_cca.Unpacked.impl__serialized_public_key_mut (sz 2) + Libcrux_ml_kem.Ind_cca.Unpacked.impl_2__serialized_public_key_mut (sz 2) #Libcrux_ml_kem.Vector.Neon.Vector_type.t_SIMD128Vector (sz 768) (sz 800) @@ -102,3 +103,8 @@ let init_key_pair (_: Prims.unit) = Libcrux_ml_kem.Vector.Neon.Vector_type.t_SIMD128Vector) #FStar.Tactics.Typeclasses.solve () + +let key_pair_from_bytes (bytes: t_Slice u8) = + Libcrux_ml_kem.Ind_cca.Unpacked.impl_1__from_bytes (sz 2) + #Libcrux_ml_kem.Vector.Neon.Vector_type.t_SIMD128Vector + bytes diff --git a/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Mlkem512.Neon.Unpacked.fsti b/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Mlkem512.Neon.Unpacked.fsti index 40ecdcc8d..f4e4866dd 100644 --- a/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Mlkem512.Neon.Unpacked.fsti +++ b/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Mlkem512.Neon.Unpacked.fsti @@ -8,6 +8,7 @@ let _ = (* The implicit dependencies arise from typeclasses instances. *) let open Libcrux_ml_kem.Ind_cca.Unpacked in let open Libcrux_ml_kem.Vector.Neon in + let open Libcrux_ml_kem.Vector.Traits in () let _ = @@ -90,3 +91,12 @@ val init_key_pair: Prims.unit Libcrux_ml_kem.Vector.Neon.Vector_type.t_SIMD128Vector) Prims.l_True (fun _ -> Prims.l_True) + +/// Read the key pair from `bytes``. +/// `bytes` has to point to at least ??? bytes. +val key_pair_from_bytes (bytes: t_Slice u8) + : Prims.Pure + (Libcrux_ml_kem.Ind_cca.Unpacked.t_MlKemKeyPairUnpacked (sz 2) + Libcrux_ml_kem.Vector.Neon.Vector_type.t_SIMD128Vector) + Prims.l_True + (fun _ -> Prims.l_True) diff --git a/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Mlkem512.Portable.Unpacked.fst b/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Mlkem512.Portable.Unpacked.fst index 54eb129c9..4320265ab 100644 --- a/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Mlkem512.Portable.Unpacked.fst +++ b/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Mlkem512.Portable.Unpacked.fst @@ -8,6 +8,7 @@ let _ = (* The implicit dependencies arise from typeclasses instances. *) let open Libcrux_ml_kem.Ind_cca.Unpacked in let open Libcrux_ml_kem.Vector.Portable in + let open Libcrux_ml_kem.Vector.Traits in () let encapsulate @@ -34,7 +35,7 @@ let serialized_public_key = let hax_temp_output, serialized:(Prims.unit & Libcrux_ml_kem.Types.t_MlKemPublicKey (sz 800)) = (), - Libcrux_ml_kem.Ind_cca.Unpacked.impl__serialized_public_key_mut (sz 2) + Libcrux_ml_kem.Ind_cca.Unpacked.impl_2__serialized_public_key_mut (sz 2) #Libcrux_ml_kem.Vector.Portable.Vector_type.t_PortableVector (sz 768) (sz 800) @@ -103,3 +104,8 @@ let init_key_pair (_: Prims.unit) = Libcrux_ml_kem.Vector.Portable.Vector_type.t_PortableVector) #FStar.Tactics.Typeclasses.solve () + +let key_pair_from_bytes (bytes: t_Slice u8) = + Libcrux_ml_kem.Ind_cca.Unpacked.impl_1__from_bytes (sz 2) + #Libcrux_ml_kem.Vector.Portable.Vector_type.t_PortableVector + bytes diff --git a/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Mlkem512.Portable.Unpacked.fsti b/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Mlkem512.Portable.Unpacked.fsti index 2aee55d13..08e22f316 100644 --- a/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Mlkem512.Portable.Unpacked.fsti +++ b/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Mlkem512.Portable.Unpacked.fsti @@ -8,6 +8,7 @@ let _ = (* The implicit dependencies arise from typeclasses instances. *) let open Libcrux_ml_kem.Ind_cca.Unpacked in let open Libcrux_ml_kem.Vector.Portable in + let open Libcrux_ml_kem.Vector.Traits in () let _ = @@ -90,3 +91,12 @@ val init_key_pair: Prims.unit Libcrux_ml_kem.Vector.Portable.Vector_type.t_PortableVector) Prims.l_True (fun _ -> Prims.l_True) + +/// Read the key pair from `bytes``. +/// `bytes` has to point to at least ??? bytes. +val key_pair_from_bytes (bytes: t_Slice u8) + : Prims.Pure + (Libcrux_ml_kem.Ind_cca.Unpacked.t_MlKemKeyPairUnpacked (sz 2) + Libcrux_ml_kem.Vector.Portable.Vector_type.t_PortableVector) + Prims.l_True + (fun _ -> Prims.l_True) diff --git a/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Mlkem768.Avx2.Unpacked.fst b/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Mlkem768.Avx2.Unpacked.fst index 1a75cf7bf..192809551 100644 --- a/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Mlkem768.Avx2.Unpacked.fst +++ b/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Mlkem768.Avx2.Unpacked.fst @@ -8,6 +8,7 @@ let _ = (* The implicit dependencies arise from typeclasses instances. *) let open Libcrux_ml_kem.Ind_cca.Unpacked in let open Libcrux_ml_kem.Vector.Avx2 in + let open Libcrux_ml_kem.Vector.Traits in () let encapsulate @@ -26,6 +27,25 @@ let init_public_key (_: Prims.unit) = #FStar.Tactics.Typeclasses.solve () +let public_key_from_bytes (bytes: t_Slice u8) = + Libcrux_ml_kem.Ind_cca.Unpacked.impl__from_bytes (sz 3) + #Libcrux_ml_kem.Vector.Avx2.t_SIMD256Vector + bytes + +let public_key_to_bytes + (key: + Libcrux_ml_kem.Ind_cca.Unpacked.t_MlKemPublicKeyUnpacked (sz 3) + Libcrux_ml_kem.Vector.Avx2.t_SIMD256Vector) + (out: t_Slice u8) + = + let out:t_Slice u8 = + Libcrux_ml_kem.Ind_cca.Unpacked.impl__to_bytes (sz 3) + #Libcrux_ml_kem.Vector.Avx2.t_SIMD256Vector + key + out + in + out + let serialized_public_key (public_key: Libcrux_ml_kem.Ind_cca.Unpacked.t_MlKemPublicKeyUnpacked (sz 3) @@ -33,7 +53,7 @@ let serialized_public_key (serialized: Libcrux_ml_kem.Types.t_MlKemPublicKey (sz 1184)) = let serialized:Libcrux_ml_kem.Types.t_MlKemPublicKey (sz 1184) = - Libcrux_ml_kem.Ind_cca.Unpacked.impl__serialized_public_key_mut (sz 3) + Libcrux_ml_kem.Ind_cca.Unpacked.impl_2__serialized_public_key_mut (sz 3) #Libcrux_ml_kem.Vector.Avx2.t_SIMD256Vector (sz 1152) (sz 1184) @@ -75,6 +95,11 @@ let decapsulate (sz 1184) (sz 1088) (sz 1152) (sz 960) (sz 128) (sz 10) (sz 4) (sz 320) (sz 2) (sz 128) (sz 2) (sz 128) (sz 1120) private_key ciphertext +let from_bytes (bytes: t_Slice u8) = + Libcrux_ml_kem.Ind_cca.Unpacked.impl_1__from_bytes (sz 3) + #Libcrux_ml_kem.Vector.Avx2.t_SIMD256Vector + bytes + let generate_key_pair (randomness: t_Array u8 (sz 64)) (key_pair: @@ -101,6 +126,11 @@ let init_key_pair (_: Prims.unit) = #FStar.Tactics.Typeclasses.solve () +let key_pair_from_bytes (bytes: t_Slice u8) = + Libcrux_ml_kem.Ind_cca.Unpacked.impl_1__from_bytes (sz 3) + #Libcrux_ml_kem.Vector.Avx2.t_SIMD256Vector + bytes + let key_pair_serialized_public_key (key_pair: Libcrux_ml_kem.Ind_cca.Unpacked.t_MlKemKeyPairUnpacked (sz 3) @@ -108,7 +138,7 @@ let key_pair_serialized_public_key (serialized: Libcrux_ml_kem.Types.t_MlKemPublicKey (sz 1184)) = let serialized:Libcrux_ml_kem.Types.t_MlKemPublicKey (sz 1184) = - Libcrux_ml_kem.Ind_cca.Unpacked.impl_2__serialized_public_key_mut (sz 3) + Libcrux_ml_kem.Ind_cca.Unpacked.impl_4__serialized_public_key_mut (sz 3) #Libcrux_ml_kem.Vector.Avx2.t_SIMD256Vector (sz 1152) (sz 1184) @@ -117,6 +147,20 @@ let key_pair_serialized_public_key in serialized +let key_pair_to_bytes + (key_pair: + Libcrux_ml_kem.Ind_cca.Unpacked.t_MlKemKeyPairUnpacked (sz 3) + Libcrux_ml_kem.Vector.Avx2.t_SIMD256Vector) + (out: t_Slice u8) + = + let out:t_Slice u8 = + Libcrux_ml_kem.Ind_cca.Unpacked.impl_1__to_bytes (sz 3) + #Libcrux_ml_kem.Vector.Avx2.t_SIMD256Vector + key_pair + out + in + out + let public_key (key_pair: Libcrux_ml_kem.Ind_cca.Unpacked.t_MlKemKeyPairUnpacked (sz 3) @@ -130,7 +174,7 @@ let public_key Core.Clone.f_clone #(Libcrux_ml_kem.Ind_cca.Unpacked.t_MlKemPublicKeyUnpacked (sz 3) Libcrux_ml_kem.Vector.Avx2.t_SIMD256Vector) #FStar.Tactics.Typeclasses.solve - (Libcrux_ml_kem.Ind_cca.Unpacked.impl_2__public_key (sz 3) + (Libcrux_ml_kem.Ind_cca.Unpacked.impl_4__public_key (sz 3) #Libcrux_ml_kem.Vector.Avx2.t_SIMD256Vector key_pair <: diff --git a/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Mlkem768.Avx2.Unpacked.fsti b/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Mlkem768.Avx2.Unpacked.fsti index 4d8df4bc3..d68180085 100644 --- a/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Mlkem768.Avx2.Unpacked.fsti +++ b/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Mlkem768.Avx2.Unpacked.fsti @@ -8,6 +8,7 @@ let _ = (* The implicit dependencies arise from typeclasses instances. *) let open Libcrux_ml_kem.Ind_cca.Unpacked in let open Libcrux_ml_kem.Vector.Avx2 in + let open Libcrux_ml_kem.Vector.Traits in () let _ = @@ -36,6 +37,22 @@ val init_public_key: Prims.unit (Libcrux_ml_kem.Ind_cca.Unpacked.t_MlKemPublicKeyUnpacked (sz 3) Libcrux_ml_kem.Vector.Avx2.t_SIMD256Vector) Prims.l_True (fun _ -> Prims.l_True) +/// Read the public key from `bytes``. +/// `bytes` has to point to at least 6208 bytes. +val public_key_from_bytes (bytes: t_Slice u8) + : Prims.Pure + (Libcrux_ml_kem.Ind_cca.Unpacked.t_MlKemPublicKeyUnpacked (sz 3) + Libcrux_ml_kem.Vector.Avx2.t_SIMD256Vector) Prims.l_True (fun _ -> Prims.l_True) + +/// Write out the public key. +/// `out` has to point to at least 6208 bytes. +val public_key_to_bytes + (key: + Libcrux_ml_kem.Ind_cca.Unpacked.t_MlKemPublicKeyUnpacked (sz 3) + Libcrux_ml_kem.Vector.Avx2.t_SIMD256Vector) + (out: t_Slice u8) + : Prims.Pure (t_Slice u8) Prims.l_True (fun _ -> Prims.l_True) + /// Get the serialized public key. val serialized_public_key (public_key: @@ -67,6 +84,13 @@ val decapsulate (ciphertext: Libcrux_ml_kem.Types.t_MlKemCiphertext (sz 1088)) : Prims.Pure (t_Array u8 (sz 32)) Prims.l_True (fun _ -> Prims.l_True) +/// Read bytes into the key pair. +/// `bytes` has to point to at least 7776 bytes. +val from_bytes (bytes: t_Slice u8) + : Prims.Pure + (Libcrux_ml_kem.Ind_cca.Unpacked.t_MlKemKeyPairUnpacked (sz 3) + Libcrux_ml_kem.Vector.Avx2.t_SIMD256Vector) Prims.l_True (fun _ -> Prims.l_True) + /// Generate ML-KEM 768 Key Pair in "unpacked" form. val generate_key_pair (randomness: t_Array u8 (sz 64)) @@ -83,6 +107,13 @@ val init_key_pair: Prims.unit (Libcrux_ml_kem.Ind_cca.Unpacked.t_MlKemKeyPairUnpacked (sz 3) Libcrux_ml_kem.Vector.Avx2.t_SIMD256Vector) Prims.l_True (fun _ -> Prims.l_True) +/// Read the key pair from `bytes``. +/// `bytes` has to point to at least 7776 bytes. +val key_pair_from_bytes (bytes: t_Slice u8) + : Prims.Pure + (Libcrux_ml_kem.Ind_cca.Unpacked.t_MlKemKeyPairUnpacked (sz 3) + Libcrux_ml_kem.Vector.Avx2.t_SIMD256Vector) Prims.l_True (fun _ -> Prims.l_True) + /// Get the serialized public key. val key_pair_serialized_public_key (key_pair: @@ -93,6 +124,15 @@ val key_pair_serialized_public_key Prims.l_True (fun _ -> Prims.l_True) +/// Write out the key pair. +/// `out` has to point to at least 7776 bytes. +val key_pair_to_bytes + (key_pair: + Libcrux_ml_kem.Ind_cca.Unpacked.t_MlKemKeyPairUnpacked (sz 3) + Libcrux_ml_kem.Vector.Avx2.t_SIMD256Vector) + (out: t_Slice u8) + : Prims.Pure (t_Slice u8) Prims.l_True (fun _ -> Prims.l_True) + /// Get the unpacked public key. val public_key (key_pair: diff --git a/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Mlkem768.Neon.Unpacked.fst b/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Mlkem768.Neon.Unpacked.fst index 1b1c3736e..154e25bdc 100644 --- a/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Mlkem768.Neon.Unpacked.fst +++ b/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Mlkem768.Neon.Unpacked.fst @@ -9,6 +9,7 @@ let _ = let open Libcrux_ml_kem.Ind_cca.Unpacked in let open Libcrux_ml_kem.Vector.Neon in let open Libcrux_ml_kem.Vector.Neon.Vector_type in + let open Libcrux_ml_kem.Vector.Traits in () let encapsulate @@ -27,6 +28,25 @@ let init_public_key (_: Prims.unit) = #FStar.Tactics.Typeclasses.solve () +let public_key_from_bytes (bytes: t_Slice u8) = + Libcrux_ml_kem.Ind_cca.Unpacked.impl__from_bytes (sz 3) + #Libcrux_ml_kem.Vector.Neon.Vector_type.t_SIMD128Vector + bytes + +let public_key_to_bytes + (key: + Libcrux_ml_kem.Ind_cca.Unpacked.t_MlKemPublicKeyUnpacked (sz 3) + Libcrux_ml_kem.Vector.Neon.Vector_type.t_SIMD128Vector) + (out: t_Slice u8) + = + let out:t_Slice u8 = + Libcrux_ml_kem.Ind_cca.Unpacked.impl__to_bytes (sz 3) + #Libcrux_ml_kem.Vector.Neon.Vector_type.t_SIMD128Vector + key + out + in + out + let serialized_public_key (public_key: Libcrux_ml_kem.Ind_cca.Unpacked.t_MlKemPublicKeyUnpacked (sz 3) @@ -34,7 +54,7 @@ let serialized_public_key (serialized: Libcrux_ml_kem.Types.t_MlKemPublicKey (sz 1184)) = let serialized:Libcrux_ml_kem.Types.t_MlKemPublicKey (sz 1184) = - Libcrux_ml_kem.Ind_cca.Unpacked.impl__serialized_public_key_mut (sz 3) + Libcrux_ml_kem.Ind_cca.Unpacked.impl_2__serialized_public_key_mut (sz 3) #Libcrux_ml_kem.Vector.Neon.Vector_type.t_SIMD128Vector (sz 1152) (sz 1184) @@ -76,6 +96,11 @@ let decapsulate (sz 1184) (sz 1088) (sz 1152) (sz 960) (sz 128) (sz 10) (sz 4) (sz 320) (sz 2) (sz 128) (sz 2) (sz 128) (sz 1120) private_key ciphertext +let from_bytes (bytes: t_Slice u8) = + Libcrux_ml_kem.Ind_cca.Unpacked.impl_1__from_bytes (sz 3) + #Libcrux_ml_kem.Vector.Neon.Vector_type.t_SIMD128Vector + bytes + let generate_key_pair (randomness: t_Array u8 (sz 64)) (key_pair: @@ -102,6 +127,11 @@ let init_key_pair (_: Prims.unit) = #FStar.Tactics.Typeclasses.solve () +let key_pair_from_bytes (bytes: t_Slice u8) = + Libcrux_ml_kem.Ind_cca.Unpacked.impl_1__from_bytes (sz 3) + #Libcrux_ml_kem.Vector.Neon.Vector_type.t_SIMD128Vector + bytes + let key_pair_serialized_public_key (key_pair: Libcrux_ml_kem.Ind_cca.Unpacked.t_MlKemKeyPairUnpacked (sz 3) @@ -109,7 +139,7 @@ let key_pair_serialized_public_key (serialized: Libcrux_ml_kem.Types.t_MlKemPublicKey (sz 1184)) = let serialized:Libcrux_ml_kem.Types.t_MlKemPublicKey (sz 1184) = - Libcrux_ml_kem.Ind_cca.Unpacked.impl_2__serialized_public_key_mut (sz 3) + Libcrux_ml_kem.Ind_cca.Unpacked.impl_4__serialized_public_key_mut (sz 3) #Libcrux_ml_kem.Vector.Neon.Vector_type.t_SIMD128Vector (sz 1152) (sz 1184) @@ -118,6 +148,20 @@ let key_pair_serialized_public_key in serialized +let key_pair_to_bytes + (key_pair: + Libcrux_ml_kem.Ind_cca.Unpacked.t_MlKemKeyPairUnpacked (sz 3) + Libcrux_ml_kem.Vector.Neon.Vector_type.t_SIMD128Vector) + (out: t_Slice u8) + = + let out:t_Slice u8 = + Libcrux_ml_kem.Ind_cca.Unpacked.impl_1__to_bytes (sz 3) + #Libcrux_ml_kem.Vector.Neon.Vector_type.t_SIMD128Vector + key_pair + out + in + out + let public_key (key_pair: Libcrux_ml_kem.Ind_cca.Unpacked.t_MlKemKeyPairUnpacked (sz 3) @@ -131,7 +175,7 @@ let public_key Core.Clone.f_clone #(Libcrux_ml_kem.Ind_cca.Unpacked.t_MlKemPublicKeyUnpacked (sz 3) Libcrux_ml_kem.Vector.Neon.Vector_type.t_SIMD128Vector) #FStar.Tactics.Typeclasses.solve - (Libcrux_ml_kem.Ind_cca.Unpacked.impl_2__public_key (sz 3) + (Libcrux_ml_kem.Ind_cca.Unpacked.impl_4__public_key (sz 3) #Libcrux_ml_kem.Vector.Neon.Vector_type.t_SIMD128Vector key_pair <: diff --git a/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Mlkem768.Neon.Unpacked.fsti b/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Mlkem768.Neon.Unpacked.fsti index 3c76dc76c..61c92c6b3 100644 --- a/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Mlkem768.Neon.Unpacked.fsti +++ b/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Mlkem768.Neon.Unpacked.fsti @@ -9,6 +9,7 @@ let _ = let open Libcrux_ml_kem.Ind_cca.Unpacked in let open Libcrux_ml_kem.Vector.Neon in let open Libcrux_ml_kem.Vector.Neon.Vector_type in + let open Libcrux_ml_kem.Vector.Traits in () let _ = @@ -39,6 +40,24 @@ val init_public_key: Prims.unit Prims.l_True (fun _ -> Prims.l_True) +/// Read the public key from `bytes``. +/// `bytes` has to point to at least 6208 bytes. +val public_key_from_bytes (bytes: t_Slice u8) + : Prims.Pure + (Libcrux_ml_kem.Ind_cca.Unpacked.t_MlKemPublicKeyUnpacked (sz 3) + Libcrux_ml_kem.Vector.Neon.Vector_type.t_SIMD128Vector) + Prims.l_True + (fun _ -> Prims.l_True) + +/// Write out the public key. +/// `out` has to point to at least 6208 bytes. +val public_key_to_bytes + (key: + Libcrux_ml_kem.Ind_cca.Unpacked.t_MlKemPublicKeyUnpacked (sz 3) + Libcrux_ml_kem.Vector.Neon.Vector_type.t_SIMD128Vector) + (out: t_Slice u8) + : Prims.Pure (t_Slice u8) Prims.l_True (fun _ -> Prims.l_True) + /// Get the serialized public key. val serialized_public_key (public_key: @@ -72,6 +91,15 @@ val decapsulate (ciphertext: Libcrux_ml_kem.Types.t_MlKemCiphertext (sz 1088)) : Prims.Pure (t_Array u8 (sz 32)) Prims.l_True (fun _ -> Prims.l_True) +/// Read bytes into the key pair. +/// `bytes` has to point to at least 7776 bytes. +val from_bytes (bytes: t_Slice u8) + : Prims.Pure + (Libcrux_ml_kem.Ind_cca.Unpacked.t_MlKemKeyPairUnpacked (sz 3) + Libcrux_ml_kem.Vector.Neon.Vector_type.t_SIMD128Vector) + Prims.l_True + (fun _ -> Prims.l_True) + /// Generate ML-KEM 768 Key Pair in "unpacked" form. val generate_key_pair (randomness: t_Array u8 (sz 64)) @@ -92,6 +120,15 @@ val init_key_pair: Prims.unit Prims.l_True (fun _ -> Prims.l_True) +/// Read the key pair from `bytes``. +/// `bytes` has to point to at least 7776 bytes. +val key_pair_from_bytes (bytes: t_Slice u8) + : Prims.Pure + (Libcrux_ml_kem.Ind_cca.Unpacked.t_MlKemKeyPairUnpacked (sz 3) + Libcrux_ml_kem.Vector.Neon.Vector_type.t_SIMD128Vector) + Prims.l_True + (fun _ -> Prims.l_True) + /// Get the serialized public key. val key_pair_serialized_public_key (key_pair: @@ -102,6 +139,15 @@ val key_pair_serialized_public_key Prims.l_True (fun _ -> Prims.l_True) +/// Write out the key pair. +/// `out` has to point to at least 7776 bytes. +val key_pair_to_bytes + (key_pair: + Libcrux_ml_kem.Ind_cca.Unpacked.t_MlKemKeyPairUnpacked (sz 3) + Libcrux_ml_kem.Vector.Neon.Vector_type.t_SIMD128Vector) + (out: t_Slice u8) + : Prims.Pure (t_Slice u8) Prims.l_True (fun _ -> Prims.l_True) + /// Get the unpacked public key. val public_key (key_pair: diff --git a/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Mlkem768.Portable.Unpacked.fst b/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Mlkem768.Portable.Unpacked.fst index 39960a363..57fb35cb3 100644 --- a/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Mlkem768.Portable.Unpacked.fst +++ b/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Mlkem768.Portable.Unpacked.fst @@ -9,6 +9,7 @@ let _ = let open Libcrux_ml_kem.Ind_cca.Unpacked in let open Libcrux_ml_kem.Vector.Portable in let open Libcrux_ml_kem.Vector.Portable.Vector_type in + let open Libcrux_ml_kem.Vector.Traits in () let encapsulate @@ -27,6 +28,25 @@ let init_public_key (_: Prims.unit) = #FStar.Tactics.Typeclasses.solve () +let public_key_from_bytes (bytes: t_Slice u8) = + Libcrux_ml_kem.Ind_cca.Unpacked.impl__from_bytes (sz 3) + #Libcrux_ml_kem.Vector.Portable.Vector_type.t_PortableVector + bytes + +let public_key_to_bytes + (key: + Libcrux_ml_kem.Ind_cca.Unpacked.t_MlKemPublicKeyUnpacked (sz 3) + Libcrux_ml_kem.Vector.Portable.Vector_type.t_PortableVector) + (out: t_Slice u8) + = + let out:t_Slice u8 = + Libcrux_ml_kem.Ind_cca.Unpacked.impl__to_bytes (sz 3) + #Libcrux_ml_kem.Vector.Portable.Vector_type.t_PortableVector + key + out + in + out + let serialized_public_key (public_key: Libcrux_ml_kem.Ind_cca.Unpacked.t_MlKemPublicKeyUnpacked (sz 3) @@ -34,7 +54,7 @@ let serialized_public_key (serialized: Libcrux_ml_kem.Types.t_MlKemPublicKey (sz 1184)) = let serialized:Libcrux_ml_kem.Types.t_MlKemPublicKey (sz 1184) = - Libcrux_ml_kem.Ind_cca.Unpacked.impl__serialized_public_key_mut (sz 3) + Libcrux_ml_kem.Ind_cca.Unpacked.impl_2__serialized_public_key_mut (sz 3) #Libcrux_ml_kem.Vector.Portable.Vector_type.t_PortableVector (sz 1152) (sz 1184) @@ -76,6 +96,11 @@ let decapsulate (sz 1184) (sz 1088) (sz 1152) (sz 960) (sz 128) (sz 10) (sz 4) (sz 320) (sz 2) (sz 128) (sz 2) (sz 128) (sz 1120) private_key ciphertext +let from_bytes (bytes: t_Slice u8) = + Libcrux_ml_kem.Ind_cca.Unpacked.impl_1__from_bytes (sz 3) + #Libcrux_ml_kem.Vector.Portable.Vector_type.t_PortableVector + bytes + let generate_key_pair (randomness: t_Array u8 (sz 64)) (key_pair: @@ -102,6 +127,11 @@ let init_key_pair (_: Prims.unit) = #FStar.Tactics.Typeclasses.solve () +let key_pair_from_bytes (bytes: t_Slice u8) = + Libcrux_ml_kem.Ind_cca.Unpacked.impl_1__from_bytes (sz 3) + #Libcrux_ml_kem.Vector.Portable.Vector_type.t_PortableVector + bytes + let key_pair_serialized_public_key (key_pair: Libcrux_ml_kem.Ind_cca.Unpacked.t_MlKemKeyPairUnpacked (sz 3) @@ -109,7 +139,7 @@ let key_pair_serialized_public_key (serialized: Libcrux_ml_kem.Types.t_MlKemPublicKey (sz 1184)) = let serialized:Libcrux_ml_kem.Types.t_MlKemPublicKey (sz 1184) = - Libcrux_ml_kem.Ind_cca.Unpacked.impl_2__serialized_public_key_mut (sz 3) + Libcrux_ml_kem.Ind_cca.Unpacked.impl_4__serialized_public_key_mut (sz 3) #Libcrux_ml_kem.Vector.Portable.Vector_type.t_PortableVector (sz 1152) (sz 1184) @@ -118,6 +148,20 @@ let key_pair_serialized_public_key in serialized +let key_pair_to_bytes + (key_pair: + Libcrux_ml_kem.Ind_cca.Unpacked.t_MlKemKeyPairUnpacked (sz 3) + Libcrux_ml_kem.Vector.Portable.Vector_type.t_PortableVector) + (out: t_Slice u8) + = + let out:t_Slice u8 = + Libcrux_ml_kem.Ind_cca.Unpacked.impl_1__to_bytes (sz 3) + #Libcrux_ml_kem.Vector.Portable.Vector_type.t_PortableVector + key_pair + out + in + out + let public_key (key_pair: Libcrux_ml_kem.Ind_cca.Unpacked.t_MlKemKeyPairUnpacked (sz 3) @@ -131,7 +175,7 @@ let public_key Core.Clone.f_clone #(Libcrux_ml_kem.Ind_cca.Unpacked.t_MlKemPublicKeyUnpacked (sz 3) Libcrux_ml_kem.Vector.Portable.Vector_type.t_PortableVector) #FStar.Tactics.Typeclasses.solve - (Libcrux_ml_kem.Ind_cca.Unpacked.impl_2__public_key (sz 3) + (Libcrux_ml_kem.Ind_cca.Unpacked.impl_4__public_key (sz 3) #Libcrux_ml_kem.Vector.Portable.Vector_type.t_PortableVector key_pair <: diff --git a/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Mlkem768.Portable.Unpacked.fsti b/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Mlkem768.Portable.Unpacked.fsti index 30956fcb9..22a6453d4 100644 --- a/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Mlkem768.Portable.Unpacked.fsti +++ b/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Mlkem768.Portable.Unpacked.fsti @@ -9,6 +9,7 @@ let _ = let open Libcrux_ml_kem.Ind_cca.Unpacked in let open Libcrux_ml_kem.Vector.Portable in let open Libcrux_ml_kem.Vector.Portable.Vector_type in + let open Libcrux_ml_kem.Vector.Traits in () let _ = @@ -39,6 +40,24 @@ val init_public_key: Prims.unit Prims.l_True (fun _ -> Prims.l_True) +/// Read the public key from `bytes``. +/// `bytes` has to point to at least 6208 bytes. +val public_key_from_bytes (bytes: t_Slice u8) + : Prims.Pure + (Libcrux_ml_kem.Ind_cca.Unpacked.t_MlKemPublicKeyUnpacked (sz 3) + Libcrux_ml_kem.Vector.Portable.Vector_type.t_PortableVector) + Prims.l_True + (fun _ -> Prims.l_True) + +/// Write out the public key. +/// `out` has to point to at least 6208 bytes. +val public_key_to_bytes + (key: + Libcrux_ml_kem.Ind_cca.Unpacked.t_MlKemPublicKeyUnpacked (sz 3) + Libcrux_ml_kem.Vector.Portable.Vector_type.t_PortableVector) + (out: t_Slice u8) + : Prims.Pure (t_Slice u8) Prims.l_True (fun _ -> Prims.l_True) + /// Get the serialized public key. val serialized_public_key (public_key: @@ -72,6 +91,15 @@ val decapsulate (ciphertext: Libcrux_ml_kem.Types.t_MlKemCiphertext (sz 1088)) : Prims.Pure (t_Array u8 (sz 32)) Prims.l_True (fun _ -> Prims.l_True) +/// Read bytes into the key pair. +/// `bytes` has to point to at least 7776 bytes. +val from_bytes (bytes: t_Slice u8) + : Prims.Pure + (Libcrux_ml_kem.Ind_cca.Unpacked.t_MlKemKeyPairUnpacked (sz 3) + Libcrux_ml_kem.Vector.Portable.Vector_type.t_PortableVector) + Prims.l_True + (fun _ -> Prims.l_True) + /// Generate ML-KEM 768 Key Pair in "unpacked" form. val generate_key_pair (randomness: t_Array u8 (sz 64)) @@ -92,6 +120,15 @@ val init_key_pair: Prims.unit Prims.l_True (fun _ -> Prims.l_True) +/// Read the key pair from `bytes``. +/// `bytes` has to point to at least 7776 bytes. +val key_pair_from_bytes (bytes: t_Slice u8) + : Prims.Pure + (Libcrux_ml_kem.Ind_cca.Unpacked.t_MlKemKeyPairUnpacked (sz 3) + Libcrux_ml_kem.Vector.Portable.Vector_type.t_PortableVector) + Prims.l_True + (fun _ -> Prims.l_True) + /// Get the serialized public key. val key_pair_serialized_public_key (key_pair: @@ -102,6 +139,15 @@ val key_pair_serialized_public_key Prims.l_True (fun _ -> Prims.l_True) +/// Write out the key pair. +/// `out` has to point to at least 7776 bytes. +val key_pair_to_bytes + (key_pair: + Libcrux_ml_kem.Ind_cca.Unpacked.t_MlKemKeyPairUnpacked (sz 3) + Libcrux_ml_kem.Vector.Portable.Vector_type.t_PortableVector) + (out: t_Slice u8) + : Prims.Pure (t_Slice u8) Prims.l_True (fun _ -> Prims.l_True) + /// Get the unpacked public key. val public_key (key_pair: diff --git a/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Vector.Avx2.Serialize.fst b/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Vector.Avx2.Serialize.fst index a7fa366a9..01639f725 100644 --- a/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Vector.Avx2.Serialize.fst +++ b/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Vector.Avx2.Serialize.fst @@ -7,6 +7,7 @@ let _ = (* This module has implicit dependencies, here we make them explicit. *) (* The implicit dependencies arise from typeclasses instances. *) let open Libcrux_ml_kem.Vector.Portable in + let open Libcrux_ml_kem.Vector.Traits in () let deserialize_1_ (bytes: t_Slice u8) = diff --git a/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Vector.Avx2.Serialize.fsti b/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Vector.Avx2.Serialize.fsti index e8d5ee34b..653eb0818 100644 --- a/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Vector.Avx2.Serialize.fsti +++ b/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Vector.Avx2.Serialize.fsti @@ -7,6 +7,7 @@ let _ = (* This module has implicit dependencies, here we make them explicit. *) (* The implicit dependencies arise from typeclasses instances. *) let open Libcrux_ml_kem.Vector.Portable in + let open Libcrux_ml_kem.Vector.Traits in () val deserialize_1_ (bytes: t_Slice u8) : Prims.Pure u8 Prims.l_True (fun _ -> Prims.l_True) diff --git a/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Vector.Avx2.fsti b/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Vector.Avx2.fsti index 9622d0152..47f4b0d74 100644 --- a/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Vector.Avx2.fsti +++ b/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Vector.Avx2.fsti @@ -27,6 +27,23 @@ let impl: Libcrux_ml_kem.Vector.Traits.t_Operations t_SIMD256Vector = f_to_i16_array_pre = (fun (x: t_SIMD256Vector) -> true); f_to_i16_array_post = (fun (x: t_SIMD256Vector) (out: t_Array i16 (sz 16)) -> true); f_to_i16_array = (fun (x: t_SIMD256Vector) -> to_i16_array x); + f_to_bytes_pre = (fun (x: t_SIMD256Vector) (out: t_Slice u8) -> true); + f_to_bytes_post = (fun (x: t_SIMD256Vector) (out: t_Slice u8) (out1: t_Slice u8) -> true); + f_to_bytes + = + (fun (x: t_SIMD256Vector) (out: t_Slice u8) -> + let out:t_Slice u8 = + Libcrux_intrinsics.Avx2_extract.mm256_storeu_si256_u8 out x.f_elements + in + out); + f_from_bytes_pre = (fun (bytes: t_Slice u8) -> true); + f_from_bytes_post = (fun (bytes: t_Slice u8) (out: t_SIMD256Vector) -> true); + f_from_bytes + = + (fun (bytes: t_Slice u8) -> + { f_elements = Libcrux_intrinsics.Avx2_extract.mm256_loadu_si256_u8 bytes } + <: + t_SIMD256Vector); f_add_pre = (fun (lhs: t_SIMD256Vector) (rhs: t_SIMD256Vector) -> true); f_add_post = (fun (lhs: t_SIMD256Vector) (rhs: t_SIMD256Vector) (out: t_SIMD256Vector) -> true); f_add @@ -384,14 +401,14 @@ let impl: Libcrux_ml_kem.Vector.Traits.t_Operations t_SIMD256Vector = f_rej_sample_pre = (fun (input: t_Slice u8) (output: t_Slice i16) -> true); f_rej_sample_post = - (fun (input: t_Slice u8) (output: t_Slice i16) (out1: (t_Slice i16 & usize)) -> true); + (fun (input: t_Slice u8) (output: t_Slice i16) (out2: (t_Slice i16 & usize)) -> true); f_rej_sample = fun (input: t_Slice u8) (output: t_Slice i16) -> - let tmp0, out:(t_Slice i16 & usize) = + let tmp0, out1:(t_Slice i16 & usize) = Libcrux_ml_kem.Vector.Avx2.Sampling.rejection_sample input output in let output:t_Slice i16 = tmp0 in - let hax_temp_output:usize = out in + let hax_temp_output:usize = out1 in output, hax_temp_output <: (t_Slice i16 & usize) } diff --git a/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Vector.Neon.Serialize.fst b/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Vector.Neon.Serialize.fst index aa783010c..f2b1f9206 100644 --- a/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Vector.Neon.Serialize.fst +++ b/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Vector.Neon.Serialize.fst @@ -7,6 +7,7 @@ let _ = (* This module has implicit dependencies, here we make them explicit. *) (* The implicit dependencies arise from typeclasses instances. *) let open Libcrux_ml_kem.Vector.Portable in + let open Libcrux_ml_kem.Vector.Traits in () let deserialize_1_ (a: t_Slice u8) = diff --git a/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Vector.Neon.Serialize.fsti b/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Vector.Neon.Serialize.fsti index 309df9740..b9219f5ed 100644 --- a/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Vector.Neon.Serialize.fsti +++ b/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Vector.Neon.Serialize.fsti @@ -7,6 +7,7 @@ let _ = (* This module has implicit dependencies, here we make them explicit. *) (* The implicit dependencies arise from typeclasses instances. *) let open Libcrux_ml_kem.Vector.Portable in + let open Libcrux_ml_kem.Vector.Traits in () val deserialize_1_ (a: t_Slice u8) diff --git a/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Vector.Neon.fsti b/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Vector.Neon.fsti index b68a453af..d8dacb1ea 100644 --- a/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Vector.Neon.fsti +++ b/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Vector.Neon.fsti @@ -39,6 +39,68 @@ Libcrux_ml_kem.Vector.Neon.Vector_type.t_SIMD128Vector = = (fun (x: Libcrux_ml_kem.Vector.Neon.Vector_type.t_SIMD128Vector) -> Libcrux_ml_kem.Vector.Neon.Vector_type.to_i16_array x); + f_to_bytes_pre + = + (fun (x: Libcrux_ml_kem.Vector.Neon.Vector_type.t_SIMD128Vector) (out: t_Slice u8) -> true); + f_to_bytes_post + = + (fun + (x: Libcrux_ml_kem.Vector.Neon.Vector_type.t_SIMD128Vector) + (out: t_Slice u8) + (out1: t_Slice u8) + -> + true); + f_to_bytes + = + (fun (x: Libcrux_ml_kem.Vector.Neon.Vector_type.t_SIMD128Vector) (out: t_Slice u8) -> + let out:t_Slice u8 = + Libcrux_intrinsics.Arm64_extract.v__vst1q_u8 out + (Libcrux_intrinsics.Arm64_extract.v__vreinterpretq_u8_s16 x + .Libcrux_ml_kem.Vector.Neon.Vector_type.f_high + <: + u8) + in + let out:t_Slice u8 = + Rust_primitives.Hax.Monomorphized_update_at.update_at_range_from out + ({ Core.Ops.Range.f_start = sz 16 } <: Core.Ops.Range.t_RangeFrom usize) + (Libcrux_intrinsics.Arm64_extract.v__vst1q_u8 (out.[ { Core.Ops.Range.f_start = sz 16 } + <: + Core.Ops.Range.t_RangeFrom usize ] + <: + t_Slice u8) + (Libcrux_intrinsics.Arm64_extract.v__vreinterpretq_u8_s16 x + .Libcrux_ml_kem.Vector.Neon.Vector_type.f_low + <: + u8) + <: + t_Slice u8) + in + out); + f_from_bytes_pre = (fun (bytes: t_Slice u8) -> true); + f_from_bytes_post + = + (fun (bytes: t_Slice u8) (out: Libcrux_ml_kem.Vector.Neon.Vector_type.t_SIMD128Vector) -> true); + f_from_bytes + = + (fun (bytes: t_Slice u8) -> + { + Libcrux_ml_kem.Vector.Neon.Vector_type.f_low + = + Libcrux_intrinsics.Arm64_extract.v__vreinterpretq_s16_u8 (Libcrux_intrinsics.Arm64_extract.v__vld1q_u8 + (bytes.[ { Core.Ops.Range.f_start = sz 16 } <: Core.Ops.Range.t_RangeFrom usize ] + <: + t_Slice u8) + <: + u8); + Libcrux_ml_kem.Vector.Neon.Vector_type.f_high + = + Libcrux_intrinsics.Arm64_extract.v__vreinterpretq_s16_u8 (Libcrux_intrinsics.Arm64_extract.v__vld1q_u8 + bytes + <: + u8) + } + <: + Libcrux_ml_kem.Vector.Neon.Vector_type.t_SIMD128Vector); f_add_pre = (fun diff --git a/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Vector.Portable.fst b/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Vector.Portable.fst new file mode 100644 index 000000000..bfb4347d4 --- /dev/null +++ b/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Vector.Portable.fst @@ -0,0 +1,18 @@ +module Libcrux_ml_kem.Vector.Portable +#set-options "--fuel 0 --ifuel 1 --z3rlimit 15" +open Core +open FStar.Mul + +let _ = + (* This module has implicit dependencies, here we make them explicit. *) + (* The implicit dependencies arise from typeclasses instances. *) + let open Libcrux_ml_kem.Vector.Portable.Vector_type in + () + +let bytes_to_i16 (bytes: t_Slice u8) = + ((cast (bytes.[ sz 0 ] <: u8) <: i16) <>! 8l <: i16) <: u8; cast (x &. 255s <: i16) <: u8] in + FStar.Pervasives.assert_norm (Prims.eq2 (List.Tot.length list) 2); + Rust_primitives.Hax.array_of_list 2 list diff --git a/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Vector.Portable.fsti b/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Vector.Portable.fsti index 164f28caa..d376a7d1f 100644 --- a/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Vector.Portable.fsti +++ b/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Vector.Portable.fsti @@ -9,6 +9,10 @@ let _ = let open Libcrux_ml_kem.Vector.Portable.Vector_type in () +val bytes_to_i16 (bytes: t_Slice u8) : Prims.Pure i16 Prims.l_True (fun _ -> Prims.l_True) + +val i16_to_be_bytes (x: i16) : Prims.Pure (t_Array u8 (sz 2)) Prims.l_True (fun _ -> Prims.l_True) + [@@ FStar.Tactics.Typeclasses.tcinstance] let impl: Libcrux_ml_kem.Vector.Traits.t_Operations Libcrux_ml_kem.Vector.Portable.Vector_type.t_PortableVector = @@ -42,6 +46,109 @@ Libcrux_ml_kem.Vector.Portable.Vector_type.t_PortableVector = = (fun (x: Libcrux_ml_kem.Vector.Portable.Vector_type.t_PortableVector) -> Libcrux_ml_kem.Vector.Portable.Vector_type.to_i16_array x); + f_to_bytes_pre + = + (fun (x: Libcrux_ml_kem.Vector.Portable.Vector_type.t_PortableVector) (out: t_Slice u8) -> true); + f_to_bytes_post + = + (fun + (x: Libcrux_ml_kem.Vector.Portable.Vector_type.t_PortableVector) + (out: t_Slice u8) + (out1: t_Slice u8) + -> + true); + f_to_bytes + = + (fun (x: Libcrux_ml_kem.Vector.Portable.Vector_type.t_PortableVector) (out: t_Slice u8) -> + let p:usize = sz 0 in + let out, p:(t_Slice u8 & usize) = + Rust_primitives.Hax.Folds.fold_range (sz 0) + (Core.Slice.impl__len #i16 + (x.Libcrux_ml_kem.Vector.Portable.Vector_type.f_elements <: t_Slice i16) + <: + usize) + (fun temp_0_ temp_1_ -> + let out, p:(t_Slice u8 & usize) = temp_0_ in + let _:usize = temp_1_ in + true) + (out, p <: (t_Slice u8 & usize)) + (fun temp_0_ i -> + let out, p:(t_Slice u8 & usize) = temp_0_ in + let i:usize = i in + let out:t_Slice u8 = + Rust_primitives.Hax.Monomorphized_update_at.update_at_range out + ({ Core.Ops.Range.f_start = p; Core.Ops.Range.f_end = p +! sz 2 <: usize } + <: + Core.Ops.Range.t_Range usize) + (Core.Slice.impl__copy_from_slice #u8 + (out.[ { + Core.Ops.Range.f_start = p; + Core.Ops.Range.f_end = p +! sz 2 <: usize + } + <: + Core.Ops.Range.t_Range usize ] + <: + t_Slice u8) + (i16_to_be_bytes (x.Libcrux_ml_kem.Vector.Portable.Vector_type.f_elements.[ i + ] + <: + i16) + <: + t_Slice u8) + <: + t_Slice u8) + in + let p:usize = p +! sz 2 in + out, p <: (t_Slice u8 & usize)) + in + let hax_temp_output:Prims.unit = () <: Prims.unit in + out); + f_from_bytes_pre = (fun (bytes: t_Slice u8) -> true); + f_from_bytes_post + = + (fun (bytes: t_Slice u8) (out1: Libcrux_ml_kem.Vector.Portable.Vector_type.t_PortableVector) -> + true); + f_from_bytes + = + (fun (bytes: t_Slice u8) -> + let out:Libcrux_ml_kem.Vector.Portable.Vector_type.t_PortableVector = + Libcrux_ml_kem.Vector.Portable.Vector_type.zero () + in + let out:Libcrux_ml_kem.Vector.Portable.Vector_type.t_PortableVector = + Rust_primitives.Hax.Folds.fold_range (sz 0) + ((Core.Slice.impl__len #u8 bytes <: usize) /! sz 2 <: usize) + (fun out temp_1_ -> + let out:Libcrux_ml_kem.Vector.Portable.Vector_type.t_PortableVector = out in + let _:usize = temp_1_ in + true) + out + (fun out i -> + let out:Libcrux_ml_kem.Vector.Portable.Vector_type.t_PortableVector = out in + let i:usize = i in + let chunk:t_Slice u8 = + bytes.[ { + Core.Ops.Range.f_start = i *! sz 2 <: usize; + Core.Ops.Range.f_end = (i *! sz 2 <: usize) +! sz 2 <: usize + } + <: + Core.Ops.Range.t_Range usize ] + in + let out:Libcrux_ml_kem.Vector.Portable.Vector_type.t_PortableVector = + { + out with + Libcrux_ml_kem.Vector.Portable.Vector_type.f_elements + = + Rust_primitives.Hax.Monomorphized_update_at.update_at_usize out + .Libcrux_ml_kem.Vector.Portable.Vector_type.f_elements + i + (bytes_to_i16 chunk <: i16) + } + <: + Libcrux_ml_kem.Vector.Portable.Vector_type.t_PortableVector + in + out) + in + out); f_add_pre = (fun diff --git a/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Vector.Traits.fsti b/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Vector.Traits.fsti index c5dbe6258..52ac3808e 100644 --- a/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Vector.Traits.fsti +++ b/libcrux-ml-kem/proofs/fstar/extraction/Libcrux_ml_kem.Vector.Traits.fsti @@ -19,6 +19,14 @@ class t_Operations (v_Self: Type0) = { -> Prims.Pure (t_Array i16 (sz 16)) (f_to_i16_array_pre x0) (fun result -> f_to_i16_array_post x0 result); + f_to_bytes_pre:v_Self -> t_Slice u8 -> Type0; + f_to_bytes_post:v_Self -> t_Slice u8 -> t_Slice u8 -> Type0; + f_to_bytes:x0: v_Self -> x1: t_Slice u8 + -> Prims.Pure (t_Slice u8) (f_to_bytes_pre x0 x1) (fun result -> f_to_bytes_post x0 x1 result); + f_from_bytes_pre:t_Slice u8 -> Type0; + f_from_bytes_post:t_Slice u8 -> v_Self -> Type0; + f_from_bytes:x0: t_Slice u8 + -> Prims.Pure v_Self (f_from_bytes_pre x0) (fun result -> f_from_bytes_post x0 result); f_add_pre:v_Self -> v_Self -> Type0; f_add_post:v_Self -> v_Self -> v_Self -> Type0; f_add:x0: v_Self -> x1: v_Self diff --git a/libcrux-ml-kem/src/ind_cca.rs b/libcrux-ml-kem/src/ind_cca.rs index b905b706f..ccc74f6a7 100644 --- a/libcrux-ml-kem/src/ind_cca.rs +++ b/libcrux-ml-kem/src/ind_cca.rs @@ -305,12 +305,136 @@ pub(crate) mod unpacked { pub(crate) public_key_hash: [u8; 32], } + impl MlKemPublicKeyUnpacked { + /// Write the key into the `out` buffer. + pub fn to_bytes(&self, out: &mut [u8]) { + // We use C style loops here to avoid having to use the cloop macro. + // Eurydice unfortunately can't handle iterators. + + let mut p = 0; + + for i in 0..self.ind_cpa_public_key.t_as_ntt.len() { + let t = &self.ind_cpa_public_key.t_as_ntt[i]; + for j in 0..t.coefficients.len() { + Vector::to_bytes(t.coefficients[j], &mut out[p..p + 32]); + p += 32; + } + } + out[p..p + 32].copy_from_slice(&self.ind_cpa_public_key.seed_for_A); + p += 32; + for i in 0..self.ind_cpa_public_key.A.len() { + let a1 = &self.ind_cpa_public_key.A[i]; + for j in 0..a1.len() { + let a = a1[j]; + for k in 0..a.coefficients.len() { + Vector::to_bytes(a.coefficients[k], &mut out[p..p + 32]); + p += 32; + } + } + } + out[p..p + 32].copy_from_slice(&self.public_key_hash); + } + + /// Read the bytes into an unpacked key pair. + pub fn from_bytes(bytes: &[u8]) -> MlKemPublicKeyUnpacked { + // We use C style loops here to avoid having to use the cloop macro. + // Eurydice unfortunately can't handle iterators. + + let mut p = 0; + let mut ind_cpa_public_key = IndCpaPublicKeyUnpacked::::default(); + + for i in 0..ind_cpa_public_key.t_as_ntt.len() { + for j in 0..ind_cpa_public_key.t_as_ntt[i].coefficients.len() { + ind_cpa_public_key.t_as_ntt[i].coefficients[j] = + Vector::from_bytes(&bytes[p..p + 32]); + p += 32; + } + } + ind_cpa_public_key + .seed_for_A + .copy_from_slice(&bytes[p..p + 32]); + p += 32; + for i in 0..ind_cpa_public_key.A.len() { + for j in 0..ind_cpa_public_key.A[i].len() { + for k in 0..ind_cpa_public_key.A[i][j].coefficients.len() { + ind_cpa_public_key.A[i][j].coefficients[k] = + Vector::from_bytes(&bytes[p..p + 32]); + p += 32; + } + } + } + let mut public_key_hash = [0u8; 32]; + public_key_hash.copy_from_slice(&bytes[p..p + 32]); + + MlKemPublicKeyUnpacked { + ind_cpa_public_key, + public_key_hash, + } + } + } + /// An unpacked ML-KEM KeyPair pub struct MlKemKeyPairUnpacked { pub private_key: MlKemPrivateKeyUnpacked, pub public_key: MlKemPublicKeyUnpacked, } + impl MlKemKeyPairUnpacked { + /// Write the key into the `out` buffer. + pub fn to_bytes(&self, out: &mut [u8]) { + // We use C style loops here to avoid having to use the cloop macro. + // Eurydice unfortunately can't handle iterators. + + let mut p = 0; + + // Private key + for i in 0..self.private_key.ind_cpa_private_key.secret_as_ntt.len() { + let s = &self.private_key.ind_cpa_private_key.secret_as_ntt[i]; + for j in 0..s.coefficients.len() { + Vector::to_bytes(s.coefficients[j], &mut out[p..p + 32]); + p += 32; + } + } + out[p..p + 32].copy_from_slice(&self.private_key.implicit_rejection_value); + p += 32; + + // Public key + self.public_key.to_bytes(&mut out[p..]); + } + + /// Read the bytes into an unpacked key pair. + pub fn from_bytes(bytes: &[u8]) -> MlKemKeyPairUnpacked { + // We use C style loops here to avoid having to use the cloop macro. + // Eurydice unfortunately can't handle iterators. + + let mut p = 0; + + // Read private key + let mut ind_cpa_private_key = IndCpaPrivateKeyUnpacked::::default(); + for i in 0..ind_cpa_private_key.secret_as_ntt.len() { + for j in 0..ind_cpa_private_key.secret_as_ntt[i].coefficients.len() { + ind_cpa_private_key.secret_as_ntt[i].coefficients[j] = + Vector::from_bytes(&bytes[p..p + 32]); + p += 32; + } + } + let mut implicit_rejection_value = [0u8; 32]; + implicit_rejection_value.copy_from_slice(&bytes[p..p + 32]); + p += 32; + + // Read public key + let public_key = MlKemPublicKeyUnpacked::from_bytes(&bytes[p..]); + + MlKemKeyPairUnpacked { + private_key: MlKemPrivateKeyUnpacked { + ind_cpa_private_key, + implicit_rejection_value, + }, + public_key, + } + } + } + /// Generate an unpacked key from a serialized key. #[inline(always)] pub(crate) fn unpack_public_key< diff --git a/libcrux-ml-kem/src/mlkem1024.rs b/libcrux-ml-kem/src/mlkem1024.rs index 3b3484b04..2f1baa9e7 100644 --- a/libcrux-ml-kem/src/mlkem1024.rs +++ b/libcrux-ml-kem/src/mlkem1024.rs @@ -232,6 +232,13 @@ macro_rules! instantiate { /// Am Unpacked ML-KEM 1024 Key pair pub type MlKem1024KeyPairUnpacked = p::unpacked::MlKemKeyPairUnpacked; + /// Read the key pair from `bytes``. + /// + /// `bytes` has to point to at least ??? bytes. + pub fn key_pair_from_bytes(bytes: &[u8]) -> MlKem1024KeyPairUnpacked { + MlKem1024KeyPairUnpacked::from_bytes(bytes) + } + /// Create a new, empty unpacked key. pub fn init_key_pair() -> MlKem1024KeyPairUnpacked { MlKem1024KeyPairUnpacked::default() diff --git a/libcrux-ml-kem/src/mlkem512.rs b/libcrux-ml-kem/src/mlkem512.rs index c6fa31997..0ec979f2c 100644 --- a/libcrux-ml-kem/src/mlkem512.rs +++ b/libcrux-ml-kem/src/mlkem512.rs @@ -229,6 +229,13 @@ macro_rules! instantiate { /// Am Unpacked ML-KEM 512 Key pair pub type MlKem512KeyPairUnpacked = p::unpacked::MlKemKeyPairUnpacked; + /// Read the key pair from `bytes``. + /// + /// `bytes` has to point to at least ??? bytes. + pub fn key_pair_from_bytes(bytes: &[u8]) -> MlKem512KeyPairUnpacked { + MlKem512KeyPairUnpacked::from_bytes(bytes) + } + /// Create a new, empty unpacked key. pub fn init_key_pair() -> MlKem512KeyPairUnpacked { MlKem512KeyPairUnpacked::default() diff --git a/libcrux-ml-kem/src/mlkem768.rs b/libcrux-ml-kem/src/mlkem768.rs index bdc5c78f7..20aae461e 100644 --- a/libcrux-ml-kem/src/mlkem768.rs +++ b/libcrux-ml-kem/src/mlkem768.rs @@ -231,6 +231,41 @@ macro_rules! instantiate { /// Am Unpacked ML-KEM 768 Key pair pub type MlKem768KeyPairUnpacked = p::unpacked::MlKemKeyPairUnpacked; + /// Write out the public key. + /// + /// `out` has to point to at least 6208 bytes. + pub fn public_key_to_bytes(key: &MlKem768PublicKeyUnpacked, out: &mut [u8]) { + key.to_bytes(out); + } + + /// Read the public key from `bytes``. + /// + /// `bytes` has to point to at least 6208 bytes. + pub fn public_key_from_bytes(bytes: &[u8]) -> MlKem768PublicKeyUnpacked { + MlKem768PublicKeyUnpacked::from_bytes(bytes) + } + + /// Write out the key pair. + /// + /// `out` has to point to at least 7776 bytes. + pub fn key_pair_to_bytes(key_pair: &MlKem768KeyPairUnpacked, out: &mut [u8]) { + key_pair.to_bytes(out); + } + + /// Read the key pair from `bytes``. + /// + /// `bytes` has to point to at least 7776 bytes. + pub fn key_pair_from_bytes(bytes: &[u8]) -> MlKem768KeyPairUnpacked { + MlKem768KeyPairUnpacked::from_bytes(bytes) + } + + /// Read bytes into the key pair. + /// + /// `bytes` has to point to at least 7776 bytes. + pub fn from_bytes(bytes: &[u8]) -> MlKem768KeyPairUnpacked{ + MlKem768KeyPairUnpacked::from_bytes(bytes) + } + /// Create a new, empty unpacked key. pub fn init_key_pair() -> MlKem768KeyPairUnpacked { MlKem768KeyPairUnpacked::default() diff --git a/libcrux-ml-kem/src/vector/avx2.rs b/libcrux-ml-kem/src/vector/avx2.rs index 178ed4478..563733a0c 100644 --- a/libcrux-ml-kem/src/vector/avx2.rs +++ b/libcrux-ml-kem/src/vector/avx2.rs @@ -48,6 +48,16 @@ impl Operations for SIMD256Vector { to_i16_array(x) } + fn to_bytes(x: Self, out: &mut [u8]) { + mm256_storeu_si256_u8(out, x.elements); + } + + fn from_bytes(bytes: &[u8]) -> Self { + Self { + elements: mm256_loadu_si256_u8(bytes), + } + } + fn add(lhs: Self, rhs: &Self) -> Self { Self { elements: arithmetic::add(lhs.elements, rhs.elements), diff --git a/libcrux-ml-kem/src/vector/neon.rs b/libcrux-ml-kem/src/vector/neon.rs index 68539971e..2ffe7a1a9 100644 --- a/libcrux-ml-kem/src/vector/neon.rs +++ b/libcrux-ml-kem/src/vector/neon.rs @@ -30,6 +30,28 @@ impl Operations for SIMD128Vector { to_i16_array(x) } + fn to_bytes(x: Self, out: &mut [u8]) { + libcrux_intrinsics::arm64::_vst1q_u8( + out, + libcrux_intrinsics::arm64::_vreinterpretq_u8_s16(x.high), + ); + libcrux_intrinsics::arm64::_vst1q_u8( + &mut out[16..], + libcrux_intrinsics::arm64::_vreinterpretq_u8_s16(x.low), + ); + } + + fn from_bytes(bytes: &[u8]) -> Self { + Self { + low: libcrux_intrinsics::arm64::_vreinterpretq_s16_u8( + libcrux_intrinsics::arm64::_vld1q_u8(&bytes[16..]), + ), + high: libcrux_intrinsics::arm64::_vreinterpretq_s16_u8( + libcrux_intrinsics::arm64::_vld1q_u8(bytes), + ), + } + } + fn add(lhs: Self, rhs: &Self) -> Self { add(lhs, rhs) } diff --git a/libcrux-ml-kem/src/vector/portable.rs b/libcrux-ml-kem/src/vector/portable.rs index 2ed759d54..817098ebf 100644 --- a/libcrux-ml-kem/src/vector/portable.rs +++ b/libcrux-ml-kem/src/vector/portable.rs @@ -16,6 +16,16 @@ use vector_type::*; pub(crate) use vector_type::PortableVector; +#[inline(always)] +fn i16_to_be_bytes(x: i16) -> [u8; 2] { + [(x >> 8) as u8, (x & 0xFF) as u8] +} + +#[inline(always)] +fn bytes_to_i16(bytes: &[u8]) -> i16 { + (bytes[0] as i16) << 8 | bytes[1] as i16 +} + impl Operations for PortableVector { fn ZERO() -> Self { zero() @@ -29,6 +39,30 @@ impl Operations for PortableVector { to_i16_array(x) } + fn to_bytes(x: Self, out: &mut [u8]) { + // We use C style loops here to avoid having to use the cloop macro. + // Eurydice unfortunately can't handle iterators. + let mut p = 0; + for i in 0..x.elements.len() { + out[p..p + 2].copy_from_slice(&i16_to_be_bytes(x.elements[i])); + p += 2; + } + () + } + + fn from_bytes(bytes: &[u8]) -> Self { + // We use C style loops here to avoid having to use the cloop macro. + // Eurydice unfortunately can't handle iterators. + let mut out = zero(); + + for i in 0..bytes.len() / 2 { + let chunk = &bytes[i * 2..i * 2 + 2]; + out.elements[i] = bytes_to_i16(chunk); + } + + out + } + fn add(lhs: Self, rhs: &Self) -> Self { add(lhs, rhs) } diff --git a/libcrux-ml-kem/src/vector/traits.rs b/libcrux-ml-kem/src/vector/traits.rs index 138ad7ad3..747ce9257 100644 --- a/libcrux-ml-kem/src/vector/traits.rs +++ b/libcrux-ml-kem/src/vector/traits.rs @@ -9,6 +9,8 @@ pub trait Operations: Copy + Clone { fn from_i16_array(array: &[i16]) -> Self; fn to_i16_array(x: Self) -> [i16; 16]; + fn to_bytes(x: Self, out: &mut [u8]); + fn from_bytes(bytes: &[u8]) -> Self; // Basic arithmetic fn add(lhs: Self, rhs: &Self) -> Self; diff --git a/libcrux-ml-kem/tests/self.rs b/libcrux-ml-kem/tests/self.rs index ebffcc0b2..c02fa7b33 100644 --- a/libcrux-ml-kem/tests/self.rs +++ b/libcrux-ml-kem/tests/self.rs @@ -70,6 +70,20 @@ macro_rules! impl_consistency_unpacked { key_pair.public_key().as_slice() ); + // Get the serialized keys as bytes + let mut bytes = [0u8; 12384]; // max for 1024 + key_pair_unpacked.to_bytes(&mut bytes); + let unpacked_key_again = p::unpacked::key_pair_from_bytes(&bytes); + let mut serialized_public_key = Default::default(); + p::unpacked::serialized_public_key( + unpacked_key_again.public_key(), + &mut serialized_public_key, + ); + assert_eq!( + key_pair.public_key().as_slice(), + serialized_public_key.as_slice() + ); + let randomness = random_array(); let (ciphertext, shared_secret) = p::encapsulate(key_pair.public_key(), randomness); let (ciphertext_unpacked, shared_secret_unpacked) =