Download raw body.
Update libcrux ML-KEM used in OpenSSH
Hi,
This updates the implementation of ML-KEM that is used in the default
key agreement algorithm to upstream[1] v0.0.4.
This is code generated from a theorem prover so the code is pretty
unreadable and there's lots of churn, but you can reproduce the import
using the mlkem768.sh script; it will check out libcrux from git and
convert/mutate their code into the single header we use in OpenSSH.
I'd particularly appreciate test reports from anyone with access to
a 64-bit BE architecture, as there has been bugs here in the past.
Thanks,
Damien
[1] https://github.com/cryspen/libcrux
commit c264e611b6f25a720b41c8ca5c51c61c7676f8e5
Author: Damien Miller <djm@mindrot.org>
Date: Thu Nov 13 11:10:01 2025 +1100
update libcrux ML-KEM implementation to v0.0.4
diff --git a/libcrux_mlkem768_sha3.h b/libcrux_mlkem768_sha3.h
index b8ac143..fe19d3e 100644
--- a/libcrux_mlkem768_sha3.h
+++ b/libcrux_mlkem768_sha3.h
@@ -1,6 +1,6 @@
-/* $OpenBSD: libcrux_mlkem768_sha3.h,v 1.2 2024/10/27 02:06:01 djm Exp $ */
+/* $OpenBSD$ */
-/* Extracted from libcrux revision 84c5d87b3092c59294345aa269ceefe0eb97cc35 */
+/* Extracted from libcrux revision 026a87ab6d88ad3626b9fbbf3710d1e0483c1849 */
/*
* MIT License
@@ -34,100 +34,224 @@
#define KRML_HOST_EPRINTF(...)
#define KRML_HOST_EXIT(x) fatal_f("internal error")
-/* from libcrux/libcrux-ml-kem/cg/eurydice_glue.h */
-/*
- * SPDX-FileCopyrightText: 2024 Eurydice Contributors
- * SPDX-FileCopyrightText: 2024 Cryspen Sarl <info@cryspen.com>
- *
- * SPDX-License-Identifier: MIT or Apache-2.0
- */
+static inline void
+store64_le(uint8_t dst[8], uint64_t src)
+{
+ dst[0] = src & 0xff;
+ dst[1] = (src >> 8) & 0xff;
+ dst[2] = (src >> 16) & 0xff;
+ dst[3] = (src >> 24) & 0xff;
+ dst[4] = (src >> 32) & 0xff;
+ dst[5] = (src >> 40) & 0xff;
+ dst[6] = (src >> 48) & 0xff;
+ dst[7] = (src >> 56) & 0xff;
+}
+static inline void
+store32_le(uint8_t dst[4], uint32_t src)
+{
+ dst[0] = src & 0xff;
+ dst[1] = (src >> 8) & 0xff;
+ dst[2] = (src >> 16) & 0xff;
+ dst[3] = (src >> 24) & 0xff;
+}
+
+static inline void
+store32_be(uint8_t dst[4], uint32_t src)
+{
+ dst[0] = (src >> 24) & 0xff;
+ dst[1] = (src >> 16) & 0xff;
+ dst[2] = (src >> 8) & 0xff;
+ dst[3] = src & 0xff;
+}
+
+static inline uint64_t
+load64_le(uint8_t src[8])
+{
+ return (uint64_t)(src[0]) |
+ ((uint64_t)(src[1]) << 8) |
+ ((uint64_t)(src[2]) << 16) |
+ ((uint64_t)(src[3]) << 24) |
+ ((uint64_t)(src[4]) << 32) |
+ ((uint64_t)(src[5]) << 40) |
+ ((uint64_t)(src[6]) << 48) |
+ ((uint64_t)(src[7]) << 56);
+}
+
+static inline uint32_t
+load32_le(uint8_t src[4])
+{
+ return (uint32_t)(src[0]) |
+ ((uint32_t)(src[1]) << 8) |
+ ((uint32_t)(src[2]) << 16) |
+ ((uint32_t)(src[3]) << 24);
+}
+/* from libcrux/libcrux-ml-kem/extracts/c_header_only/generated/eurydice_glue.h */
#pragma once
+
+#ifdef _MSC_VER
+// For __popcnt
+#endif
+
+
+// C++ HELPERS
+
#if defined(__cplusplus)
-extern "C" {
+
+#ifndef KRML_HOST_EPRINTF
+#define KRML_HOST_EPRINTF(...) fprintf(stderr, __VA_ARGS__)
+#endif
+
+
+#ifndef __cpp_lib_type_identity
+template <class T>
+struct type_identity {
+ using type = T;
+};
+
+template <class T>
+using type_identity_t = typename type_identity<T>::type;
+#else
+using std::type_identity_t;
#endif
+#define KRML_UNION_CONSTRUCTOR(T) \
+ template <typename V> \
+ constexpr T(int t, V U::*m, type_identity_t<V> v) : tag(t) { \
+ val.*m = std::move(v); \
+ } \
+ T() = default;
+
+#endif
+
+// GENERAL-PURPOSE STUFF
+
+#define LowStar_Ignore_ignore(e, t, _ret_t) ((void)e)
+#define EURYDICE_ASSERT(test, msg) \
+ do { \
+ if (!(test)) { \
+ fprintf(stderr, "assertion \"%s\" failed: file \"%s\", line %d\n", msg, \
+ __FILE__, __LINE__); \
+ exit(255); \
+ } \
+ } while (0)
// SLICES, ARRAYS, ETC.
-// The MSVC C++ compiler does not support compound literals.
-// This CLITERAL is used to turn `(type){...}` into `type{...}` when using a C++
-// compiler.
-#if defined(__cplusplus)
-#define CLITERAL(type) type
-#else
-#define CLITERAL(type) (type)
-#endif
-
// We represent a slice as a pair of an (untyped) pointer, along with the length
// of the slice, i.e. the number of elements in the slice (this is NOT the
// number of bytes). This design choice has two important consequences.
// - if you need to use `ptr`, you MUST cast it to a proper type *before*
-// performing pointer
-// arithmetic on it (remember that C desugars pointer arithmetic based on the
-// type of the address)
+// performing pointer arithmetic on it (remember that C desugars pointer
+// arithmetic based on the type of the address)
// - if you need to use `len` for a C style function (e.g. memcpy, memcmp), you
-// need to multiply it
-// by sizeof t, where t is the type of the elements.
+// need to multiply it by sizeof t, where t is the type of the elements.
//
-// Empty slices have `len == 0` and `ptr` always needs to be valid pointer that
-// is not NULL (otherwise the construction in EURYDICE_SLICE computes `NULL +
-// start`).
+// Empty slices have `len == 0` and `ptr` always needs to be a valid pointer
+// that is not NULL (otherwise the construction in EURYDICE_SLICE computes `NULL
+// + start`).
typedef struct {
void *ptr;
size_t len;
} Eurydice_slice;
+#if defined(__cplusplus)
+#define KRML_CLITERAL(type) type
+#else
+#define KRML_CLITERAL(type) (type)
+#endif
+
+#if defined(__cplusplus) && defined(__cpp_designated_initializers) || \
+ !(defined(__cplusplus))
+#define EURYDICE_CFIELD(X) X
+#else
+#define EURYDICE_CFIELD(X)
+#endif
+
// Helper macro to create a slice out of a pointer x, a start index in x
// (included), and an end index in x (excluded). The argument x must be suitably
// cast to something that can decay (see remark above about how pointer
// arithmetic works in C), meaning either pointer or array type.
#define EURYDICE_SLICE(x, start, end) \
- (CLITERAL(Eurydice_slice){.ptr = (void *)(x + start), .len = end - start})
-#define EURYDICE_SLICE_LEN(s, _) s.len
+ (KRML_CLITERAL(Eurydice_slice){(void *)(x + start), end - start})
+
+// Slice length
+#define EURYDICE_SLICE_LEN(s, _) (s).len
+#define Eurydice_slice_len(s, _) (s).len
+
// This macro is a pain because in case the dereferenced element type is an
// array, you cannot simply write `t x` as it would yield `int[4] x` instead,
// which is NOT correct C syntax, so we add a dedicated phase in Eurydice that
// adds an extra argument to this macro at the last minute so that we have the
// correct type of *pointers* to elements.
#define Eurydice_slice_index(s, i, t, t_ptr_t) (((t_ptr_t)s.ptr)[i])
-#define Eurydice_slice_subslice(s, r, t, _) \
+
+// The following functions get sub slices from a slice.
+
+#define Eurydice_slice_subslice(s, r, t, _0, _1) \
EURYDICE_SLICE((t *)s.ptr, r.start, r.end)
+
// Variant for when the start and end indices are statically known (i.e., the
// range argument `r` is a literal).
#define Eurydice_slice_subslice2(s, start, end, t) \
- EURYDICE_SLICE((t *)s.ptr, start, end)
-#define Eurydice_slice_subslice_to(s, subslice_end_pos, t, _) \
+ EURYDICE_SLICE((t *)s.ptr, (start), (end))
+
+// Previous version above does not work when t is an array type (as usual). Will
+// be deprecated soon.
+#define Eurydice_slice_subslice3(s, start, end, t_ptr) \
+ EURYDICE_SLICE((t_ptr)s.ptr, (start), (end))
+
+#define Eurydice_slice_subslice_to(s, subslice_end_pos, t, _0, _1) \
EURYDICE_SLICE((t *)s.ptr, 0, subslice_end_pos)
-#define Eurydice_slice_subslice_from(s, subslice_start_pos, t, _) \
+
+#define Eurydice_slice_subslice_from(s, subslice_start_pos, t, _0, _1) \
EURYDICE_SLICE((t *)s.ptr, subslice_start_pos, s.len)
+
#define Eurydice_array_to_slice(end, x, t) \
EURYDICE_SLICE(x, 0, \
end) /* x is already at an array type, no need for cast */
-#define Eurydice_array_to_subslice(_arraylen, x, r, t, _) \
+#define Eurydice_array_to_subslice(_arraylen, x, r, t, _0, _1) \
EURYDICE_SLICE((t *)x, r.start, r.end)
+
// Same as above, variant for when start and end are statically known
#define Eurydice_array_to_subslice2(x, start, end, t) \
- EURYDICE_SLICE((t *)x, start, end)
-#define Eurydice_array_to_subslice_to(_size, x, r, t, _range_t) \
+ EURYDICE_SLICE((t *)x, (start), (end))
+
+// Same as above, variant for when start and end are statically known
+#define Eurydice_array_to_subslice3(x, start, end, t_ptr) \
+ EURYDICE_SLICE((t_ptr)x, (start), (end))
+
+#define Eurydice_array_repeat(dst, len, init, t) \
+ ERROR "should've been desugared"
+
+// The following functions convert an array into a slice.
+
+#define Eurydice_array_to_subslice_to(_size, x, r, t, _range_t, _0) \
EURYDICE_SLICE((t *)x, 0, r)
-#define Eurydice_array_to_subslice_from(size, x, r, t, _range_t) \
+#define Eurydice_array_to_subslice_from(size, x, r, t, _range_t, _0) \
EURYDICE_SLICE((t *)x, r, size)
-#define Eurydice_slice_len(s, t) EURYDICE_SLICE_LEN(s, t)
+
+// Copy a slice with memcopy
#define Eurydice_slice_copy(dst, src, t) \
memcpy(dst.ptr, src.ptr, dst.len * sizeof(t))
-#define core_array___Array_T__N__23__as_slice(len_, ptr_, t, _ret_t) \
- ((Eurydice_slice){.ptr = ptr_, .len = len_})
-#define core_array___core__clone__Clone_for__Array_T__N___20__clone( \
- len, src, dst, elem_type, _ret_t) \
+#define core_array___Array_T__N___as_slice(len_, ptr_, t, _ret_t) \
+ KRML_CLITERAL(Eurydice_slice) { ptr_, len_ }
+
+#define core_array__core__clone__Clone_for__Array_T__N___clone( \
+ len, src, dst, elem_type, _ret_t) \
(memcpy(dst, src, len * sizeof(elem_type)))
#define TryFromSliceError uint8_t
+#define core_array_TryFromSliceError uint8_t
+
+#define Eurydice_array_eq(sz, a1, a2, t) (memcmp(a1, a2, sz * sizeof(t)) == 0)
+
+// core::cmp::PartialEq<&0 (@Slice<U>)> for @Array<T, N>
+#define Eurydice_array_eq_slice(sz, a1, s2, t, _) \
+ (memcmp(a1, (s2)->ptr, sz * sizeof(t)) == 0)
-#define Eurydice_array_eq(sz, a1, a2, t, _) \
- (memcmp(a1, a2, sz * sizeof(t)) == 0)
#define core_array_equality___core__cmp__PartialEq__Array_U__N___for__Array_T__N____eq( \
sz, a1, a2, t, _, _ret_t) \
Eurydice_array_eq(sz, a1, a2, t, _)
@@ -135,20 +259,30 @@ typedef struct {
sz, a1, a2, t, _, _ret_t) \
Eurydice_array_eq(sz, a1, ((a2)->ptr), t, _)
-#define Eurydice_slice_split_at(slice, mid, element_type, ret_t) \
- (CLITERAL(ret_t){ \
- .fst = EURYDICE_SLICE((element_type *)slice.ptr, 0, mid), \
- .snd = EURYDICE_SLICE((element_type *)slice.ptr, mid, slice.len)})
-#define Eurydice_slice_split_at_mut(slice, mid, element_type, ret_t) \
- (CLITERAL(ret_t){ \
- .fst = {.ptr = slice.ptr, .len = mid}, \
- .snd = {.ptr = (char *)slice.ptr + mid * sizeof(element_type), \
- .len = slice.len - mid}})
+#define Eurydice_slice_split_at(slice, mid, element_type, ret_t) \
+ KRML_CLITERAL(ret_t) { \
+ EURYDICE_CFIELD(.fst =) \
+ EURYDICE_SLICE((element_type *)(slice).ptr, 0, mid), \
+ EURYDICE_CFIELD(.snd =) \
+ EURYDICE_SLICE((element_type *)(slice).ptr, mid, (slice).len) \
+ }
+
+#define Eurydice_slice_split_at_mut(slice, mid, element_type, ret_t) \
+ KRML_CLITERAL(ret_t) { \
+ EURYDICE_CFIELD(.fst =) \
+ KRML_CLITERAL(Eurydice_slice){EURYDICE_CFIELD(.ptr =)(slice.ptr), \
+ EURYDICE_CFIELD(.len =) mid}, \
+ EURYDICE_CFIELD(.snd =) KRML_CLITERAL(Eurydice_slice) { \
+ EURYDICE_CFIELD(.ptr =) \
+ ((char *)slice.ptr + mid * sizeof(element_type)), \
+ EURYDICE_CFIELD(.len =)(slice.len - mid) \
+ } \
+ }
// Conversion of slice to an array, rewritten (by Eurydice) to name the
// destination array, since arrays are not values in C.
// N.B.: see note in karamel/lib/Inlining.ml if you change this.
-#define Eurydice_slice_to_array2(dst, src, _, t_arr) \
+#define Eurydice_slice_to_array2(dst, src, _0, t_arr, _1) \
Eurydice_slice_to_array3(&(dst)->tag, (char *)&(dst)->val.case_Ok, src, \
sizeof(t_arr))
@@ -158,25 +292,96 @@ static inline void Eurydice_slice_to_array3(uint8_t *dst_tag, char *dst_ok,
memcpy(dst_ok, src.ptr, sz);
}
+// SUPPORT FOR DSTs (Dynamically-Sized Types)
+
+// A DST is a fat pointer that keeps tracks of the size of it flexible array
+// member. Slices are a specific case of DSTs, where [T; N] implements
+// Unsize<[T]>, meaning an array of statically known size can be converted to a
+// fat pointer, i.e. a slice.
+//
+// Unlike slices, DSTs have a built-in definition that gets monomorphized, of
+// the form:
+//
+// typedef struct {
+// T *ptr;
+// size_t len; // number of elements
+// } Eurydice_dst;
+//
+// Furthermore, T = T0<[U0]> where `struct T0<U: ?Sized>`, where the `U` is the
+// last field. This means that there are two monomorphizations of T0 in the
+// program. One is `T0<[V; N]>`
+// -- this is directly converted to a Eurydice_dst via suitable codegen (no
+// macro). The other is `T = T0<[U]>`, where `[U]` gets emitted to
+// `Eurydice_derefed_slice`, a type that only appears in that precise situation
+// and is thus defined to give rise to a flexible array member.
+
+typedef char Eurydice_derefed_slice[];
+
+#define Eurydice_slice_of_dst(fam_ptr, len_, t, _) \
+ ((Eurydice_slice){.ptr = (void *)(fam_ptr), .len = len_})
+
+#define Eurydice_slice_of_boxed_array(ptr_, len_, t, _) \
+ ((Eurydice_slice){.ptr = (void *)(ptr_), .len = len_})
+
// CORE STUFF (conversions, endianness, ...)
-static inline void core_num__u64_9__to_le_bytes(uint64_t v, uint8_t buf[8]) {
- v = htole64(v);
- memcpy(buf, &v, sizeof(v));
+// We slap extern "C" on declarations that intend to implement a prototype
+// generated by Eurydice, because Eurydice prototypes are always emitted within
+// an extern "C" block, UNLESS you use -fcxx17-compat, in which case, you must
+// pass -DKRML_CXX17_COMPAT="" to your C++ compiler.
+#if defined(__cplusplus) && !defined(KRML_CXX17_COMPAT)
+extern "C" {
+#endif
+
+static inline void core_num__u32__to_be_bytes(uint32_t src, uint8_t dst[4]) {
+ store32_be(dst, src);
+}
+
+static inline void core_num__u32__to_le_bytes(uint32_t src, uint8_t dst[4]) {
+ store32_le(dst, src);
+}
+
+static inline uint32_t core_num__u32__from_le_bytes(uint8_t buf[4]) {
+ return load32_le(buf);
+}
+
+static inline void core_num__u64__to_le_bytes(uint64_t v, uint8_t buf[8]) {
+ store64_le(buf, v);
+}
+
+static inline uint64_t core_num__u64__from_le_bytes(uint8_t buf[8]) {
+ return load64_le(buf);
+}
+
+static inline int64_t core_convert_num___core__convert__From_i32__for_i64__from(
+ int32_t x) {
+ return x;
}
-static inline uint64_t core_num__u64_9__from_le_bytes(uint8_t buf[8]) {
- uint64_t v;
- memcpy(&v, buf, sizeof(v));
- return le64toh(v);
+
+static inline uint64_t core_convert_num___core__convert__From_u8__for_u64__from(
+ uint8_t x) {
+ return x;
+}
+
+static inline uint64_t
+core_convert_num___core__convert__From_u16__for_u64__from(uint16_t x) {
+ return x;
}
-static inline uint32_t core_num__u32_8__from_le_bytes(uint8_t buf[4]) {
- uint32_t v;
- memcpy(&v, buf, sizeof(v));
- return le32toh(v);
+static inline size_t
+core_convert_num___core__convert__From_u16__for_usize__from(uint16_t x) {
+ return x;
+}
+
+static inline uint32_t core_num__u8__count_ones(uint8_t x0) {
+#ifdef _MSC_VER
+ return __popcnt(x0);
+#else
+ return __builtin_popcount(x0);
+#endif
}
-static inline uint32_t core_num__u8_6__count_ones(uint8_t x0) {
+static inline uint32_t core_num__i32__count_ones(int32_t x0) {
#ifdef _MSC_VER
return __popcnt(x0);
#else
@@ -184,96 +389,212 @@ static inline uint32_t core_num__u8_6__count_ones(uint8_t x0) {
#endif
}
+static inline size_t core_cmp_impls___core__cmp__Ord_for_usize__min(size_t a,
+ size_t b) {
+ if (a <= b)
+ return a;
+ else
+ return b;
+}
+
// unsigned overflow wraparound semantics in C
-static inline uint16_t core_num__u16_7__wrapping_add(uint16_t x, uint16_t y) {
+static inline uint16_t core_num__u16__wrapping_add(uint16_t x, uint16_t y) {
return x + y;
}
-static inline uint8_t core_num__u8_6__wrapping_sub(uint8_t x, uint8_t y) {
+static inline uint8_t core_num__u8__wrapping_sub(uint8_t x, uint8_t y) {
return x - y;
}
+static inline uint64_t core_num__u64__rotate_left(uint64_t x0, uint32_t x1) {
+ return (x0 << x1 | x0 >> (64 - x1));
+}
+
+static inline void core_ops_arith__i32__add_assign(int32_t *x0, int32_t *x1) {
+ *x0 = *x0 + *x1;
+}
+
+static inline uint8_t Eurydice_bitand_pv_u8(uint8_t *p, uint8_t v) {
+ return (*p) & v;
+}
+static inline uint8_t Eurydice_shr_pv_u8(uint8_t *p, int32_t v) {
+ return (*p) >> v;
+}
+static inline uint32_t Eurydice_min_u32(uint32_t x, uint32_t y) {
+ return x < y ? x : y;
+}
+
+static inline uint8_t
+core_ops_bit___core__ops__bit__BitAnd_u8__u8__for___a__u8___46__bitand(
+ uint8_t *x0, uint8_t x1) {
+ return Eurydice_bitand_pv_u8(x0, x1);
+}
+
+static inline uint8_t
+core_ops_bit___core__ops__bit__Shr_i32__u8__for___a__u8___792__shr(uint8_t *x0,
+ int32_t x1) {
+ return Eurydice_shr_pv_u8(x0, x1);
+}
+
+#define core_num_nonzero_private_NonZeroUsizeInner size_t
+static inline core_num_nonzero_private_NonZeroUsizeInner
+core_num_nonzero_private___core__clone__Clone_for_core__num__nonzero__private__NonZeroUsizeInner__26__clone(
+ core_num_nonzero_private_NonZeroUsizeInner *x0) {
+ return *x0;
+}
+
+#if defined(__cplusplus) && !defined(KRML_CXX17_COMPAT)
+}
+#endif
// ITERATORS
-#define Eurydice_range_iter_next(iter_ptr, t, ret_t) \
- (((iter_ptr)->start == (iter_ptr)->end) \
- ? (CLITERAL(ret_t){.tag = None}) \
- : (CLITERAL(ret_t){.tag = Some, .f0 = (iter_ptr)->start++}))
+#define Eurydice_range_iter_next(iter_ptr, t, ret_t) \
+ (((iter_ptr)->start >= (iter_ptr)->end) \
+ ? (KRML_CLITERAL(ret_t){EURYDICE_CFIELD(.tag =) 0, \
+ EURYDICE_CFIELD(.f0 =) 0}) \
+ : (KRML_CLITERAL(ret_t){EURYDICE_CFIELD(.tag =) 1, \
+ EURYDICE_CFIELD(.f0 =)(iter_ptr)->start++}))
-#define core_iter_range___core__iter__traits__iterator__Iterator_for_core__ops__range__Range_A___6__next \
+#define core_iter_range___core__iter__traits__iterator__Iterator_A__for_core__ops__range__Range_A__TraitClause_0___6__next \
Eurydice_range_iter_next
// See note in karamel/lib/Inlining.ml if you change this
-#define Eurydice_into_iter(x, t, _ret_t) (x)
-#define core_iter_traits_collect___core__iter__traits__collect__IntoIterator_for_I__1__into_iter \
+#define Eurydice_into_iter(x, t, _ret_t, _) (x)
+#define core_iter_traits_collect___core__iter__traits__collect__IntoIterator_Clause1_Item__I__for_I__1__into_iter \
Eurydice_into_iter
-#if defined(__cplusplus)
+typedef struct {
+ Eurydice_slice slice;
+ size_t chunk_size;
+} Eurydice_chunks;
+
+// Can't use macros Eurydice_slice_subslice_{to,from} because they require a
+// type, and this static inline function cannot receive a type as an argument.
+// Instead, we receive the element size and use it to peform manual offset
+// computations rather than going through the macros.
+static inline Eurydice_slice chunk_next(Eurydice_chunks *chunks,
+ size_t element_size) {
+ size_t chunk_size = chunks->slice.len >= chunks->chunk_size
+ ? chunks->chunk_size
+ : chunks->slice.len;
+ Eurydice_slice curr_chunk;
+ curr_chunk.ptr = chunks->slice.ptr;
+ curr_chunk.len = chunk_size;
+ chunks->slice.ptr = (char *)(chunks->slice.ptr) + chunk_size * element_size;
+ chunks->slice.len = chunks->slice.len - chunk_size;
+ return curr_chunk;
+}
+
+#define core_slice___Slice_T___chunks(slice_, sz_, t, _ret_t) \
+ ((Eurydice_chunks){.slice = slice_, .chunk_size = sz_})
+#define core_slice___Slice_T___chunks_exact(slice_, sz_, t, _ret_t) \
+ ((Eurydice_chunks){ \
+ .slice = {.ptr = slice_.ptr, .len = slice_.len - (slice_.len % sz_)}, \
+ .chunk_size = sz_})
+#define core_slice_iter_Chunks Eurydice_chunks
+#define core_slice_iter_ChunksExact Eurydice_chunks
+#define Eurydice_chunks_next(iter, t, ret_t) \
+ (((iter)->slice.len == 0) ? ((ret_t){.tag = core_option_None}) \
+ : ((ret_t){.tag = core_option_Some, \
+ .f0 = chunk_next(iter, sizeof(t))}))
+#define core_slice_iter___core__iter__traits__iterator__Iterator_for_core__slice__iter__Chunks__a__T___70__next \
+ Eurydice_chunks_next
+// This name changed on 20240627
+#define core_slice_iter___core__iter__traits__iterator__Iterator_for_core__slice__iter__Chunks__a__T___71__next \
+ Eurydice_chunks_next
+#define core_slice_iter__core__slice__iter__ChunksExact__a__T__89__next( \
+ iter, t, _ret_t) \
+ core_slice_iter__core__slice__iter__Chunks__a__T__70__next(iter, t)
+
+typedef struct {
+ Eurydice_slice s;
+ size_t index;
+} Eurydice_slice_iterator;
+
+#define core_slice___Slice_T___iter(x, t, _ret_t) \
+ ((Eurydice_slice_iterator){.s = x, .index = 0})
+#define core_slice_iter_Iter Eurydice_slice_iterator
+#define core_slice_iter__core__slice__iter__Iter__a__T__181__next(iter, t, \
+ ret_t) \
+ (((iter)->index == (iter)->s.len) \
+ ? (KRML_CLITERAL(ret_t){.tag = core_option_None}) \
+ : (KRML_CLITERAL(ret_t){ \
+ .tag = core_option_Some, \
+ .f0 = ((iter)->index++, \
+ &((t *)((iter)->s.ptr))[(iter)->index - 1])}))
+#define core_option__core__option__Option_T__TraitClause_0___is_some(X, _0, \
+ _1) \
+ ((X)->tag == 1)
+// STRINGS
+
+typedef const char *Prims_string;
+
+// MISC (UNTESTED)
+
+typedef void *core_fmt_Formatter;
+typedef void *core_fmt_Arguments;
+typedef void *core_fmt_rt_Argument;
+#define core_fmt_rt__core__fmt__rt__Argument__a__1__new_display(x1, x2, x3, \
+ x4) \
+ NULL
+
+// BOXES
+
+// Crimes.
+static inline char *malloc_and_init(size_t sz, char *init) {
+ char *ptr = (char *)malloc(sz);
+ memcpy(ptr, init, sz);
+ return ptr;
}
-#endif
-/* from libcrux/libcrux-ml-kem/cg/libcrux_core.h */
+#define Eurydice_box_new(init, t, t_dst) \
+ ((t_dst)(malloc_and_init(sizeof(t), (char *)(&init))))
+
+#define Eurydice_box_new_array(len, ptr, t, t_dst) \
+ ((t_dst)(malloc_and_init(len * sizeof(t), (char *)(ptr))))
+
+/* from libcrux/libcrux-ml-kem/extracts/c_header_only/generated/libcrux_mlkem_core.h */
/*
- * SPDX-FileCopyrightText: 2024 Cryspen Sarl <info@cryspen.com>
+ * SPDX-FileCopyrightText: 2025 Cryspen Sarl <info@cryspen.com>
*
* SPDX-License-Identifier: MIT or Apache-2.0
*
* This code was generated with the following revisions:
- * Charon: 6b5e110342a771a3e1c739b10294b1778e4be8b4
- * Eurydice: 31be7d65ca5d6acdacfb33652e478d24dd85c1cb
- * Karamel: 3205d3365ea2790b02368f79fcee38e38d0b5908
- * F*: a32b316e521fa4f239b610ec8f1d15e78d62cbe8-dirty
- * Libcrux: 4ad532b206174114dd4140b718e7794a28fc59ee
+ * Charon: 667d2fc98984ff7f3df989c2367e6c1fa4a000e7
+ * Eurydice: 2381cbc416ef2ad0b561c362c500bc84f36b6785
+ * Karamel: 80f5435f2fc505973c469a4afcc8d875cddd0d8b
+ * F*: 71d8221589d4d438af3706d89cb653cf53e18aab
+ * Libcrux: 68dfed5a4a9e40277f62828471c029afed1ecdcc
*/
-#ifndef __libcrux_core_H
-#define __libcrux_core_H
+#ifndef libcrux_mlkem_core_H
+#define libcrux_mlkem_core_H
+
#if defined(__cplusplus)
extern "C" {
#endif
-
/**
A monomorphic instance of core.ops.range.Range
with types size_t
*/
-typedef struct core_ops_range_Range_b3_s {
+typedef struct core_ops_range_Range_08_s {
size_t start;
size_t end;
-} core_ops_range_Range_b3;
+} core_ops_range_Range_08;
-#define Ok 0
-#define Err 1
+static inline uint16_t core_num__u16__wrapping_add(uint16_t x0, uint16_t x1);
-typedef uint8_t Result_86_tags;
+static inline uint64_t core_num__u64__from_le_bytes(uint8_t x0[8U]);
-#define None 0
-#define Some 1
+static inline uint64_t core_num__u64__rotate_left(uint64_t x0, uint32_t x1);
-typedef uint8_t Option_ef_tags;
+static inline void core_num__u64__to_le_bytes(uint64_t x0, uint8_t x1[8U]);
-/**
-A monomorphic instance of core.option.Option
-with types size_t
+static inline uint32_t core_num__u8__count_ones(uint8_t x0);
-*/
-typedef struct Option_b3_s {
- Option_ef_tags tag;
- size_t f0;
-} Option_b3;
-
-static inline uint16_t core_num__u16_7__wrapping_add(uint16_t x0, uint16_t x1);
-
-#define CORE_NUM__U32_8__BITS (32U)
-
-static inline uint64_t core_num__u64_9__from_le_bytes(uint8_t x0[8U]);
-
-static inline void core_num__u64_9__to_le_bytes(uint64_t x0, uint8_t x1[8U]);
-
-static inline uint32_t core_num__u8_6__count_ones(uint8_t x0);
-
-static inline uint8_t core_num__u8_6__wrapping_sub(uint8_t x0, uint8_t x1);
+static inline uint8_t core_num__u8__wrapping_sub(uint8_t x0, uint8_t x1);
#define LIBCRUX_ML_KEM_CONSTANTS_SHARED_SECRET_SIZE ((size_t)32U)
@@ -289,35 +610,298 @@ static inline uint8_t core_num__u8_6__wrapping_sub(uint8_t x0, uint8_t x1);
#define LIBCRUX_ML_KEM_CONSTANTS_CPA_PKE_KEY_GENERATION_SEED_SIZE ((size_t)32U)
+#define LIBCRUX_ML_KEM_CONSTANTS_G_DIGEST_SIZE ((size_t)64U)
+
#define LIBCRUX_ML_KEM_CONSTANTS_H_DIGEST_SIZE ((size_t)32U)
+/**
+ K * BITS_PER_RING_ELEMENT / 8
+
+ [eurydice] Note that we can't use const generics here because that breaks
+ C extraction with eurydice.
+*/
+static inline size_t libcrux_ml_kem_constants_ranked_bytes_per_ring_element(
+ size_t rank) {
+ return rank * LIBCRUX_ML_KEM_CONSTANTS_BITS_PER_RING_ELEMENT / (size_t)8U;
+}
+
+/**
+This function found in impl {libcrux_secrets::traits::Classify<T> for T}
+*/
+/**
+A monomorphic instance of libcrux_secrets.int.public_integers.classify_27
+with types uint8_t
+
+*/
+static KRML_MUSTINLINE uint8_t
+libcrux_secrets_int_public_integers_classify_27_90(uint8_t self) {
+ return self;
+}
+
+/**
+This function found in impl {libcrux_secrets::traits::Declassify<T> for T}
+*/
+/**
+A monomorphic instance of libcrux_secrets.int.public_integers.declassify_d8
+with types int16_t
+
+*/
+static KRML_MUSTINLINE int16_t
+libcrux_secrets_int_public_integers_declassify_d8_39(int16_t self) {
+ return self;
+}
+
+/**
+This function found in impl {libcrux_secrets::int::CastOps for i16}
+*/
+static KRML_MUSTINLINE uint8_t libcrux_secrets_int_as_u8_f5(int16_t self) {
+ return libcrux_secrets_int_public_integers_classify_27_90(
+ (uint8_t)libcrux_secrets_int_public_integers_declassify_d8_39(self));
+}
+
+/**
+This function found in impl {libcrux_secrets::traits::Classify<T> for T}
+*/
+/**
+A monomorphic instance of libcrux_secrets.int.public_integers.classify_27
+with types int16_t
+
+*/
+static KRML_MUSTINLINE int16_t
+libcrux_secrets_int_public_integers_classify_27_39(int16_t self) {
+ return self;
+}
+
+/**
+This function found in impl {libcrux_secrets::traits::Declassify<T> for T}
+*/
+/**
+A monomorphic instance of libcrux_secrets.int.public_integers.declassify_d8
+with types uint8_t
+
+*/
+static KRML_MUSTINLINE uint8_t
+libcrux_secrets_int_public_integers_declassify_d8_90(uint8_t self) {
+ return self;
+}
+
+/**
+This function found in impl {libcrux_secrets::int::CastOps for u8}
+*/
+static KRML_MUSTINLINE int16_t libcrux_secrets_int_as_i16_59(uint8_t self) {
+ return libcrux_secrets_int_public_integers_classify_27_39(
+ (int16_t)libcrux_secrets_int_public_integers_declassify_d8_90(self));
+}
+
+/**
+This function found in impl {libcrux_secrets::traits::Classify<T> for T}
+*/
+/**
+A monomorphic instance of libcrux_secrets.int.public_integers.classify_27
+with types int32_t
+
+*/
+static KRML_MUSTINLINE int32_t
+libcrux_secrets_int_public_integers_classify_27_a8(int32_t self) {
+ return self;
+}
+
+/**
+This function found in impl {libcrux_secrets::int::CastOps for i16}
+*/
+static KRML_MUSTINLINE int32_t libcrux_secrets_int_as_i32_f5(int16_t self) {
+ return libcrux_secrets_int_public_integers_classify_27_a8(
+ (int32_t)libcrux_secrets_int_public_integers_declassify_d8_39(self));
+}
+
+/**
+This function found in impl {libcrux_secrets::traits::Declassify<T> for T}
+*/
+/**
+A monomorphic instance of libcrux_secrets.int.public_integers.declassify_d8
+with types int32_t
+
+*/
+static KRML_MUSTINLINE int32_t
+libcrux_secrets_int_public_integers_declassify_d8_a8(int32_t self) {
+ return self;
+}
+
+/**
+This function found in impl {libcrux_secrets::int::CastOps for i32}
+*/
+static KRML_MUSTINLINE int16_t libcrux_secrets_int_as_i16_36(int32_t self) {
+ return libcrux_secrets_int_public_integers_classify_27_39(
+ (int16_t)libcrux_secrets_int_public_integers_declassify_d8_a8(self));
+}
+
+/**
+This function found in impl {libcrux_secrets::traits::Declassify<T> for T}
+*/
+/**
+A monomorphic instance of libcrux_secrets.int.public_integers.declassify_d8
+with types uint32_t
+
+*/
+static KRML_MUSTINLINE uint32_t
+libcrux_secrets_int_public_integers_declassify_d8_df(uint32_t self) {
+ return self;
+}
+
+/**
+This function found in impl {libcrux_secrets::int::CastOps for u32}
+*/
+static KRML_MUSTINLINE int32_t libcrux_secrets_int_as_i32_b8(uint32_t self) {
+ return libcrux_secrets_int_public_integers_classify_27_a8(
+ (int32_t)libcrux_secrets_int_public_integers_declassify_d8_df(self));
+}
+
+/**
+This function found in impl {libcrux_secrets::traits::Classify<T> for T}
+*/
+/**
+A monomorphic instance of libcrux_secrets.int.public_integers.classify_27
+with types uint16_t
+
+*/
+static KRML_MUSTINLINE uint16_t
+libcrux_secrets_int_public_integers_classify_27_de(uint16_t self) {
+ return self;
+}
+
+/**
+This function found in impl {libcrux_secrets::int::CastOps for i16}
+*/
+static KRML_MUSTINLINE uint16_t libcrux_secrets_int_as_u16_f5(int16_t self) {
+ return libcrux_secrets_int_public_integers_classify_27_de(
+ (uint16_t)libcrux_secrets_int_public_integers_declassify_d8_39(self));
+}
+
+/**
+This function found in impl {libcrux_secrets::traits::Declassify<T> for T}
+*/
+/**
+A monomorphic instance of libcrux_secrets.int.public_integers.declassify_d8
+with types uint16_t
+
+*/
+static KRML_MUSTINLINE uint16_t
+libcrux_secrets_int_public_integers_declassify_d8_de(uint16_t self) {
+ return self;
+}
+
+/**
+This function found in impl {libcrux_secrets::int::CastOps for u16}
+*/
+static KRML_MUSTINLINE int16_t libcrux_secrets_int_as_i16_ca(uint16_t self) {
+ return libcrux_secrets_int_public_integers_classify_27_39(
+ (int16_t)libcrux_secrets_int_public_integers_declassify_d8_de(self));
+}
+
+/**
+This function found in impl {libcrux_secrets::traits::Classify<T> for T}
+*/
+/**
+A monomorphic instance of libcrux_secrets.int.public_integers.classify_27
+with types uint64_t
+
+*/
+static KRML_MUSTINLINE uint64_t
+libcrux_secrets_int_public_integers_classify_27_49(uint64_t self) {
+ return self;
+}
+
+/**
+This function found in impl {libcrux_secrets::int::CastOps for u16}
+*/
+static KRML_MUSTINLINE uint64_t libcrux_secrets_int_as_u64_ca(uint16_t self) {
+ return libcrux_secrets_int_public_integers_classify_27_49(
+ (uint64_t)libcrux_secrets_int_public_integers_declassify_d8_de(self));
+}
+
+/**
+This function found in impl {libcrux_secrets::traits::Classify<T> for T}
+*/
+/**
+A monomorphic instance of libcrux_secrets.int.public_integers.classify_27
+with types uint32_t
+
+*/
+static KRML_MUSTINLINE uint32_t
+libcrux_secrets_int_public_integers_classify_27_df(uint32_t self) {
+ return self;
+}
+
+/**
+This function found in impl {libcrux_secrets::traits::Declassify<T> for T}
+*/
+/**
+A monomorphic instance of libcrux_secrets.int.public_integers.declassify_d8
+with types uint64_t
+
+*/
+static KRML_MUSTINLINE uint64_t
+libcrux_secrets_int_public_integers_declassify_d8_49(uint64_t self) {
+ return self;
+}
+
+/**
+This function found in impl {libcrux_secrets::int::CastOps for u64}
+*/
+static KRML_MUSTINLINE uint32_t libcrux_secrets_int_as_u32_a3(uint64_t self) {
+ return libcrux_secrets_int_public_integers_classify_27_df(
+ (uint32_t)libcrux_secrets_int_public_integers_declassify_d8_49(self));
+}
+
+/**
+This function found in impl {libcrux_secrets::int::CastOps for u32}
+*/
+static KRML_MUSTINLINE int16_t libcrux_secrets_int_as_i16_b8(uint32_t self) {
+ return libcrux_secrets_int_public_integers_classify_27_39(
+ (int16_t)libcrux_secrets_int_public_integers_declassify_d8_df(self));
+}
+
+/**
+This function found in impl {libcrux_secrets::int::CastOps for i16}
+*/
+static KRML_MUSTINLINE int16_t libcrux_secrets_int_as_i16_f5(int16_t self) {
+ return libcrux_secrets_int_public_integers_classify_27_39(
+ libcrux_secrets_int_public_integers_declassify_d8_39(self));
+}
+
typedef struct libcrux_ml_kem_utils_extraction_helper_Keypair768_s {
uint8_t fst[1152U];
uint8_t snd[1184U];
} libcrux_ml_kem_utils_extraction_helper_Keypair768;
+#define Ok 0
+#define Err 1
+
+typedef uint8_t Result_b2_tags;
+
/**
A monomorphic instance of core.result.Result
with types uint8_t[24size_t], core_array_TryFromSliceError
*/
-typedef struct Result_6f_s {
- Result_86_tags tag;
+typedef struct Result_b2_s {
+ Result_b2_tags tag;
union {
uint8_t case_Ok[24U];
TryFromSliceError case_Err;
} val;
-} Result_6f;
+} Result_b2;
/**
-This function found in impl {core::result::Result<T, E>}
+This function found in impl {core::result::Result<T, E>[TraitClause@0,
+TraitClause@1]}
*/
/**
-A monomorphic instance of core.result.unwrap_41
+A monomorphic instance of core.result.unwrap_26
with types uint8_t[24size_t], core_array_TryFromSliceError
*/
-static inline void unwrap_41_1c(Result_6f self, uint8_t ret[24U]) {
+static inline void unwrap_26_70(Result_b2 self, uint8_t ret[24U]) {
if (self.tag == Ok) {
uint8_t f0[24U];
memcpy(f0, self.val.case_Ok, (size_t)24U * sizeof(uint8_t));
@@ -334,23 +918,24 @@ A monomorphic instance of core.result.Result
with types uint8_t[20size_t], core_array_TryFromSliceError
*/
-typedef struct Result_7a_s {
- Result_86_tags tag;
+typedef struct Result_e1_s {
+ Result_b2_tags tag;
union {
uint8_t case_Ok[20U];
TryFromSliceError case_Err;
} val;
-} Result_7a;
+} Result_e1;
/**
-This function found in impl {core::result::Result<T, E>}
+This function found in impl {core::result::Result<T, E>[TraitClause@0,
+TraitClause@1]}
*/
/**
-A monomorphic instance of core.result.unwrap_41
+A monomorphic instance of core.result.unwrap_26
with types uint8_t[20size_t], core_array_TryFromSliceError
*/
-static inline void unwrap_41_34(Result_7a self, uint8_t ret[20U]) {
+static inline void unwrap_26_20(Result_e1 self, uint8_t ret[20U]) {
if (self.tag == Ok) {
uint8_t f0[20U];
memcpy(f0, self.val.case_Ok, (size_t)20U * sizeof(uint8_t));
@@ -363,61 +948,46 @@ static inline void unwrap_41_34(Result_7a self, uint8_t ret[20U]) {
}
/**
-A monomorphic instance of core.result.Result
-with types uint8_t[10size_t], core_array_TryFromSliceError
-
+ Pad the `slice` with `0`s at the end.
*/
-typedef struct Result_cd_s {
- Result_86_tags tag;
- union {
- uint8_t case_Ok[10U];
- TryFromSliceError case_Err;
- } val;
-} Result_cd;
-
/**
-This function found in impl {core::result::Result<T, E>}
+A monomorphic instance of libcrux_ml_kem.utils.into_padded_array
+with const generics
+- LEN= 32
*/
-/**
-A monomorphic instance of core.result.unwrap_41
-with types uint8_t[10size_t], core_array_TryFromSliceError
-
-*/
-static inline void unwrap_41_e8(Result_cd self, uint8_t ret[10U]) {
- if (self.tag == Ok) {
- uint8_t f0[10U];
- memcpy(f0, self.val.case_Ok, (size_t)10U * sizeof(uint8_t));
- memcpy(ret, f0, (size_t)10U * sizeof(uint8_t));
- } else {
- KRML_HOST_EPRINTF("KaRaMeL abort at %s:%d\n%s\n", __FILE__, __LINE__,
- "unwrap not Ok");
- KRML_HOST_EXIT(255U);
- }
+static KRML_MUSTINLINE void libcrux_ml_kem_utils_into_padded_array_9e(
+ Eurydice_slice slice, uint8_t ret[32U]) {
+ uint8_t out[32U] = {0U};
+ uint8_t *uu____0 = out;
+ Eurydice_slice_copy(
+ Eurydice_array_to_subslice3(
+ uu____0, (size_t)0U, Eurydice_slice_len(slice, uint8_t), uint8_t *),
+ slice, uint8_t);
+ memcpy(ret, out, (size_t)32U * sizeof(uint8_t));
}
-typedef struct Eurydice_slice_uint8_t_4size_t__x2_s {
- Eurydice_slice fst[4U];
- Eurydice_slice snd[4U];
-} Eurydice_slice_uint8_t_4size_t__x2;
-
-typedef struct libcrux_ml_kem_mlkem768_MlKem768Ciphertext_s {
- uint8_t value[1088U];
-} libcrux_ml_kem_mlkem768_MlKem768Ciphertext;
-
/**
- A reference to the raw byte slice.
+A monomorphic instance of libcrux_ml_kem.types.MlKemPrivateKey
+with const generics
+- $2400size_t
*/
+typedef struct libcrux_ml_kem_types_MlKemPrivateKey_d9_s {
+ uint8_t value[2400U];
+} libcrux_ml_kem_types_MlKemPrivateKey_d9;
+
/**
-This function found in impl {libcrux_ml_kem::types::MlKemCiphertext<SIZE>#6}
+This function found in impl {core::default::Default for
+libcrux_ml_kem::types::MlKemPrivateKey<SIZE>}
*/
/**
-A monomorphic instance of libcrux_ml_kem.types.as_slice_d4
+A monomorphic instance of libcrux_ml_kem.types.default_d3
with const generics
-- SIZE= 1088
+- SIZE= 2400
*/
-static inline uint8_t *libcrux_ml_kem_types_as_slice_d4_1d(
- libcrux_ml_kem_mlkem768_MlKem768Ciphertext *self) {
- return self->value;
+static inline libcrux_ml_kem_types_MlKemPrivateKey_d9
+libcrux_ml_kem_types_default_d3_28(void) {
+ return (
+ KRML_CLITERAL(libcrux_ml_kem_types_MlKemPrivateKey_d9){.value = {0U}});
}
/**
@@ -425,46 +995,34 @@ A monomorphic instance of libcrux_ml_kem.types.MlKemPublicKey
with const generics
- $1184size_t
*/
-typedef struct libcrux_ml_kem_types_MlKemPublicKey_15_s {
+typedef struct libcrux_ml_kem_types_MlKemPublicKey_30_s {
uint8_t value[1184U];
-} libcrux_ml_kem_types_MlKemPublicKey_15;
+} libcrux_ml_kem_types_MlKemPublicKey_30;
/**
-This function found in impl {(core::convert::From<@Array<u8, SIZE>> for
-libcrux_ml_kem::types::MlKemPublicKey<SIZE>)#14}
+This function found in impl {core::convert::From<@Array<u8, SIZE>> for
+libcrux_ml_kem::types::MlKemPublicKey<SIZE>}
*/
/**
-A monomorphic instance of libcrux_ml_kem.types.from_b6
+A monomorphic instance of libcrux_ml_kem.types.from_fd
with const generics
- SIZE= 1184
*/
-static inline libcrux_ml_kem_types_MlKemPublicKey_15
-libcrux_ml_kem_types_from_b6_da(uint8_t value[1184U]) {
+static inline libcrux_ml_kem_types_MlKemPublicKey_30
+libcrux_ml_kem_types_from_fd_d0(uint8_t value[1184U]) {
/* Passing arrays by value in Rust generates a copy in C */
uint8_t copy_of_value[1184U];
memcpy(copy_of_value, value, (size_t)1184U * sizeof(uint8_t));
- libcrux_ml_kem_types_MlKemPublicKey_15 lit;
+ libcrux_ml_kem_types_MlKemPublicKey_30 lit;
memcpy(lit.value, copy_of_value, (size_t)1184U * sizeof(uint8_t));
return lit;
}
-/**
-A monomorphic instance of libcrux_ml_kem.types.MlKemPrivateKey
-with const generics
-- $2400size_t
-*/
-typedef struct libcrux_ml_kem_types_MlKemPrivateKey_55_s {
- uint8_t value[2400U];
-} libcrux_ml_kem_types_MlKemPrivateKey_55;
-
typedef struct libcrux_ml_kem_mlkem768_MlKem768KeyPair_s {
- libcrux_ml_kem_types_MlKemPrivateKey_55 sk;
- libcrux_ml_kem_types_MlKemPublicKey_15 pk;
+ libcrux_ml_kem_types_MlKemPrivateKey_d9 sk;
+ libcrux_ml_kem_types_MlKemPublicKey_30 pk;
} libcrux_ml_kem_mlkem768_MlKem768KeyPair;
-/**
- Create a new [`MlKemKeyPair`] from the secret and public key.
-*/
/**
This function found in impl
{libcrux_ml_kem::types::MlKemKeyPair<PRIVATE_KEY_SIZE, PUBLIC_KEY_SIZE>}
@@ -476,27 +1034,27 @@ with const generics
- PUBLIC_KEY_SIZE= 1184
*/
static inline libcrux_ml_kem_mlkem768_MlKem768KeyPair
-libcrux_ml_kem_types_from_17_35(libcrux_ml_kem_types_MlKemPrivateKey_55 sk,
- libcrux_ml_kem_types_MlKemPublicKey_15 pk) {
- return (
- CLITERAL(libcrux_ml_kem_mlkem768_MlKem768KeyPair){.sk = sk, .pk = pk});
+libcrux_ml_kem_types_from_17_74(libcrux_ml_kem_types_MlKemPrivateKey_d9 sk,
+ libcrux_ml_kem_types_MlKemPublicKey_30 pk) {
+ return (KRML_CLITERAL(libcrux_ml_kem_mlkem768_MlKem768KeyPair){.sk = sk,
+ .pk = pk});
}
/**
-This function found in impl {(core::convert::From<@Array<u8, SIZE>> for
-libcrux_ml_kem::types::MlKemPrivateKey<SIZE>)#8}
+This function found in impl {core::convert::From<@Array<u8, SIZE>> for
+libcrux_ml_kem::types::MlKemPrivateKey<SIZE>}
*/
/**
-A monomorphic instance of libcrux_ml_kem.types.from_05
+A monomorphic instance of libcrux_ml_kem.types.from_77
with const generics
- SIZE= 2400
*/
-static inline libcrux_ml_kem_types_MlKemPrivateKey_55
-libcrux_ml_kem_types_from_05_f2(uint8_t value[2400U]) {
+static inline libcrux_ml_kem_types_MlKemPrivateKey_d9
+libcrux_ml_kem_types_from_77_28(uint8_t value[2400U]) {
/* Passing arrays by value in Rust generates a copy in C */
uint8_t copy_of_value[2400U];
memcpy(copy_of_value, value, (size_t)2400U * sizeof(uint8_t));
- libcrux_ml_kem_types_MlKemPrivateKey_55 lit;
+ libcrux_ml_kem_types_MlKemPrivateKey_d9 lit;
memcpy(lit.value, copy_of_value, (size_t)2400U * sizeof(uint8_t));
return lit;
}
@@ -506,23 +1064,24 @@ A monomorphic instance of core.result.Result
with types uint8_t[32size_t], core_array_TryFromSliceError
*/
-typedef struct Result_00_s {
- Result_86_tags tag;
+typedef struct Result_fb_s {
+ Result_b2_tags tag;
union {
uint8_t case_Ok[32U];
TryFromSliceError case_Err;
} val;
-} Result_00;
+} Result_fb;
/**
-This function found in impl {core::result::Result<T, E>}
+This function found in impl {core::result::Result<T, E>[TraitClause@0,
+TraitClause@1]}
*/
/**
-A monomorphic instance of core.result.unwrap_41
+A monomorphic instance of core.result.unwrap_26
with types uint8_t[32size_t], core_array_TryFromSliceError
*/
-static inline void unwrap_41_83(Result_00 self, uint8_t ret[32U]) {
+static inline void unwrap_26_b3(Result_fb self, uint8_t ret[32U]) {
if (self.tag == Ok) {
uint8_t f0[32U];
memcpy(f0, self.val.case_Ok, (size_t)32U * sizeof(uint8_t));
@@ -534,28 +1093,32 @@ static inline void unwrap_41_83(Result_00 self, uint8_t ret[32U]) {
}
}
+typedef struct libcrux_ml_kem_mlkem768_MlKem768Ciphertext_s {
+ uint8_t value[1088U];
+} libcrux_ml_kem_mlkem768_MlKem768Ciphertext;
+
/**
A monomorphic instance of K.
with types libcrux_ml_kem_types_MlKemCiphertext[[$1088size_t]],
uint8_t[32size_t]
*/
-typedef struct tuple_3c_s {
+typedef struct tuple_c2_s {
libcrux_ml_kem_mlkem768_MlKem768Ciphertext fst;
uint8_t snd[32U];
-} tuple_3c;
+} tuple_c2;
/**
-This function found in impl {(core::convert::From<@Array<u8, SIZE>> for
-libcrux_ml_kem::types::MlKemCiphertext<SIZE>)#2}
+This function found in impl {core::convert::From<@Array<u8, SIZE>> for
+libcrux_ml_kem::types::MlKemCiphertext<SIZE>}
*/
/**
-A monomorphic instance of libcrux_ml_kem.types.from_01
+A monomorphic instance of libcrux_ml_kem.types.from_e0
with const generics
- SIZE= 1088
*/
static inline libcrux_ml_kem_mlkem768_MlKem768Ciphertext
-libcrux_ml_kem_types_from_01_9f(uint8_t value[1088U]) {
+libcrux_ml_kem_types_from_e0_80(uint8_t value[1088U]) {
/* Passing arrays by value in Rust generates a copy in C */
uint8_t copy_of_value[1088U];
memcpy(copy_of_value, value, (size_t)1088U * sizeof(uint8_t));
@@ -565,21 +1128,46 @@ libcrux_ml_kem_types_from_01_9f(uint8_t value[1088U]) {
}
/**
- A reference to the raw byte slice.
+This function found in impl {libcrux_ml_kem::types::MlKemPublicKey<SIZE>}
*/
/**
-This function found in impl {libcrux_ml_kem::types::MlKemPublicKey<SIZE>#18}
-*/
-/**
-A monomorphic instance of libcrux_ml_kem.types.as_slice_cb
+A monomorphic instance of libcrux_ml_kem.types.as_slice_e6
with const generics
- SIZE= 1184
*/
-static inline uint8_t *libcrux_ml_kem_types_as_slice_cb_50(
- libcrux_ml_kem_types_MlKemPublicKey_15 *self) {
+static inline uint8_t *libcrux_ml_kem_types_as_slice_e6_d0(
+ libcrux_ml_kem_types_MlKemPublicKey_30 *self) {
return self->value;
}
+/**
+This function found in impl {libcrux_ml_kem::types::MlKemCiphertext<SIZE>}
+*/
+/**
+A monomorphic instance of libcrux_ml_kem.types.as_slice_a9
+with const generics
+- SIZE= 1088
+*/
+static inline uint8_t *libcrux_ml_kem_types_as_slice_a9_80(
+ libcrux_ml_kem_mlkem768_MlKem768Ciphertext *self) {
+ return self->value;
+}
+
+/**
+A monomorphic instance of libcrux_ml_kem.utils.prf_input_inc
+with const generics
+- K= 3
+*/
+static KRML_MUSTINLINE uint8_t libcrux_ml_kem_utils_prf_input_inc_e0(
+ uint8_t (*prf_inputs)[33U], uint8_t domain_separator) {
+ for (size_t i = (size_t)0U; i < (size_t)3U; i++) {
+ size_t i0 = i;
+ prf_inputs[i0][32U] = domain_separator;
+ domain_separator = (uint32_t)domain_separator + 1U;
+ }
+ return domain_separator;
+}
+
/**
Pad the `slice` with `0`s at the end.
*/
@@ -588,13 +1176,13 @@ A monomorphic instance of libcrux_ml_kem.utils.into_padded_array
with const generics
- LEN= 33
*/
-static KRML_MUSTINLINE void libcrux_ml_kem_utils_into_padded_array_ea2(
+static KRML_MUSTINLINE void libcrux_ml_kem_utils_into_padded_array_c8(
Eurydice_slice slice, uint8_t ret[33U]) {
uint8_t out[33U] = {0U};
uint8_t *uu____0 = out;
Eurydice_slice_copy(
- Eurydice_array_to_subslice2(uu____0, (size_t)0U,
- Eurydice_slice_len(slice, uint8_t), uint8_t),
+ Eurydice_array_to_subslice3(
+ uu____0, (size_t)0U, Eurydice_slice_len(slice, uint8_t), uint8_t *),
slice, uint8_t);
memcpy(ret, out, (size_t)33U * sizeof(uint8_t));
}
@@ -607,27 +1195,27 @@ A monomorphic instance of libcrux_ml_kem.utils.into_padded_array
with const generics
- LEN= 34
*/
-static KRML_MUSTINLINE void libcrux_ml_kem_utils_into_padded_array_ea1(
+static KRML_MUSTINLINE void libcrux_ml_kem_utils_into_padded_array_b6(
Eurydice_slice slice, uint8_t ret[34U]) {
uint8_t out[34U] = {0U};
uint8_t *uu____0 = out;
Eurydice_slice_copy(
- Eurydice_array_to_subslice2(uu____0, (size_t)0U,
- Eurydice_slice_len(slice, uint8_t), uint8_t),
+ Eurydice_array_to_subslice3(
+ uu____0, (size_t)0U, Eurydice_slice_len(slice, uint8_t), uint8_t *),
slice, uint8_t);
memcpy(ret, out, (size_t)34U * sizeof(uint8_t));
}
/**
-This function found in impl {(core::convert::AsRef<@Slice<u8>> for
-libcrux_ml_kem::types::MlKemCiphertext<SIZE>)#1}
+This function found in impl {core::convert::AsRef<@Slice<u8>> for
+libcrux_ml_kem::types::MlKemCiphertext<SIZE>}
*/
/**
-A monomorphic instance of libcrux_ml_kem.types.as_ref_00
+A monomorphic instance of libcrux_ml_kem.types.as_ref_d3
with const generics
- SIZE= 1088
*/
-static inline Eurydice_slice libcrux_ml_kem_types_as_ref_00_24(
+static inline Eurydice_slice libcrux_ml_kem_types_as_ref_d3_80(
libcrux_ml_kem_mlkem768_MlKem768Ciphertext *self) {
return Eurydice_array_to_slice((size_t)1088U, self->value, uint8_t);
}
@@ -640,13 +1228,13 @@ A monomorphic instance of libcrux_ml_kem.utils.into_padded_array
with const generics
- LEN= 1120
*/
-static KRML_MUSTINLINE void libcrux_ml_kem_utils_into_padded_array_ea0(
+static KRML_MUSTINLINE void libcrux_ml_kem_utils_into_padded_array_15(
Eurydice_slice slice, uint8_t ret[1120U]) {
uint8_t out[1120U] = {0U};
uint8_t *uu____0 = out;
Eurydice_slice_copy(
- Eurydice_array_to_subslice2(uu____0, (size_t)0U,
- Eurydice_slice_len(slice, uint8_t), uint8_t),
+ Eurydice_array_to_subslice3(
+ uu____0, (size_t)0U, Eurydice_slice_len(slice, uint8_t), uint8_t *),
slice, uint8_t);
memcpy(ret, out, (size_t)1120U * sizeof(uint8_t));
}
@@ -659,39 +1247,182 @@ A monomorphic instance of libcrux_ml_kem.utils.into_padded_array
with const generics
- LEN= 64
*/
-static KRML_MUSTINLINE void libcrux_ml_kem_utils_into_padded_array_ea(
+static KRML_MUSTINLINE void libcrux_ml_kem_utils_into_padded_array_24(
Eurydice_slice slice, uint8_t ret[64U]) {
uint8_t out[64U] = {0U};
uint8_t *uu____0 = out;
Eurydice_slice_copy(
- Eurydice_array_to_subslice2(uu____0, (size_t)0U,
- Eurydice_slice_len(slice, uint8_t), uint8_t),
+ Eurydice_array_to_subslice3(
+ uu____0, (size_t)0U, Eurydice_slice_len(slice, uint8_t), uint8_t *),
slice, uint8_t);
memcpy(ret, out, (size_t)64U * sizeof(uint8_t));
}
+typedef struct Eurydice_slice_uint8_t_x4_s {
+ Eurydice_slice fst;
+ Eurydice_slice snd;
+ Eurydice_slice thd;
+ Eurydice_slice f3;
+} Eurydice_slice_uint8_t_x4;
+
+typedef struct Eurydice_slice_uint8_t_x2_s {
+ Eurydice_slice fst;
+ Eurydice_slice snd;
+} Eurydice_slice_uint8_t_x2;
+
+/**
+ Unpack an incoming private key into it's different parts.
+
+ We have this here in types to extract into a common core for C.
+*/
+/**
+A monomorphic instance of libcrux_ml_kem.types.unpack_private_key
+with const generics
+- CPA_SECRET_KEY_SIZE= 1152
+- PUBLIC_KEY_SIZE= 1184
+*/
+static inline Eurydice_slice_uint8_t_x4
+libcrux_ml_kem_types_unpack_private_key_b4(Eurydice_slice private_key) {
+ Eurydice_slice_uint8_t_x2 uu____0 = Eurydice_slice_split_at(
+ private_key, (size_t)1152U, uint8_t, Eurydice_slice_uint8_t_x2);
+ Eurydice_slice ind_cpa_secret_key = uu____0.fst;
+ Eurydice_slice secret_key0 = uu____0.snd;
+ Eurydice_slice_uint8_t_x2 uu____1 = Eurydice_slice_split_at(
+ secret_key0, (size_t)1184U, uint8_t, Eurydice_slice_uint8_t_x2);
+ Eurydice_slice ind_cpa_public_key = uu____1.fst;
+ Eurydice_slice secret_key = uu____1.snd;
+ Eurydice_slice_uint8_t_x2 uu____2 = Eurydice_slice_split_at(
+ secret_key, LIBCRUX_ML_KEM_CONSTANTS_H_DIGEST_SIZE, uint8_t,
+ Eurydice_slice_uint8_t_x2);
+ Eurydice_slice ind_cpa_public_key_hash = uu____2.fst;
+ Eurydice_slice implicit_rejection_value = uu____2.snd;
+ return (
+ KRML_CLITERAL(Eurydice_slice_uint8_t_x4){.fst = ind_cpa_secret_key,
+ .snd = ind_cpa_public_key,
+ .thd = ind_cpa_public_key_hash,
+ .f3 = implicit_rejection_value});
+}
+
+/**
+This function found in impl {libcrux_secrets::traits::Declassify<T> for T}
+*/
+/**
+A monomorphic instance of libcrux_secrets.int.public_integers.declassify_d8
+with types uint8_t[24size_t]
+
+*/
+static KRML_MUSTINLINE void
+libcrux_secrets_int_public_integers_declassify_d8_d2(uint8_t self[24U],
+ uint8_t ret[24U]) {
+ memcpy(ret, self, (size_t)24U * sizeof(uint8_t));
+}
+
+/**
+This function found in impl {libcrux_secrets::traits::Declassify<T> for T}
+*/
+/**
+A monomorphic instance of libcrux_secrets.int.public_integers.declassify_d8
+with types uint8_t[20size_t]
+
+*/
+static KRML_MUSTINLINE void
+libcrux_secrets_int_public_integers_declassify_d8_57(uint8_t self[20U],
+ uint8_t ret[20U]) {
+ memcpy(ret, self, (size_t)20U * sizeof(uint8_t));
+}
+
+/**
+This function found in impl {libcrux_secrets::traits::Declassify<T> for T}
+*/
+/**
+A monomorphic instance of libcrux_secrets.int.public_integers.declassify_d8
+with types uint8_t[8size_t]
+
+*/
+static KRML_MUSTINLINE void
+libcrux_secrets_int_public_integers_declassify_d8_76(uint8_t self[8U],
+ uint8_t ret[8U]) {
+ memcpy(ret, self, (size_t)8U * sizeof(uint8_t));
+}
+
+/**
+This function found in impl {libcrux_secrets::traits::Declassify<T> for T}
+*/
+/**
+A monomorphic instance of libcrux_secrets.int.public_integers.declassify_d8
+with types uint8_t[2size_t]
+
+*/
+static KRML_MUSTINLINE void
+libcrux_secrets_int_public_integers_declassify_d8_d4(uint8_t self[2U],
+ uint8_t ret[2U]) {
+ memcpy(ret, self, (size_t)2U * sizeof(uint8_t));
+}
+
+/**
+This function found in impl {libcrux_secrets::traits::Classify<T> for T}
+*/
+/**
+A monomorphic instance of libcrux_secrets.int.public_integers.classify_27
+with types int16_t[16size_t]
+
+*/
+static KRML_MUSTINLINE void libcrux_secrets_int_public_integers_classify_27_46(
+ int16_t self[16U], int16_t ret[16U]) {
+ memcpy(ret, self, (size_t)16U * sizeof(int16_t));
+}
+
+/**
+This function found in impl {libcrux_secrets::traits::ClassifyRef<&'a
+(@Slice<T>)> for &'a (@Slice<T>)}
+*/
+/**
+A monomorphic instance of libcrux_secrets.int.classify_public.classify_ref_9b
+with types uint8_t
+
+*/
+static KRML_MUSTINLINE Eurydice_slice
+libcrux_secrets_int_classify_public_classify_ref_9b_90(Eurydice_slice self) {
+ return self;
+}
+
+/**
+This function found in impl {libcrux_secrets::traits::ClassifyRef<&'a
+(@Slice<T>)> for &'a (@Slice<T>)}
+*/
+/**
+A monomorphic instance of libcrux_secrets.int.classify_public.classify_ref_9b
+with types int16_t
+
+*/
+static KRML_MUSTINLINE Eurydice_slice
+libcrux_secrets_int_classify_public_classify_ref_9b_39(Eurydice_slice self) {
+ return self;
+}
+
/**
A monomorphic instance of core.result.Result
with types int16_t[16size_t], core_array_TryFromSliceError
*/
-typedef struct Result_c0_s {
- Result_86_tags tag;
+typedef struct Result_0a_s {
+ Result_b2_tags tag;
union {
int16_t case_Ok[16U];
TryFromSliceError case_Err;
} val;
-} Result_c0;
+} Result_0a;
/**
-This function found in impl {core::result::Result<T, E>}
+This function found in impl {core::result::Result<T, E>[TraitClause@0,
+TraitClause@1]}
*/
/**
-A monomorphic instance of core.result.unwrap_41
+A monomorphic instance of core.result.unwrap_26
with types int16_t[16size_t], core_array_TryFromSliceError
*/
-static inline void unwrap_41_f9(Result_c0 self, int16_t ret[16U]) {
+static inline void unwrap_26_00(Result_0a self, int16_t ret[16U]) {
if (self.tag == Ok) {
int16_t f0[16U];
memcpy(f0, self.val.case_Ok, (size_t)16U * sizeof(int16_t));
@@ -708,23 +1439,24 @@ A monomorphic instance of core.result.Result
with types uint8_t[8size_t], core_array_TryFromSliceError
*/
-typedef struct Result_56_s {
- Result_86_tags tag;
+typedef struct Result_15_s {
+ Result_b2_tags tag;
union {
uint8_t case_Ok[8U];
TryFromSliceError case_Err;
} val;
-} Result_56;
+} Result_15;
/**
-This function found in impl {core::result::Result<T, E>}
+This function found in impl {core::result::Result<T, E>[TraitClause@0,
+TraitClause@1]}
*/
/**
-A monomorphic instance of core.result.unwrap_41
+A monomorphic instance of core.result.unwrap_26
with types uint8_t[8size_t], core_array_TryFromSliceError
*/
-static inline void unwrap_41_ac(Result_56 self, uint8_t ret[8U]) {
+static inline void unwrap_26_68(Result_15 self, uint8_t ret[8U]) {
if (self.tag == Ok) {
uint8_t f0[8U];
memcpy(f0, self.val.case_Ok, (size_t)8U * sizeof(uint8_t));
@@ -736,39 +1468,30 @@ static inline void unwrap_41_ac(Result_56 self, uint8_t ret[8U]) {
}
}
-typedef struct Eurydice_slice_uint8_t_x2_s {
- Eurydice_slice fst;
- Eurydice_slice snd;
-} Eurydice_slice_uint8_t_x2;
-
-typedef struct Eurydice_slice_uint8_t_1size_t__x2_s {
- Eurydice_slice fst[1U];
- Eurydice_slice snd[1U];
-} Eurydice_slice_uint8_t_1size_t__x2;
-
#if defined(__cplusplus)
}
#endif
-#define __libcrux_core_H_DEFINED
-#endif
+#define libcrux_mlkem_core_H_DEFINED
+#endif /* libcrux_mlkem_core_H */
-/* from libcrux/libcrux-ml-kem/cg/libcrux_ct_ops.h */
+/* from libcrux/libcrux-ml-kem/extracts/c_header_only/generated/libcrux_ct_ops.h */
/*
- * SPDX-FileCopyrightText: 2024 Cryspen Sarl <info@cryspen.com>
+ * SPDX-FileCopyrightText: 2025 Cryspen Sarl <info@cryspen.com>
*
* SPDX-License-Identifier: MIT or Apache-2.0
*
* This code was generated with the following revisions:
- * Charon: 6b5e110342a771a3e1c739b10294b1778e4be8b4
- * Eurydice: 31be7d65ca5d6acdacfb33652e478d24dd85c1cb
- * Karamel: 3205d3365ea2790b02368f79fcee38e38d0b5908
- * F*: a32b316e521fa4f239b610ec8f1d15e78d62cbe8-dirty
- * Libcrux: 4ad532b206174114dd4140b718e7794a28fc59ee
+ * Charon: 667d2fc98984ff7f3df989c2367e6c1fa4a000e7
+ * Eurydice: 2381cbc416ef2ad0b561c362c500bc84f36b6785
+ * Karamel: 80f5435f2fc505973c469a4afcc8d875cddd0d8b
+ * F*: 71d8221589d4d438af3706d89cb653cf53e18aab
+ * Libcrux: 68dfed5a4a9e40277f62828471c029afed1ecdcc
*/
-#ifndef __libcrux_ct_ops_H
-#define __libcrux_ct_ops_H
+#ifndef libcrux_ct_ops_H
+#define libcrux_ct_ops_H
+
#if defined(__cplusplus)
extern "C" {
@@ -778,14 +1501,12 @@ extern "C" {
/**
Return 1 if `value` is not zero and 0 otherwise.
*/
-static inline uint8_t libcrux_ml_kem_constant_time_ops_inz(uint8_t value) {
+static KRML_NOINLINE uint8_t
+libcrux_ml_kem_constant_time_ops_inz(uint8_t value) {
uint16_t value0 = (uint16_t)value;
- uint16_t result = (((uint32_t)value0 |
- (uint32_t)core_num__u16_7__wrapping_add(~value0, 1U)) &
- 0xFFFFU) >>
- 8U &
- 1U;
- return (uint8_t)result;
+ uint8_t result =
+ (uint8_t)((uint32_t)core_num__u16__wrapping_add(~value0, 1U) >> 8U);
+ return (uint32_t)result & 1U;
}
static KRML_NOINLINE uint8_t
@@ -797,14 +1518,15 @@ libcrux_ml_kem_constant_time_ops_is_non_zero(uint8_t value) {
Return 1 if the bytes of `lhs` and `rhs` do not exactly
match and 0 otherwise.
*/
-static inline uint8_t libcrux_ml_kem_constant_time_ops_compare(
+static KRML_NOINLINE uint8_t libcrux_ml_kem_constant_time_ops_compare(
Eurydice_slice lhs, Eurydice_slice rhs) {
uint8_t r = 0U;
for (size_t i = (size_t)0U; i < Eurydice_slice_len(lhs, uint8_t); i++) {
size_t i0 = i;
- r = (uint32_t)r |
- ((uint32_t)Eurydice_slice_index(lhs, i0, uint8_t, uint8_t *) ^
- (uint32_t)Eurydice_slice_index(rhs, i0, uint8_t, uint8_t *));
+ uint8_t nr = (uint32_t)r |
+ ((uint32_t)Eurydice_slice_index(lhs, i0, uint8_t, uint8_t *) ^
+ (uint32_t)Eurydice_slice_index(rhs, i0, uint8_t, uint8_t *));
+ r = nr;
}
return libcrux_ml_kem_constant_time_ops_is_non_zero(r);
}
@@ -819,19 +1541,21 @@ libcrux_ml_kem_constant_time_ops_compare_ciphertexts_in_constant_time(
If `selector` is not zero, return the bytes in `rhs`; return the bytes in
`lhs` otherwise.
*/
-static inline void libcrux_ml_kem_constant_time_ops_select_ct(
+static KRML_NOINLINE void libcrux_ml_kem_constant_time_ops_select_ct(
Eurydice_slice lhs, Eurydice_slice rhs, uint8_t selector,
uint8_t ret[32U]) {
- uint8_t mask = core_num__u8_6__wrapping_sub(
+ uint8_t mask = core_num__u8__wrapping_sub(
libcrux_ml_kem_constant_time_ops_is_non_zero(selector), 1U);
uint8_t out[32U] = {0U};
for (size_t i = (size_t)0U; i < LIBCRUX_ML_KEM_CONSTANTS_SHARED_SECRET_SIZE;
i++) {
size_t i0 = i;
- out[i0] = ((uint32_t)Eurydice_slice_index(lhs, i0, uint8_t, uint8_t *) &
- (uint32_t)mask) |
- ((uint32_t)Eurydice_slice_index(rhs, i0, uint8_t, uint8_t *) &
- (uint32_t)~mask);
+ uint8_t outi =
+ ((uint32_t)Eurydice_slice_index(lhs, i0, uint8_t, uint8_t *) &
+ (uint32_t)mask) |
+ ((uint32_t)Eurydice_slice_index(rhs, i0, uint8_t, uint8_t *) &
+ (uint32_t)~mask);
+ out[i0] = outi;
}
memcpy(ret, out, (size_t)32U * sizeof(uint8_t));
}
@@ -843,7 +1567,7 @@ libcrux_ml_kem_constant_time_ops_select_shared_secret_in_constant_time(
libcrux_ml_kem_constant_time_ops_select_ct(lhs, rhs, selector, ret);
}
-static inline void
+static KRML_NOINLINE void
libcrux_ml_kem_constant_time_ops_compare_ciphertexts_select_shared_secret_in_constant_time(
Eurydice_slice lhs_c, Eurydice_slice rhs_c, Eurydice_slice lhs_s,
Eurydice_slice rhs_s, uint8_t ret[32U]) {
@@ -860,186 +1584,142 @@ libcrux_ml_kem_constant_time_ops_compare_ciphertexts_select_shared_secret_in_con
}
#endif
-#define __libcrux_ct_ops_H_DEFINED
-#endif
+#define libcrux_ct_ops_H_DEFINED
+#endif /* libcrux_ct_ops_H */
-/* from libcrux/libcrux-ml-kem/cg/libcrux_sha3_portable.h */
+/* from libcrux/libcrux-ml-kem/extracts/c_header_only/generated/libcrux_sha3_portable.h */
/*
- * SPDX-FileCopyrightText: 2024 Cryspen Sarl <info@cryspen.com>
+ * SPDX-FileCopyrightText: 2025 Cryspen Sarl <info@cryspen.com>
*
* SPDX-License-Identifier: MIT or Apache-2.0
*
* This code was generated with the following revisions:
- * Charon: 6b5e110342a771a3e1c739b10294b1778e4be8b4
- * Eurydice: 31be7d65ca5d6acdacfb33652e478d24dd85c1cb
- * Karamel: 3205d3365ea2790b02368f79fcee38e38d0b5908
- * F*: a32b316e521fa4f239b610ec8f1d15e78d62cbe8-dirty
- * Libcrux: 4ad532b206174114dd4140b718e7794a28fc59ee
+ * Charon: 667d2fc98984ff7f3df989c2367e6c1fa4a000e7
+ * Eurydice: 2381cbc416ef2ad0b561c362c500bc84f36b6785
+ * Karamel: 80f5435f2fc505973c469a4afcc8d875cddd0d8b
+ * F*: 71d8221589d4d438af3706d89cb653cf53e18aab
+ * Libcrux: 68dfed5a4a9e40277f62828471c029afed1ecdcc
*/
-#ifndef __libcrux_sha3_portable_H
-#define __libcrux_sha3_portable_H
+#ifndef libcrux_sha3_portable_H
+#define libcrux_sha3_portable_H
+
#if defined(__cplusplus)
extern "C" {
#endif
-static const uint64_t libcrux_sha3_generic_keccak_ROUNDCONSTANTS[24U] = {
- 1ULL,
- 32898ULL,
- 9223372036854808714ULL,
- 9223372039002292224ULL,
- 32907ULL,
- 2147483649ULL,
- 9223372039002292353ULL,
- 9223372036854808585ULL,
- 138ULL,
- 136ULL,
- 2147516425ULL,
- 2147483658ULL,
- 2147516555ULL,
- 9223372036854775947ULL,
- 9223372036854808713ULL,
- 9223372036854808579ULL,
- 9223372036854808578ULL,
- 9223372036854775936ULL,
- 32778ULL,
- 9223372039002259466ULL,
- 9223372039002292353ULL,
- 9223372036854808704ULL,
- 2147483649ULL,
- 9223372039002292232ULL};
-
/**
-This function found in impl {(libcrux_sha3::traits::internal::KeccakItem<1:
-usize> for u64)}
+This function found in impl {libcrux_sha3::traits::KeccakItem<1usize> for u64}
*/
-static KRML_MUSTINLINE uint64_t libcrux_sha3_portable_keccak_zero_5a(void) {
+static KRML_MUSTINLINE uint64_t libcrux_sha3_simd_portable_zero_d2(void) {
return 0ULL;
}
-static KRML_MUSTINLINE uint64_t libcrux_sha3_portable_keccak__veor5q_u64(
+static KRML_MUSTINLINE uint64_t libcrux_sha3_simd_portable__veor5q_u64(
uint64_t a, uint64_t b, uint64_t c, uint64_t d, uint64_t e) {
- uint64_t ab = a ^ b;
- uint64_t cd = c ^ d;
- uint64_t abcd = ab ^ cd;
- return abcd ^ e;
+ return (((a ^ b) ^ c) ^ d) ^ e;
}
/**
-This function found in impl {(libcrux_sha3::traits::internal::KeccakItem<1:
-usize> for u64)}
+This function found in impl {libcrux_sha3::traits::KeccakItem<1usize> for u64}
*/
-static KRML_MUSTINLINE uint64_t libcrux_sha3_portable_keccak_xor5_5a(
+static KRML_MUSTINLINE uint64_t libcrux_sha3_simd_portable_xor5_d2(
uint64_t a, uint64_t b, uint64_t c, uint64_t d, uint64_t e) {
- return libcrux_sha3_portable_keccak__veor5q_u64(a, b, c, d, e);
+ return libcrux_sha3_simd_portable__veor5q_u64(a, b, c, d, e);
}
/**
-A monomorphic instance of libcrux_sha3.portable_keccak.rotate_left
+A monomorphic instance of libcrux_sha3.simd.portable.rotate_left
with const generics
- LEFT= 1
- RIGHT= 63
*/
static KRML_MUSTINLINE uint64_t
-libcrux_sha3_portable_keccak_rotate_left_cb(uint64_t x) {
- return x << (uint32_t)(int32_t)1 | x >> (uint32_t)(int32_t)63;
+libcrux_sha3_simd_portable_rotate_left_76(uint64_t x) {
+ return core_num__u64__rotate_left(x, (uint32_t)(int32_t)1);
}
static KRML_MUSTINLINE uint64_t
-libcrux_sha3_portable_keccak__vrax1q_u64(uint64_t a, uint64_t b) {
+libcrux_sha3_simd_portable__vrax1q_u64(uint64_t a, uint64_t b) {
uint64_t uu____0 = a;
- return uu____0 ^ libcrux_sha3_portable_keccak_rotate_left_cb(b);
+ return uu____0 ^ libcrux_sha3_simd_portable_rotate_left_76(b);
}
/**
-This function found in impl {(libcrux_sha3::traits::internal::KeccakItem<1:
-usize> for u64)}
+This function found in impl {libcrux_sha3::traits::KeccakItem<1usize> for u64}
*/
static KRML_MUSTINLINE uint64_t
-libcrux_sha3_portable_keccak_rotate_left1_and_xor_5a(uint64_t a, uint64_t b) {
- return libcrux_sha3_portable_keccak__vrax1q_u64(a, b);
+libcrux_sha3_simd_portable_rotate_left1_and_xor_d2(uint64_t a, uint64_t b) {
+ return libcrux_sha3_simd_portable__vrax1q_u64(a, b);
}
static KRML_MUSTINLINE uint64_t
-libcrux_sha3_portable_keccak__vbcaxq_u64(uint64_t a, uint64_t b, uint64_t c) {
+libcrux_sha3_simd_portable__vbcaxq_u64(uint64_t a, uint64_t b, uint64_t c) {
return a ^ (b & ~c);
}
/**
-This function found in impl {(libcrux_sha3::traits::internal::KeccakItem<1:
-usize> for u64)}
+This function found in impl {libcrux_sha3::traits::KeccakItem<1usize> for u64}
*/
-static KRML_MUSTINLINE uint64_t libcrux_sha3_portable_keccak_and_not_xor_5a(
- uint64_t a, uint64_t b, uint64_t c) {
- return libcrux_sha3_portable_keccak__vbcaxq_u64(a, b, c);
+static KRML_MUSTINLINE uint64_t
+libcrux_sha3_simd_portable_and_not_xor_d2(uint64_t a, uint64_t b, uint64_t c) {
+ return libcrux_sha3_simd_portable__vbcaxq_u64(a, b, c);
}
static KRML_MUSTINLINE uint64_t
-libcrux_sha3_portable_keccak__veorq_n_u64(uint64_t a, uint64_t c) {
+libcrux_sha3_simd_portable__veorq_n_u64(uint64_t a, uint64_t c) {
return a ^ c;
}
/**
-This function found in impl {(libcrux_sha3::traits::internal::KeccakItem<1:
-usize> for u64)}
+This function found in impl {libcrux_sha3::traits::KeccakItem<1usize> for u64}
*/
static KRML_MUSTINLINE uint64_t
-libcrux_sha3_portable_keccak_xor_constant_5a(uint64_t a, uint64_t c) {
- return libcrux_sha3_portable_keccak__veorq_n_u64(a, c);
+libcrux_sha3_simd_portable_xor_constant_d2(uint64_t a, uint64_t c) {
+ return libcrux_sha3_simd_portable__veorq_n_u64(a, c);
}
/**
-This function found in impl {(libcrux_sha3::traits::internal::KeccakItem<1:
-usize> for u64)}
+This function found in impl {libcrux_sha3::traits::KeccakItem<1usize> for u64}
*/
-static KRML_MUSTINLINE uint64_t
-libcrux_sha3_portable_keccak_xor_5a(uint64_t a, uint64_t b) {
+static KRML_MUSTINLINE uint64_t libcrux_sha3_simd_portable_xor_d2(uint64_t a,
+ uint64_t b) {
return a ^ b;
}
-static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_slice_1(
- Eurydice_slice a[1U], size_t start, size_t len, Eurydice_slice ret[1U]) {
- ret[0U] = Eurydice_slice_subslice2(a[0U], start, start + len, uint8_t);
-}
+static const uint64_t
+ libcrux_sha3_generic_keccak_constants_ROUNDCONSTANTS[24U] = {
+ 1ULL,
+ 32898ULL,
+ 9223372036854808714ULL,
+ 9223372039002292224ULL,
+ 32907ULL,
+ 2147483649ULL,
+ 9223372039002292353ULL,
+ 9223372036854808585ULL,
+ 138ULL,
+ 136ULL,
+ 2147516425ULL,
+ 2147483658ULL,
+ 2147516555ULL,
+ 9223372036854775947ULL,
+ 9223372036854808713ULL,
+ 9223372036854808579ULL,
+ 9223372036854808578ULL,
+ 9223372036854775936ULL,
+ 32778ULL,
+ 9223372039002259466ULL,
+ 9223372039002292353ULL,
+ 9223372036854808704ULL,
+ 2147483649ULL,
+ 9223372039002292232ULL};
-/**
-This function found in impl {(libcrux_sha3::traits::internal::KeccakItem<1:
-usize> for u64)}
-*/
-static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_slice_n_5a(
- Eurydice_slice a[1U], size_t start, size_t len, Eurydice_slice ret[1U]) {
- /* Passing arrays by value in Rust generates a copy in C */
- Eurydice_slice copy_of_a[1U];
- memcpy(copy_of_a, a, (size_t)1U * sizeof(Eurydice_slice));
- Eurydice_slice ret0[1U];
- libcrux_sha3_portable_keccak_slice_1(copy_of_a, start, len, ret0);
- memcpy(ret, ret0, (size_t)1U * sizeof(Eurydice_slice));
-}
-
-static KRML_MUSTINLINE Eurydice_slice_uint8_t_1size_t__x2
-libcrux_sha3_portable_keccak_split_at_mut_1(Eurydice_slice out[1U],
- size_t mid) {
- Eurydice_slice_uint8_t_x2 uu____0 = Eurydice_slice_split_at_mut(
- out[0U], mid, uint8_t, Eurydice_slice_uint8_t_x2);
- Eurydice_slice out00 = uu____0.fst;
- Eurydice_slice out01 = uu____0.snd;
- Eurydice_slice_uint8_t_1size_t__x2 lit;
- lit.fst[0U] = out00;
- lit.snd[0U] = out01;
- return lit;
-}
-
-/**
-This function found in impl {(libcrux_sha3::traits::internal::KeccakItem<1:
-usize> for u64)}
-*/
-static KRML_MUSTINLINE Eurydice_slice_uint8_t_1size_t__x2
-libcrux_sha3_portable_keccak_split_at_mut_n_5a(Eurydice_slice a[1U],
- size_t mid) {
- return libcrux_sha3_portable_keccak_split_at_mut_1(a, mid);
-}
+typedef struct size_t_x2_s {
+ size_t fst;
+ size_t snd;
+} size_t_x2;
/**
A monomorphic instance of libcrux_sha3.generic_keccak.KeccakState
@@ -1047,2072 +1727,2128 @@ with types uint64_t
with const generics
- $1size_t
*/
-typedef struct libcrux_sha3_generic_keccak_KeccakState_48_s {
- uint64_t st[5U][5U];
-} libcrux_sha3_generic_keccak_KeccakState_48;
+typedef struct libcrux_sha3_generic_keccak_KeccakState_17_s {
+ uint64_t st[25U];
+} libcrux_sha3_generic_keccak_KeccakState_17;
-/**
- Create a new Shake128 x4 state.
-*/
/**
This function found in impl {libcrux_sha3::generic_keccak::KeccakState<T,
-N>[TraitClause@0]#1}
+N>[TraitClause@0, TraitClause@1]}
*/
/**
-A monomorphic instance of libcrux_sha3.generic_keccak.new_1e
+A monomorphic instance of libcrux_sha3.generic_keccak.new_80
with types uint64_t
with const generics
- N= 1
*/
-static KRML_MUSTINLINE libcrux_sha3_generic_keccak_KeccakState_48
-libcrux_sha3_generic_keccak_new_1e_f4(void) {
- libcrux_sha3_generic_keccak_KeccakState_48 lit;
- lit.st[0U][0U] = libcrux_sha3_portable_keccak_zero_5a();
- lit.st[0U][1U] = libcrux_sha3_portable_keccak_zero_5a();
- lit.st[0U][2U] = libcrux_sha3_portable_keccak_zero_5a();
- lit.st[0U][3U] = libcrux_sha3_portable_keccak_zero_5a();
- lit.st[0U][4U] = libcrux_sha3_portable_keccak_zero_5a();
- lit.st[1U][0U] = libcrux_sha3_portable_keccak_zero_5a();
- lit.st[1U][1U] = libcrux_sha3_portable_keccak_zero_5a();
- lit.st[1U][2U] = libcrux_sha3_portable_keccak_zero_5a();
- lit.st[1U][3U] = libcrux_sha3_portable_keccak_zero_5a();
- lit.st[1U][4U] = libcrux_sha3_portable_keccak_zero_5a();
- lit.st[2U][0U] = libcrux_sha3_portable_keccak_zero_5a();
- lit.st[2U][1U] = libcrux_sha3_portable_keccak_zero_5a();
- lit.st[2U][2U] = libcrux_sha3_portable_keccak_zero_5a();
- lit.st[2U][3U] = libcrux_sha3_portable_keccak_zero_5a();
- lit.st[2U][4U] = libcrux_sha3_portable_keccak_zero_5a();
- lit.st[3U][0U] = libcrux_sha3_portable_keccak_zero_5a();
- lit.st[3U][1U] = libcrux_sha3_portable_keccak_zero_5a();
- lit.st[3U][2U] = libcrux_sha3_portable_keccak_zero_5a();
- lit.st[3U][3U] = libcrux_sha3_portable_keccak_zero_5a();
- lit.st[3U][4U] = libcrux_sha3_portable_keccak_zero_5a();
- lit.st[4U][0U] = libcrux_sha3_portable_keccak_zero_5a();
- lit.st[4U][1U] = libcrux_sha3_portable_keccak_zero_5a();
- lit.st[4U][2U] = libcrux_sha3_portable_keccak_zero_5a();
- lit.st[4U][3U] = libcrux_sha3_portable_keccak_zero_5a();
- lit.st[4U][4U] = libcrux_sha3_portable_keccak_zero_5a();
+static KRML_MUSTINLINE libcrux_sha3_generic_keccak_KeccakState_17
+libcrux_sha3_generic_keccak_new_80_04(void) {
+ libcrux_sha3_generic_keccak_KeccakState_17 lit;
+ uint64_t repeat_expression[25U];
+ for (size_t i = (size_t)0U; i < (size_t)25U; i++) {
+ repeat_expression[i] = libcrux_sha3_simd_portable_zero_d2();
+ }
+ memcpy(lit.st, repeat_expression, (size_t)25U * sizeof(uint64_t));
return lit;
}
/**
-A monomorphic instance of libcrux_sha3.portable_keccak.load_block
+A monomorphic instance of libcrux_sha3.traits.get_ij
+with types uint64_t
+with const generics
+- N= 1
+*/
+static KRML_MUSTINLINE uint64_t *libcrux_sha3_traits_get_ij_04(uint64_t *arr,
+ size_t i,
+ size_t j) {
+ return &arr[(size_t)5U * j + i];
+}
+
+/**
+A monomorphic instance of libcrux_sha3.traits.set_ij
+with types uint64_t
+with const generics
+- N= 1
+*/
+static KRML_MUSTINLINE void libcrux_sha3_traits_set_ij_04(uint64_t *arr,
+ size_t i, size_t j,
+ uint64_t value) {
+ arr[(size_t)5U * j + i] = value;
+}
+
+/**
+A monomorphic instance of libcrux_sha3.simd.portable.load_block
with const generics
- RATE= 72
*/
-static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_load_block_2c(
- uint64_t (*s)[5U], Eurydice_slice blocks[1U]) {
+static KRML_MUSTINLINE void libcrux_sha3_simd_portable_load_block_f8(
+ uint64_t *state, Eurydice_slice blocks, size_t start) {
+ uint64_t state_flat[25U] = {0U};
for (size_t i = (size_t)0U; i < (size_t)72U / (size_t)8U; i++) {
size_t i0 = i;
+ size_t offset = start + (size_t)8U * i0;
uint8_t uu____0[8U];
- Result_56 dst;
+ Result_15 dst;
Eurydice_slice_to_array2(
&dst,
- Eurydice_slice_subslice2(blocks[0U], (size_t)8U * i0,
- (size_t)8U * i0 + (size_t)8U, uint8_t),
- Eurydice_slice, uint8_t[8U]);
- unwrap_41_ac(dst, uu____0);
- size_t uu____1 = i0 / (size_t)5U;
- size_t uu____2 = i0 % (size_t)5U;
- s[uu____1][uu____2] =
- s[uu____1][uu____2] ^ core_num__u64_9__from_le_bytes(uu____0);
+ Eurydice_slice_subslice3(blocks, offset, offset + (size_t)8U,
+ uint8_t *),
+ Eurydice_slice, uint8_t[8U], TryFromSliceError);
+ unwrap_26_68(dst, uu____0);
+ state_flat[i0] = core_num__u64__from_le_bytes(uu____0);
+ }
+ for (size_t i = (size_t)0U; i < (size_t)72U / (size_t)8U; i++) {
+ size_t i0 = i;
+ libcrux_sha3_traits_set_ij_04(
+ state, i0 / (size_t)5U, i0 % (size_t)5U,
+ libcrux_sha3_traits_get_ij_04(state, i0 / (size_t)5U,
+ i0 % (size_t)5U)[0U] ^
+ state_flat[i0]);
}
}
/**
-This function found in impl {(libcrux_sha3::traits::internal::KeccakItem<1:
-usize> for u64)}
+This function found in impl {libcrux_sha3::traits::Absorb<1usize> for
+libcrux_sha3::generic_keccak::KeccakState<u64, 1usize>[core::marker::Sized<u64>,
+libcrux_sha3::simd::portable::{libcrux_sha3::traits::KeccakItem<1usize> for
+u64}]}
*/
/**
-A monomorphic instance of libcrux_sha3.portable_keccak.load_block_5a
+A monomorphic instance of libcrux_sha3.simd.portable.load_block_a1
with const generics
- RATE= 72
*/
-static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_load_block_5a_b8(
- uint64_t (*a)[5U], Eurydice_slice b[1U]) {
- uint64_t(*uu____0)[5U] = a;
- /* Passing arrays by value in Rust generates a copy in C */
- Eurydice_slice copy_of_b[1U];
- memcpy(copy_of_b, b, (size_t)1U * sizeof(Eurydice_slice));
- libcrux_sha3_portable_keccak_load_block_2c(uu____0, copy_of_b);
+static inline void libcrux_sha3_simd_portable_load_block_a1_f8(
+ libcrux_sha3_generic_keccak_KeccakState_17 *self, Eurydice_slice *input,
+ size_t start) {
+ libcrux_sha3_simd_portable_load_block_f8(self->st, input[0U], start);
}
/**
-A monomorphic instance of libcrux_sha3.portable_keccak.rotate_left
-with const generics
-- LEFT= 36
-- RIGHT= 28
-*/
-static KRML_MUSTINLINE uint64_t
-libcrux_sha3_portable_keccak_rotate_left_cb0(uint64_t x) {
- return x << (uint32_t)(int32_t)36 | x >> (uint32_t)(int32_t)28;
-}
-
-/**
-A monomorphic instance of libcrux_sha3.portable_keccak._vxarq_u64
-with const generics
-- LEFT= 36
-- RIGHT= 28
-*/
-static KRML_MUSTINLINE uint64_t
-libcrux_sha3_portable_keccak__vxarq_u64_42(uint64_t a, uint64_t b) {
- uint64_t ab = a ^ b;
- return libcrux_sha3_portable_keccak_rotate_left_cb0(ab);
-}
-
-/**
-This function found in impl {(libcrux_sha3::traits::internal::KeccakItem<1:
-usize> for u64)}
-*/
-/**
-A monomorphic instance of libcrux_sha3.portable_keccak.xor_and_rotate_5a
-with const generics
-- LEFT= 36
-- RIGHT= 28
-*/
-static KRML_MUSTINLINE uint64_t
-libcrux_sha3_portable_keccak_xor_and_rotate_5a_bb(uint64_t a, uint64_t b) {
- return libcrux_sha3_portable_keccak__vxarq_u64_42(a, b);
-}
-
-/**
-A monomorphic instance of libcrux_sha3.portable_keccak.rotate_left
-with const generics
-- LEFT= 3
-- RIGHT= 61
-*/
-static KRML_MUSTINLINE uint64_t
-libcrux_sha3_portable_keccak_rotate_left_cb1(uint64_t x) {
- return x << (uint32_t)(int32_t)3 | x >> (uint32_t)(int32_t)61;
-}
-
-/**
-A monomorphic instance of libcrux_sha3.portable_keccak._vxarq_u64
-with const generics
-- LEFT= 3
-- RIGHT= 61
-*/
-static KRML_MUSTINLINE uint64_t
-libcrux_sha3_portable_keccak__vxarq_u64_420(uint64_t a, uint64_t b) {
- uint64_t ab = a ^ b;
- return libcrux_sha3_portable_keccak_rotate_left_cb1(ab);
-}
-
-/**
-This function found in impl {(libcrux_sha3::traits::internal::KeccakItem<1:
-usize> for u64)}
-*/
-/**
-A monomorphic instance of libcrux_sha3.portable_keccak.xor_and_rotate_5a
-with const generics
-- LEFT= 3
-- RIGHT= 61
-*/
-static KRML_MUSTINLINE uint64_t
-libcrux_sha3_portable_keccak_xor_and_rotate_5a_bb0(uint64_t a, uint64_t b) {
- return libcrux_sha3_portable_keccak__vxarq_u64_420(a, b);
-}
-
-/**
-A monomorphic instance of libcrux_sha3.portable_keccak.rotate_left
-with const generics
-- LEFT= 41
-- RIGHT= 23
-*/
-static KRML_MUSTINLINE uint64_t
-libcrux_sha3_portable_keccak_rotate_left_cb2(uint64_t x) {
- return x << (uint32_t)(int32_t)41 | x >> (uint32_t)(int32_t)23;
-}
-
-/**
-A monomorphic instance of libcrux_sha3.portable_keccak._vxarq_u64
-with const generics
-- LEFT= 41
-- RIGHT= 23
-*/
-static KRML_MUSTINLINE uint64_t
-libcrux_sha3_portable_keccak__vxarq_u64_421(uint64_t a, uint64_t b) {
- uint64_t ab = a ^ b;
- return libcrux_sha3_portable_keccak_rotate_left_cb2(ab);
-}
-
-/**
-This function found in impl {(libcrux_sha3::traits::internal::KeccakItem<1:
-usize> for u64)}
-*/
-/**
-A monomorphic instance of libcrux_sha3.portable_keccak.xor_and_rotate_5a
-with const generics
-- LEFT= 41
-- RIGHT= 23
-*/
-static KRML_MUSTINLINE uint64_t
-libcrux_sha3_portable_keccak_xor_and_rotate_5a_bb1(uint64_t a, uint64_t b) {
- return libcrux_sha3_portable_keccak__vxarq_u64_421(a, b);
-}
-
-/**
-A monomorphic instance of libcrux_sha3.portable_keccak.rotate_left
-with const generics
-- LEFT= 18
-- RIGHT= 46
-*/
-static KRML_MUSTINLINE uint64_t
-libcrux_sha3_portable_keccak_rotate_left_cb3(uint64_t x) {
- return x << (uint32_t)(int32_t)18 | x >> (uint32_t)(int32_t)46;
-}
-
-/**
-A monomorphic instance of libcrux_sha3.portable_keccak._vxarq_u64
-with const generics
-- LEFT= 18
-- RIGHT= 46
-*/
-static KRML_MUSTINLINE uint64_t
-libcrux_sha3_portable_keccak__vxarq_u64_422(uint64_t a, uint64_t b) {
- uint64_t ab = a ^ b;
- return libcrux_sha3_portable_keccak_rotate_left_cb3(ab);
-}
-
-/**
-This function found in impl {(libcrux_sha3::traits::internal::KeccakItem<1:
-usize> for u64)}
-*/
-/**
-A monomorphic instance of libcrux_sha3.portable_keccak.xor_and_rotate_5a
-with const generics
-- LEFT= 18
-- RIGHT= 46
-*/
-static KRML_MUSTINLINE uint64_t
-libcrux_sha3_portable_keccak_xor_and_rotate_5a_bb2(uint64_t a, uint64_t b) {
- return libcrux_sha3_portable_keccak__vxarq_u64_422(a, b);
-}
-
-/**
-A monomorphic instance of libcrux_sha3.portable_keccak._vxarq_u64
-with const generics
-- LEFT= 1
-- RIGHT= 63
-*/
-static KRML_MUSTINLINE uint64_t
-libcrux_sha3_portable_keccak__vxarq_u64_423(uint64_t a, uint64_t b) {
- uint64_t ab = a ^ b;
- return libcrux_sha3_portable_keccak_rotate_left_cb(ab);
-}
-
-/**
-This function found in impl {(libcrux_sha3::traits::internal::KeccakItem<1:
-usize> for u64)}
-*/
-/**
-A monomorphic instance of libcrux_sha3.portable_keccak.xor_and_rotate_5a
-with const generics
-- LEFT= 1
-- RIGHT= 63
-*/
-static KRML_MUSTINLINE uint64_t
-libcrux_sha3_portable_keccak_xor_and_rotate_5a_bb3(uint64_t a, uint64_t b) {
- return libcrux_sha3_portable_keccak__vxarq_u64_423(a, b);
-}
-
-/**
-A monomorphic instance of libcrux_sha3.portable_keccak.rotate_left
-with const generics
-- LEFT= 44
-- RIGHT= 20
-*/
-static KRML_MUSTINLINE uint64_t
-libcrux_sha3_portable_keccak_rotate_left_cb4(uint64_t x) {
- return x << (uint32_t)(int32_t)44 | x >> (uint32_t)(int32_t)20;
-}
-
-/**
-A monomorphic instance of libcrux_sha3.portable_keccak._vxarq_u64
-with const generics
-- LEFT= 44
-- RIGHT= 20
-*/
-static KRML_MUSTINLINE uint64_t
-libcrux_sha3_portable_keccak__vxarq_u64_424(uint64_t a, uint64_t b) {
- uint64_t ab = a ^ b;
- return libcrux_sha3_portable_keccak_rotate_left_cb4(ab);
-}
-
-/**
-This function found in impl {(libcrux_sha3::traits::internal::KeccakItem<1:
-usize> for u64)}
-*/
-/**
-A monomorphic instance of libcrux_sha3.portable_keccak.xor_and_rotate_5a
-with const generics
-- LEFT= 44
-- RIGHT= 20
-*/
-static KRML_MUSTINLINE uint64_t
-libcrux_sha3_portable_keccak_xor_and_rotate_5a_bb4(uint64_t a, uint64_t b) {
- return libcrux_sha3_portable_keccak__vxarq_u64_424(a, b);
-}
-
-/**
-A monomorphic instance of libcrux_sha3.portable_keccak.rotate_left
-with const generics
-- LEFT= 10
-- RIGHT= 54
-*/
-static KRML_MUSTINLINE uint64_t
-libcrux_sha3_portable_keccak_rotate_left_cb5(uint64_t x) {
- return x << (uint32_t)(int32_t)10 | x >> (uint32_t)(int32_t)54;
-}
-
-/**
-A monomorphic instance of libcrux_sha3.portable_keccak._vxarq_u64
-with const generics
-- LEFT= 10
-- RIGHT= 54
-*/
-static KRML_MUSTINLINE uint64_t
-libcrux_sha3_portable_keccak__vxarq_u64_425(uint64_t a, uint64_t b) {
- uint64_t ab = a ^ b;
- return libcrux_sha3_portable_keccak_rotate_left_cb5(ab);
-}
-
-/**
-This function found in impl {(libcrux_sha3::traits::internal::KeccakItem<1:
-usize> for u64)}
-*/
-/**
-A monomorphic instance of libcrux_sha3.portable_keccak.xor_and_rotate_5a
-with const generics
-- LEFT= 10
-- RIGHT= 54
-*/
-static KRML_MUSTINLINE uint64_t
-libcrux_sha3_portable_keccak_xor_and_rotate_5a_bb5(uint64_t a, uint64_t b) {
- return libcrux_sha3_portable_keccak__vxarq_u64_425(a, b);
-}
-
-/**
-A monomorphic instance of libcrux_sha3.portable_keccak.rotate_left
-with const generics
-- LEFT= 45
-- RIGHT= 19
-*/
-static KRML_MUSTINLINE uint64_t
-libcrux_sha3_portable_keccak_rotate_left_cb6(uint64_t x) {
- return x << (uint32_t)(int32_t)45 | x >> (uint32_t)(int32_t)19;
-}
-
-/**
-A monomorphic instance of libcrux_sha3.portable_keccak._vxarq_u64
-with const generics
-- LEFT= 45
-- RIGHT= 19
-*/
-static KRML_MUSTINLINE uint64_t
-libcrux_sha3_portable_keccak__vxarq_u64_426(uint64_t a, uint64_t b) {
- uint64_t ab = a ^ b;
- return libcrux_sha3_portable_keccak_rotate_left_cb6(ab);
-}
-
-/**
-This function found in impl {(libcrux_sha3::traits::internal::KeccakItem<1:
-usize> for u64)}
-*/
-/**
-A monomorphic instance of libcrux_sha3.portable_keccak.xor_and_rotate_5a
-with const generics
-- LEFT= 45
-- RIGHT= 19
-*/
-static KRML_MUSTINLINE uint64_t
-libcrux_sha3_portable_keccak_xor_and_rotate_5a_bb6(uint64_t a, uint64_t b) {
- return libcrux_sha3_portable_keccak__vxarq_u64_426(a, b);
-}
-
-/**
-A monomorphic instance of libcrux_sha3.portable_keccak.rotate_left
-with const generics
-- LEFT= 2
-- RIGHT= 62
-*/
-static KRML_MUSTINLINE uint64_t
-libcrux_sha3_portable_keccak_rotate_left_cb7(uint64_t x) {
- return x << (uint32_t)(int32_t)2 | x >> (uint32_t)(int32_t)62;
-}
-
-/**
-A monomorphic instance of libcrux_sha3.portable_keccak._vxarq_u64
-with const generics
-- LEFT= 2
-- RIGHT= 62
-*/
-static KRML_MUSTINLINE uint64_t
-libcrux_sha3_portable_keccak__vxarq_u64_427(uint64_t a, uint64_t b) {
- uint64_t ab = a ^ b;
- return libcrux_sha3_portable_keccak_rotate_left_cb7(ab);
-}
-
-/**
-This function found in impl {(libcrux_sha3::traits::internal::KeccakItem<1:
-usize> for u64)}
-*/
-/**
-A monomorphic instance of libcrux_sha3.portable_keccak.xor_and_rotate_5a
-with const generics
-- LEFT= 2
-- RIGHT= 62
-*/
-static KRML_MUSTINLINE uint64_t
-libcrux_sha3_portable_keccak_xor_and_rotate_5a_bb7(uint64_t a, uint64_t b) {
- return libcrux_sha3_portable_keccak__vxarq_u64_427(a, b);
-}
-
-/**
-A monomorphic instance of libcrux_sha3.portable_keccak.rotate_left
-with const generics
-- LEFT= 62
-- RIGHT= 2
-*/
-static KRML_MUSTINLINE uint64_t
-libcrux_sha3_portable_keccak_rotate_left_cb8(uint64_t x) {
- return x << (uint32_t)(int32_t)62 | x >> (uint32_t)(int32_t)2;
-}
-
-/**
-A monomorphic instance of libcrux_sha3.portable_keccak._vxarq_u64
-with const generics
-- LEFT= 62
-- RIGHT= 2
-*/
-static KRML_MUSTINLINE uint64_t
-libcrux_sha3_portable_keccak__vxarq_u64_428(uint64_t a, uint64_t b) {
- uint64_t ab = a ^ b;
- return libcrux_sha3_portable_keccak_rotate_left_cb8(ab);
-}
-
-/**
-This function found in impl {(libcrux_sha3::traits::internal::KeccakItem<1:
-usize> for u64)}
-*/
-/**
-A monomorphic instance of libcrux_sha3.portable_keccak.xor_and_rotate_5a
-with const generics
-- LEFT= 62
-- RIGHT= 2
-*/
-static KRML_MUSTINLINE uint64_t
-libcrux_sha3_portable_keccak_xor_and_rotate_5a_bb8(uint64_t a, uint64_t b) {
- return libcrux_sha3_portable_keccak__vxarq_u64_428(a, b);
-}
-
-/**
-A monomorphic instance of libcrux_sha3.portable_keccak.rotate_left
-with const generics
-- LEFT= 6
-- RIGHT= 58
-*/
-static KRML_MUSTINLINE uint64_t
-libcrux_sha3_portable_keccak_rotate_left_cb9(uint64_t x) {
- return x << (uint32_t)(int32_t)6 | x >> (uint32_t)(int32_t)58;
-}
-
-/**
-A monomorphic instance of libcrux_sha3.portable_keccak._vxarq_u64
-with const generics
-- LEFT= 6
-- RIGHT= 58
-*/
-static KRML_MUSTINLINE uint64_t
-libcrux_sha3_portable_keccak__vxarq_u64_429(uint64_t a, uint64_t b) {
- uint64_t ab = a ^ b;
- return libcrux_sha3_portable_keccak_rotate_left_cb9(ab);
-}
-
-/**
-This function found in impl {(libcrux_sha3::traits::internal::KeccakItem<1:
-usize> for u64)}
-*/
-/**
-A monomorphic instance of libcrux_sha3.portable_keccak.xor_and_rotate_5a
-with const generics
-- LEFT= 6
-- RIGHT= 58
-*/
-static KRML_MUSTINLINE uint64_t
-libcrux_sha3_portable_keccak_xor_and_rotate_5a_bb9(uint64_t a, uint64_t b) {
- return libcrux_sha3_portable_keccak__vxarq_u64_429(a, b);
-}
-
-/**
-A monomorphic instance of libcrux_sha3.portable_keccak.rotate_left
-with const generics
-- LEFT= 43
-- RIGHT= 21
-*/
-static KRML_MUSTINLINE uint64_t
-libcrux_sha3_portable_keccak_rotate_left_cb10(uint64_t x) {
- return x << (uint32_t)(int32_t)43 | x >> (uint32_t)(int32_t)21;
-}
-
-/**
-A monomorphic instance of libcrux_sha3.portable_keccak._vxarq_u64
-with const generics
-- LEFT= 43
-- RIGHT= 21
-*/
-static KRML_MUSTINLINE uint64_t
-libcrux_sha3_portable_keccak__vxarq_u64_4210(uint64_t a, uint64_t b) {
- uint64_t ab = a ^ b;
- return libcrux_sha3_portable_keccak_rotate_left_cb10(ab);
-}
-
-/**
-This function found in impl {(libcrux_sha3::traits::internal::KeccakItem<1:
-usize> for u64)}
-*/
-/**
-A monomorphic instance of libcrux_sha3.portable_keccak.xor_and_rotate_5a
-with const generics
-- LEFT= 43
-- RIGHT= 21
-*/
-static KRML_MUSTINLINE uint64_t
-libcrux_sha3_portable_keccak_xor_and_rotate_5a_bb10(uint64_t a, uint64_t b) {
- return libcrux_sha3_portable_keccak__vxarq_u64_4210(a, b);
-}
-
-/**
-A monomorphic instance of libcrux_sha3.portable_keccak.rotate_left
-with const generics
-- LEFT= 15
-- RIGHT= 49
-*/
-static KRML_MUSTINLINE uint64_t
-libcrux_sha3_portable_keccak_rotate_left_cb11(uint64_t x) {
- return x << (uint32_t)(int32_t)15 | x >> (uint32_t)(int32_t)49;
-}
-
-/**
-A monomorphic instance of libcrux_sha3.portable_keccak._vxarq_u64
-with const generics
-- LEFT= 15
-- RIGHT= 49
-*/
-static KRML_MUSTINLINE uint64_t
-libcrux_sha3_portable_keccak__vxarq_u64_4211(uint64_t a, uint64_t b) {
- uint64_t ab = a ^ b;
- return libcrux_sha3_portable_keccak_rotate_left_cb11(ab);
-}
-
-/**
-This function found in impl {(libcrux_sha3::traits::internal::KeccakItem<1:
-usize> for u64)}
-*/
-/**
-A monomorphic instance of libcrux_sha3.portable_keccak.xor_and_rotate_5a
-with const generics
-- LEFT= 15
-- RIGHT= 49
-*/
-static KRML_MUSTINLINE uint64_t
-libcrux_sha3_portable_keccak_xor_and_rotate_5a_bb11(uint64_t a, uint64_t b) {
- return libcrux_sha3_portable_keccak__vxarq_u64_4211(a, b);
-}
-
-/**
-A monomorphic instance of libcrux_sha3.portable_keccak.rotate_left
-with const generics
-- LEFT= 61
-- RIGHT= 3
-*/
-static KRML_MUSTINLINE uint64_t
-libcrux_sha3_portable_keccak_rotate_left_cb12(uint64_t x) {
- return x << (uint32_t)(int32_t)61 | x >> (uint32_t)(int32_t)3;
-}
-
-/**
-A monomorphic instance of libcrux_sha3.portable_keccak._vxarq_u64
-with const generics
-- LEFT= 61
-- RIGHT= 3
-*/
-static KRML_MUSTINLINE uint64_t
-libcrux_sha3_portable_keccak__vxarq_u64_4212(uint64_t a, uint64_t b) {
- uint64_t ab = a ^ b;
- return libcrux_sha3_portable_keccak_rotate_left_cb12(ab);
-}
-
-/**
-This function found in impl {(libcrux_sha3::traits::internal::KeccakItem<1:
-usize> for u64)}
-*/
-/**
-A monomorphic instance of libcrux_sha3.portable_keccak.xor_and_rotate_5a
-with const generics
-- LEFT= 61
-- RIGHT= 3
-*/
-static KRML_MUSTINLINE uint64_t
-libcrux_sha3_portable_keccak_xor_and_rotate_5a_bb12(uint64_t a, uint64_t b) {
- return libcrux_sha3_portable_keccak__vxarq_u64_4212(a, b);
-}
-
-/**
-A monomorphic instance of libcrux_sha3.portable_keccak.rotate_left
-with const generics
-- LEFT= 28
-- RIGHT= 36
-*/
-static KRML_MUSTINLINE uint64_t
-libcrux_sha3_portable_keccak_rotate_left_cb13(uint64_t x) {
- return x << (uint32_t)(int32_t)28 | x >> (uint32_t)(int32_t)36;
-}
-
-/**
-A monomorphic instance of libcrux_sha3.portable_keccak._vxarq_u64
-with const generics
-- LEFT= 28
-- RIGHT= 36
-*/
-static KRML_MUSTINLINE uint64_t
-libcrux_sha3_portable_keccak__vxarq_u64_4213(uint64_t a, uint64_t b) {
- uint64_t ab = a ^ b;
- return libcrux_sha3_portable_keccak_rotate_left_cb13(ab);
-}
-
-/**
-This function found in impl {(libcrux_sha3::traits::internal::KeccakItem<1:
-usize> for u64)}
-*/
-/**
-A monomorphic instance of libcrux_sha3.portable_keccak.xor_and_rotate_5a
-with const generics
-- LEFT= 28
-- RIGHT= 36
-*/
-static KRML_MUSTINLINE uint64_t
-libcrux_sha3_portable_keccak_xor_and_rotate_5a_bb13(uint64_t a, uint64_t b) {
- return libcrux_sha3_portable_keccak__vxarq_u64_4213(a, b);
-}
-
-/**
-A monomorphic instance of libcrux_sha3.portable_keccak.rotate_left
-with const generics
-- LEFT= 55
-- RIGHT= 9
-*/
-static KRML_MUSTINLINE uint64_t
-libcrux_sha3_portable_keccak_rotate_left_cb14(uint64_t x) {
- return x << (uint32_t)(int32_t)55 | x >> (uint32_t)(int32_t)9;
-}
-
-/**
-A monomorphic instance of libcrux_sha3.portable_keccak._vxarq_u64
-with const generics
-- LEFT= 55
-- RIGHT= 9
-*/
-static KRML_MUSTINLINE uint64_t
-libcrux_sha3_portable_keccak__vxarq_u64_4214(uint64_t a, uint64_t b) {
- uint64_t ab = a ^ b;
- return libcrux_sha3_portable_keccak_rotate_left_cb14(ab);
-}
-
-/**
-This function found in impl {(libcrux_sha3::traits::internal::KeccakItem<1:
-usize> for u64)}
-*/
-/**
-A monomorphic instance of libcrux_sha3.portable_keccak.xor_and_rotate_5a
-with const generics
-- LEFT= 55
-- RIGHT= 9
-*/
-static KRML_MUSTINLINE uint64_t
-libcrux_sha3_portable_keccak_xor_and_rotate_5a_bb14(uint64_t a, uint64_t b) {
- return libcrux_sha3_portable_keccak__vxarq_u64_4214(a, b);
-}
-
-/**
-A monomorphic instance of libcrux_sha3.portable_keccak.rotate_left
-with const generics
-- LEFT= 25
-- RIGHT= 39
-*/
-static KRML_MUSTINLINE uint64_t
-libcrux_sha3_portable_keccak_rotate_left_cb15(uint64_t x) {
- return x << (uint32_t)(int32_t)25 | x >> (uint32_t)(int32_t)39;
-}
-
-/**
-A monomorphic instance of libcrux_sha3.portable_keccak._vxarq_u64
-with const generics
-- LEFT= 25
-- RIGHT= 39
-*/
-static KRML_MUSTINLINE uint64_t
-libcrux_sha3_portable_keccak__vxarq_u64_4215(uint64_t a, uint64_t b) {
- uint64_t ab = a ^ b;
- return libcrux_sha3_portable_keccak_rotate_left_cb15(ab);
-}
-
-/**
-This function found in impl {(libcrux_sha3::traits::internal::KeccakItem<1:
-usize> for u64)}
-*/
-/**
-A monomorphic instance of libcrux_sha3.portable_keccak.xor_and_rotate_5a
-with const generics
-- LEFT= 25
-- RIGHT= 39
-*/
-static KRML_MUSTINLINE uint64_t
-libcrux_sha3_portable_keccak_xor_and_rotate_5a_bb15(uint64_t a, uint64_t b) {
- return libcrux_sha3_portable_keccak__vxarq_u64_4215(a, b);
-}
-
-/**
-A monomorphic instance of libcrux_sha3.portable_keccak.rotate_left
-with const generics
-- LEFT= 21
-- RIGHT= 43
-*/
-static KRML_MUSTINLINE uint64_t
-libcrux_sha3_portable_keccak_rotate_left_cb16(uint64_t x) {
- return x << (uint32_t)(int32_t)21 | x >> (uint32_t)(int32_t)43;
-}
-
-/**
-A monomorphic instance of libcrux_sha3.portable_keccak._vxarq_u64
-with const generics
-- LEFT= 21
-- RIGHT= 43
-*/
-static KRML_MUSTINLINE uint64_t
-libcrux_sha3_portable_keccak__vxarq_u64_4216(uint64_t a, uint64_t b) {
- uint64_t ab = a ^ b;
- return libcrux_sha3_portable_keccak_rotate_left_cb16(ab);
-}
-
-/**
-This function found in impl {(libcrux_sha3::traits::internal::KeccakItem<1:
-usize> for u64)}
-*/
-/**
-A monomorphic instance of libcrux_sha3.portable_keccak.xor_and_rotate_5a
-with const generics
-- LEFT= 21
-- RIGHT= 43
+This function found in impl {core::ops::index::Index<(usize, usize), T> for
+libcrux_sha3::generic_keccak::KeccakState<T, N>[TraitClause@0, TraitClause@1]}
*/
-static KRML_MUSTINLINE uint64_t
-libcrux_sha3_portable_keccak_xor_and_rotate_5a_bb16(uint64_t a, uint64_t b) {
- return libcrux_sha3_portable_keccak__vxarq_u64_4216(a, b);
-}
-
-/**
-A monomorphic instance of libcrux_sha3.portable_keccak.rotate_left
-with const generics
-- LEFT= 56
-- RIGHT= 8
-*/
-static KRML_MUSTINLINE uint64_t
-libcrux_sha3_portable_keccak_rotate_left_cb17(uint64_t x) {
- return x << (uint32_t)(int32_t)56 | x >> (uint32_t)(int32_t)8;
-}
-
-/**
-A monomorphic instance of libcrux_sha3.portable_keccak._vxarq_u64
-with const generics
-- LEFT= 56
-- RIGHT= 8
-*/
-static KRML_MUSTINLINE uint64_t
-libcrux_sha3_portable_keccak__vxarq_u64_4217(uint64_t a, uint64_t b) {
- uint64_t ab = a ^ b;
- return libcrux_sha3_portable_keccak_rotate_left_cb17(ab);
-}
-
-/**
-This function found in impl {(libcrux_sha3::traits::internal::KeccakItem<1:
-usize> for u64)}
-*/
-/**
-A monomorphic instance of libcrux_sha3.portable_keccak.xor_and_rotate_5a
-with const generics
-- LEFT= 56
-- RIGHT= 8
-*/
-static KRML_MUSTINLINE uint64_t
-libcrux_sha3_portable_keccak_xor_and_rotate_5a_bb17(uint64_t a, uint64_t b) {
- return libcrux_sha3_portable_keccak__vxarq_u64_4217(a, b);
-}
-
-/**
-A monomorphic instance of libcrux_sha3.portable_keccak.rotate_left
-with const generics
-- LEFT= 27
-- RIGHT= 37
-*/
-static KRML_MUSTINLINE uint64_t
-libcrux_sha3_portable_keccak_rotate_left_cb18(uint64_t x) {
- return x << (uint32_t)(int32_t)27 | x >> (uint32_t)(int32_t)37;
-}
-
-/**
-A monomorphic instance of libcrux_sha3.portable_keccak._vxarq_u64
-with const generics
-- LEFT= 27
-- RIGHT= 37
-*/
-static KRML_MUSTINLINE uint64_t
-libcrux_sha3_portable_keccak__vxarq_u64_4218(uint64_t a, uint64_t b) {
- uint64_t ab = a ^ b;
- return libcrux_sha3_portable_keccak_rotate_left_cb18(ab);
-}
-
/**
-This function found in impl {(libcrux_sha3::traits::internal::KeccakItem<1:
-usize> for u64)}
-*/
-/**
-A monomorphic instance of libcrux_sha3.portable_keccak.xor_and_rotate_5a
-with const generics
-- LEFT= 27
-- RIGHT= 37
-*/
-static KRML_MUSTINLINE uint64_t
-libcrux_sha3_portable_keccak_xor_and_rotate_5a_bb18(uint64_t a, uint64_t b) {
- return libcrux_sha3_portable_keccak__vxarq_u64_4218(a, b);
-}
-
-/**
-A monomorphic instance of libcrux_sha3.portable_keccak.rotate_left
-with const generics
-- LEFT= 20
-- RIGHT= 44
-*/
-static KRML_MUSTINLINE uint64_t
-libcrux_sha3_portable_keccak_rotate_left_cb19(uint64_t x) {
- return x << (uint32_t)(int32_t)20 | x >> (uint32_t)(int32_t)44;
-}
-
-/**
-A monomorphic instance of libcrux_sha3.portable_keccak._vxarq_u64
-with const generics
-- LEFT= 20
-- RIGHT= 44
-*/
-static KRML_MUSTINLINE uint64_t
-libcrux_sha3_portable_keccak__vxarq_u64_4219(uint64_t a, uint64_t b) {
- uint64_t ab = a ^ b;
- return libcrux_sha3_portable_keccak_rotate_left_cb19(ab);
-}
-
-/**
-This function found in impl {(libcrux_sha3::traits::internal::KeccakItem<1:
-usize> for u64)}
-*/
-/**
-A monomorphic instance of libcrux_sha3.portable_keccak.xor_and_rotate_5a
-with const generics
-- LEFT= 20
-- RIGHT= 44
-*/
-static KRML_MUSTINLINE uint64_t
-libcrux_sha3_portable_keccak_xor_and_rotate_5a_bb19(uint64_t a, uint64_t b) {
- return libcrux_sha3_portable_keccak__vxarq_u64_4219(a, b);
-}
-
-/**
-A monomorphic instance of libcrux_sha3.portable_keccak.rotate_left
-with const generics
-- LEFT= 39
-- RIGHT= 25
-*/
-static KRML_MUSTINLINE uint64_t
-libcrux_sha3_portable_keccak_rotate_left_cb20(uint64_t x) {
- return x << (uint32_t)(int32_t)39 | x >> (uint32_t)(int32_t)25;
-}
-
-/**
-A monomorphic instance of libcrux_sha3.portable_keccak._vxarq_u64
-with const generics
-- LEFT= 39
-- RIGHT= 25
-*/
-static KRML_MUSTINLINE uint64_t
-libcrux_sha3_portable_keccak__vxarq_u64_4220(uint64_t a, uint64_t b) {
- uint64_t ab = a ^ b;
- return libcrux_sha3_portable_keccak_rotate_left_cb20(ab);
-}
-
-/**
-This function found in impl {(libcrux_sha3::traits::internal::KeccakItem<1:
-usize> for u64)}
-*/
-/**
-A monomorphic instance of libcrux_sha3.portable_keccak.xor_and_rotate_5a
-with const generics
-- LEFT= 39
-- RIGHT= 25
-*/
-static KRML_MUSTINLINE uint64_t
-libcrux_sha3_portable_keccak_xor_and_rotate_5a_bb20(uint64_t a, uint64_t b) {
- return libcrux_sha3_portable_keccak__vxarq_u64_4220(a, b);
-}
-
-/**
-A monomorphic instance of libcrux_sha3.portable_keccak.rotate_left
-with const generics
-- LEFT= 8
-- RIGHT= 56
-*/
-static KRML_MUSTINLINE uint64_t
-libcrux_sha3_portable_keccak_rotate_left_cb21(uint64_t x) {
- return x << (uint32_t)(int32_t)8 | x >> (uint32_t)(int32_t)56;
-}
-
-/**
-A monomorphic instance of libcrux_sha3.portable_keccak._vxarq_u64
-with const generics
-- LEFT= 8
-- RIGHT= 56
-*/
-static KRML_MUSTINLINE uint64_t
-libcrux_sha3_portable_keccak__vxarq_u64_4221(uint64_t a, uint64_t b) {
- uint64_t ab = a ^ b;
- return libcrux_sha3_portable_keccak_rotate_left_cb21(ab);
-}
-
-/**
-This function found in impl {(libcrux_sha3::traits::internal::KeccakItem<1:
-usize> for u64)}
-*/
-/**
-A monomorphic instance of libcrux_sha3.portable_keccak.xor_and_rotate_5a
-with const generics
-- LEFT= 8
-- RIGHT= 56
-*/
-static KRML_MUSTINLINE uint64_t
-libcrux_sha3_portable_keccak_xor_and_rotate_5a_bb21(uint64_t a, uint64_t b) {
- return libcrux_sha3_portable_keccak__vxarq_u64_4221(a, b);
-}
-
-/**
-A monomorphic instance of libcrux_sha3.portable_keccak.rotate_left
-with const generics
-- LEFT= 14
-- RIGHT= 50
-*/
-static KRML_MUSTINLINE uint64_t
-libcrux_sha3_portable_keccak_rotate_left_cb22(uint64_t x) {
- return x << (uint32_t)(int32_t)14 | x >> (uint32_t)(int32_t)50;
-}
-
-/**
-A monomorphic instance of libcrux_sha3.portable_keccak._vxarq_u64
+A monomorphic instance of libcrux_sha3.generic_keccak.index_c2
+with types uint64_t
with const generics
-- LEFT= 14
-- RIGHT= 50
+- N= 1
*/
-static KRML_MUSTINLINE uint64_t
-libcrux_sha3_portable_keccak__vxarq_u64_4222(uint64_t a, uint64_t b) {
- uint64_t ab = a ^ b;
- return libcrux_sha3_portable_keccak_rotate_left_cb22(ab);
+static inline uint64_t *libcrux_sha3_generic_keccak_index_c2_04(
+ libcrux_sha3_generic_keccak_KeccakState_17 *self, size_t_x2 index) {
+ return libcrux_sha3_traits_get_ij_04(self->st, index.fst, index.snd);
}
/**
-This function found in impl {(libcrux_sha3::traits::internal::KeccakItem<1:
-usize> for u64)}
-*/
-/**
-A monomorphic instance of libcrux_sha3.portable_keccak.xor_and_rotate_5a
-with const generics
-- LEFT= 14
-- RIGHT= 50
+This function found in impl {libcrux_sha3::generic_keccak::KeccakState<T,
+N>[TraitClause@0, TraitClause@1]}
*/
-static KRML_MUSTINLINE uint64_t
-libcrux_sha3_portable_keccak_xor_and_rotate_5a_bb22(uint64_t a, uint64_t b) {
- return libcrux_sha3_portable_keccak__vxarq_u64_4222(a, b);
-}
-
/**
-A monomorphic instance of libcrux_sha3.generic_keccak.theta_rho
+A monomorphic instance of libcrux_sha3.generic_keccak.theta_80
with types uint64_t
with const generics
- N= 1
*/
-static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_theta_rho_16(
- libcrux_sha3_generic_keccak_KeccakState_48 *s) {
+static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_theta_80_04(
+ libcrux_sha3_generic_keccak_KeccakState_17 *self, uint64_t ret[5U]) {
uint64_t c[5U] = {
- libcrux_sha3_portable_keccak_xor5_5a(s->st[0U][0U], s->st[1U][0U],
- s->st[2U][0U], s->st[3U][0U],
- s->st[4U][0U]),
- libcrux_sha3_portable_keccak_xor5_5a(s->st[0U][1U], s->st[1U][1U],
- s->st[2U][1U], s->st[3U][1U],
- s->st[4U][1U]),
- libcrux_sha3_portable_keccak_xor5_5a(s->st[0U][2U], s->st[1U][2U],
- s->st[2U][2U], s->st[3U][2U],
- s->st[4U][2U]),
- libcrux_sha3_portable_keccak_xor5_5a(s->st[0U][3U], s->st[1U][3U],
- s->st[2U][3U], s->st[3U][3U],
- s->st[4U][3U]),
- libcrux_sha3_portable_keccak_xor5_5a(s->st[0U][4U], s->st[1U][4U],
- s->st[2U][4U], s->st[3U][4U],
- s->st[4U][4U])};
- uint64_t uu____0 = libcrux_sha3_portable_keccak_rotate_left1_and_xor_5a(
+ libcrux_sha3_simd_portable_xor5_d2(
+ libcrux_sha3_generic_keccak_index_c2_04(
+ self, (KRML_CLITERAL(size_t_x2){.fst = (size_t)0U,
+ .snd = (size_t)0U}))[0U],
+ libcrux_sha3_generic_keccak_index_c2_04(
+ self, (KRML_CLITERAL(size_t_x2){.fst = (size_t)1U,
+ .snd = (size_t)0U}))[0U],
+ libcrux_sha3_generic_keccak_index_c2_04(
+ self, (KRML_CLITERAL(size_t_x2){.fst = (size_t)2U,
+ .snd = (size_t)0U}))[0U],
+ libcrux_sha3_generic_keccak_index_c2_04(
+ self, (KRML_CLITERAL(size_t_x2){.fst = (size_t)3U,
+ .snd = (size_t)0U}))[0U],
+ libcrux_sha3_generic_keccak_index_c2_04(
+ self, (KRML_CLITERAL(size_t_x2){.fst = (size_t)4U,
+ .snd = (size_t)0U}))[0U]),
+ libcrux_sha3_simd_portable_xor5_d2(
+ libcrux_sha3_generic_keccak_index_c2_04(
+ self, (KRML_CLITERAL(size_t_x2){.fst = (size_t)0U,
+ .snd = (size_t)1U}))[0U],
+ libcrux_sha3_generic_keccak_index_c2_04(
+ self, (KRML_CLITERAL(size_t_x2){.fst = (size_t)1U,
+ .snd = (size_t)1U}))[0U],
+ libcrux_sha3_generic_keccak_index_c2_04(
+ self, (KRML_CLITERAL(size_t_x2){.fst = (size_t)2U,
+ .snd = (size_t)1U}))[0U],
+ libcrux_sha3_generic_keccak_index_c2_04(
+ self, (KRML_CLITERAL(size_t_x2){.fst = (size_t)3U,
+ .snd = (size_t)1U}))[0U],
+ libcrux_sha3_generic_keccak_index_c2_04(
+ self, (KRML_CLITERAL(size_t_x2){.fst = (size_t)4U,
+ .snd = (size_t)1U}))[0U]),
+ libcrux_sha3_simd_portable_xor5_d2(
+ libcrux_sha3_generic_keccak_index_c2_04(
+ self, (KRML_CLITERAL(size_t_x2){.fst = (size_t)0U,
+ .snd = (size_t)2U}))[0U],
+ libcrux_sha3_generic_keccak_index_c2_04(
+ self, (KRML_CLITERAL(size_t_x2){.fst = (size_t)1U,
+ .snd = (size_t)2U}))[0U],
+ libcrux_sha3_generic_keccak_index_c2_04(
+ self, (KRML_CLITERAL(size_t_x2){.fst = (size_t)2U,
+ .snd = (size_t)2U}))[0U],
+ libcrux_sha3_generic_keccak_index_c2_04(
+ self, (KRML_CLITERAL(size_t_x2){.fst = (size_t)3U,
+ .snd = (size_t)2U}))[0U],
+ libcrux_sha3_generic_keccak_index_c2_04(
+ self, (KRML_CLITERAL(size_t_x2){.fst = (size_t)4U,
+ .snd = (size_t)2U}))[0U]),
+ libcrux_sha3_simd_portable_xor5_d2(
+ libcrux_sha3_generic_keccak_index_c2_04(
+ self, (KRML_CLITERAL(size_t_x2){.fst = (size_t)0U,
+ .snd = (size_t)3U}))[0U],
+ libcrux_sha3_generic_keccak_index_c2_04(
+ self, (KRML_CLITERAL(size_t_x2){.fst = (size_t)1U,
+ .snd = (size_t)3U}))[0U],
+ libcrux_sha3_generic_keccak_index_c2_04(
+ self, (KRML_CLITERAL(size_t_x2){.fst = (size_t)2U,
+ .snd = (size_t)3U}))[0U],
+ libcrux_sha3_generic_keccak_index_c2_04(
+ self, (KRML_CLITERAL(size_t_x2){.fst = (size_t)3U,
+ .snd = (size_t)3U}))[0U],
+ libcrux_sha3_generic_keccak_index_c2_04(
+ self, (KRML_CLITERAL(size_t_x2){.fst = (size_t)4U,
+ .snd = (size_t)3U}))[0U]),
+ libcrux_sha3_simd_portable_xor5_d2(
+ libcrux_sha3_generic_keccak_index_c2_04(
+ self, (KRML_CLITERAL(size_t_x2){.fst = (size_t)0U,
+ .snd = (size_t)4U}))[0U],
+ libcrux_sha3_generic_keccak_index_c2_04(
+ self, (KRML_CLITERAL(size_t_x2){.fst = (size_t)1U,
+ .snd = (size_t)4U}))[0U],
+ libcrux_sha3_generic_keccak_index_c2_04(
+ self, (KRML_CLITERAL(size_t_x2){.fst = (size_t)2U,
+ .snd = (size_t)4U}))[0U],
+ libcrux_sha3_generic_keccak_index_c2_04(
+ self, (KRML_CLITERAL(size_t_x2){.fst = (size_t)3U,
+ .snd = (size_t)4U}))[0U],
+ libcrux_sha3_generic_keccak_index_c2_04(
+ self, (KRML_CLITERAL(size_t_x2){.fst = (size_t)4U,
+ .snd = (size_t)4U}))[0U])};
+ uint64_t uu____0 = libcrux_sha3_simd_portable_rotate_left1_and_xor_d2(
c[((size_t)0U + (size_t)4U) % (size_t)5U],
c[((size_t)0U + (size_t)1U) % (size_t)5U]);
- uint64_t uu____1 = libcrux_sha3_portable_keccak_rotate_left1_and_xor_5a(
+ uint64_t uu____1 = libcrux_sha3_simd_portable_rotate_left1_and_xor_d2(
c[((size_t)1U + (size_t)4U) % (size_t)5U],
c[((size_t)1U + (size_t)1U) % (size_t)5U]);
- uint64_t uu____2 = libcrux_sha3_portable_keccak_rotate_left1_and_xor_5a(
+ uint64_t uu____2 = libcrux_sha3_simd_portable_rotate_left1_and_xor_d2(
c[((size_t)2U + (size_t)4U) % (size_t)5U],
c[((size_t)2U + (size_t)1U) % (size_t)5U]);
- uint64_t uu____3 = libcrux_sha3_portable_keccak_rotate_left1_and_xor_5a(
+ uint64_t uu____3 = libcrux_sha3_simd_portable_rotate_left1_and_xor_d2(
c[((size_t)3U + (size_t)4U) % (size_t)5U],
c[((size_t)3U + (size_t)1U) % (size_t)5U]);
- uint64_t t[5U] = {uu____0, uu____1, uu____2, uu____3,
- libcrux_sha3_portable_keccak_rotate_left1_and_xor_5a(
- c[((size_t)4U + (size_t)4U) % (size_t)5U],
- c[((size_t)4U + (size_t)1U) % (size_t)5U])};
- s->st[0U][0U] = libcrux_sha3_portable_keccak_xor_5a(s->st[0U][0U], t[0U]);
- s->st[1U][0U] =
- libcrux_sha3_portable_keccak_xor_and_rotate_5a_bb(s->st[1U][0U], t[0U]);
- s->st[2U][0U] =
- libcrux_sha3_portable_keccak_xor_and_rotate_5a_bb0(s->st[2U][0U], t[0U]);
- s->st[3U][0U] =
- libcrux_sha3_portable_keccak_xor_and_rotate_5a_bb1(s->st[3U][0U], t[0U]);
- s->st[4U][0U] =
- libcrux_sha3_portable_keccak_xor_and_rotate_5a_bb2(s->st[4U][0U], t[0U]);
- s->st[0U][1U] =
- libcrux_sha3_portable_keccak_xor_and_rotate_5a_bb3(s->st[0U][1U], t[1U]);
- s->st[1U][1U] =
- libcrux_sha3_portable_keccak_xor_and_rotate_5a_bb4(s->st[1U][1U], t[1U]);
- s->st[2U][1U] =
- libcrux_sha3_portable_keccak_xor_and_rotate_5a_bb5(s->st[2U][1U], t[1U]);
- s->st[3U][1U] =
- libcrux_sha3_portable_keccak_xor_and_rotate_5a_bb6(s->st[3U][1U], t[1U]);
- s->st[4U][1U] =
- libcrux_sha3_portable_keccak_xor_and_rotate_5a_bb7(s->st[4U][1U], t[1U]);
- s->st[0U][2U] =
- libcrux_sha3_portable_keccak_xor_and_rotate_5a_bb8(s->st[0U][2U], t[2U]);
- s->st[1U][2U] =
- libcrux_sha3_portable_keccak_xor_and_rotate_5a_bb9(s->st[1U][2U], t[2U]);
- s->st[2U][2U] =
- libcrux_sha3_portable_keccak_xor_and_rotate_5a_bb10(s->st[2U][2U], t[2U]);
- s->st[3U][2U] =
- libcrux_sha3_portable_keccak_xor_and_rotate_5a_bb11(s->st[3U][2U], t[2U]);
- s->st[4U][2U] =
- libcrux_sha3_portable_keccak_xor_and_rotate_5a_bb12(s->st[4U][2U], t[2U]);
- s->st[0U][3U] =
- libcrux_sha3_portable_keccak_xor_and_rotate_5a_bb13(s->st[0U][3U], t[3U]);
- s->st[1U][3U] =
- libcrux_sha3_portable_keccak_xor_and_rotate_5a_bb14(s->st[1U][3U], t[3U]);
- s->st[2U][3U] =
- libcrux_sha3_portable_keccak_xor_and_rotate_5a_bb15(s->st[2U][3U], t[3U]);
- s->st[3U][3U] =
- libcrux_sha3_portable_keccak_xor_and_rotate_5a_bb16(s->st[3U][3U], t[3U]);
- s->st[4U][3U] =
- libcrux_sha3_portable_keccak_xor_and_rotate_5a_bb17(s->st[4U][3U], t[3U]);
- s->st[0U][4U] =
- libcrux_sha3_portable_keccak_xor_and_rotate_5a_bb18(s->st[0U][4U], t[4U]);
- s->st[1U][4U] =
- libcrux_sha3_portable_keccak_xor_and_rotate_5a_bb19(s->st[1U][4U], t[4U]);
- s->st[2U][4U] =
- libcrux_sha3_portable_keccak_xor_and_rotate_5a_bb20(s->st[2U][4U], t[4U]);
- s->st[3U][4U] =
- libcrux_sha3_portable_keccak_xor_and_rotate_5a_bb21(s->st[3U][4U], t[4U]);
- uint64_t uu____27 =
- libcrux_sha3_portable_keccak_xor_and_rotate_5a_bb22(s->st[4U][4U], t[4U]);
- s->st[4U][4U] = uu____27;
-}
-
-/**
-A monomorphic instance of libcrux_sha3.generic_keccak.pi
+ ret[0U] = uu____0;
+ ret[1U] = uu____1;
+ ret[2U] = uu____2;
+ ret[3U] = uu____3;
+ ret[4U] = libcrux_sha3_simd_portable_rotate_left1_and_xor_d2(
+ c[((size_t)4U + (size_t)4U) % (size_t)5U],
+ c[((size_t)4U + (size_t)1U) % (size_t)5U]);
+}
+
+/**
+This function found in impl {libcrux_sha3::generic_keccak::KeccakState<T,
+N>[TraitClause@0, TraitClause@1]}
+*/
+/**
+A monomorphic instance of libcrux_sha3.generic_keccak.set_80
with types uint64_t
with const generics
- N= 1
*/
-static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_pi_1d(
- libcrux_sha3_generic_keccak_KeccakState_48 *s) {
- uint64_t old[5U][5U];
- memcpy(old, s->st, (size_t)5U * sizeof(uint64_t[5U]));
- s->st[0U][1U] = old[1U][1U];
- s->st[0U][2U] = old[2U][2U];
- s->st[0U][3U] = old[3U][3U];
- s->st[0U][4U] = old[4U][4U];
- s->st[1U][0U] = old[0U][3U];
- s->st[1U][1U] = old[1U][4U];
- s->st[1U][2U] = old[2U][0U];
- s->st[1U][3U] = old[3U][1U];
- s->st[1U][4U] = old[4U][2U];
- s->st[2U][0U] = old[0U][1U];
- s->st[2U][1U] = old[1U][2U];
- s->st[2U][2U] = old[2U][3U];
- s->st[2U][3U] = old[3U][4U];
- s->st[2U][4U] = old[4U][0U];
- s->st[3U][0U] = old[0U][4U];
- s->st[3U][1U] = old[1U][0U];
- s->st[3U][2U] = old[2U][1U];
- s->st[3U][3U] = old[3U][2U];
- s->st[3U][4U] = old[4U][3U];
- s->st[4U][0U] = old[0U][2U];
- s->st[4U][1U] = old[1U][3U];
- s->st[4U][2U] = old[2U][4U];
- s->st[4U][3U] = old[3U][0U];
- s->st[4U][4U] = old[4U][1U];
-}
-
-/**
-A monomorphic instance of libcrux_sha3.generic_keccak.chi
+static inline void libcrux_sha3_generic_keccak_set_80_04(
+ libcrux_sha3_generic_keccak_KeccakState_17 *self, size_t i, size_t j,
+ uint64_t v) {
+ libcrux_sha3_traits_set_ij_04(self->st, i, j, v);
+}
+
+/**
+A monomorphic instance of libcrux_sha3.simd.portable.rotate_left
+with const generics
+- LEFT= 36
+- RIGHT= 28
+*/
+static KRML_MUSTINLINE uint64_t
+libcrux_sha3_simd_portable_rotate_left_02(uint64_t x) {
+ return core_num__u64__rotate_left(x, (uint32_t)(int32_t)36);
+}
+
+/**
+A monomorphic instance of libcrux_sha3.simd.portable._vxarq_u64
+with const generics
+- LEFT= 36
+- RIGHT= 28
+*/
+static KRML_MUSTINLINE uint64_t
+libcrux_sha3_simd_portable__vxarq_u64_02(uint64_t a, uint64_t b) {
+ return libcrux_sha3_simd_portable_rotate_left_02(a ^ b);
+}
+
+/**
+This function found in impl {libcrux_sha3::traits::KeccakItem<1usize> for u64}
+*/
+/**
+A monomorphic instance of libcrux_sha3.simd.portable.xor_and_rotate_d2
+with const generics
+- LEFT= 36
+- RIGHT= 28
+*/
+static KRML_MUSTINLINE uint64_t
+libcrux_sha3_simd_portable_xor_and_rotate_d2_02(uint64_t a, uint64_t b) {
+ return libcrux_sha3_simd_portable__vxarq_u64_02(a, b);
+}
+
+/**
+A monomorphic instance of libcrux_sha3.simd.portable.rotate_left
+with const generics
+- LEFT= 3
+- RIGHT= 61
+*/
+static KRML_MUSTINLINE uint64_t
+libcrux_sha3_simd_portable_rotate_left_ac(uint64_t x) {
+ return core_num__u64__rotate_left(x, (uint32_t)(int32_t)3);
+}
+
+/**
+A monomorphic instance of libcrux_sha3.simd.portable._vxarq_u64
+with const generics
+- LEFT= 3
+- RIGHT= 61
+*/
+static KRML_MUSTINLINE uint64_t
+libcrux_sha3_simd_portable__vxarq_u64_ac(uint64_t a, uint64_t b) {
+ return libcrux_sha3_simd_portable_rotate_left_ac(a ^ b);
+}
+
+/**
+This function found in impl {libcrux_sha3::traits::KeccakItem<1usize> for u64}
+*/
+/**
+A monomorphic instance of libcrux_sha3.simd.portable.xor_and_rotate_d2
+with const generics
+- LEFT= 3
+- RIGHT= 61
+*/
+static KRML_MUSTINLINE uint64_t
+libcrux_sha3_simd_portable_xor_and_rotate_d2_ac(uint64_t a, uint64_t b) {
+ return libcrux_sha3_simd_portable__vxarq_u64_ac(a, b);
+}
+
+/**
+A monomorphic instance of libcrux_sha3.simd.portable.rotate_left
+with const generics
+- LEFT= 41
+- RIGHT= 23
+*/
+static KRML_MUSTINLINE uint64_t
+libcrux_sha3_simd_portable_rotate_left_020(uint64_t x) {
+ return core_num__u64__rotate_left(x, (uint32_t)(int32_t)41);
+}
+
+/**
+A monomorphic instance of libcrux_sha3.simd.portable._vxarq_u64
+with const generics
+- LEFT= 41
+- RIGHT= 23
+*/
+static KRML_MUSTINLINE uint64_t
+libcrux_sha3_simd_portable__vxarq_u64_020(uint64_t a, uint64_t b) {
+ return libcrux_sha3_simd_portable_rotate_left_020(a ^ b);
+}
+
+/**
+This function found in impl {libcrux_sha3::traits::KeccakItem<1usize> for u64}
+*/
+/**
+A monomorphic instance of libcrux_sha3.simd.portable.xor_and_rotate_d2
+with const generics
+- LEFT= 41
+- RIGHT= 23
+*/
+static KRML_MUSTINLINE uint64_t
+libcrux_sha3_simd_portable_xor_and_rotate_d2_020(uint64_t a, uint64_t b) {
+ return libcrux_sha3_simd_portable__vxarq_u64_020(a, b);
+}
+
+/**
+A monomorphic instance of libcrux_sha3.simd.portable.rotate_left
+with const generics
+- LEFT= 18
+- RIGHT= 46
+*/
+static KRML_MUSTINLINE uint64_t
+libcrux_sha3_simd_portable_rotate_left_a9(uint64_t x) {
+ return core_num__u64__rotate_left(x, (uint32_t)(int32_t)18);
+}
+
+/**
+A monomorphic instance of libcrux_sha3.simd.portable._vxarq_u64
+with const generics
+- LEFT= 18
+- RIGHT= 46
+*/
+static KRML_MUSTINLINE uint64_t
+libcrux_sha3_simd_portable__vxarq_u64_a9(uint64_t a, uint64_t b) {
+ return libcrux_sha3_simd_portable_rotate_left_a9(a ^ b);
+}
+
+/**
+This function found in impl {libcrux_sha3::traits::KeccakItem<1usize> for u64}
+*/
+/**
+A monomorphic instance of libcrux_sha3.simd.portable.xor_and_rotate_d2
+with const generics
+- LEFT= 18
+- RIGHT= 46
+*/
+static KRML_MUSTINLINE uint64_t
+libcrux_sha3_simd_portable_xor_and_rotate_d2_a9(uint64_t a, uint64_t b) {
+ return libcrux_sha3_simd_portable__vxarq_u64_a9(a, b);
+}
+
+/**
+A monomorphic instance of libcrux_sha3.simd.portable._vxarq_u64
+with const generics
+- LEFT= 1
+- RIGHT= 63
+*/
+static KRML_MUSTINLINE uint64_t
+libcrux_sha3_simd_portable__vxarq_u64_76(uint64_t a, uint64_t b) {
+ return libcrux_sha3_simd_portable_rotate_left_76(a ^ b);
+}
+
+/**
+This function found in impl {libcrux_sha3::traits::KeccakItem<1usize> for u64}
+*/
+/**
+A monomorphic instance of libcrux_sha3.simd.portable.xor_and_rotate_d2
+with const generics
+- LEFT= 1
+- RIGHT= 63
+*/
+static KRML_MUSTINLINE uint64_t
+libcrux_sha3_simd_portable_xor_and_rotate_d2_76(uint64_t a, uint64_t b) {
+ return libcrux_sha3_simd_portable__vxarq_u64_76(a, b);
+}
+
+/**
+A monomorphic instance of libcrux_sha3.simd.portable.rotate_left
+with const generics
+- LEFT= 44
+- RIGHT= 20
+*/
+static KRML_MUSTINLINE uint64_t
+libcrux_sha3_simd_portable_rotate_left_58(uint64_t x) {
+ return core_num__u64__rotate_left(x, (uint32_t)(int32_t)44);
+}
+
+/**
+A monomorphic instance of libcrux_sha3.simd.portable._vxarq_u64
+with const generics
+- LEFT= 44
+- RIGHT= 20
+*/
+static KRML_MUSTINLINE uint64_t
+libcrux_sha3_simd_portable__vxarq_u64_58(uint64_t a, uint64_t b) {
+ return libcrux_sha3_simd_portable_rotate_left_58(a ^ b);
+}
+
+/**
+This function found in impl {libcrux_sha3::traits::KeccakItem<1usize> for u64}
+*/
+/**
+A monomorphic instance of libcrux_sha3.simd.portable.xor_and_rotate_d2
+with const generics
+- LEFT= 44
+- RIGHT= 20
+*/
+static KRML_MUSTINLINE uint64_t
+libcrux_sha3_simd_portable_xor_and_rotate_d2_58(uint64_t a, uint64_t b) {
+ return libcrux_sha3_simd_portable__vxarq_u64_58(a, b);
+}
+
+/**
+A monomorphic instance of libcrux_sha3.simd.portable.rotate_left
+with const generics
+- LEFT= 10
+- RIGHT= 54
+*/
+static KRML_MUSTINLINE uint64_t
+libcrux_sha3_simd_portable_rotate_left_e0(uint64_t x) {
+ return core_num__u64__rotate_left(x, (uint32_t)(int32_t)10);
+}
+
+/**
+A monomorphic instance of libcrux_sha3.simd.portable._vxarq_u64
+with const generics
+- LEFT= 10
+- RIGHT= 54
+*/
+static KRML_MUSTINLINE uint64_t
+libcrux_sha3_simd_portable__vxarq_u64_e0(uint64_t a, uint64_t b) {
+ return libcrux_sha3_simd_portable_rotate_left_e0(a ^ b);
+}
+
+/**
+This function found in impl {libcrux_sha3::traits::KeccakItem<1usize> for u64}
+*/
+/**
+A monomorphic instance of libcrux_sha3.simd.portable.xor_and_rotate_d2
+with const generics
+- LEFT= 10
+- RIGHT= 54
+*/
+static KRML_MUSTINLINE uint64_t
+libcrux_sha3_simd_portable_xor_and_rotate_d2_e0(uint64_t a, uint64_t b) {
+ return libcrux_sha3_simd_portable__vxarq_u64_e0(a, b);
+}
+
+/**
+A monomorphic instance of libcrux_sha3.simd.portable.rotate_left
+with const generics
+- LEFT= 45
+- RIGHT= 19
+*/
+static KRML_MUSTINLINE uint64_t
+libcrux_sha3_simd_portable_rotate_left_63(uint64_t x) {
+ return core_num__u64__rotate_left(x, (uint32_t)(int32_t)45);
+}
+
+/**
+A monomorphic instance of libcrux_sha3.simd.portable._vxarq_u64
+with const generics
+- LEFT= 45
+- RIGHT= 19
+*/
+static KRML_MUSTINLINE uint64_t
+libcrux_sha3_simd_portable__vxarq_u64_63(uint64_t a, uint64_t b) {
+ return libcrux_sha3_simd_portable_rotate_left_63(a ^ b);
+}
+
+/**
+This function found in impl {libcrux_sha3::traits::KeccakItem<1usize> for u64}
+*/
+/**
+A monomorphic instance of libcrux_sha3.simd.portable.xor_and_rotate_d2
+with const generics
+- LEFT= 45
+- RIGHT= 19
+*/
+static KRML_MUSTINLINE uint64_t
+libcrux_sha3_simd_portable_xor_and_rotate_d2_63(uint64_t a, uint64_t b) {
+ return libcrux_sha3_simd_portable__vxarq_u64_63(a, b);
+}
+
+/**
+A monomorphic instance of libcrux_sha3.simd.portable.rotate_left
+with const generics
+- LEFT= 2
+- RIGHT= 62
+*/
+static KRML_MUSTINLINE uint64_t
+libcrux_sha3_simd_portable_rotate_left_6a(uint64_t x) {
+ return core_num__u64__rotate_left(x, (uint32_t)(int32_t)2);
+}
+
+/**
+A monomorphic instance of libcrux_sha3.simd.portable._vxarq_u64
+with const generics
+- LEFT= 2
+- RIGHT= 62
+*/
+static KRML_MUSTINLINE uint64_t
+libcrux_sha3_simd_portable__vxarq_u64_6a(uint64_t a, uint64_t b) {
+ return libcrux_sha3_simd_portable_rotate_left_6a(a ^ b);
+}
+
+/**
+This function found in impl {libcrux_sha3::traits::KeccakItem<1usize> for u64}
+*/
+/**
+A monomorphic instance of libcrux_sha3.simd.portable.xor_and_rotate_d2
+with const generics
+- LEFT= 2
+- RIGHT= 62
+*/
+static KRML_MUSTINLINE uint64_t
+libcrux_sha3_simd_portable_xor_and_rotate_d2_6a(uint64_t a, uint64_t b) {
+ return libcrux_sha3_simd_portable__vxarq_u64_6a(a, b);
+}
+
+/**
+A monomorphic instance of libcrux_sha3.simd.portable.rotate_left
+with const generics
+- LEFT= 62
+- RIGHT= 2
+*/
+static KRML_MUSTINLINE uint64_t
+libcrux_sha3_simd_portable_rotate_left_ab(uint64_t x) {
+ return core_num__u64__rotate_left(x, (uint32_t)(int32_t)62);
+}
+
+/**
+A monomorphic instance of libcrux_sha3.simd.portable._vxarq_u64
+with const generics
+- LEFT= 62
+- RIGHT= 2
+*/
+static KRML_MUSTINLINE uint64_t
+libcrux_sha3_simd_portable__vxarq_u64_ab(uint64_t a, uint64_t b) {
+ return libcrux_sha3_simd_portable_rotate_left_ab(a ^ b);
+}
+
+/**
+This function found in impl {libcrux_sha3::traits::KeccakItem<1usize> for u64}
+*/
+/**
+A monomorphic instance of libcrux_sha3.simd.portable.xor_and_rotate_d2
+with const generics
+- LEFT= 62
+- RIGHT= 2
+*/
+static KRML_MUSTINLINE uint64_t
+libcrux_sha3_simd_portable_xor_and_rotate_d2_ab(uint64_t a, uint64_t b) {
+ return libcrux_sha3_simd_portable__vxarq_u64_ab(a, b);
+}
+
+/**
+A monomorphic instance of libcrux_sha3.simd.portable.rotate_left
+with const generics
+- LEFT= 6
+- RIGHT= 58
+*/
+static KRML_MUSTINLINE uint64_t
+libcrux_sha3_simd_portable_rotate_left_5b(uint64_t x) {
+ return core_num__u64__rotate_left(x, (uint32_t)(int32_t)6);
+}
+
+/**
+A monomorphic instance of libcrux_sha3.simd.portable._vxarq_u64
+with const generics
+- LEFT= 6
+- RIGHT= 58
+*/
+static KRML_MUSTINLINE uint64_t
+libcrux_sha3_simd_portable__vxarq_u64_5b(uint64_t a, uint64_t b) {
+ return libcrux_sha3_simd_portable_rotate_left_5b(a ^ b);
+}
+
+/**
+This function found in impl {libcrux_sha3::traits::KeccakItem<1usize> for u64}
+*/
+/**
+A monomorphic instance of libcrux_sha3.simd.portable.xor_and_rotate_d2
+with const generics
+- LEFT= 6
+- RIGHT= 58
+*/
+static KRML_MUSTINLINE uint64_t
+libcrux_sha3_simd_portable_xor_and_rotate_d2_5b(uint64_t a, uint64_t b) {
+ return libcrux_sha3_simd_portable__vxarq_u64_5b(a, b);
+}
+
+/**
+A monomorphic instance of libcrux_sha3.simd.portable.rotate_left
+with const generics
+- LEFT= 43
+- RIGHT= 21
+*/
+static KRML_MUSTINLINE uint64_t
+libcrux_sha3_simd_portable_rotate_left_6f(uint64_t x) {
+ return core_num__u64__rotate_left(x, (uint32_t)(int32_t)43);
+}
+
+/**
+A monomorphic instance of libcrux_sha3.simd.portable._vxarq_u64
+with const generics
+- LEFT= 43
+- RIGHT= 21
+*/
+static KRML_MUSTINLINE uint64_t
+libcrux_sha3_simd_portable__vxarq_u64_6f(uint64_t a, uint64_t b) {
+ return libcrux_sha3_simd_portable_rotate_left_6f(a ^ b);
+}
+
+/**
+This function found in impl {libcrux_sha3::traits::KeccakItem<1usize> for u64}
+*/
+/**
+A monomorphic instance of libcrux_sha3.simd.portable.xor_and_rotate_d2
+with const generics
+- LEFT= 43
+- RIGHT= 21
+*/
+static KRML_MUSTINLINE uint64_t
+libcrux_sha3_simd_portable_xor_and_rotate_d2_6f(uint64_t a, uint64_t b) {
+ return libcrux_sha3_simd_portable__vxarq_u64_6f(a, b);
+}
+
+/**
+A monomorphic instance of libcrux_sha3.simd.portable.rotate_left
+with const generics
+- LEFT= 15
+- RIGHT= 49
+*/
+static KRML_MUSTINLINE uint64_t
+libcrux_sha3_simd_portable_rotate_left_62(uint64_t x) {
+ return core_num__u64__rotate_left(x, (uint32_t)(int32_t)15);
+}
+
+/**
+A monomorphic instance of libcrux_sha3.simd.portable._vxarq_u64
+with const generics
+- LEFT= 15
+- RIGHT= 49
+*/
+static KRML_MUSTINLINE uint64_t
+libcrux_sha3_simd_portable__vxarq_u64_62(uint64_t a, uint64_t b) {
+ return libcrux_sha3_simd_portable_rotate_left_62(a ^ b);
+}
+
+/**
+This function found in impl {libcrux_sha3::traits::KeccakItem<1usize> for u64}
+*/
+/**
+A monomorphic instance of libcrux_sha3.simd.portable.xor_and_rotate_d2
+with const generics
+- LEFT= 15
+- RIGHT= 49
+*/
+static KRML_MUSTINLINE uint64_t
+libcrux_sha3_simd_portable_xor_and_rotate_d2_62(uint64_t a, uint64_t b) {
+ return libcrux_sha3_simd_portable__vxarq_u64_62(a, b);
+}
+
+/**
+A monomorphic instance of libcrux_sha3.simd.portable.rotate_left
+with const generics
+- LEFT= 61
+- RIGHT= 3
+*/
+static KRML_MUSTINLINE uint64_t
+libcrux_sha3_simd_portable_rotate_left_23(uint64_t x) {
+ return core_num__u64__rotate_left(x, (uint32_t)(int32_t)61);
+}
+
+/**
+A monomorphic instance of libcrux_sha3.simd.portable._vxarq_u64
+with const generics
+- LEFT= 61
+- RIGHT= 3
+*/
+static KRML_MUSTINLINE uint64_t
+libcrux_sha3_simd_portable__vxarq_u64_23(uint64_t a, uint64_t b) {
+ return libcrux_sha3_simd_portable_rotate_left_23(a ^ b);
+}
+
+/**
+This function found in impl {libcrux_sha3::traits::KeccakItem<1usize> for u64}
+*/
+/**
+A monomorphic instance of libcrux_sha3.simd.portable.xor_and_rotate_d2
+with const generics
+- LEFT= 61
+- RIGHT= 3
+*/
+static KRML_MUSTINLINE uint64_t
+libcrux_sha3_simd_portable_xor_and_rotate_d2_23(uint64_t a, uint64_t b) {
+ return libcrux_sha3_simd_portable__vxarq_u64_23(a, b);
+}
+
+/**
+A monomorphic instance of libcrux_sha3.simd.portable.rotate_left
+with const generics
+- LEFT= 28
+- RIGHT= 36
+*/
+static KRML_MUSTINLINE uint64_t
+libcrux_sha3_simd_portable_rotate_left_37(uint64_t x) {
+ return core_num__u64__rotate_left(x, (uint32_t)(int32_t)28);
+}
+
+/**
+A monomorphic instance of libcrux_sha3.simd.portable._vxarq_u64
+with const generics
+- LEFT= 28
+- RIGHT= 36
+*/
+static KRML_MUSTINLINE uint64_t
+libcrux_sha3_simd_portable__vxarq_u64_37(uint64_t a, uint64_t b) {
+ return libcrux_sha3_simd_portable_rotate_left_37(a ^ b);
+}
+
+/**
+This function found in impl {libcrux_sha3::traits::KeccakItem<1usize> for u64}
+*/
+/**
+A monomorphic instance of libcrux_sha3.simd.portable.xor_and_rotate_d2
+with const generics
+- LEFT= 28
+- RIGHT= 36
+*/
+static KRML_MUSTINLINE uint64_t
+libcrux_sha3_simd_portable_xor_and_rotate_d2_37(uint64_t a, uint64_t b) {
+ return libcrux_sha3_simd_portable__vxarq_u64_37(a, b);
+}
+
+/**
+A monomorphic instance of libcrux_sha3.simd.portable.rotate_left
+with const generics
+- LEFT= 55
+- RIGHT= 9
+*/
+static KRML_MUSTINLINE uint64_t
+libcrux_sha3_simd_portable_rotate_left_bb(uint64_t x) {
+ return core_num__u64__rotate_left(x, (uint32_t)(int32_t)55);
+}
+
+/**
+A monomorphic instance of libcrux_sha3.simd.portable._vxarq_u64
+with const generics
+- LEFT= 55
+- RIGHT= 9
+*/
+static KRML_MUSTINLINE uint64_t
+libcrux_sha3_simd_portable__vxarq_u64_bb(uint64_t a, uint64_t b) {
+ return libcrux_sha3_simd_portable_rotate_left_bb(a ^ b);
+}
+
+/**
+This function found in impl {libcrux_sha3::traits::KeccakItem<1usize> for u64}
+*/
+/**
+A monomorphic instance of libcrux_sha3.simd.portable.xor_and_rotate_d2
+with const generics
+- LEFT= 55
+- RIGHT= 9
+*/
+static KRML_MUSTINLINE uint64_t
+libcrux_sha3_simd_portable_xor_and_rotate_d2_bb(uint64_t a, uint64_t b) {
+ return libcrux_sha3_simd_portable__vxarq_u64_bb(a, b);
+}
+
+/**
+A monomorphic instance of libcrux_sha3.simd.portable.rotate_left
+with const generics
+- LEFT= 25
+- RIGHT= 39
+*/
+static KRML_MUSTINLINE uint64_t
+libcrux_sha3_simd_portable_rotate_left_b9(uint64_t x) {
+ return core_num__u64__rotate_left(x, (uint32_t)(int32_t)25);
+}
+
+/**
+A monomorphic instance of libcrux_sha3.simd.portable._vxarq_u64
+with const generics
+- LEFT= 25
+- RIGHT= 39
+*/
+static KRML_MUSTINLINE uint64_t
+libcrux_sha3_simd_portable__vxarq_u64_b9(uint64_t a, uint64_t b) {
+ return libcrux_sha3_simd_portable_rotate_left_b9(a ^ b);
+}
+
+/**
+This function found in impl {libcrux_sha3::traits::KeccakItem<1usize> for u64}
+*/
+/**
+A monomorphic instance of libcrux_sha3.simd.portable.xor_and_rotate_d2
+with const generics
+- LEFT= 25
+- RIGHT= 39
+*/
+static KRML_MUSTINLINE uint64_t
+libcrux_sha3_simd_portable_xor_and_rotate_d2_b9(uint64_t a, uint64_t b) {
+ return libcrux_sha3_simd_portable__vxarq_u64_b9(a, b);
+}
+
+/**
+A monomorphic instance of libcrux_sha3.simd.portable.rotate_left
+with const generics
+- LEFT= 21
+- RIGHT= 43
+*/
+static KRML_MUSTINLINE uint64_t
+libcrux_sha3_simd_portable_rotate_left_54(uint64_t x) {
+ return core_num__u64__rotate_left(x, (uint32_t)(int32_t)21);
+}
+
+/**
+A monomorphic instance of libcrux_sha3.simd.portable._vxarq_u64
+with const generics
+- LEFT= 21
+- RIGHT= 43
+*/
+static KRML_MUSTINLINE uint64_t
+libcrux_sha3_simd_portable__vxarq_u64_54(uint64_t a, uint64_t b) {
+ return libcrux_sha3_simd_portable_rotate_left_54(a ^ b);
+}
+
+/**
+This function found in impl {libcrux_sha3::traits::KeccakItem<1usize> for u64}
+*/
+/**
+A monomorphic instance of libcrux_sha3.simd.portable.xor_and_rotate_d2
+with const generics
+- LEFT= 21
+- RIGHT= 43
+*/
+static KRML_MUSTINLINE uint64_t
+libcrux_sha3_simd_portable_xor_and_rotate_d2_54(uint64_t a, uint64_t b) {
+ return libcrux_sha3_simd_portable__vxarq_u64_54(a, b);
+}
+
+/**
+A monomorphic instance of libcrux_sha3.simd.portable.rotate_left
+with const generics
+- LEFT= 56
+- RIGHT= 8
+*/
+static KRML_MUSTINLINE uint64_t
+libcrux_sha3_simd_portable_rotate_left_4c(uint64_t x) {
+ return core_num__u64__rotate_left(x, (uint32_t)(int32_t)56);
+}
+
+/**
+A monomorphic instance of libcrux_sha3.simd.portable._vxarq_u64
+with const generics
+- LEFT= 56
+- RIGHT= 8
+*/
+static KRML_MUSTINLINE uint64_t
+libcrux_sha3_simd_portable__vxarq_u64_4c(uint64_t a, uint64_t b) {
+ return libcrux_sha3_simd_portable_rotate_left_4c(a ^ b);
+}
+
+/**
+This function found in impl {libcrux_sha3::traits::KeccakItem<1usize> for u64}
+*/
+/**
+A monomorphic instance of libcrux_sha3.simd.portable.xor_and_rotate_d2
+with const generics
+- LEFT= 56
+- RIGHT= 8
+*/
+static KRML_MUSTINLINE uint64_t
+libcrux_sha3_simd_portable_xor_and_rotate_d2_4c(uint64_t a, uint64_t b) {
+ return libcrux_sha3_simd_portable__vxarq_u64_4c(a, b);
+}
+
+/**
+A monomorphic instance of libcrux_sha3.simd.portable.rotate_left
+with const generics
+- LEFT= 27
+- RIGHT= 37
+*/
+static KRML_MUSTINLINE uint64_t
+libcrux_sha3_simd_portable_rotate_left_ce(uint64_t x) {
+ return core_num__u64__rotate_left(x, (uint32_t)(int32_t)27);
+}
+
+/**
+A monomorphic instance of libcrux_sha3.simd.portable._vxarq_u64
+with const generics
+- LEFT= 27
+- RIGHT= 37
+*/
+static KRML_MUSTINLINE uint64_t
+libcrux_sha3_simd_portable__vxarq_u64_ce(uint64_t a, uint64_t b) {
+ return libcrux_sha3_simd_portable_rotate_left_ce(a ^ b);
+}
+
+/**
+This function found in impl {libcrux_sha3::traits::KeccakItem<1usize> for u64}
+*/
+/**
+A monomorphic instance of libcrux_sha3.simd.portable.xor_and_rotate_d2
+with const generics
+- LEFT= 27
+- RIGHT= 37
+*/
+static KRML_MUSTINLINE uint64_t
+libcrux_sha3_simd_portable_xor_and_rotate_d2_ce(uint64_t a, uint64_t b) {
+ return libcrux_sha3_simd_portable__vxarq_u64_ce(a, b);
+}
+
+/**
+A monomorphic instance of libcrux_sha3.simd.portable.rotate_left
+with const generics
+- LEFT= 20
+- RIGHT= 44
+*/
+static KRML_MUSTINLINE uint64_t
+libcrux_sha3_simd_portable_rotate_left_77(uint64_t x) {
+ return core_num__u64__rotate_left(x, (uint32_t)(int32_t)20);
+}
+
+/**
+A monomorphic instance of libcrux_sha3.simd.portable._vxarq_u64
+with const generics
+- LEFT= 20
+- RIGHT= 44
+*/
+static KRML_MUSTINLINE uint64_t
+libcrux_sha3_simd_portable__vxarq_u64_77(uint64_t a, uint64_t b) {
+ return libcrux_sha3_simd_portable_rotate_left_77(a ^ b);
+}
+
+/**
+This function found in impl {libcrux_sha3::traits::KeccakItem<1usize> for u64}
+*/
+/**
+A monomorphic instance of libcrux_sha3.simd.portable.xor_and_rotate_d2
+with const generics
+- LEFT= 20
+- RIGHT= 44
+*/
+static KRML_MUSTINLINE uint64_t
+libcrux_sha3_simd_portable_xor_and_rotate_d2_77(uint64_t a, uint64_t b) {
+ return libcrux_sha3_simd_portable__vxarq_u64_77(a, b);
+}
+
+/**
+A monomorphic instance of libcrux_sha3.simd.portable.rotate_left
+with const generics
+- LEFT= 39
+- RIGHT= 25
+*/
+static KRML_MUSTINLINE uint64_t
+libcrux_sha3_simd_portable_rotate_left_25(uint64_t x) {
+ return core_num__u64__rotate_left(x, (uint32_t)(int32_t)39);
+}
+
+/**
+A monomorphic instance of libcrux_sha3.simd.portable._vxarq_u64
+with const generics
+- LEFT= 39
+- RIGHT= 25
+*/
+static KRML_MUSTINLINE uint64_t
+libcrux_sha3_simd_portable__vxarq_u64_25(uint64_t a, uint64_t b) {
+ return libcrux_sha3_simd_portable_rotate_left_25(a ^ b);
+}
+
+/**
+This function found in impl {libcrux_sha3::traits::KeccakItem<1usize> for u64}
+*/
+/**
+A monomorphic instance of libcrux_sha3.simd.portable.xor_and_rotate_d2
+with const generics
+- LEFT= 39
+- RIGHT= 25
+*/
+static KRML_MUSTINLINE uint64_t
+libcrux_sha3_simd_portable_xor_and_rotate_d2_25(uint64_t a, uint64_t b) {
+ return libcrux_sha3_simd_portable__vxarq_u64_25(a, b);
+}
+
+/**
+A monomorphic instance of libcrux_sha3.simd.portable.rotate_left
+with const generics
+- LEFT= 8
+- RIGHT= 56
+*/
+static KRML_MUSTINLINE uint64_t
+libcrux_sha3_simd_portable_rotate_left_af(uint64_t x) {
+ return core_num__u64__rotate_left(x, (uint32_t)(int32_t)8);
+}
+
+/**
+A monomorphic instance of libcrux_sha3.simd.portable._vxarq_u64
+with const generics
+- LEFT= 8
+- RIGHT= 56
+*/
+static KRML_MUSTINLINE uint64_t
+libcrux_sha3_simd_portable__vxarq_u64_af(uint64_t a, uint64_t b) {
+ return libcrux_sha3_simd_portable_rotate_left_af(a ^ b);
+}
+
+/**
+This function found in impl {libcrux_sha3::traits::KeccakItem<1usize> for u64}
+*/
+/**
+A monomorphic instance of libcrux_sha3.simd.portable.xor_and_rotate_d2
+with const generics
+- LEFT= 8
+- RIGHT= 56
+*/
+static KRML_MUSTINLINE uint64_t
+libcrux_sha3_simd_portable_xor_and_rotate_d2_af(uint64_t a, uint64_t b) {
+ return libcrux_sha3_simd_portable__vxarq_u64_af(a, b);
+}
+
+/**
+A monomorphic instance of libcrux_sha3.simd.portable.rotate_left
+with const generics
+- LEFT= 14
+- RIGHT= 50
+*/
+static KRML_MUSTINLINE uint64_t
+libcrux_sha3_simd_portable_rotate_left_fd(uint64_t x) {
+ return core_num__u64__rotate_left(x, (uint32_t)(int32_t)14);
+}
+
+/**
+A monomorphic instance of libcrux_sha3.simd.portable._vxarq_u64
+with const generics
+- LEFT= 14
+- RIGHT= 50
+*/
+static KRML_MUSTINLINE uint64_t
+libcrux_sha3_simd_portable__vxarq_u64_fd(uint64_t a, uint64_t b) {
+ return libcrux_sha3_simd_portable_rotate_left_fd(a ^ b);
+}
+
+/**
+This function found in impl {libcrux_sha3::traits::KeccakItem<1usize> for u64}
+*/
+/**
+A monomorphic instance of libcrux_sha3.simd.portable.xor_and_rotate_d2
+with const generics
+- LEFT= 14
+- RIGHT= 50
+*/
+static KRML_MUSTINLINE uint64_t
+libcrux_sha3_simd_portable_xor_and_rotate_d2_fd(uint64_t a, uint64_t b) {
+ return libcrux_sha3_simd_portable__vxarq_u64_fd(a, b);
+}
+
+/**
+This function found in impl {libcrux_sha3::generic_keccak::KeccakState<T,
+N>[TraitClause@0, TraitClause@1]}
+*/
+/**
+A monomorphic instance of libcrux_sha3.generic_keccak.rho_80
+with types uint64_t
+with const generics
+- N= 1
+*/
+static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_rho_80_04(
+ libcrux_sha3_generic_keccak_KeccakState_17 *self, uint64_t t[5U]) {
+ libcrux_sha3_generic_keccak_set_80_04(
+ self, (size_t)0U, (size_t)0U,
+ libcrux_sha3_simd_portable_xor_d2(
+ libcrux_sha3_generic_keccak_index_c2_04(
+ self, (KRML_CLITERAL(size_t_x2){.fst = (size_t)0U,
+ .snd = (size_t)0U}))[0U],
+ t[0U]));
+ libcrux_sha3_generic_keccak_KeccakState_17 *uu____0 = self;
+ libcrux_sha3_generic_keccak_set_80_04(
+ uu____0, (size_t)1U, (size_t)0U,
+ libcrux_sha3_simd_portable_xor_and_rotate_d2_02(
+ libcrux_sha3_generic_keccak_index_c2_04(
+ self, (KRML_CLITERAL(size_t_x2){.fst = (size_t)1U,
+ .snd = (size_t)0U}))[0U],
+ t[0U]));
+ libcrux_sha3_generic_keccak_KeccakState_17 *uu____1 = self;
+ libcrux_sha3_generic_keccak_set_80_04(
+ uu____1, (size_t)2U, (size_t)0U,
+ libcrux_sha3_simd_portable_xor_and_rotate_d2_ac(
+ libcrux_sha3_generic_keccak_index_c2_04(
+ self, (KRML_CLITERAL(size_t_x2){.fst = (size_t)2U,
+ .snd = (size_t)0U}))[0U],
+ t[0U]));
+ libcrux_sha3_generic_keccak_KeccakState_17 *uu____2 = self;
+ libcrux_sha3_generic_keccak_set_80_04(
+ uu____2, (size_t)3U, (size_t)0U,
+ libcrux_sha3_simd_portable_xor_and_rotate_d2_020(
+ libcrux_sha3_generic_keccak_index_c2_04(
+ self, (KRML_CLITERAL(size_t_x2){.fst = (size_t)3U,
+ .snd = (size_t)0U}))[0U],
+ t[0U]));
+ libcrux_sha3_generic_keccak_KeccakState_17 *uu____3 = self;
+ libcrux_sha3_generic_keccak_set_80_04(
+ uu____3, (size_t)4U, (size_t)0U,
+ libcrux_sha3_simd_portable_xor_and_rotate_d2_a9(
+ libcrux_sha3_generic_keccak_index_c2_04(
+ self, (KRML_CLITERAL(size_t_x2){.fst = (size_t)4U,
+ .snd = (size_t)0U}))[0U],
+ t[0U]));
+ libcrux_sha3_generic_keccak_KeccakState_17 *uu____4 = self;
+ libcrux_sha3_generic_keccak_set_80_04(
+ uu____4, (size_t)0U, (size_t)1U,
+ libcrux_sha3_simd_portable_xor_and_rotate_d2_76(
+ libcrux_sha3_generic_keccak_index_c2_04(
+ self, (KRML_CLITERAL(size_t_x2){.fst = (size_t)0U,
+ .snd = (size_t)1U}))[0U],
+ t[1U]));
+ libcrux_sha3_generic_keccak_KeccakState_17 *uu____5 = self;
+ libcrux_sha3_generic_keccak_set_80_04(
+ uu____5, (size_t)1U, (size_t)1U,
+ libcrux_sha3_simd_portable_xor_and_rotate_d2_58(
+ libcrux_sha3_generic_keccak_index_c2_04(
+ self, (KRML_CLITERAL(size_t_x2){.fst = (size_t)1U,
+ .snd = (size_t)1U}))[0U],
+ t[1U]));
+ libcrux_sha3_generic_keccak_KeccakState_17 *uu____6 = self;
+ libcrux_sha3_generic_keccak_set_80_04(
+ uu____6, (size_t)2U, (size_t)1U,
+ libcrux_sha3_simd_portable_xor_and_rotate_d2_e0(
+ libcrux_sha3_generic_keccak_index_c2_04(
+ self, (KRML_CLITERAL(size_t_x2){.fst = (size_t)2U,
+ .snd = (size_t)1U}))[0U],
+ t[1U]));
+ libcrux_sha3_generic_keccak_KeccakState_17 *uu____7 = self;
+ libcrux_sha3_generic_keccak_set_80_04(
+ uu____7, (size_t)3U, (size_t)1U,
+ libcrux_sha3_simd_portable_xor_and_rotate_d2_63(
+ libcrux_sha3_generic_keccak_index_c2_04(
+ self, (KRML_CLITERAL(size_t_x2){.fst = (size_t)3U,
+ .snd = (size_t)1U}))[0U],
+ t[1U]));
+ libcrux_sha3_generic_keccak_KeccakState_17 *uu____8 = self;
+ libcrux_sha3_generic_keccak_set_80_04(
+ uu____8, (size_t)4U, (size_t)1U,
+ libcrux_sha3_simd_portable_xor_and_rotate_d2_6a(
+ libcrux_sha3_generic_keccak_index_c2_04(
+ self, (KRML_CLITERAL(size_t_x2){.fst = (size_t)4U,
+ .snd = (size_t)1U}))[0U],
+ t[1U]));
+ libcrux_sha3_generic_keccak_KeccakState_17 *uu____9 = self;
+ libcrux_sha3_generic_keccak_set_80_04(
+ uu____9, (size_t)0U, (size_t)2U,
+ libcrux_sha3_simd_portable_xor_and_rotate_d2_ab(
+ libcrux_sha3_generic_keccak_index_c2_04(
+ self, (KRML_CLITERAL(size_t_x2){.fst = (size_t)0U,
+ .snd = (size_t)2U}))[0U],
+ t[2U]));
+ libcrux_sha3_generic_keccak_KeccakState_17 *uu____10 = self;
+ libcrux_sha3_generic_keccak_set_80_04(
+ uu____10, (size_t)1U, (size_t)2U,
+ libcrux_sha3_simd_portable_xor_and_rotate_d2_5b(
+ libcrux_sha3_generic_keccak_index_c2_04(
+ self, (KRML_CLITERAL(size_t_x2){.fst = (size_t)1U,
+ .snd = (size_t)2U}))[0U],
+ t[2U]));
+ libcrux_sha3_generic_keccak_KeccakState_17 *uu____11 = self;
+ libcrux_sha3_generic_keccak_set_80_04(
+ uu____11, (size_t)2U, (size_t)2U,
+ libcrux_sha3_simd_portable_xor_and_rotate_d2_6f(
+ libcrux_sha3_generic_keccak_index_c2_04(
+ self, (KRML_CLITERAL(size_t_x2){.fst = (size_t)2U,
+ .snd = (size_t)2U}))[0U],
+ t[2U]));
+ libcrux_sha3_generic_keccak_KeccakState_17 *uu____12 = self;
+ libcrux_sha3_generic_keccak_set_80_04(
+ uu____12, (size_t)3U, (size_t)2U,
+ libcrux_sha3_simd_portable_xor_and_rotate_d2_62(
+ libcrux_sha3_generic_keccak_index_c2_04(
+ self, (KRML_CLITERAL(size_t_x2){.fst = (size_t)3U,
+ .snd = (size_t)2U}))[0U],
+ t[2U]));
+ libcrux_sha3_generic_keccak_KeccakState_17 *uu____13 = self;
+ libcrux_sha3_generic_keccak_set_80_04(
+ uu____13, (size_t)4U, (size_t)2U,
+ libcrux_sha3_simd_portable_xor_and_rotate_d2_23(
+ libcrux_sha3_generic_keccak_index_c2_04(
+ self, (KRML_CLITERAL(size_t_x2){.fst = (size_t)4U,
+ .snd = (size_t)2U}))[0U],
+ t[2U]));
+ libcrux_sha3_generic_keccak_KeccakState_17 *uu____14 = self;
+ libcrux_sha3_generic_keccak_set_80_04(
+ uu____14, (size_t)0U, (size_t)3U,
+ libcrux_sha3_simd_portable_xor_and_rotate_d2_37(
+ libcrux_sha3_generic_keccak_index_c2_04(
+ self, (KRML_CLITERAL(size_t_x2){.fst = (size_t)0U,
+ .snd = (size_t)3U}))[0U],
+ t[3U]));
+ libcrux_sha3_generic_keccak_KeccakState_17 *uu____15 = self;
+ libcrux_sha3_generic_keccak_set_80_04(
+ uu____15, (size_t)1U, (size_t)3U,
+ libcrux_sha3_simd_portable_xor_and_rotate_d2_bb(
+ libcrux_sha3_generic_keccak_index_c2_04(
+ self, (KRML_CLITERAL(size_t_x2){.fst = (size_t)1U,
+ .snd = (size_t)3U}))[0U],
+ t[3U]));
+ libcrux_sha3_generic_keccak_KeccakState_17 *uu____16 = self;
+ libcrux_sha3_generic_keccak_set_80_04(
+ uu____16, (size_t)2U, (size_t)3U,
+ libcrux_sha3_simd_portable_xor_and_rotate_d2_b9(
+ libcrux_sha3_generic_keccak_index_c2_04(
+ self, (KRML_CLITERAL(size_t_x2){.fst = (size_t)2U,
+ .snd = (size_t)3U}))[0U],
+ t[3U]));
+ libcrux_sha3_generic_keccak_KeccakState_17 *uu____17 = self;
+ libcrux_sha3_generic_keccak_set_80_04(
+ uu____17, (size_t)3U, (size_t)3U,
+ libcrux_sha3_simd_portable_xor_and_rotate_d2_54(
+ libcrux_sha3_generic_keccak_index_c2_04(
+ self, (KRML_CLITERAL(size_t_x2){.fst = (size_t)3U,
+ .snd = (size_t)3U}))[0U],
+ t[3U]));
+ libcrux_sha3_generic_keccak_KeccakState_17 *uu____18 = self;
+ libcrux_sha3_generic_keccak_set_80_04(
+ uu____18, (size_t)4U, (size_t)3U,
+ libcrux_sha3_simd_portable_xor_and_rotate_d2_4c(
+ libcrux_sha3_generic_keccak_index_c2_04(
+ self, (KRML_CLITERAL(size_t_x2){.fst = (size_t)4U,
+ .snd = (size_t)3U}))[0U],
+ t[3U]));
+ libcrux_sha3_generic_keccak_KeccakState_17 *uu____19 = self;
+ libcrux_sha3_generic_keccak_set_80_04(
+ uu____19, (size_t)0U, (size_t)4U,
+ libcrux_sha3_simd_portable_xor_and_rotate_d2_ce(
+ libcrux_sha3_generic_keccak_index_c2_04(
+ self, (KRML_CLITERAL(size_t_x2){.fst = (size_t)0U,
+ .snd = (size_t)4U}))[0U],
+ t[4U]));
+ libcrux_sha3_generic_keccak_KeccakState_17 *uu____20 = self;
+ libcrux_sha3_generic_keccak_set_80_04(
+ uu____20, (size_t)1U, (size_t)4U,
+ libcrux_sha3_simd_portable_xor_and_rotate_d2_77(
+ libcrux_sha3_generic_keccak_index_c2_04(
+ self, (KRML_CLITERAL(size_t_x2){.fst = (size_t)1U,
+ .snd = (size_t)4U}))[0U],
+ t[4U]));
+ libcrux_sha3_generic_keccak_KeccakState_17 *uu____21 = self;
+ libcrux_sha3_generic_keccak_set_80_04(
+ uu____21, (size_t)2U, (size_t)4U,
+ libcrux_sha3_simd_portable_xor_and_rotate_d2_25(
+ libcrux_sha3_generic_keccak_index_c2_04(
+ self, (KRML_CLITERAL(size_t_x2){.fst = (size_t)2U,
+ .snd = (size_t)4U}))[0U],
+ t[4U]));
+ libcrux_sha3_generic_keccak_KeccakState_17 *uu____22 = self;
+ libcrux_sha3_generic_keccak_set_80_04(
+ uu____22, (size_t)3U, (size_t)4U,
+ libcrux_sha3_simd_portable_xor_and_rotate_d2_af(
+ libcrux_sha3_generic_keccak_index_c2_04(
+ self, (KRML_CLITERAL(size_t_x2){.fst = (size_t)3U,
+ .snd = (size_t)4U}))[0U],
+ t[4U]));
+ libcrux_sha3_generic_keccak_KeccakState_17 *uu____23 = self;
+ libcrux_sha3_generic_keccak_set_80_04(
+ uu____23, (size_t)4U, (size_t)4U,
+ libcrux_sha3_simd_portable_xor_and_rotate_d2_fd(
+ libcrux_sha3_generic_keccak_index_c2_04(
+ self, (KRML_CLITERAL(size_t_x2){.fst = (size_t)4U,
+ .snd = (size_t)4U}))[0U],
+ t[4U]));
+}
+
+/**
+This function found in impl {libcrux_sha3::generic_keccak::KeccakState<T,
+N>[TraitClause@0, TraitClause@1]}
+*/
+/**
+A monomorphic instance of libcrux_sha3.generic_keccak.pi_80
+with types uint64_t
+with const generics
+- N= 1
+*/
+static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_pi_80_04(
+ libcrux_sha3_generic_keccak_KeccakState_17 *self) {
+ libcrux_sha3_generic_keccak_KeccakState_17 old = self[0U];
+ libcrux_sha3_generic_keccak_set_80_04(
+ self, (size_t)1U, (size_t)0U,
+ libcrux_sha3_generic_keccak_index_c2_04(
+ &old, (KRML_CLITERAL(size_t_x2){.fst = (size_t)0U,
+ .snd = (size_t)3U}))[0U]);
+ libcrux_sha3_generic_keccak_set_80_04(
+ self, (size_t)2U, (size_t)0U,
+ libcrux_sha3_generic_keccak_index_c2_04(
+ &old, (KRML_CLITERAL(size_t_x2){.fst = (size_t)0U,
+ .snd = (size_t)1U}))[0U]);
+ libcrux_sha3_generic_keccak_set_80_04(
+ self, (size_t)3U, (size_t)0U,
+ libcrux_sha3_generic_keccak_index_c2_04(
+ &old, (KRML_CLITERAL(size_t_x2){.fst = (size_t)0U,
+ .snd = (size_t)4U}))[0U]);
+ libcrux_sha3_generic_keccak_set_80_04(
+ self, (size_t)4U, (size_t)0U,
+ libcrux_sha3_generic_keccak_index_c2_04(
+ &old, (KRML_CLITERAL(size_t_x2){.fst = (size_t)0U,
+ .snd = (size_t)2U}))[0U]);
+ libcrux_sha3_generic_keccak_set_80_04(
+ self, (size_t)0U, (size_t)1U,
+ libcrux_sha3_generic_keccak_index_c2_04(
+ &old, (KRML_CLITERAL(size_t_x2){.fst = (size_t)1U,
+ .snd = (size_t)1U}))[0U]);
+ libcrux_sha3_generic_keccak_set_80_04(
+ self, (size_t)1U, (size_t)1U,
+ libcrux_sha3_generic_keccak_index_c2_04(
+ &old, (KRML_CLITERAL(size_t_x2){.fst = (size_t)1U,
+ .snd = (size_t)4U}))[0U]);
+ libcrux_sha3_generic_keccak_set_80_04(
+ self, (size_t)2U, (size_t)1U,
+ libcrux_sha3_generic_keccak_index_c2_04(
+ &old, (KRML_CLITERAL(size_t_x2){.fst = (size_t)1U,
+ .snd = (size_t)2U}))[0U]);
+ libcrux_sha3_generic_keccak_set_80_04(
+ self, (size_t)3U, (size_t)1U,
+ libcrux_sha3_generic_keccak_index_c2_04(
+ &old, (KRML_CLITERAL(size_t_x2){.fst = (size_t)1U,
+ .snd = (size_t)0U}))[0U]);
+ libcrux_sha3_generic_keccak_set_80_04(
+ self, (size_t)4U, (size_t)1U,
+ libcrux_sha3_generic_keccak_index_c2_04(
+ &old, (KRML_CLITERAL(size_t_x2){.fst = (size_t)1U,
+ .snd = (size_t)3U}))[0U]);
+ libcrux_sha3_generic_keccak_set_80_04(
+ self, (size_t)0U, (size_t)2U,
+ libcrux_sha3_generic_keccak_index_c2_04(
+ &old, (KRML_CLITERAL(size_t_x2){.fst = (size_t)2U,
+ .snd = (size_t)2U}))[0U]);
+ libcrux_sha3_generic_keccak_set_80_04(
+ self, (size_t)1U, (size_t)2U,
+ libcrux_sha3_generic_keccak_index_c2_04(
+ &old, (KRML_CLITERAL(size_t_x2){.fst = (size_t)2U,
+ .snd = (size_t)0U}))[0U]);
+ libcrux_sha3_generic_keccak_set_80_04(
+ self, (size_t)2U, (size_t)2U,
+ libcrux_sha3_generic_keccak_index_c2_04(
+ &old, (KRML_CLITERAL(size_t_x2){.fst = (size_t)2U,
+ .snd = (size_t)3U}))[0U]);
+ libcrux_sha3_generic_keccak_set_80_04(
+ self, (size_t)3U, (size_t)2U,
+ libcrux_sha3_generic_keccak_index_c2_04(
+ &old, (KRML_CLITERAL(size_t_x2){.fst = (size_t)2U,
+ .snd = (size_t)1U}))[0U]);
+ libcrux_sha3_generic_keccak_set_80_04(
+ self, (size_t)4U, (size_t)2U,
+ libcrux_sha3_generic_keccak_index_c2_04(
+ &old, (KRML_CLITERAL(size_t_x2){.fst = (size_t)2U,
+ .snd = (size_t)4U}))[0U]);
+ libcrux_sha3_generic_keccak_set_80_04(
+ self, (size_t)0U, (size_t)3U,
+ libcrux_sha3_generic_keccak_index_c2_04(
+ &old, (KRML_CLITERAL(size_t_x2){.fst = (size_t)3U,
+ .snd = (size_t)3U}))[0U]);
+ libcrux_sha3_generic_keccak_set_80_04(
+ self, (size_t)1U, (size_t)3U,
+ libcrux_sha3_generic_keccak_index_c2_04(
+ &old, (KRML_CLITERAL(size_t_x2){.fst = (size_t)3U,
+ .snd = (size_t)1U}))[0U]);
+ libcrux_sha3_generic_keccak_set_80_04(
+ self, (size_t)2U, (size_t)3U,
+ libcrux_sha3_generic_keccak_index_c2_04(
+ &old, (KRML_CLITERAL(size_t_x2){.fst = (size_t)3U,
+ .snd = (size_t)4U}))[0U]);
+ libcrux_sha3_generic_keccak_set_80_04(
+ self, (size_t)3U, (size_t)3U,
+ libcrux_sha3_generic_keccak_index_c2_04(
+ &old, (KRML_CLITERAL(size_t_x2){.fst = (size_t)3U,
+ .snd = (size_t)2U}))[0U]);
+ libcrux_sha3_generic_keccak_set_80_04(
+ self, (size_t)4U, (size_t)3U,
+ libcrux_sha3_generic_keccak_index_c2_04(
+ &old, (KRML_CLITERAL(size_t_x2){.fst = (size_t)3U,
+ .snd = (size_t)0U}))[0U]);
+ libcrux_sha3_generic_keccak_set_80_04(
+ self, (size_t)0U, (size_t)4U,
+ libcrux_sha3_generic_keccak_index_c2_04(
+ &old, (KRML_CLITERAL(size_t_x2){.fst = (size_t)4U,
+ .snd = (size_t)4U}))[0U]);
+ libcrux_sha3_generic_keccak_set_80_04(
+ self, (size_t)1U, (size_t)4U,
+ libcrux_sha3_generic_keccak_index_c2_04(
+ &old, (KRML_CLITERAL(size_t_x2){.fst = (size_t)4U,
+ .snd = (size_t)2U}))[0U]);
+ libcrux_sha3_generic_keccak_set_80_04(
+ self, (size_t)2U, (size_t)4U,
+ libcrux_sha3_generic_keccak_index_c2_04(
+ &old, (KRML_CLITERAL(size_t_x2){.fst = (size_t)4U,
+ .snd = (size_t)0U}))[0U]);
+ libcrux_sha3_generic_keccak_set_80_04(
+ self, (size_t)3U, (size_t)4U,
+ libcrux_sha3_generic_keccak_index_c2_04(
+ &old, (KRML_CLITERAL(size_t_x2){.fst = (size_t)4U,
+ .snd = (size_t)3U}))[0U]);
+ libcrux_sha3_generic_keccak_set_80_04(
+ self, (size_t)4U, (size_t)4U,
+ libcrux_sha3_generic_keccak_index_c2_04(
+ &old, (KRML_CLITERAL(size_t_x2){.fst = (size_t)4U,
+ .snd = (size_t)1U}))[0U]);
+}
+
+/**
+This function found in impl {libcrux_sha3::generic_keccak::KeccakState<T,
+N>[TraitClause@0, TraitClause@1]}
+*/
+/**
+A monomorphic instance of libcrux_sha3.generic_keccak.chi_80
with types uint64_t
with const generics
- N= 1
*/
-static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_chi_12(
- libcrux_sha3_generic_keccak_KeccakState_48 *s) {
- uint64_t old[5U][5U];
- memcpy(old, s->st, (size_t)5U * sizeof(uint64_t[5U]));
+static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_chi_80_04(
+ libcrux_sha3_generic_keccak_KeccakState_17 *self) {
+ libcrux_sha3_generic_keccak_KeccakState_17 old = self[0U];
for (size_t i0 = (size_t)0U; i0 < (size_t)5U; i0++) {
size_t i1 = i0;
for (size_t i = (size_t)0U; i < (size_t)5U; i++) {
size_t j = i;
- s->st[i1][j] = libcrux_sha3_portable_keccak_and_not_xor_5a(
- s->st[i1][j], old[i1][(j + (size_t)2U) % (size_t)5U],
- old[i1][(j + (size_t)1U) % (size_t)5U]);
+ libcrux_sha3_generic_keccak_set_80_04(
+ self, i1, j,
+ libcrux_sha3_simd_portable_and_not_xor_d2(
+ libcrux_sha3_generic_keccak_index_c2_04(
+ self, (KRML_CLITERAL(size_t_x2){.fst = i1, .snd = j}))[0U],
+ libcrux_sha3_generic_keccak_index_c2_04(
+ &old,
+ (KRML_CLITERAL(size_t_x2){
+ .fst = i1, .snd = (j + (size_t)2U) % (size_t)5U}))[0U],
+ libcrux_sha3_generic_keccak_index_c2_04(
+ &old,
+ (KRML_CLITERAL(size_t_x2){
+ .fst = i1, .snd = (j + (size_t)1U) % (size_t)5U}))[0U]));
}
}
}
/**
-A monomorphic instance of libcrux_sha3.generic_keccak.iota
+This function found in impl {libcrux_sha3::generic_keccak::KeccakState<T,
+N>[TraitClause@0, TraitClause@1]}
+*/
+/**
+A monomorphic instance of libcrux_sha3.generic_keccak.iota_80
with types uint64_t
with const generics
- N= 1
*/
-static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_iota_62(
- libcrux_sha3_generic_keccak_KeccakState_48 *s, size_t i) {
- s->st[0U][0U] = libcrux_sha3_portable_keccak_xor_constant_5a(
- s->st[0U][0U], libcrux_sha3_generic_keccak_ROUNDCONSTANTS[i]);
+static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_iota_80_04(
+ libcrux_sha3_generic_keccak_KeccakState_17 *self, size_t i) {
+ libcrux_sha3_generic_keccak_set_80_04(
+ self, (size_t)0U, (size_t)0U,
+ libcrux_sha3_simd_portable_xor_constant_d2(
+ libcrux_sha3_generic_keccak_index_c2_04(
+ self, (KRML_CLITERAL(size_t_x2){.fst = (size_t)0U,
+ .snd = (size_t)0U}))[0U],
+ libcrux_sha3_generic_keccak_constants_ROUNDCONSTANTS[i]));
}
/**
-A monomorphic instance of libcrux_sha3.generic_keccak.keccakf1600
+This function found in impl {libcrux_sha3::generic_keccak::KeccakState<T,
+N>[TraitClause@0, TraitClause@1]}
+*/
+/**
+A monomorphic instance of libcrux_sha3.generic_keccak.keccakf1600_80
with types uint64_t
with const generics
- N= 1
*/
-static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_keccakf1600_21(
- libcrux_sha3_generic_keccak_KeccakState_48 *s) {
+static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_keccakf1600_80_04(
+ libcrux_sha3_generic_keccak_KeccakState_17 *self) {
for (size_t i = (size_t)0U; i < (size_t)24U; i++) {
size_t i0 = i;
- libcrux_sha3_generic_keccak_theta_rho_16(s);
- libcrux_sha3_generic_keccak_pi_1d(s);
- libcrux_sha3_generic_keccak_chi_12(s);
- libcrux_sha3_generic_keccak_iota_62(s, i0);
+ uint64_t t[5U];
+ libcrux_sha3_generic_keccak_theta_80_04(self, t);
+ libcrux_sha3_generic_keccak_KeccakState_17 *uu____0 = self;
+ uint64_t uu____1[5U];
+ memcpy(uu____1, t, (size_t)5U * sizeof(uint64_t));
+ libcrux_sha3_generic_keccak_rho_80_04(uu____0, uu____1);
+ libcrux_sha3_generic_keccak_pi_80_04(self);
+ libcrux_sha3_generic_keccak_chi_80_04(self);
+ libcrux_sha3_generic_keccak_iota_80_04(self, i0);
}
}
/**
-A monomorphic instance of libcrux_sha3.generic_keccak.absorb_block
+This function found in impl {libcrux_sha3::generic_keccak::KeccakState<T,
+N>[TraitClause@0, TraitClause@1]}
+*/
+/**
+A monomorphic instance of libcrux_sha3.generic_keccak.absorb_block_80
with types uint64_t
with const generics
- N= 1
- RATE= 72
*/
-static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_absorb_block_df(
- libcrux_sha3_generic_keccak_KeccakState_48 *s, Eurydice_slice blocks[1U]) {
- uint64_t(*uu____0)[5U] = s->st;
- Eurydice_slice uu____1[1U];
- memcpy(uu____1, blocks, (size_t)1U * sizeof(Eurydice_slice));
- libcrux_sha3_portable_keccak_load_block_5a_b8(uu____0, uu____1);
- libcrux_sha3_generic_keccak_keccakf1600_21(s);
+static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_absorb_block_80_c6(
+ libcrux_sha3_generic_keccak_KeccakState_17 *self, Eurydice_slice *blocks,
+ size_t start) {
+ libcrux_sha3_simd_portable_load_block_a1_f8(self, blocks, start);
+ libcrux_sha3_generic_keccak_keccakf1600_80_04(self);
}
/**
-A monomorphic instance of libcrux_sha3.portable_keccak.load_block_full
+A monomorphic instance of libcrux_sha3.simd.portable.load_last
with const generics
- RATE= 72
+- DELIMITER= 6
*/
-static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_load_block_full_df(
- uint64_t (*s)[5U], uint8_t blocks[1U][200U]) {
- Eurydice_slice buf[1U] = {
- Eurydice_array_to_slice((size_t)200U, blocks[0U], uint8_t)};
- libcrux_sha3_portable_keccak_load_block_2c(s, buf);
+static KRML_MUSTINLINE void libcrux_sha3_simd_portable_load_last_96(
+ uint64_t *state, Eurydice_slice blocks, size_t start, size_t len) {
+ uint8_t buffer[72U] = {0U};
+ Eurydice_slice_copy(
+ Eurydice_array_to_subslice3(buffer, (size_t)0U, len, uint8_t *),
+ Eurydice_slice_subslice3(blocks, start, start + len, uint8_t *), uint8_t);
+ buffer[len] = 6U;
+ size_t uu____0 = (size_t)72U - (size_t)1U;
+ buffer[uu____0] = (uint32_t)buffer[uu____0] | 128U;
+ libcrux_sha3_simd_portable_load_block_f8(
+ state, Eurydice_array_to_slice((size_t)72U, buffer, uint8_t), (size_t)0U);
}
/**
-This function found in impl {(libcrux_sha3::traits::internal::KeccakItem<1:
-usize> for u64)}
+This function found in impl {libcrux_sha3::traits::Absorb<1usize> for
+libcrux_sha3::generic_keccak::KeccakState<u64, 1usize>[core::marker::Sized<u64>,
+libcrux_sha3::simd::portable::{libcrux_sha3::traits::KeccakItem<1usize> for
+u64}]}
*/
/**
-A monomorphic instance of libcrux_sha3.portable_keccak.load_block_full_5a
+A monomorphic instance of libcrux_sha3.simd.portable.load_last_a1
with const generics
- RATE= 72
+- DELIMITER= 6
*/
-static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_load_block_full_5a_d2(
- uint64_t (*a)[5U], uint8_t b[1U][200U]) {
- uint64_t(*uu____0)[5U] = a;
- /* Passing arrays by value in Rust generates a copy in C */
- uint8_t copy_of_b[1U][200U];
- memcpy(copy_of_b, b, (size_t)1U * sizeof(uint8_t[200U]));
- libcrux_sha3_portable_keccak_load_block_full_df(uu____0, copy_of_b);
+static inline void libcrux_sha3_simd_portable_load_last_a1_96(
+ libcrux_sha3_generic_keccak_KeccakState_17 *self, Eurydice_slice *input,
+ size_t start, size_t len) {
+ libcrux_sha3_simd_portable_load_last_96(self->st, input[0U], start, len);
}
/**
-A monomorphic instance of libcrux_sha3.generic_keccak.absorb_final
+This function found in impl {libcrux_sha3::generic_keccak::KeccakState<T,
+N>[TraitClause@0, TraitClause@1]}
+*/
+/**
+A monomorphic instance of libcrux_sha3.generic_keccak.absorb_final_80
with types uint64_t
with const generics
- N= 1
- RATE= 72
- DELIM= 6
*/
-static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_absorb_final_c7(
- libcrux_sha3_generic_keccak_KeccakState_48 *s, Eurydice_slice last[1U]) {
- size_t last_len = Eurydice_slice_len(last[0U], uint8_t);
- uint8_t blocks[1U][200U] = {{0U}};
- for (size_t i = (size_t)0U; i < (size_t)1U; i++) {
- size_t i0 = i;
- if (last_len > (size_t)0U) {
- Eurydice_slice uu____0 = Eurydice_array_to_subslice2(
- blocks[i0], (size_t)0U, last_len, uint8_t);
- Eurydice_slice_copy(uu____0, last[i0], uint8_t);
- }
- blocks[i0][last_len] = 6U;
- size_t uu____1 = i0;
- size_t uu____2 = (size_t)72U - (size_t)1U;
- blocks[uu____1][uu____2] = (uint32_t)blocks[uu____1][uu____2] | 128U;
- }
- uint64_t(*uu____3)[5U] = s->st;
- uint8_t uu____4[1U][200U];
- memcpy(uu____4, blocks, (size_t)1U * sizeof(uint8_t[200U]));
- libcrux_sha3_portable_keccak_load_block_full_5a_d2(uu____3, uu____4);
- libcrux_sha3_generic_keccak_keccakf1600_21(s);
+static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_absorb_final_80_9e(
+ libcrux_sha3_generic_keccak_KeccakState_17 *self, Eurydice_slice *last,
+ size_t start, size_t len) {
+ libcrux_sha3_simd_portable_load_last_a1_96(self, last, start, len);
+ libcrux_sha3_generic_keccak_keccakf1600_80_04(self);
}
/**
-A monomorphic instance of libcrux_sha3.portable_keccak.store_block
+A monomorphic instance of libcrux_sha3.simd.portable.store_block
with const generics
- RATE= 72
*/
-static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_store_block_58(
- uint64_t (*s)[5U], Eurydice_slice out[1U]) {
- for (size_t i = (size_t)0U; i < (size_t)72U / (size_t)8U; i++) {
+static KRML_MUSTINLINE void libcrux_sha3_simd_portable_store_block_f8(
+ uint64_t *s, Eurydice_slice out, size_t start, size_t len) {
+ size_t octets = len / (size_t)8U;
+ for (size_t i = (size_t)0U; i < octets; i++) {
size_t i0 = i;
- Eurydice_slice uu____0 = Eurydice_slice_subslice2(
- out[0U], (size_t)8U * i0, (size_t)8U * i0 + (size_t)8U, uint8_t);
+ Eurydice_slice uu____0 = Eurydice_slice_subslice3(
+ out, start + (size_t)8U * i0, start + (size_t)8U * i0 + (size_t)8U,
+ uint8_t *);
uint8_t ret[8U];
- core_num__u64_9__to_le_bytes(s[i0 / (size_t)5U][i0 % (size_t)5U], ret);
+ core_num__u64__to_le_bytes(
+ libcrux_sha3_traits_get_ij_04(s, i0 / (size_t)5U, i0 % (size_t)5U)[0U],
+ ret);
Eurydice_slice_copy(
uu____0, Eurydice_array_to_slice((size_t)8U, ret, uint8_t), uint8_t);
}
-}
-
-/**
-A monomorphic instance of libcrux_sha3.portable_keccak.store_block_full
-with const generics
-- RATE= 72
-*/
-static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_store_block_full_2d(
- uint64_t (*s)[5U], uint8_t ret[1U][200U]) {
- uint8_t out[200U] = {0U};
- Eurydice_slice buf[1U] = {
- Eurydice_array_to_slice((size_t)200U, out, uint8_t)};
- libcrux_sha3_portable_keccak_store_block_58(s, buf);
- /* Passing arrays by value in Rust generates a copy in C */
- uint8_t copy_of_out[200U];
- memcpy(copy_of_out, out, (size_t)200U * sizeof(uint8_t));
- memcpy(ret[0U], copy_of_out, (size_t)200U * sizeof(uint8_t));
-}
-
-/**
-This function found in impl {(libcrux_sha3::traits::internal::KeccakItem<1:
-usize> for u64)}
-*/
-/**
-A monomorphic instance of libcrux_sha3.portable_keccak.store_block_full_5a
-with const generics
-- RATE= 72
-*/
-static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_store_block_full_5a_29(
- uint64_t (*a)[5U], uint8_t ret[1U][200U]) {
- libcrux_sha3_portable_keccak_store_block_full_2d(a, ret);
-}
-
-/**
-A monomorphic instance of libcrux_sha3.generic_keccak.squeeze_first_and_last
-with types uint64_t
-with const generics
-- N= 1
-- RATE= 72
-*/
-static KRML_MUSTINLINE void
-libcrux_sha3_generic_keccak_squeeze_first_and_last_c5(
- libcrux_sha3_generic_keccak_KeccakState_48 *s, Eurydice_slice out[1U]) {
- uint8_t b[1U][200U];
- libcrux_sha3_portable_keccak_store_block_full_5a_29(s->st, b);
- for (size_t i = (size_t)0U; i < (size_t)1U; i++) {
- size_t i0 = i;
- Eurydice_slice uu____0 = out[i0];
- uint8_t *uu____1 = b[i0];
- core_ops_range_Range_b3 lit;
- lit.start = (size_t)0U;
- lit.end = Eurydice_slice_len(out[i0], uint8_t);
+ size_t remaining = len % (size_t)8U;
+ if (remaining > (size_t)0U) {
+ Eurydice_slice uu____1 = Eurydice_slice_subslice3(
+ out, start + len - remaining, start + len, uint8_t *);
+ uint8_t ret[8U];
+ core_num__u64__to_le_bytes(
+ libcrux_sha3_traits_get_ij_04(s, octets / (size_t)5U,
+ octets % (size_t)5U)[0U],
+ ret);
Eurydice_slice_copy(
- uu____0,
- Eurydice_array_to_subslice((size_t)200U, uu____1, lit, uint8_t,
- core_ops_range_Range_b3),
+ uu____1,
+ Eurydice_array_to_subslice3(ret, (size_t)0U, remaining, uint8_t *),
uint8_t);
}
}
/**
-This function found in impl {(libcrux_sha3::traits::internal::KeccakItem<1:
-usize> for u64)}
+This function found in impl {libcrux_sha3::traits::Squeeze1<u64> for
+libcrux_sha3::generic_keccak::KeccakState<u64, 1usize>[core::marker::Sized<u64>,
+libcrux_sha3::simd::portable::{libcrux_sha3::traits::KeccakItem<1usize> for
+u64}]}
*/
/**
-A monomorphic instance of libcrux_sha3.portable_keccak.store_block_5a
+A monomorphic instance of libcrux_sha3.simd.portable.squeeze_13
with const generics
- RATE= 72
*/
-static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_store_block_5a_59(
- uint64_t (*a)[5U], Eurydice_slice b[1U]) {
- libcrux_sha3_portable_keccak_store_block_58(a, b);
-}
-
-/**
-A monomorphic instance of libcrux_sha3.generic_keccak.squeeze_first_block
-with types uint64_t
-with const generics
-- N= 1
-- RATE= 72
-*/
-static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_squeeze_first_block_84(
- libcrux_sha3_generic_keccak_KeccakState_48 *s, Eurydice_slice out[1U]) {
- libcrux_sha3_portable_keccak_store_block_5a_59(s->st, out);
-}
-
-/**
-A monomorphic instance of libcrux_sha3.generic_keccak.squeeze_next_block
-with types uint64_t
-with const generics
-- N= 1
-- RATE= 72
-*/
-static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_squeeze_next_block_fc(
- libcrux_sha3_generic_keccak_KeccakState_48 *s, Eurydice_slice out[1U]) {
- libcrux_sha3_generic_keccak_keccakf1600_21(s);
- libcrux_sha3_portable_keccak_store_block_5a_59(s->st, out);
-}
-
-/**
-A monomorphic instance of libcrux_sha3.generic_keccak.squeeze_last
-with types uint64_t
-with const generics
-- N= 1
-- RATE= 72
-*/
-static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_squeeze_last_cf(
- libcrux_sha3_generic_keccak_KeccakState_48 s, Eurydice_slice out[1U]) {
- libcrux_sha3_generic_keccak_keccakf1600_21(&s);
- uint8_t b[1U][200U];
- libcrux_sha3_portable_keccak_store_block_full_5a_29(s.st, b);
- for (size_t i = (size_t)0U; i < (size_t)1U; i++) {
- size_t i0 = i;
- Eurydice_slice uu____0 = out[i0];
- uint8_t *uu____1 = b[i0];
- core_ops_range_Range_b3 lit;
- lit.start = (size_t)0U;
- lit.end = Eurydice_slice_len(out[i0], uint8_t);
- Eurydice_slice_copy(
- uu____0,
- Eurydice_array_to_subslice((size_t)200U, uu____1, lit, uint8_t,
- core_ops_range_Range_b3),
- uint8_t);
- }
+static inline void libcrux_sha3_simd_portable_squeeze_13_f8(
+ libcrux_sha3_generic_keccak_KeccakState_17 *self, Eurydice_slice out,
+ size_t start, size_t len) {
+ libcrux_sha3_simd_portable_store_block_f8(self->st, out, start, len);
}
/**
-A monomorphic instance of libcrux_sha3.generic_keccak.keccak
-with types uint64_t
+A monomorphic instance of libcrux_sha3.generic_keccak.portable.keccak1
with const generics
-- N= 1
- RATE= 72
- DELIM= 6
*/
-static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_keccak_e9(
- Eurydice_slice data[1U], Eurydice_slice out[1U]) {
- libcrux_sha3_generic_keccak_KeccakState_48 s =
- libcrux_sha3_generic_keccak_new_1e_f4();
- for (size_t i = (size_t)0U;
- i < Eurydice_slice_len(data[0U], uint8_t) / (size_t)72U; i++) {
+static inline void libcrux_sha3_generic_keccak_portable_keccak1_96(
+ Eurydice_slice data, Eurydice_slice out) {
+ libcrux_sha3_generic_keccak_KeccakState_17 s =
+ libcrux_sha3_generic_keccak_new_80_04();
+ size_t data_len = Eurydice_slice_len(data, uint8_t);
+ for (size_t i = (size_t)0U; i < data_len / (size_t)72U; i++) {
size_t i0 = i;
- libcrux_sha3_generic_keccak_KeccakState_48 *uu____0 = &s;
- /* Passing arrays by value in Rust generates a copy in C */
- Eurydice_slice copy_of_data[1U];
- memcpy(copy_of_data, data, (size_t)1U * sizeof(Eurydice_slice));
- Eurydice_slice ret[1U];
- libcrux_sha3_portable_keccak_slice_n_5a(copy_of_data, i0 * (size_t)72U,
- (size_t)72U, ret);
- libcrux_sha3_generic_keccak_absorb_block_df(uu____0, ret);
+ Eurydice_slice buf[1U] = {data};
+ libcrux_sha3_generic_keccak_absorb_block_80_c6(&s, buf, i0 * (size_t)72U);
}
- size_t rem = Eurydice_slice_len(data[0U], uint8_t) % (size_t)72U;
- libcrux_sha3_generic_keccak_KeccakState_48 *uu____2 = &s;
- /* Passing arrays by value in Rust generates a copy in C */
- Eurydice_slice copy_of_data[1U];
- memcpy(copy_of_data, data, (size_t)1U * sizeof(Eurydice_slice));
- Eurydice_slice ret[1U];
- libcrux_sha3_portable_keccak_slice_n_5a(
- copy_of_data, Eurydice_slice_len(data[0U], uint8_t) - rem, rem, ret);
- libcrux_sha3_generic_keccak_absorb_final_c7(uu____2, ret);
- size_t outlen = Eurydice_slice_len(out[0U], uint8_t);
+ size_t rem = data_len % (size_t)72U;
+ Eurydice_slice buf[1U] = {data};
+ libcrux_sha3_generic_keccak_absorb_final_80_9e(&s, buf, data_len - rem, rem);
+ size_t outlen = Eurydice_slice_len(out, uint8_t);
size_t blocks = outlen / (size_t)72U;
size_t last = outlen - outlen % (size_t)72U;
if (blocks == (size_t)0U) {
- libcrux_sha3_generic_keccak_squeeze_first_and_last_c5(&s, out);
+ libcrux_sha3_simd_portable_squeeze_13_f8(&s, out, (size_t)0U, outlen);
} else {
- Eurydice_slice_uint8_t_1size_t__x2 uu____4 =
- libcrux_sha3_portable_keccak_split_at_mut_n_5a(out, (size_t)72U);
- Eurydice_slice o0[1U];
- memcpy(o0, uu____4.fst, (size_t)1U * sizeof(Eurydice_slice));
- Eurydice_slice o1[1U];
- memcpy(o1, uu____4.snd, (size_t)1U * sizeof(Eurydice_slice));
- libcrux_sha3_generic_keccak_squeeze_first_block_84(&s, o0);
- core_ops_range_Range_b3 iter =
- core_iter_traits_collect___core__iter__traits__collect__IntoIterator_for_I__1__into_iter(
- (CLITERAL(core_ops_range_Range_b3){.start = (size_t)1U,
- .end = blocks}),
- core_ops_range_Range_b3, core_ops_range_Range_b3);
- while (true) {
- if (core_iter_range___core__iter__traits__iterator__Iterator_for_core__ops__range__Range_A___6__next(
- &iter, size_t, Option_b3)
- .tag == None) {
- break;
- } else {
- Eurydice_slice_uint8_t_1size_t__x2 uu____5 =
- libcrux_sha3_portable_keccak_split_at_mut_n_5a(o1, (size_t)72U);
- Eurydice_slice o[1U];
- memcpy(o, uu____5.fst, (size_t)1U * sizeof(Eurydice_slice));
- Eurydice_slice orest[1U];
- memcpy(orest, uu____5.snd, (size_t)1U * sizeof(Eurydice_slice));
- libcrux_sha3_generic_keccak_squeeze_next_block_fc(&s, o);
- memcpy(o1, orest, (size_t)1U * sizeof(Eurydice_slice));
- }
+ libcrux_sha3_simd_portable_squeeze_13_f8(&s, out, (size_t)0U, (size_t)72U);
+ for (size_t i = (size_t)1U; i < blocks; i++) {
+ size_t i0 = i;
+ libcrux_sha3_generic_keccak_keccakf1600_80_04(&s);
+ libcrux_sha3_simd_portable_squeeze_13_f8(&s, out, i0 * (size_t)72U,
+ (size_t)72U);
}
if (last < outlen) {
- libcrux_sha3_generic_keccak_squeeze_last_cf(s, o1);
+ libcrux_sha3_generic_keccak_keccakf1600_80_04(&s);
+ libcrux_sha3_simd_portable_squeeze_13_f8(&s, out, last, outlen - last);
}
}
}
-/**
-A monomorphic instance of libcrux_sha3.portable.keccakx1
-with const generics
-- RATE= 72
-- DELIM= 6
-*/
-static KRML_MUSTINLINE void libcrux_sha3_portable_keccakx1_ce(
- Eurydice_slice data[1U], Eurydice_slice out[1U]) {
- /* Passing arrays by value in Rust generates a copy in C */
- Eurydice_slice copy_of_data[1U];
- memcpy(copy_of_data, data, (size_t)1U * sizeof(Eurydice_slice));
- libcrux_sha3_generic_keccak_keccak_e9(copy_of_data, out);
-}
-
/**
A portable SHA3 512 implementation.
*/
static KRML_MUSTINLINE void libcrux_sha3_portable_sha512(Eurydice_slice digest,
Eurydice_slice data) {
- Eurydice_slice buf0[1U] = {data};
- Eurydice_slice buf[1U] = {digest};
- libcrux_sha3_portable_keccakx1_ce(buf0, buf);
+ libcrux_sha3_generic_keccak_portable_keccak1_96(data, digest);
}
/**
-A monomorphic instance of libcrux_sha3.portable_keccak.load_block
+A monomorphic instance of libcrux_sha3.simd.portable.load_block
with const generics
- RATE= 136
*/
-static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_load_block_2c0(
- uint64_t (*s)[5U], Eurydice_slice blocks[1U]) {
+static KRML_MUSTINLINE void libcrux_sha3_simd_portable_load_block_5b(
+ uint64_t *state, Eurydice_slice blocks, size_t start) {
+ uint64_t state_flat[25U] = {0U};
for (size_t i = (size_t)0U; i < (size_t)136U / (size_t)8U; i++) {
size_t i0 = i;
+ size_t offset = start + (size_t)8U * i0;
uint8_t uu____0[8U];
- Result_56 dst;
+ Result_15 dst;
Eurydice_slice_to_array2(
&dst,
- Eurydice_slice_subslice2(blocks[0U], (size_t)8U * i0,
- (size_t)8U * i0 + (size_t)8U, uint8_t),
- Eurydice_slice, uint8_t[8U]);
- unwrap_41_ac(dst, uu____0);
- size_t uu____1 = i0 / (size_t)5U;
- size_t uu____2 = i0 % (size_t)5U;
- s[uu____1][uu____2] =
- s[uu____1][uu____2] ^ core_num__u64_9__from_le_bytes(uu____0);
+ Eurydice_slice_subslice3(blocks, offset, offset + (size_t)8U,
+ uint8_t *),
+ Eurydice_slice, uint8_t[8U], TryFromSliceError);
+ unwrap_26_68(dst, uu____0);
+ state_flat[i0] = core_num__u64__from_le_bytes(uu____0);
}
-}
-
-/**
-This function found in impl {(libcrux_sha3::traits::internal::KeccakItem<1:
-usize> for u64)}
-*/
-/**
-A monomorphic instance of libcrux_sha3.portable_keccak.load_block_5a
-with const generics
-- RATE= 136
-*/
-static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_load_block_5a_b80(
- uint64_t (*a)[5U], Eurydice_slice b[1U]) {
- uint64_t(*uu____0)[5U] = a;
- /* Passing arrays by value in Rust generates a copy in C */
- Eurydice_slice copy_of_b[1U];
- memcpy(copy_of_b, b, (size_t)1U * sizeof(Eurydice_slice));
- libcrux_sha3_portable_keccak_load_block_2c0(uu____0, copy_of_b);
-}
-
-/**
-A monomorphic instance of libcrux_sha3.generic_keccak.absorb_block
-with types uint64_t
-with const generics
-- N= 1
-- RATE= 136
-*/
-static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_absorb_block_df0(
- libcrux_sha3_generic_keccak_KeccakState_48 *s, Eurydice_slice blocks[1U]) {
- uint64_t(*uu____0)[5U] = s->st;
- Eurydice_slice uu____1[1U];
- memcpy(uu____1, blocks, (size_t)1U * sizeof(Eurydice_slice));
- libcrux_sha3_portable_keccak_load_block_5a_b80(uu____0, uu____1);
- libcrux_sha3_generic_keccak_keccakf1600_21(s);
-}
-
-/**
-A monomorphic instance of libcrux_sha3.portable_keccak.load_block_full
-with const generics
-- RATE= 136
-*/
-static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_load_block_full_df0(
- uint64_t (*s)[5U], uint8_t blocks[1U][200U]) {
- Eurydice_slice buf[1U] = {
- Eurydice_array_to_slice((size_t)200U, blocks[0U], uint8_t)};
- libcrux_sha3_portable_keccak_load_block_2c0(s, buf);
-}
-
-/**
-This function found in impl {(libcrux_sha3::traits::internal::KeccakItem<1:
-usize> for u64)}
-*/
-/**
-A monomorphic instance of libcrux_sha3.portable_keccak.load_block_full_5a
-with const generics
-- RATE= 136
-*/
-static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_load_block_full_5a_d20(
- uint64_t (*a)[5U], uint8_t b[1U][200U]) {
- uint64_t(*uu____0)[5U] = a;
- /* Passing arrays by value in Rust generates a copy in C */
- uint8_t copy_of_b[1U][200U];
- memcpy(copy_of_b, b, (size_t)1U * sizeof(uint8_t[200U]));
- libcrux_sha3_portable_keccak_load_block_full_df0(uu____0, copy_of_b);
-}
-
-/**
-A monomorphic instance of libcrux_sha3.generic_keccak.absorb_final
-with types uint64_t
-with const generics
-- N= 1
-- RATE= 136
-- DELIM= 6
-*/
-static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_absorb_final_c70(
- libcrux_sha3_generic_keccak_KeccakState_48 *s, Eurydice_slice last[1U]) {
- size_t last_len = Eurydice_slice_len(last[0U], uint8_t);
- uint8_t blocks[1U][200U] = {{0U}};
- for (size_t i = (size_t)0U; i < (size_t)1U; i++) {
- size_t i0 = i;
- if (last_len > (size_t)0U) {
- Eurydice_slice uu____0 = Eurydice_array_to_subslice2(
- blocks[i0], (size_t)0U, last_len, uint8_t);
- Eurydice_slice_copy(uu____0, last[i0], uint8_t);
- }
- blocks[i0][last_len] = 6U;
- size_t uu____1 = i0;
- size_t uu____2 = (size_t)136U - (size_t)1U;
- blocks[uu____1][uu____2] = (uint32_t)blocks[uu____1][uu____2] | 128U;
- }
- uint64_t(*uu____3)[5U] = s->st;
- uint8_t uu____4[1U][200U];
- memcpy(uu____4, blocks, (size_t)1U * sizeof(uint8_t[200U]));
- libcrux_sha3_portable_keccak_load_block_full_5a_d20(uu____3, uu____4);
- libcrux_sha3_generic_keccak_keccakf1600_21(s);
-}
-
-/**
-A monomorphic instance of libcrux_sha3.portable_keccak.store_block
-with const generics
-- RATE= 136
-*/
-static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_store_block_580(
- uint64_t (*s)[5U], Eurydice_slice out[1U]) {
for (size_t i = (size_t)0U; i < (size_t)136U / (size_t)8U; i++) {
size_t i0 = i;
- Eurydice_slice uu____0 = Eurydice_slice_subslice2(
- out[0U], (size_t)8U * i0, (size_t)8U * i0 + (size_t)8U, uint8_t);
+ libcrux_sha3_traits_set_ij_04(
+ state, i0 / (size_t)5U, i0 % (size_t)5U,
+ libcrux_sha3_traits_get_ij_04(state, i0 / (size_t)5U,
+ i0 % (size_t)5U)[0U] ^
+ state_flat[i0]);
+ }
+}
+
+/**
+This function found in impl {libcrux_sha3::traits::Absorb<1usize> for
+libcrux_sha3::generic_keccak::KeccakState<u64, 1usize>[core::marker::Sized<u64>,
+libcrux_sha3::simd::portable::{libcrux_sha3::traits::KeccakItem<1usize> for
+u64}]}
+*/
+/**
+A monomorphic instance of libcrux_sha3.simd.portable.load_block_a1
+with const generics
+- RATE= 136
+*/
+static inline void libcrux_sha3_simd_portable_load_block_a1_5b(
+ libcrux_sha3_generic_keccak_KeccakState_17 *self, Eurydice_slice *input,
+ size_t start) {
+ libcrux_sha3_simd_portable_load_block_5b(self->st, input[0U], start);
+}
+
+/**
+This function found in impl {libcrux_sha3::generic_keccak::KeccakState<T,
+N>[TraitClause@0, TraitClause@1]}
+*/
+/**
+A monomorphic instance of libcrux_sha3.generic_keccak.absorb_block_80
+with types uint64_t
+with const generics
+- N= 1
+- RATE= 136
+*/
+static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_absorb_block_80_c60(
+ libcrux_sha3_generic_keccak_KeccakState_17 *self, Eurydice_slice *blocks,
+ size_t start) {
+ libcrux_sha3_simd_portable_load_block_a1_5b(self, blocks, start);
+ libcrux_sha3_generic_keccak_keccakf1600_80_04(self);
+}
+
+/**
+A monomorphic instance of libcrux_sha3.simd.portable.load_last
+with const generics
+- RATE= 136
+- DELIMITER= 6
+*/
+static KRML_MUSTINLINE void libcrux_sha3_simd_portable_load_last_ad(
+ uint64_t *state, Eurydice_slice blocks, size_t start, size_t len) {
+ uint8_t buffer[136U] = {0U};
+ Eurydice_slice_copy(
+ Eurydice_array_to_subslice3(buffer, (size_t)0U, len, uint8_t *),
+ Eurydice_slice_subslice3(blocks, start, start + len, uint8_t *), uint8_t);
+ buffer[len] = 6U;
+ size_t uu____0 = (size_t)136U - (size_t)1U;
+ buffer[uu____0] = (uint32_t)buffer[uu____0] | 128U;
+ libcrux_sha3_simd_portable_load_block_5b(
+ state, Eurydice_array_to_slice((size_t)136U, buffer, uint8_t),
+ (size_t)0U);
+}
+
+/**
+This function found in impl {libcrux_sha3::traits::Absorb<1usize> for
+libcrux_sha3::generic_keccak::KeccakState<u64, 1usize>[core::marker::Sized<u64>,
+libcrux_sha3::simd::portable::{libcrux_sha3::traits::KeccakItem<1usize> for
+u64}]}
+*/
+/**
+A monomorphic instance of libcrux_sha3.simd.portable.load_last_a1
+with const generics
+- RATE= 136
+- DELIMITER= 6
+*/
+static inline void libcrux_sha3_simd_portable_load_last_a1_ad(
+ libcrux_sha3_generic_keccak_KeccakState_17 *self, Eurydice_slice *input,
+ size_t start, size_t len) {
+ libcrux_sha3_simd_portable_load_last_ad(self->st, input[0U], start, len);
+}
+
+/**
+This function found in impl {libcrux_sha3::generic_keccak::KeccakState<T,
+N>[TraitClause@0, TraitClause@1]}
+*/
+/**
+A monomorphic instance of libcrux_sha3.generic_keccak.absorb_final_80
+with types uint64_t
+with const generics
+- N= 1
+- RATE= 136
+- DELIM= 6
+*/
+static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_absorb_final_80_9e0(
+ libcrux_sha3_generic_keccak_KeccakState_17 *self, Eurydice_slice *last,
+ size_t start, size_t len) {
+ libcrux_sha3_simd_portable_load_last_a1_ad(self, last, start, len);
+ libcrux_sha3_generic_keccak_keccakf1600_80_04(self);
+}
+
+/**
+A monomorphic instance of libcrux_sha3.simd.portable.store_block
+with const generics
+- RATE= 136
+*/
+static KRML_MUSTINLINE void libcrux_sha3_simd_portable_store_block_5b(
+ uint64_t *s, Eurydice_slice out, size_t start, size_t len) {
+ size_t octets = len / (size_t)8U;
+ for (size_t i = (size_t)0U; i < octets; i++) {
+ size_t i0 = i;
+ Eurydice_slice uu____0 = Eurydice_slice_subslice3(
+ out, start + (size_t)8U * i0, start + (size_t)8U * i0 + (size_t)8U,
+ uint8_t *);
uint8_t ret[8U];
- core_num__u64_9__to_le_bytes(s[i0 / (size_t)5U][i0 % (size_t)5U], ret);
+ core_num__u64__to_le_bytes(
+ libcrux_sha3_traits_get_ij_04(s, i0 / (size_t)5U, i0 % (size_t)5U)[0U],
+ ret);
Eurydice_slice_copy(
uu____0, Eurydice_array_to_slice((size_t)8U, ret, uint8_t), uint8_t);
}
-}
-
-/**
-A monomorphic instance of libcrux_sha3.portable_keccak.store_block_full
-with const generics
-- RATE= 136
-*/
-static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_store_block_full_2d0(
- uint64_t (*s)[5U], uint8_t ret[1U][200U]) {
- uint8_t out[200U] = {0U};
- Eurydice_slice buf[1U] = {
- Eurydice_array_to_slice((size_t)200U, out, uint8_t)};
- libcrux_sha3_portable_keccak_store_block_580(s, buf);
- /* Passing arrays by value in Rust generates a copy in C */
- uint8_t copy_of_out[200U];
- memcpy(copy_of_out, out, (size_t)200U * sizeof(uint8_t));
- memcpy(ret[0U], copy_of_out, (size_t)200U * sizeof(uint8_t));
-}
-
-/**
-This function found in impl {(libcrux_sha3::traits::internal::KeccakItem<1:
-usize> for u64)}
-*/
-/**
-A monomorphic instance of libcrux_sha3.portable_keccak.store_block_full_5a
-with const generics
-- RATE= 136
-*/
-static KRML_MUSTINLINE void
-libcrux_sha3_portable_keccak_store_block_full_5a_290(uint64_t (*a)[5U],
- uint8_t ret[1U][200U]) {
- libcrux_sha3_portable_keccak_store_block_full_2d0(a, ret);
-}
-
-/**
-A monomorphic instance of libcrux_sha3.generic_keccak.squeeze_first_and_last
-with types uint64_t
-with const generics
-- N= 1
-- RATE= 136
-*/
-static KRML_MUSTINLINE void
-libcrux_sha3_generic_keccak_squeeze_first_and_last_c50(
- libcrux_sha3_generic_keccak_KeccakState_48 *s, Eurydice_slice out[1U]) {
- uint8_t b[1U][200U];
- libcrux_sha3_portable_keccak_store_block_full_5a_290(s->st, b);
- for (size_t i = (size_t)0U; i < (size_t)1U; i++) {
- size_t i0 = i;
- Eurydice_slice uu____0 = out[i0];
- uint8_t *uu____1 = b[i0];
- core_ops_range_Range_b3 lit;
- lit.start = (size_t)0U;
- lit.end = Eurydice_slice_len(out[i0], uint8_t);
+ size_t remaining = len % (size_t)8U;
+ if (remaining > (size_t)0U) {
+ Eurydice_slice uu____1 = Eurydice_slice_subslice3(
+ out, start + len - remaining, start + len, uint8_t *);
+ uint8_t ret[8U];
+ core_num__u64__to_le_bytes(
+ libcrux_sha3_traits_get_ij_04(s, octets / (size_t)5U,
+ octets % (size_t)5U)[0U],
+ ret);
Eurydice_slice_copy(
- uu____0,
- Eurydice_array_to_subslice((size_t)200U, uu____1, lit, uint8_t,
- core_ops_range_Range_b3),
+ uu____1,
+ Eurydice_array_to_subslice3(ret, (size_t)0U, remaining, uint8_t *),
uint8_t);
}
}
/**
-This function found in impl {(libcrux_sha3::traits::internal::KeccakItem<1:
-usize> for u64)}
+This function found in impl {libcrux_sha3::traits::Squeeze1<u64> for
+libcrux_sha3::generic_keccak::KeccakState<u64, 1usize>[core::marker::Sized<u64>,
+libcrux_sha3::simd::portable::{libcrux_sha3::traits::KeccakItem<1usize> for
+u64}]}
*/
/**
-A monomorphic instance of libcrux_sha3.portable_keccak.store_block_5a
+A monomorphic instance of libcrux_sha3.simd.portable.squeeze_13
with const generics
- RATE= 136
*/
-static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_store_block_5a_590(
- uint64_t (*a)[5U], Eurydice_slice b[1U]) {
- libcrux_sha3_portable_keccak_store_block_580(a, b);
-}
-
-/**
-A monomorphic instance of libcrux_sha3.generic_keccak.squeeze_first_block
-with types uint64_t
-with const generics
-- N= 1
-- RATE= 136
-*/
-static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_squeeze_first_block_840(
- libcrux_sha3_generic_keccak_KeccakState_48 *s, Eurydice_slice out[1U]) {
- libcrux_sha3_portable_keccak_store_block_5a_590(s->st, out);
-}
-
-/**
-A monomorphic instance of libcrux_sha3.generic_keccak.squeeze_next_block
-with types uint64_t
-with const generics
-- N= 1
-- RATE= 136
-*/
-static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_squeeze_next_block_fc0(
- libcrux_sha3_generic_keccak_KeccakState_48 *s, Eurydice_slice out[1U]) {
- libcrux_sha3_generic_keccak_keccakf1600_21(s);
- libcrux_sha3_portable_keccak_store_block_5a_590(s->st, out);
-}
-
-/**
-A monomorphic instance of libcrux_sha3.generic_keccak.squeeze_last
-with types uint64_t
-with const generics
-- N= 1
-- RATE= 136
-*/
-static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_squeeze_last_cf0(
- libcrux_sha3_generic_keccak_KeccakState_48 s, Eurydice_slice out[1U]) {
- libcrux_sha3_generic_keccak_keccakf1600_21(&s);
- uint8_t b[1U][200U];
- libcrux_sha3_portable_keccak_store_block_full_5a_290(s.st, b);
- for (size_t i = (size_t)0U; i < (size_t)1U; i++) {
- size_t i0 = i;
- Eurydice_slice uu____0 = out[i0];
- uint8_t *uu____1 = b[i0];
- core_ops_range_Range_b3 lit;
- lit.start = (size_t)0U;
- lit.end = Eurydice_slice_len(out[i0], uint8_t);
- Eurydice_slice_copy(
- uu____0,
- Eurydice_array_to_subslice((size_t)200U, uu____1, lit, uint8_t,
- core_ops_range_Range_b3),
- uint8_t);
- }
+static inline void libcrux_sha3_simd_portable_squeeze_13_5b(
+ libcrux_sha3_generic_keccak_KeccakState_17 *self, Eurydice_slice out,
+ size_t start, size_t len) {
+ libcrux_sha3_simd_portable_store_block_5b(self->st, out, start, len);
}
/**
-A monomorphic instance of libcrux_sha3.generic_keccak.keccak
-with types uint64_t
+A monomorphic instance of libcrux_sha3.generic_keccak.portable.keccak1
with const generics
-- N= 1
- RATE= 136
- DELIM= 6
*/
-static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_keccak_e90(
- Eurydice_slice data[1U], Eurydice_slice out[1U]) {
- libcrux_sha3_generic_keccak_KeccakState_48 s =
- libcrux_sha3_generic_keccak_new_1e_f4();
- for (size_t i = (size_t)0U;
- i < Eurydice_slice_len(data[0U], uint8_t) / (size_t)136U; i++) {
+static inline void libcrux_sha3_generic_keccak_portable_keccak1_ad(
+ Eurydice_slice data, Eurydice_slice out) {
+ libcrux_sha3_generic_keccak_KeccakState_17 s =
+ libcrux_sha3_generic_keccak_new_80_04();
+ size_t data_len = Eurydice_slice_len(data, uint8_t);
+ for (size_t i = (size_t)0U; i < data_len / (size_t)136U; i++) {
size_t i0 = i;
- libcrux_sha3_generic_keccak_KeccakState_48 *uu____0 = &s;
- /* Passing arrays by value in Rust generates a copy in C */
- Eurydice_slice copy_of_data[1U];
- memcpy(copy_of_data, data, (size_t)1U * sizeof(Eurydice_slice));
- Eurydice_slice ret[1U];
- libcrux_sha3_portable_keccak_slice_n_5a(copy_of_data, i0 * (size_t)136U,
- (size_t)136U, ret);
- libcrux_sha3_generic_keccak_absorb_block_df0(uu____0, ret);
+ Eurydice_slice buf[1U] = {data};
+ libcrux_sha3_generic_keccak_absorb_block_80_c60(&s, buf, i0 * (size_t)136U);
}
- size_t rem = Eurydice_slice_len(data[0U], uint8_t) % (size_t)136U;
- libcrux_sha3_generic_keccak_KeccakState_48 *uu____2 = &s;
- /* Passing arrays by value in Rust generates a copy in C */
- Eurydice_slice copy_of_data[1U];
- memcpy(copy_of_data, data, (size_t)1U * sizeof(Eurydice_slice));
- Eurydice_slice ret[1U];
- libcrux_sha3_portable_keccak_slice_n_5a(
- copy_of_data, Eurydice_slice_len(data[0U], uint8_t) - rem, rem, ret);
- libcrux_sha3_generic_keccak_absorb_final_c70(uu____2, ret);
- size_t outlen = Eurydice_slice_len(out[0U], uint8_t);
+ size_t rem = data_len % (size_t)136U;
+ Eurydice_slice buf[1U] = {data};
+ libcrux_sha3_generic_keccak_absorb_final_80_9e0(&s, buf, data_len - rem, rem);
+ size_t outlen = Eurydice_slice_len(out, uint8_t);
size_t blocks = outlen / (size_t)136U;
size_t last = outlen - outlen % (size_t)136U;
if (blocks == (size_t)0U) {
- libcrux_sha3_generic_keccak_squeeze_first_and_last_c50(&s, out);
+ libcrux_sha3_simd_portable_squeeze_13_5b(&s, out, (size_t)0U, outlen);
} else {
- Eurydice_slice_uint8_t_1size_t__x2 uu____4 =
- libcrux_sha3_portable_keccak_split_at_mut_n_5a(out, (size_t)136U);
- Eurydice_slice o0[1U];
- memcpy(o0, uu____4.fst, (size_t)1U * sizeof(Eurydice_slice));
- Eurydice_slice o1[1U];
- memcpy(o1, uu____4.snd, (size_t)1U * sizeof(Eurydice_slice));
- libcrux_sha3_generic_keccak_squeeze_first_block_840(&s, o0);
- core_ops_range_Range_b3 iter =
- core_iter_traits_collect___core__iter__traits__collect__IntoIterator_for_I__1__into_iter(
- (CLITERAL(core_ops_range_Range_b3){.start = (size_t)1U,
- .end = blocks}),
- core_ops_range_Range_b3, core_ops_range_Range_b3);
- while (true) {
- if (core_iter_range___core__iter__traits__iterator__Iterator_for_core__ops__range__Range_A___6__next(
- &iter, size_t, Option_b3)
- .tag == None) {
- break;
- } else {
- Eurydice_slice_uint8_t_1size_t__x2 uu____5 =
- libcrux_sha3_portable_keccak_split_at_mut_n_5a(o1, (size_t)136U);
- Eurydice_slice o[1U];
- memcpy(o, uu____5.fst, (size_t)1U * sizeof(Eurydice_slice));
- Eurydice_slice orest[1U];
- memcpy(orest, uu____5.snd, (size_t)1U * sizeof(Eurydice_slice));
- libcrux_sha3_generic_keccak_squeeze_next_block_fc0(&s, o);
- memcpy(o1, orest, (size_t)1U * sizeof(Eurydice_slice));
- }
+ libcrux_sha3_simd_portable_squeeze_13_5b(&s, out, (size_t)0U, (size_t)136U);
+ for (size_t i = (size_t)1U; i < blocks; i++) {
+ size_t i0 = i;
+ libcrux_sha3_generic_keccak_keccakf1600_80_04(&s);
+ libcrux_sha3_simd_portable_squeeze_13_5b(&s, out, i0 * (size_t)136U,
+ (size_t)136U);
}
if (last < outlen) {
- libcrux_sha3_generic_keccak_squeeze_last_cf0(s, o1);
+ libcrux_sha3_generic_keccak_keccakf1600_80_04(&s);
+ libcrux_sha3_simd_portable_squeeze_13_5b(&s, out, last, outlen - last);
}
}
}
-/**
-A monomorphic instance of libcrux_sha3.portable.keccakx1
-with const generics
-- RATE= 136
-- DELIM= 6
-*/
-static KRML_MUSTINLINE void libcrux_sha3_portable_keccakx1_ce0(
- Eurydice_slice data[1U], Eurydice_slice out[1U]) {
- /* Passing arrays by value in Rust generates a copy in C */
- Eurydice_slice copy_of_data[1U];
- memcpy(copy_of_data, data, (size_t)1U * sizeof(Eurydice_slice));
- libcrux_sha3_generic_keccak_keccak_e90(copy_of_data, out);
-}
-
/**
A portable SHA3 256 implementation.
*/
static KRML_MUSTINLINE void libcrux_sha3_portable_sha256(Eurydice_slice digest,
Eurydice_slice data) {
- Eurydice_slice buf0[1U] = {data};
- Eurydice_slice buf[1U] = {digest};
- libcrux_sha3_portable_keccakx1_ce0(buf0, buf);
+ libcrux_sha3_generic_keccak_portable_keccak1_ad(data, digest);
}
/**
-A monomorphic instance of libcrux_sha3.generic_keccak.absorb_final
+A monomorphic instance of libcrux_sha3.simd.portable.load_last
+with const generics
+- RATE= 136
+- DELIMITER= 31
+*/
+static KRML_MUSTINLINE void libcrux_sha3_simd_portable_load_last_ad0(
+ uint64_t *state, Eurydice_slice blocks, size_t start, size_t len) {
+ uint8_t buffer[136U] = {0U};
+ Eurydice_slice_copy(
+ Eurydice_array_to_subslice3(buffer, (size_t)0U, len, uint8_t *),
+ Eurydice_slice_subslice3(blocks, start, start + len, uint8_t *), uint8_t);
+ buffer[len] = 31U;
+ size_t uu____0 = (size_t)136U - (size_t)1U;
+ buffer[uu____0] = (uint32_t)buffer[uu____0] | 128U;
+ libcrux_sha3_simd_portable_load_block_5b(
+ state, Eurydice_array_to_slice((size_t)136U, buffer, uint8_t),
+ (size_t)0U);
+}
+
+/**
+This function found in impl {libcrux_sha3::traits::Absorb<1usize> for
+libcrux_sha3::generic_keccak::KeccakState<u64, 1usize>[core::marker::Sized<u64>,
+libcrux_sha3::simd::portable::{libcrux_sha3::traits::KeccakItem<1usize> for
+u64}]}
+*/
+/**
+A monomorphic instance of libcrux_sha3.simd.portable.load_last_a1
+with const generics
+- RATE= 136
+- DELIMITER= 31
+*/
+static inline void libcrux_sha3_simd_portable_load_last_a1_ad0(
+ libcrux_sha3_generic_keccak_KeccakState_17 *self, Eurydice_slice *input,
+ size_t start, size_t len) {
+ libcrux_sha3_simd_portable_load_last_ad0(self->st, input[0U], start, len);
+}
+
+/**
+This function found in impl {libcrux_sha3::generic_keccak::KeccakState<T,
+N>[TraitClause@0, TraitClause@1]}
+*/
+/**
+A monomorphic instance of libcrux_sha3.generic_keccak.absorb_final_80
with types uint64_t
with const generics
- N= 1
- RATE= 136
- DELIM= 31
*/
-static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_absorb_final_c71(
- libcrux_sha3_generic_keccak_KeccakState_48 *s, Eurydice_slice last[1U]) {
- size_t last_len = Eurydice_slice_len(last[0U], uint8_t);
- uint8_t blocks[1U][200U] = {{0U}};
- for (size_t i = (size_t)0U; i < (size_t)1U; i++) {
- size_t i0 = i;
- if (last_len > (size_t)0U) {
- Eurydice_slice uu____0 = Eurydice_array_to_subslice2(
- blocks[i0], (size_t)0U, last_len, uint8_t);
- Eurydice_slice_copy(uu____0, last[i0], uint8_t);
- }
- blocks[i0][last_len] = 31U;
- size_t uu____1 = i0;
- size_t uu____2 = (size_t)136U - (size_t)1U;
- blocks[uu____1][uu____2] = (uint32_t)blocks[uu____1][uu____2] | 128U;
- }
- uint64_t(*uu____3)[5U] = s->st;
- uint8_t uu____4[1U][200U];
- memcpy(uu____4, blocks, (size_t)1U * sizeof(uint8_t[200U]));
- libcrux_sha3_portable_keccak_load_block_full_5a_d20(uu____3, uu____4);
- libcrux_sha3_generic_keccak_keccakf1600_21(s);
+static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_absorb_final_80_9e1(
+ libcrux_sha3_generic_keccak_KeccakState_17 *self, Eurydice_slice *last,
+ size_t start, size_t len) {
+ libcrux_sha3_simd_portable_load_last_a1_ad0(self, last, start, len);
+ libcrux_sha3_generic_keccak_keccakf1600_80_04(self);
}
/**
-A monomorphic instance of libcrux_sha3.generic_keccak.keccak
-with types uint64_t
+A monomorphic instance of libcrux_sha3.generic_keccak.portable.keccak1
with const generics
-- N= 1
- RATE= 136
- DELIM= 31
*/
-static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_keccak_e91(
- Eurydice_slice data[1U], Eurydice_slice out[1U]) {
- libcrux_sha3_generic_keccak_KeccakState_48 s =
- libcrux_sha3_generic_keccak_new_1e_f4();
- for (size_t i = (size_t)0U;
- i < Eurydice_slice_len(data[0U], uint8_t) / (size_t)136U; i++) {
+static inline void libcrux_sha3_generic_keccak_portable_keccak1_ad0(
+ Eurydice_slice data, Eurydice_slice out) {
+ libcrux_sha3_generic_keccak_KeccakState_17 s =
+ libcrux_sha3_generic_keccak_new_80_04();
+ size_t data_len = Eurydice_slice_len(data, uint8_t);
+ for (size_t i = (size_t)0U; i < data_len / (size_t)136U; i++) {
size_t i0 = i;
- libcrux_sha3_generic_keccak_KeccakState_48 *uu____0 = &s;
- /* Passing arrays by value in Rust generates a copy in C */
- Eurydice_slice copy_of_data[1U];
- memcpy(copy_of_data, data, (size_t)1U * sizeof(Eurydice_slice));
- Eurydice_slice ret[1U];
- libcrux_sha3_portable_keccak_slice_n_5a(copy_of_data, i0 * (size_t)136U,
- (size_t)136U, ret);
- libcrux_sha3_generic_keccak_absorb_block_df0(uu____0, ret);
+ Eurydice_slice buf[1U] = {data};
+ libcrux_sha3_generic_keccak_absorb_block_80_c60(&s, buf, i0 * (size_t)136U);
}
- size_t rem = Eurydice_slice_len(data[0U], uint8_t) % (size_t)136U;
- libcrux_sha3_generic_keccak_KeccakState_48 *uu____2 = &s;
- /* Passing arrays by value in Rust generates a copy in C */
- Eurydice_slice copy_of_data[1U];
- memcpy(copy_of_data, data, (size_t)1U * sizeof(Eurydice_slice));
- Eurydice_slice ret[1U];
- libcrux_sha3_portable_keccak_slice_n_5a(
- copy_of_data, Eurydice_slice_len(data[0U], uint8_t) - rem, rem, ret);
- libcrux_sha3_generic_keccak_absorb_final_c71(uu____2, ret);
- size_t outlen = Eurydice_slice_len(out[0U], uint8_t);
+ size_t rem = data_len % (size_t)136U;
+ Eurydice_slice buf[1U] = {data};
+ libcrux_sha3_generic_keccak_absorb_final_80_9e1(&s, buf, data_len - rem, rem);
+ size_t outlen = Eurydice_slice_len(out, uint8_t);
size_t blocks = outlen / (size_t)136U;
size_t last = outlen - outlen % (size_t)136U;
if (blocks == (size_t)0U) {
- libcrux_sha3_generic_keccak_squeeze_first_and_last_c50(&s, out);
+ libcrux_sha3_simd_portable_squeeze_13_5b(&s, out, (size_t)0U, outlen);
} else {
- Eurydice_slice_uint8_t_1size_t__x2 uu____4 =
- libcrux_sha3_portable_keccak_split_at_mut_n_5a(out, (size_t)136U);
- Eurydice_slice o0[1U];
- memcpy(o0, uu____4.fst, (size_t)1U * sizeof(Eurydice_slice));
- Eurydice_slice o1[1U];
- memcpy(o1, uu____4.snd, (size_t)1U * sizeof(Eurydice_slice));
- libcrux_sha3_generic_keccak_squeeze_first_block_840(&s, o0);
- core_ops_range_Range_b3 iter =
- core_iter_traits_collect___core__iter__traits__collect__IntoIterator_for_I__1__into_iter(
- (CLITERAL(core_ops_range_Range_b3){.start = (size_t)1U,
- .end = blocks}),
- core_ops_range_Range_b3, core_ops_range_Range_b3);
- while (true) {
- if (core_iter_range___core__iter__traits__iterator__Iterator_for_core__ops__range__Range_A___6__next(
- &iter, size_t, Option_b3)
- .tag == None) {
- break;
- } else {
- Eurydice_slice_uint8_t_1size_t__x2 uu____5 =
- libcrux_sha3_portable_keccak_split_at_mut_n_5a(o1, (size_t)136U);
- Eurydice_slice o[1U];
- memcpy(o, uu____5.fst, (size_t)1U * sizeof(Eurydice_slice));
- Eurydice_slice orest[1U];
- memcpy(orest, uu____5.snd, (size_t)1U * sizeof(Eurydice_slice));
- libcrux_sha3_generic_keccak_squeeze_next_block_fc0(&s, o);
- memcpy(o1, orest, (size_t)1U * sizeof(Eurydice_slice));
- }
+ libcrux_sha3_simd_portable_squeeze_13_5b(&s, out, (size_t)0U, (size_t)136U);
+ for (size_t i = (size_t)1U; i < blocks; i++) {
+ size_t i0 = i;
+ libcrux_sha3_generic_keccak_keccakf1600_80_04(&s);
+ libcrux_sha3_simd_portable_squeeze_13_5b(&s, out, i0 * (size_t)136U,
+ (size_t)136U);
}
if (last < outlen) {
- libcrux_sha3_generic_keccak_squeeze_last_cf0(s, o1);
+ libcrux_sha3_generic_keccak_keccakf1600_80_04(&s);
+ libcrux_sha3_simd_portable_squeeze_13_5b(&s, out, last, outlen - last);
}
}
}
-/**
-A monomorphic instance of libcrux_sha3.portable.keccakx1
-with const generics
-- RATE= 136
-- DELIM= 31
-*/
-static KRML_MUSTINLINE void libcrux_sha3_portable_keccakx1_ce1(
- Eurydice_slice data[1U], Eurydice_slice out[1U]) {
- /* Passing arrays by value in Rust generates a copy in C */
- Eurydice_slice copy_of_data[1U];
- memcpy(copy_of_data, data, (size_t)1U * sizeof(Eurydice_slice));
- libcrux_sha3_generic_keccak_keccak_e91(copy_of_data, out);
-}
-
/**
A portable SHAKE256 implementation.
*/
static KRML_MUSTINLINE void libcrux_sha3_portable_shake256(
Eurydice_slice digest, Eurydice_slice data) {
- Eurydice_slice buf0[1U] = {data};
- Eurydice_slice buf[1U] = {digest};
- libcrux_sha3_portable_keccakx1_ce1(buf0, buf);
+ libcrux_sha3_generic_keccak_portable_keccak1_ad0(data, digest);
}
-typedef libcrux_sha3_generic_keccak_KeccakState_48
+typedef libcrux_sha3_generic_keccak_KeccakState_17
libcrux_sha3_portable_KeccakState;
/**
Create a new SHAKE-128 state object.
*/
-static KRML_MUSTINLINE libcrux_sha3_generic_keccak_KeccakState_48
+static KRML_MUSTINLINE libcrux_sha3_generic_keccak_KeccakState_17
libcrux_sha3_portable_incremental_shake128_init(void) {
- return libcrux_sha3_generic_keccak_new_1e_f4();
+ return libcrux_sha3_generic_keccak_new_80_04();
}
/**
-A monomorphic instance of libcrux_sha3.portable_keccak.load_block
+A monomorphic instance of libcrux_sha3.simd.portable.load_block
with const generics
- RATE= 168
*/
-static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_load_block_2c1(
- uint64_t (*s)[5U], Eurydice_slice blocks[1U]) {
+static KRML_MUSTINLINE void libcrux_sha3_simd_portable_load_block_3a(
+ uint64_t *state, Eurydice_slice blocks, size_t start) {
+ uint64_t state_flat[25U] = {0U};
for (size_t i = (size_t)0U; i < (size_t)168U / (size_t)8U; i++) {
size_t i0 = i;
+ size_t offset = start + (size_t)8U * i0;
uint8_t uu____0[8U];
- Result_56 dst;
+ Result_15 dst;
Eurydice_slice_to_array2(
&dst,
- Eurydice_slice_subslice2(blocks[0U], (size_t)8U * i0,
- (size_t)8U * i0 + (size_t)8U, uint8_t),
- Eurydice_slice, uint8_t[8U]);
- unwrap_41_ac(dst, uu____0);
- size_t uu____1 = i0 / (size_t)5U;
- size_t uu____2 = i0 % (size_t)5U;
- s[uu____1][uu____2] =
- s[uu____1][uu____2] ^ core_num__u64_9__from_le_bytes(uu____0);
+ Eurydice_slice_subslice3(blocks, offset, offset + (size_t)8U,
+ uint8_t *),
+ Eurydice_slice, uint8_t[8U], TryFromSliceError);
+ unwrap_26_68(dst, uu____0);
+ state_flat[i0] = core_num__u64__from_le_bytes(uu____0);
+ }
+ for (size_t i = (size_t)0U; i < (size_t)168U / (size_t)8U; i++) {
+ size_t i0 = i;
+ libcrux_sha3_traits_set_ij_04(
+ state, i0 / (size_t)5U, i0 % (size_t)5U,
+ libcrux_sha3_traits_get_ij_04(state, i0 / (size_t)5U,
+ i0 % (size_t)5U)[0U] ^
+ state_flat[i0]);
}
}
/**
-A monomorphic instance of libcrux_sha3.portable_keccak.load_block_full
+A monomorphic instance of libcrux_sha3.simd.portable.load_last
with const generics
- RATE= 168
+- DELIMITER= 31
*/
-static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_load_block_full_df1(
- uint64_t (*s)[5U], uint8_t blocks[1U][200U]) {
- Eurydice_slice buf[1U] = {
- Eurydice_array_to_slice((size_t)200U, blocks[0U], uint8_t)};
- libcrux_sha3_portable_keccak_load_block_2c1(s, buf);
+static KRML_MUSTINLINE void libcrux_sha3_simd_portable_load_last_c6(
+ uint64_t *state, Eurydice_slice blocks, size_t start, size_t len) {
+ uint8_t buffer[168U] = {0U};
+ Eurydice_slice_copy(
+ Eurydice_array_to_subslice3(buffer, (size_t)0U, len, uint8_t *),
+ Eurydice_slice_subslice3(blocks, start, start + len, uint8_t *), uint8_t);
+ buffer[len] = 31U;
+ size_t uu____0 = (size_t)168U - (size_t)1U;
+ buffer[uu____0] = (uint32_t)buffer[uu____0] | 128U;
+ libcrux_sha3_simd_portable_load_block_3a(
+ state, Eurydice_array_to_slice((size_t)168U, buffer, uint8_t),
+ (size_t)0U);
}
/**
-This function found in impl {(libcrux_sha3::traits::internal::KeccakItem<1:
-usize> for u64)}
+This function found in impl {libcrux_sha3::traits::Absorb<1usize> for
+libcrux_sha3::generic_keccak::KeccakState<u64, 1usize>[core::marker::Sized<u64>,
+libcrux_sha3::simd::portable::{libcrux_sha3::traits::KeccakItem<1usize> for
+u64}]}
*/
/**
-A monomorphic instance of libcrux_sha3.portable_keccak.load_block_full_5a
+A monomorphic instance of libcrux_sha3.simd.portable.load_last_a1
with const generics
- RATE= 168
+- DELIMITER= 31
*/
-static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_load_block_full_5a_d21(
- uint64_t (*a)[5U], uint8_t b[1U][200U]) {
- uint64_t(*uu____0)[5U] = a;
- /* Passing arrays by value in Rust generates a copy in C */
- uint8_t copy_of_b[1U][200U];
- memcpy(copy_of_b, b, (size_t)1U * sizeof(uint8_t[200U]));
- libcrux_sha3_portable_keccak_load_block_full_df1(uu____0, copy_of_b);
+static inline void libcrux_sha3_simd_portable_load_last_a1_c6(
+ libcrux_sha3_generic_keccak_KeccakState_17 *self, Eurydice_slice *input,
+ size_t start, size_t len) {
+ libcrux_sha3_simd_portable_load_last_c6(self->st, input[0U], start, len);
}
/**
-A monomorphic instance of libcrux_sha3.generic_keccak.absorb_final
+This function found in impl {libcrux_sha3::generic_keccak::KeccakState<T,
+N>[TraitClause@0, TraitClause@1]}
+*/
+/**
+A monomorphic instance of libcrux_sha3.generic_keccak.absorb_final_80
with types uint64_t
with const generics
- N= 1
- RATE= 168
- DELIM= 31
*/
-static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_absorb_final_c72(
- libcrux_sha3_generic_keccak_KeccakState_48 *s, Eurydice_slice last[1U]) {
- size_t last_len = Eurydice_slice_len(last[0U], uint8_t);
- uint8_t blocks[1U][200U] = {{0U}};
- for (size_t i = (size_t)0U; i < (size_t)1U; i++) {
- size_t i0 = i;
- if (last_len > (size_t)0U) {
- Eurydice_slice uu____0 = Eurydice_array_to_subslice2(
- blocks[i0], (size_t)0U, last_len, uint8_t);
- Eurydice_slice_copy(uu____0, last[i0], uint8_t);
- }
- blocks[i0][last_len] = 31U;
- size_t uu____1 = i0;
- size_t uu____2 = (size_t)168U - (size_t)1U;
- blocks[uu____1][uu____2] = (uint32_t)blocks[uu____1][uu____2] | 128U;
- }
- uint64_t(*uu____3)[5U] = s->st;
- uint8_t uu____4[1U][200U];
- memcpy(uu____4, blocks, (size_t)1U * sizeof(uint8_t[200U]));
- libcrux_sha3_portable_keccak_load_block_full_5a_d21(uu____3, uu____4);
- libcrux_sha3_generic_keccak_keccakf1600_21(s);
+static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_absorb_final_80_9e2(
+ libcrux_sha3_generic_keccak_KeccakState_17 *self, Eurydice_slice *last,
+ size_t start, size_t len) {
+ libcrux_sha3_simd_portable_load_last_a1_c6(self, last, start, len);
+ libcrux_sha3_generic_keccak_keccakf1600_80_04(self);
}
/**
@@ -3120,103 +3856,88 @@ static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_absorb_final_c72(
*/
static KRML_MUSTINLINE void
libcrux_sha3_portable_incremental_shake128_absorb_final(
- libcrux_sha3_generic_keccak_KeccakState_48 *s, Eurydice_slice data0) {
- Eurydice_slice buf[1U] = {data0};
- libcrux_sha3_generic_keccak_absorb_final_c72(s, buf);
+ libcrux_sha3_generic_keccak_KeccakState_17 *s, Eurydice_slice data0) {
+ libcrux_sha3_generic_keccak_KeccakState_17 *uu____0 = s;
+ Eurydice_slice uu____1[1U] = {data0};
+ libcrux_sha3_generic_keccak_absorb_final_80_9e2(
+ uu____0, uu____1, (size_t)0U, Eurydice_slice_len(data0, uint8_t));
}
/**
-A monomorphic instance of libcrux_sha3.portable_keccak.store_block
+A monomorphic instance of libcrux_sha3.simd.portable.store_block
with const generics
- RATE= 168
*/
-static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_store_block_581(
- uint64_t (*s)[5U], Eurydice_slice out[1U]) {
- for (size_t i = (size_t)0U; i < (size_t)168U / (size_t)8U; i++) {
+static KRML_MUSTINLINE void libcrux_sha3_simd_portable_store_block_3a(
+ uint64_t *s, Eurydice_slice out, size_t start, size_t len) {
+ size_t octets = len / (size_t)8U;
+ for (size_t i = (size_t)0U; i < octets; i++) {
size_t i0 = i;
- Eurydice_slice uu____0 = Eurydice_slice_subslice2(
- out[0U], (size_t)8U * i0, (size_t)8U * i0 + (size_t)8U, uint8_t);
+ Eurydice_slice uu____0 = Eurydice_slice_subslice3(
+ out, start + (size_t)8U * i0, start + (size_t)8U * i0 + (size_t)8U,
+ uint8_t *);
uint8_t ret[8U];
- core_num__u64_9__to_le_bytes(s[i0 / (size_t)5U][i0 % (size_t)5U], ret);
+ core_num__u64__to_le_bytes(
+ libcrux_sha3_traits_get_ij_04(s, i0 / (size_t)5U, i0 % (size_t)5U)[0U],
+ ret);
Eurydice_slice_copy(
uu____0, Eurydice_array_to_slice((size_t)8U, ret, uint8_t), uint8_t);
}
+ size_t remaining = len % (size_t)8U;
+ if (remaining > (size_t)0U) {
+ Eurydice_slice uu____1 = Eurydice_slice_subslice3(
+ out, start + len - remaining, start + len, uint8_t *);
+ uint8_t ret[8U];
+ core_num__u64__to_le_bytes(
+ libcrux_sha3_traits_get_ij_04(s, octets / (size_t)5U,
+ octets % (size_t)5U)[0U],
+ ret);
+ Eurydice_slice_copy(
+ uu____1,
+ Eurydice_array_to_subslice3(ret, (size_t)0U, remaining, uint8_t *),
+ uint8_t);
+ }
}
/**
-This function found in impl {(libcrux_sha3::traits::internal::KeccakItem<1:
-usize> for u64)}
+This function found in impl {libcrux_sha3::traits::Squeeze1<u64> for
+libcrux_sha3::generic_keccak::KeccakState<u64, 1usize>[core::marker::Sized<u64>,
+libcrux_sha3::simd::portable::{libcrux_sha3::traits::KeccakItem<1usize> for
+u64}]}
*/
/**
-A monomorphic instance of libcrux_sha3.portable_keccak.store_block_5a
+A monomorphic instance of libcrux_sha3.simd.portable.squeeze_13
with const generics
- RATE= 168
*/
-static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_store_block_5a_591(
- uint64_t (*a)[5U], Eurydice_slice b[1U]) {
- libcrux_sha3_portable_keccak_store_block_581(a, b);
+static inline void libcrux_sha3_simd_portable_squeeze_13_3a(
+ libcrux_sha3_generic_keccak_KeccakState_17 *self, Eurydice_slice out,
+ size_t start, size_t len) {
+ libcrux_sha3_simd_portable_store_block_3a(self->st, out, start, len);
}
/**
-A monomorphic instance of libcrux_sha3.generic_keccak.squeeze_next_block
-with types uint64_t
-with const generics
-- N= 1
-- RATE= 168
-*/
-static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_squeeze_next_block_fc1(
- libcrux_sha3_generic_keccak_KeccakState_48 *s, Eurydice_slice out[1U]) {
- libcrux_sha3_generic_keccak_keccakf1600_21(s);
- libcrux_sha3_portable_keccak_store_block_5a_591(s->st, out);
-}
-
-/**
- Squeeze another block
-*/
-static KRML_MUSTINLINE void
-libcrux_sha3_portable_incremental_shake128_squeeze_next_block(
- libcrux_sha3_generic_keccak_KeccakState_48 *s, Eurydice_slice out0) {
- Eurydice_slice buf[1U] = {out0};
- libcrux_sha3_generic_keccak_squeeze_next_block_fc1(s, buf);
-}
-
-/**
-A monomorphic instance of libcrux_sha3.generic_keccak.squeeze_first_block
-with types uint64_t
-with const generics
-- N= 1
-- RATE= 168
+This function found in impl {libcrux_sha3::generic_keccak::KeccakState<u64,
+1usize>[core::marker::Sized<u64>,
+libcrux_sha3::simd::portable::{libcrux_sha3::traits::KeccakItem<1usize> for
+u64}]}
*/
-static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_squeeze_first_block_841(
- libcrux_sha3_generic_keccak_KeccakState_48 *s, Eurydice_slice out[1U]) {
- libcrux_sha3_portable_keccak_store_block_5a_591(s->st, out);
-}
-
/**
-A monomorphic instance of libcrux_sha3.generic_keccak.squeeze_first_three_blocks
-with types uint64_t
-with const generics
-- N= 1
+A monomorphic instance of
+libcrux_sha3.generic_keccak.portable.squeeze_first_three_blocks_b4 with const
+generics
- RATE= 168
*/
static KRML_MUSTINLINE void
-libcrux_sha3_generic_keccak_squeeze_first_three_blocks_cc(
- libcrux_sha3_generic_keccak_KeccakState_48 *s, Eurydice_slice out[1U]) {
- Eurydice_slice_uint8_t_1size_t__x2 uu____0 =
- libcrux_sha3_portable_keccak_split_at_mut_n_5a(out, (size_t)168U);
- Eurydice_slice o0[1U];
- memcpy(o0, uu____0.fst, (size_t)1U * sizeof(Eurydice_slice));
- Eurydice_slice o10[1U];
- memcpy(o10, uu____0.snd, (size_t)1U * sizeof(Eurydice_slice));
- libcrux_sha3_generic_keccak_squeeze_first_block_841(s, o0);
- Eurydice_slice_uint8_t_1size_t__x2 uu____1 =
- libcrux_sha3_portable_keccak_split_at_mut_n_5a(o10, (size_t)168U);
- Eurydice_slice o1[1U];
- memcpy(o1, uu____1.fst, (size_t)1U * sizeof(Eurydice_slice));
- Eurydice_slice o2[1U];
- memcpy(o2, uu____1.snd, (size_t)1U * sizeof(Eurydice_slice));
- libcrux_sha3_generic_keccak_squeeze_next_block_fc1(s, o1);
- libcrux_sha3_generic_keccak_squeeze_next_block_fc1(s, o2);
+libcrux_sha3_generic_keccak_portable_squeeze_first_three_blocks_b4_3a(
+ libcrux_sha3_generic_keccak_KeccakState_17 *self, Eurydice_slice out) {
+ libcrux_sha3_simd_portable_squeeze_13_3a(self, out, (size_t)0U, (size_t)168U);
+ libcrux_sha3_generic_keccak_keccakf1600_80_04(self);
+ libcrux_sha3_simd_portable_squeeze_13_3a(self, out, (size_t)168U,
+ (size_t)168U);
+ libcrux_sha3_generic_keccak_keccakf1600_80_04(self);
+ libcrux_sha3_simd_portable_squeeze_13_3a(self, out, (size_t)2U * (size_t)168U,
+ (size_t)168U);
}
/**
@@ -3224,39 +3945,71 @@ libcrux_sha3_generic_keccak_squeeze_first_three_blocks_cc(
*/
static KRML_MUSTINLINE void
libcrux_sha3_portable_incremental_shake128_squeeze_first_three_blocks(
- libcrux_sha3_generic_keccak_KeccakState_48 *s, Eurydice_slice out0) {
- Eurydice_slice buf[1U] = {out0};
- libcrux_sha3_generic_keccak_squeeze_first_three_blocks_cc(s, buf);
+ libcrux_sha3_generic_keccak_KeccakState_17 *s, Eurydice_slice out0) {
+ libcrux_sha3_generic_keccak_portable_squeeze_first_three_blocks_b4_3a(s,
+ out0);
}
-#define libcrux_sha3_Sha224 0
-#define libcrux_sha3_Sha256 1
-#define libcrux_sha3_Sha384 2
-#define libcrux_sha3_Sha512 3
+/**
+This function found in impl {libcrux_sha3::generic_keccak::KeccakState<u64,
+1usize>[core::marker::Sized<u64>,
+libcrux_sha3::simd::portable::{libcrux_sha3::traits::KeccakItem<1usize> for
+u64}]}
+*/
+/**
+A monomorphic instance of
+libcrux_sha3.generic_keccak.portable.squeeze_next_block_b4 with const generics
+- RATE= 168
+*/
+static KRML_MUSTINLINE void
+libcrux_sha3_generic_keccak_portable_squeeze_next_block_b4_3a(
+ libcrux_sha3_generic_keccak_KeccakState_17 *self, Eurydice_slice out,
+ size_t start) {
+ libcrux_sha3_generic_keccak_keccakf1600_80_04(self);
+ libcrux_sha3_simd_portable_squeeze_13_3a(self, out, start, (size_t)168U);
+}
+
+/**
+ Squeeze another block
+*/
+static KRML_MUSTINLINE void
+libcrux_sha3_portable_incremental_shake128_squeeze_next_block(
+ libcrux_sha3_generic_keccak_KeccakState_17 *s, Eurydice_slice out0) {
+ libcrux_sha3_generic_keccak_portable_squeeze_next_block_b4_3a(s, out0,
+ (size_t)0U);
+}
+
+#define libcrux_sha3_Algorithm_Sha224 1
+#define libcrux_sha3_Algorithm_Sha256 2
+#define libcrux_sha3_Algorithm_Sha384 3
+#define libcrux_sha3_Algorithm_Sha512 4
typedef uint8_t libcrux_sha3_Algorithm;
+typedef uint8_t libcrux_sha3_Sha3_224Digest[28U];
+
+typedef uint8_t libcrux_sha3_Sha3_256Digest[32U];
+
+typedef uint8_t libcrux_sha3_Sha3_384Digest[48U];
+
+typedef uint8_t libcrux_sha3_Sha3_512Digest[64U];
+
/**
Returns the output size of a digest.
*/
static inline size_t libcrux_sha3_digest_size(libcrux_sha3_Algorithm mode) {
- size_t uu____0;
switch (mode) {
- case libcrux_sha3_Sha224: {
- uu____0 = (size_t)28U;
+ case libcrux_sha3_Algorithm_Sha224: {
break;
}
- case libcrux_sha3_Sha256: {
- uu____0 = (size_t)32U;
- break;
+ case libcrux_sha3_Algorithm_Sha256: {
+ return (size_t)32U;
}
- case libcrux_sha3_Sha384: {
- uu____0 = (size_t)48U;
- break;
+ case libcrux_sha3_Algorithm_Sha384: {
+ return (size_t)48U;
}
- case libcrux_sha3_Sha512: {
- uu____0 = (size_t)64U;
- break;
+ case libcrux_sha3_Algorithm_Sha512: {
+ return (size_t)64U;
}
default: {
KRML_HOST_EPRINTF("KaRaMeL incomplete match at %s:%d\n", __FILE__,
@@ -3264,725 +4017,453 @@ static inline size_t libcrux_sha3_digest_size(libcrux_sha3_Algorithm mode) {
KRML_HOST_EXIT(253U);
}
}
- return uu____0;
+ return (size_t)28U;
}
/**
-A monomorphic instance of libcrux_sha3.portable_keccak.load_block
+A monomorphic instance of libcrux_sha3.simd.portable.load_block
with const generics
- RATE= 144
*/
-static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_load_block_2c2(
- uint64_t (*s)[5U], Eurydice_slice blocks[1U]) {
+static KRML_MUSTINLINE void libcrux_sha3_simd_portable_load_block_2c(
+ uint64_t *state, Eurydice_slice blocks, size_t start) {
+ uint64_t state_flat[25U] = {0U};
for (size_t i = (size_t)0U; i < (size_t)144U / (size_t)8U; i++) {
size_t i0 = i;
+ size_t offset = start + (size_t)8U * i0;
uint8_t uu____0[8U];
- Result_56 dst;
+ Result_15 dst;
Eurydice_slice_to_array2(
&dst,
- Eurydice_slice_subslice2(blocks[0U], (size_t)8U * i0,
- (size_t)8U * i0 + (size_t)8U, uint8_t),
- Eurydice_slice, uint8_t[8U]);
- unwrap_41_ac(dst, uu____0);
- size_t uu____1 = i0 / (size_t)5U;
- size_t uu____2 = i0 % (size_t)5U;
- s[uu____1][uu____2] =
- s[uu____1][uu____2] ^ core_num__u64_9__from_le_bytes(uu____0);
+ Eurydice_slice_subslice3(blocks, offset, offset + (size_t)8U,
+ uint8_t *),
+ Eurydice_slice, uint8_t[8U], TryFromSliceError);
+ unwrap_26_68(dst, uu____0);
+ state_flat[i0] = core_num__u64__from_le_bytes(uu____0);
}
-}
-
-/**
-This function found in impl {(libcrux_sha3::traits::internal::KeccakItem<1:
-usize> for u64)}
-*/
-/**
-A monomorphic instance of libcrux_sha3.portable_keccak.load_block_5a
-with const generics
-- RATE= 144
-*/
-static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_load_block_5a_b81(
- uint64_t (*a)[5U], Eurydice_slice b[1U]) {
- uint64_t(*uu____0)[5U] = a;
- /* Passing arrays by value in Rust generates a copy in C */
- Eurydice_slice copy_of_b[1U];
- memcpy(copy_of_b, b, (size_t)1U * sizeof(Eurydice_slice));
- libcrux_sha3_portable_keccak_load_block_2c2(uu____0, copy_of_b);
-}
-
-/**
-A monomorphic instance of libcrux_sha3.generic_keccak.absorb_block
-with types uint64_t
-with const generics
-- N= 1
-- RATE= 144
-*/
-static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_absorb_block_df1(
- libcrux_sha3_generic_keccak_KeccakState_48 *s, Eurydice_slice blocks[1U]) {
- uint64_t(*uu____0)[5U] = s->st;
- Eurydice_slice uu____1[1U];
- memcpy(uu____1, blocks, (size_t)1U * sizeof(Eurydice_slice));
- libcrux_sha3_portable_keccak_load_block_5a_b81(uu____0, uu____1);
- libcrux_sha3_generic_keccak_keccakf1600_21(s);
-}
-
-/**
-A monomorphic instance of libcrux_sha3.portable_keccak.load_block_full
-with const generics
-- RATE= 144
-*/
-static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_load_block_full_df2(
- uint64_t (*s)[5U], uint8_t blocks[1U][200U]) {
- Eurydice_slice buf[1U] = {
- Eurydice_array_to_slice((size_t)200U, blocks[0U], uint8_t)};
- libcrux_sha3_portable_keccak_load_block_2c2(s, buf);
-}
-
-/**
-This function found in impl {(libcrux_sha3::traits::internal::KeccakItem<1:
-usize> for u64)}
-*/
-/**
-A monomorphic instance of libcrux_sha3.portable_keccak.load_block_full_5a
-with const generics
-- RATE= 144
-*/
-static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_load_block_full_5a_d22(
- uint64_t (*a)[5U], uint8_t b[1U][200U]) {
- uint64_t(*uu____0)[5U] = a;
- /* Passing arrays by value in Rust generates a copy in C */
- uint8_t copy_of_b[1U][200U];
- memcpy(copy_of_b, b, (size_t)1U * sizeof(uint8_t[200U]));
- libcrux_sha3_portable_keccak_load_block_full_df2(uu____0, copy_of_b);
-}
-
-/**
-A monomorphic instance of libcrux_sha3.generic_keccak.absorb_final
-with types uint64_t
-with const generics
-- N= 1
-- RATE= 144
-- DELIM= 6
-*/
-static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_absorb_final_c73(
- libcrux_sha3_generic_keccak_KeccakState_48 *s, Eurydice_slice last[1U]) {
- size_t last_len = Eurydice_slice_len(last[0U], uint8_t);
- uint8_t blocks[1U][200U] = {{0U}};
- for (size_t i = (size_t)0U; i < (size_t)1U; i++) {
- size_t i0 = i;
- if (last_len > (size_t)0U) {
- Eurydice_slice uu____0 = Eurydice_array_to_subslice2(
- blocks[i0], (size_t)0U, last_len, uint8_t);
- Eurydice_slice_copy(uu____0, last[i0], uint8_t);
- }
- blocks[i0][last_len] = 6U;
- size_t uu____1 = i0;
- size_t uu____2 = (size_t)144U - (size_t)1U;
- blocks[uu____1][uu____2] = (uint32_t)blocks[uu____1][uu____2] | 128U;
- }
- uint64_t(*uu____3)[5U] = s->st;
- uint8_t uu____4[1U][200U];
- memcpy(uu____4, blocks, (size_t)1U * sizeof(uint8_t[200U]));
- libcrux_sha3_portable_keccak_load_block_full_5a_d22(uu____3, uu____4);
- libcrux_sha3_generic_keccak_keccakf1600_21(s);
-}
-
-/**
-A monomorphic instance of libcrux_sha3.portable_keccak.store_block
-with const generics
-- RATE= 144
-*/
-static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_store_block_582(
- uint64_t (*s)[5U], Eurydice_slice out[1U]) {
for (size_t i = (size_t)0U; i < (size_t)144U / (size_t)8U; i++) {
size_t i0 = i;
- Eurydice_slice uu____0 = Eurydice_slice_subslice2(
- out[0U], (size_t)8U * i0, (size_t)8U * i0 + (size_t)8U, uint8_t);
+ libcrux_sha3_traits_set_ij_04(
+ state, i0 / (size_t)5U, i0 % (size_t)5U,
+ libcrux_sha3_traits_get_ij_04(state, i0 / (size_t)5U,
+ i0 % (size_t)5U)[0U] ^
+ state_flat[i0]);
+ }
+}
+
+/**
+This function found in impl {libcrux_sha3::traits::Absorb<1usize> for
+libcrux_sha3::generic_keccak::KeccakState<u64, 1usize>[core::marker::Sized<u64>,
+libcrux_sha3::simd::portable::{libcrux_sha3::traits::KeccakItem<1usize> for
+u64}]}
+*/
+/**
+A monomorphic instance of libcrux_sha3.simd.portable.load_block_a1
+with const generics
+- RATE= 144
+*/
+static inline void libcrux_sha3_simd_portable_load_block_a1_2c(
+ libcrux_sha3_generic_keccak_KeccakState_17 *self, Eurydice_slice *input,
+ size_t start) {
+ libcrux_sha3_simd_portable_load_block_2c(self->st, input[0U], start);
+}
+
+/**
+This function found in impl {libcrux_sha3::generic_keccak::KeccakState<T,
+N>[TraitClause@0, TraitClause@1]}
+*/
+/**
+A monomorphic instance of libcrux_sha3.generic_keccak.absorb_block_80
+with types uint64_t
+with const generics
+- N= 1
+- RATE= 144
+*/
+static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_absorb_block_80_c61(
+ libcrux_sha3_generic_keccak_KeccakState_17 *self, Eurydice_slice *blocks,
+ size_t start) {
+ libcrux_sha3_simd_portable_load_block_a1_2c(self, blocks, start);
+ libcrux_sha3_generic_keccak_keccakf1600_80_04(self);
+}
+
+/**
+A monomorphic instance of libcrux_sha3.simd.portable.load_last
+with const generics
+- RATE= 144
+- DELIMITER= 6
+*/
+static KRML_MUSTINLINE void libcrux_sha3_simd_portable_load_last_1e(
+ uint64_t *state, Eurydice_slice blocks, size_t start, size_t len) {
+ uint8_t buffer[144U] = {0U};
+ Eurydice_slice_copy(
+ Eurydice_array_to_subslice3(buffer, (size_t)0U, len, uint8_t *),
+ Eurydice_slice_subslice3(blocks, start, start + len, uint8_t *), uint8_t);
+ buffer[len] = 6U;
+ size_t uu____0 = (size_t)144U - (size_t)1U;
+ buffer[uu____0] = (uint32_t)buffer[uu____0] | 128U;
+ libcrux_sha3_simd_portable_load_block_2c(
+ state, Eurydice_array_to_slice((size_t)144U, buffer, uint8_t),
+ (size_t)0U);
+}
+
+/**
+This function found in impl {libcrux_sha3::traits::Absorb<1usize> for
+libcrux_sha3::generic_keccak::KeccakState<u64, 1usize>[core::marker::Sized<u64>,
+libcrux_sha3::simd::portable::{libcrux_sha3::traits::KeccakItem<1usize> for
+u64}]}
+*/
+/**
+A monomorphic instance of libcrux_sha3.simd.portable.load_last_a1
+with const generics
+- RATE= 144
+- DELIMITER= 6
+*/
+static inline void libcrux_sha3_simd_portable_load_last_a1_1e(
+ libcrux_sha3_generic_keccak_KeccakState_17 *self, Eurydice_slice *input,
+ size_t start, size_t len) {
+ libcrux_sha3_simd_portable_load_last_1e(self->st, input[0U], start, len);
+}
+
+/**
+This function found in impl {libcrux_sha3::generic_keccak::KeccakState<T,
+N>[TraitClause@0, TraitClause@1]}
+*/
+/**
+A monomorphic instance of libcrux_sha3.generic_keccak.absorb_final_80
+with types uint64_t
+with const generics
+- N= 1
+- RATE= 144
+- DELIM= 6
+*/
+static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_absorb_final_80_9e3(
+ libcrux_sha3_generic_keccak_KeccakState_17 *self, Eurydice_slice *last,
+ size_t start, size_t len) {
+ libcrux_sha3_simd_portable_load_last_a1_1e(self, last, start, len);
+ libcrux_sha3_generic_keccak_keccakf1600_80_04(self);
+}
+
+/**
+A monomorphic instance of libcrux_sha3.simd.portable.store_block
+with const generics
+- RATE= 144
+*/
+static KRML_MUSTINLINE void libcrux_sha3_simd_portable_store_block_2c(
+ uint64_t *s, Eurydice_slice out, size_t start, size_t len) {
+ size_t octets = len / (size_t)8U;
+ for (size_t i = (size_t)0U; i < octets; i++) {
+ size_t i0 = i;
+ Eurydice_slice uu____0 = Eurydice_slice_subslice3(
+ out, start + (size_t)8U * i0, start + (size_t)8U * i0 + (size_t)8U,
+ uint8_t *);
uint8_t ret[8U];
- core_num__u64_9__to_le_bytes(s[i0 / (size_t)5U][i0 % (size_t)5U], ret);
+ core_num__u64__to_le_bytes(
+ libcrux_sha3_traits_get_ij_04(s, i0 / (size_t)5U, i0 % (size_t)5U)[0U],
+ ret);
Eurydice_slice_copy(
uu____0, Eurydice_array_to_slice((size_t)8U, ret, uint8_t), uint8_t);
}
-}
-
-/**
-A monomorphic instance of libcrux_sha3.portable_keccak.store_block_full
-with const generics
-- RATE= 144
-*/
-static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_store_block_full_2d1(
- uint64_t (*s)[5U], uint8_t ret[1U][200U]) {
- uint8_t out[200U] = {0U};
- Eurydice_slice buf[1U] = {
- Eurydice_array_to_slice((size_t)200U, out, uint8_t)};
- libcrux_sha3_portable_keccak_store_block_582(s, buf);
- /* Passing arrays by value in Rust generates a copy in C */
- uint8_t copy_of_out[200U];
- memcpy(copy_of_out, out, (size_t)200U * sizeof(uint8_t));
- memcpy(ret[0U], copy_of_out, (size_t)200U * sizeof(uint8_t));
-}
-
-/**
-This function found in impl {(libcrux_sha3::traits::internal::KeccakItem<1:
-usize> for u64)}
-*/
-/**
-A monomorphic instance of libcrux_sha3.portable_keccak.store_block_full_5a
-with const generics
-- RATE= 144
-*/
-static KRML_MUSTINLINE void
-libcrux_sha3_portable_keccak_store_block_full_5a_291(uint64_t (*a)[5U],
- uint8_t ret[1U][200U]) {
- libcrux_sha3_portable_keccak_store_block_full_2d1(a, ret);
-}
-
-/**
-A monomorphic instance of libcrux_sha3.generic_keccak.squeeze_first_and_last
-with types uint64_t
-with const generics
-- N= 1
-- RATE= 144
-*/
-static KRML_MUSTINLINE void
-libcrux_sha3_generic_keccak_squeeze_first_and_last_c51(
- libcrux_sha3_generic_keccak_KeccakState_48 *s, Eurydice_slice out[1U]) {
- uint8_t b[1U][200U];
- libcrux_sha3_portable_keccak_store_block_full_5a_291(s->st, b);
- for (size_t i = (size_t)0U; i < (size_t)1U; i++) {
- size_t i0 = i;
- Eurydice_slice uu____0 = out[i0];
- uint8_t *uu____1 = b[i0];
- core_ops_range_Range_b3 lit;
- lit.start = (size_t)0U;
- lit.end = Eurydice_slice_len(out[i0], uint8_t);
+ size_t remaining = len % (size_t)8U;
+ if (remaining > (size_t)0U) {
+ Eurydice_slice uu____1 = Eurydice_slice_subslice3(
+ out, start + len - remaining, start + len, uint8_t *);
+ uint8_t ret[8U];
+ core_num__u64__to_le_bytes(
+ libcrux_sha3_traits_get_ij_04(s, octets / (size_t)5U,
+ octets % (size_t)5U)[0U],
+ ret);
Eurydice_slice_copy(
- uu____0,
- Eurydice_array_to_subslice((size_t)200U, uu____1, lit, uint8_t,
- core_ops_range_Range_b3),
+ uu____1,
+ Eurydice_array_to_subslice3(ret, (size_t)0U, remaining, uint8_t *),
uint8_t);
}
}
/**
-This function found in impl {(libcrux_sha3::traits::internal::KeccakItem<1:
-usize> for u64)}
+This function found in impl {libcrux_sha3::traits::Squeeze1<u64> for
+libcrux_sha3::generic_keccak::KeccakState<u64, 1usize>[core::marker::Sized<u64>,
+libcrux_sha3::simd::portable::{libcrux_sha3::traits::KeccakItem<1usize> for
+u64}]}
*/
/**
-A monomorphic instance of libcrux_sha3.portable_keccak.store_block_5a
+A monomorphic instance of libcrux_sha3.simd.portable.squeeze_13
with const generics
- RATE= 144
*/
-static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_store_block_5a_592(
- uint64_t (*a)[5U], Eurydice_slice b[1U]) {
- libcrux_sha3_portable_keccak_store_block_582(a, b);
-}
-
-/**
-A monomorphic instance of libcrux_sha3.generic_keccak.squeeze_first_block
-with types uint64_t
-with const generics
-- N= 1
-- RATE= 144
-*/
-static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_squeeze_first_block_842(
- libcrux_sha3_generic_keccak_KeccakState_48 *s, Eurydice_slice out[1U]) {
- libcrux_sha3_portable_keccak_store_block_5a_592(s->st, out);
-}
-
-/**
-A monomorphic instance of libcrux_sha3.generic_keccak.squeeze_next_block
-with types uint64_t
-with const generics
-- N= 1
-- RATE= 144
-*/
-static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_squeeze_next_block_fc2(
- libcrux_sha3_generic_keccak_KeccakState_48 *s, Eurydice_slice out[1U]) {
- libcrux_sha3_generic_keccak_keccakf1600_21(s);
- libcrux_sha3_portable_keccak_store_block_5a_592(s->st, out);
-}
-
-/**
-A monomorphic instance of libcrux_sha3.generic_keccak.squeeze_last
-with types uint64_t
-with const generics
-- N= 1
-- RATE= 144
-*/
-static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_squeeze_last_cf1(
- libcrux_sha3_generic_keccak_KeccakState_48 s, Eurydice_slice out[1U]) {
- libcrux_sha3_generic_keccak_keccakf1600_21(&s);
- uint8_t b[1U][200U];
- libcrux_sha3_portable_keccak_store_block_full_5a_291(s.st, b);
- for (size_t i = (size_t)0U; i < (size_t)1U; i++) {
- size_t i0 = i;
- Eurydice_slice uu____0 = out[i0];
- uint8_t *uu____1 = b[i0];
- core_ops_range_Range_b3 lit;
- lit.start = (size_t)0U;
- lit.end = Eurydice_slice_len(out[i0], uint8_t);
- Eurydice_slice_copy(
- uu____0,
- Eurydice_array_to_subslice((size_t)200U, uu____1, lit, uint8_t,
- core_ops_range_Range_b3),
- uint8_t);
- }
+static inline void libcrux_sha3_simd_portable_squeeze_13_2c(
+ libcrux_sha3_generic_keccak_KeccakState_17 *self, Eurydice_slice out,
+ size_t start, size_t len) {
+ libcrux_sha3_simd_portable_store_block_2c(self->st, out, start, len);
}
/**
-A monomorphic instance of libcrux_sha3.generic_keccak.keccak
-with types uint64_t
+A monomorphic instance of libcrux_sha3.generic_keccak.portable.keccak1
with const generics
-- N= 1
- RATE= 144
- DELIM= 6
*/
-static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_keccak_e92(
- Eurydice_slice data[1U], Eurydice_slice out[1U]) {
- libcrux_sha3_generic_keccak_KeccakState_48 s =
- libcrux_sha3_generic_keccak_new_1e_f4();
- for (size_t i = (size_t)0U;
- i < Eurydice_slice_len(data[0U], uint8_t) / (size_t)144U; i++) {
+static inline void libcrux_sha3_generic_keccak_portable_keccak1_1e(
+ Eurydice_slice data, Eurydice_slice out) {
+ libcrux_sha3_generic_keccak_KeccakState_17 s =
+ libcrux_sha3_generic_keccak_new_80_04();
+ size_t data_len = Eurydice_slice_len(data, uint8_t);
+ for (size_t i = (size_t)0U; i < data_len / (size_t)144U; i++) {
size_t i0 = i;
- libcrux_sha3_generic_keccak_KeccakState_48 *uu____0 = &s;
- /* Passing arrays by value in Rust generates a copy in C */
- Eurydice_slice copy_of_data[1U];
- memcpy(copy_of_data, data, (size_t)1U * sizeof(Eurydice_slice));
- Eurydice_slice ret[1U];
- libcrux_sha3_portable_keccak_slice_n_5a(copy_of_data, i0 * (size_t)144U,
- (size_t)144U, ret);
- libcrux_sha3_generic_keccak_absorb_block_df1(uu____0, ret);
+ Eurydice_slice buf[1U] = {data};
+ libcrux_sha3_generic_keccak_absorb_block_80_c61(&s, buf, i0 * (size_t)144U);
}
- size_t rem = Eurydice_slice_len(data[0U], uint8_t) % (size_t)144U;
- libcrux_sha3_generic_keccak_KeccakState_48 *uu____2 = &s;
- /* Passing arrays by value in Rust generates a copy in C */
- Eurydice_slice copy_of_data[1U];
- memcpy(copy_of_data, data, (size_t)1U * sizeof(Eurydice_slice));
- Eurydice_slice ret[1U];
- libcrux_sha3_portable_keccak_slice_n_5a(
- copy_of_data, Eurydice_slice_len(data[0U], uint8_t) - rem, rem, ret);
- libcrux_sha3_generic_keccak_absorb_final_c73(uu____2, ret);
- size_t outlen = Eurydice_slice_len(out[0U], uint8_t);
+ size_t rem = data_len % (size_t)144U;
+ Eurydice_slice buf[1U] = {data};
+ libcrux_sha3_generic_keccak_absorb_final_80_9e3(&s, buf, data_len - rem, rem);
+ size_t outlen = Eurydice_slice_len(out, uint8_t);
size_t blocks = outlen / (size_t)144U;
size_t last = outlen - outlen % (size_t)144U;
if (blocks == (size_t)0U) {
- libcrux_sha3_generic_keccak_squeeze_first_and_last_c51(&s, out);
+ libcrux_sha3_simd_portable_squeeze_13_2c(&s, out, (size_t)0U, outlen);
} else {
- Eurydice_slice_uint8_t_1size_t__x2 uu____4 =
- libcrux_sha3_portable_keccak_split_at_mut_n_5a(out, (size_t)144U);
- Eurydice_slice o0[1U];
- memcpy(o0, uu____4.fst, (size_t)1U * sizeof(Eurydice_slice));
- Eurydice_slice o1[1U];
- memcpy(o1, uu____4.snd, (size_t)1U * sizeof(Eurydice_slice));
- libcrux_sha3_generic_keccak_squeeze_first_block_842(&s, o0);
- core_ops_range_Range_b3 iter =
- core_iter_traits_collect___core__iter__traits__collect__IntoIterator_for_I__1__into_iter(
- (CLITERAL(core_ops_range_Range_b3){.start = (size_t)1U,
- .end = blocks}),
- core_ops_range_Range_b3, core_ops_range_Range_b3);
- while (true) {
- if (core_iter_range___core__iter__traits__iterator__Iterator_for_core__ops__range__Range_A___6__next(
- &iter, size_t, Option_b3)
- .tag == None) {
- break;
- } else {
- Eurydice_slice_uint8_t_1size_t__x2 uu____5 =
- libcrux_sha3_portable_keccak_split_at_mut_n_5a(o1, (size_t)144U);
- Eurydice_slice o[1U];
- memcpy(o, uu____5.fst, (size_t)1U * sizeof(Eurydice_slice));
- Eurydice_slice orest[1U];
- memcpy(orest, uu____5.snd, (size_t)1U * sizeof(Eurydice_slice));
- libcrux_sha3_generic_keccak_squeeze_next_block_fc2(&s, o);
- memcpy(o1, orest, (size_t)1U * sizeof(Eurydice_slice));
- }
+ libcrux_sha3_simd_portable_squeeze_13_2c(&s, out, (size_t)0U, (size_t)144U);
+ for (size_t i = (size_t)1U; i < blocks; i++) {
+ size_t i0 = i;
+ libcrux_sha3_generic_keccak_keccakf1600_80_04(&s);
+ libcrux_sha3_simd_portable_squeeze_13_2c(&s, out, i0 * (size_t)144U,
+ (size_t)144U);
}
if (last < outlen) {
- libcrux_sha3_generic_keccak_squeeze_last_cf1(s, o1);
+ libcrux_sha3_generic_keccak_keccakf1600_80_04(&s);
+ libcrux_sha3_simd_portable_squeeze_13_2c(&s, out, last, outlen - last);
}
}
}
-/**
-A monomorphic instance of libcrux_sha3.portable.keccakx1
-with const generics
-- RATE= 144
-- DELIM= 6
-*/
-static KRML_MUSTINLINE void libcrux_sha3_portable_keccakx1_ce2(
- Eurydice_slice data[1U], Eurydice_slice out[1U]) {
- /* Passing arrays by value in Rust generates a copy in C */
- Eurydice_slice copy_of_data[1U];
- memcpy(copy_of_data, data, (size_t)1U * sizeof(Eurydice_slice));
- libcrux_sha3_generic_keccak_keccak_e92(copy_of_data, out);
-}
-
/**
A portable SHA3 224 implementation.
*/
static KRML_MUSTINLINE void libcrux_sha3_portable_sha224(Eurydice_slice digest,
Eurydice_slice data) {
- Eurydice_slice buf0[1U] = {data};
- Eurydice_slice buf[1U] = {digest};
- libcrux_sha3_portable_keccakx1_ce2(buf0, buf);
+ libcrux_sha3_generic_keccak_portable_keccak1_1e(data, digest);
}
/**
-A monomorphic instance of libcrux_sha3.portable_keccak.load_block
+A monomorphic instance of libcrux_sha3.simd.portable.load_block
with const generics
- RATE= 104
*/
-static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_load_block_2c3(
- uint64_t (*s)[5U], Eurydice_slice blocks[1U]) {
+static KRML_MUSTINLINE void libcrux_sha3_simd_portable_load_block_7a(
+ uint64_t *state, Eurydice_slice blocks, size_t start) {
+ uint64_t state_flat[25U] = {0U};
for (size_t i = (size_t)0U; i < (size_t)104U / (size_t)8U; i++) {
size_t i0 = i;
+ size_t offset = start + (size_t)8U * i0;
uint8_t uu____0[8U];
- Result_56 dst;
+ Result_15 dst;
Eurydice_slice_to_array2(
&dst,
- Eurydice_slice_subslice2(blocks[0U], (size_t)8U * i0,
- (size_t)8U * i0 + (size_t)8U, uint8_t),
- Eurydice_slice, uint8_t[8U]);
- unwrap_41_ac(dst, uu____0);
- size_t uu____1 = i0 / (size_t)5U;
- size_t uu____2 = i0 % (size_t)5U;
- s[uu____1][uu____2] =
- s[uu____1][uu____2] ^ core_num__u64_9__from_le_bytes(uu____0);
+ Eurydice_slice_subslice3(blocks, offset, offset + (size_t)8U,
+ uint8_t *),
+ Eurydice_slice, uint8_t[8U], TryFromSliceError);
+ unwrap_26_68(dst, uu____0);
+ state_flat[i0] = core_num__u64__from_le_bytes(uu____0);
}
-}
-
-/**
-This function found in impl {(libcrux_sha3::traits::internal::KeccakItem<1:
-usize> for u64)}
-*/
-/**
-A monomorphic instance of libcrux_sha3.portable_keccak.load_block_5a
-with const generics
-- RATE= 104
-*/
-static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_load_block_5a_b82(
- uint64_t (*a)[5U], Eurydice_slice b[1U]) {
- uint64_t(*uu____0)[5U] = a;
- /* Passing arrays by value in Rust generates a copy in C */
- Eurydice_slice copy_of_b[1U];
- memcpy(copy_of_b, b, (size_t)1U * sizeof(Eurydice_slice));
- libcrux_sha3_portable_keccak_load_block_2c3(uu____0, copy_of_b);
-}
-
-/**
-A monomorphic instance of libcrux_sha3.generic_keccak.absorb_block
-with types uint64_t
-with const generics
-- N= 1
-- RATE= 104
-*/
-static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_absorb_block_df2(
- libcrux_sha3_generic_keccak_KeccakState_48 *s, Eurydice_slice blocks[1U]) {
- uint64_t(*uu____0)[5U] = s->st;
- Eurydice_slice uu____1[1U];
- memcpy(uu____1, blocks, (size_t)1U * sizeof(Eurydice_slice));
- libcrux_sha3_portable_keccak_load_block_5a_b82(uu____0, uu____1);
- libcrux_sha3_generic_keccak_keccakf1600_21(s);
-}
-
-/**
-A monomorphic instance of libcrux_sha3.portable_keccak.load_block_full
-with const generics
-- RATE= 104
-*/
-static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_load_block_full_df3(
- uint64_t (*s)[5U], uint8_t blocks[1U][200U]) {
- Eurydice_slice buf[1U] = {
- Eurydice_array_to_slice((size_t)200U, blocks[0U], uint8_t)};
- libcrux_sha3_portable_keccak_load_block_2c3(s, buf);
-}
-
-/**
-This function found in impl {(libcrux_sha3::traits::internal::KeccakItem<1:
-usize> for u64)}
-*/
-/**
-A monomorphic instance of libcrux_sha3.portable_keccak.load_block_full_5a
-with const generics
-- RATE= 104
-*/
-static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_load_block_full_5a_d23(
- uint64_t (*a)[5U], uint8_t b[1U][200U]) {
- uint64_t(*uu____0)[5U] = a;
- /* Passing arrays by value in Rust generates a copy in C */
- uint8_t copy_of_b[1U][200U];
- memcpy(copy_of_b, b, (size_t)1U * sizeof(uint8_t[200U]));
- libcrux_sha3_portable_keccak_load_block_full_df3(uu____0, copy_of_b);
-}
-
-/**
-A monomorphic instance of libcrux_sha3.generic_keccak.absorb_final
-with types uint64_t
-with const generics
-- N= 1
-- RATE= 104
-- DELIM= 6
-*/
-static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_absorb_final_c74(
- libcrux_sha3_generic_keccak_KeccakState_48 *s, Eurydice_slice last[1U]) {
- size_t last_len = Eurydice_slice_len(last[0U], uint8_t);
- uint8_t blocks[1U][200U] = {{0U}};
- for (size_t i = (size_t)0U; i < (size_t)1U; i++) {
- size_t i0 = i;
- if (last_len > (size_t)0U) {
- Eurydice_slice uu____0 = Eurydice_array_to_subslice2(
- blocks[i0], (size_t)0U, last_len, uint8_t);
- Eurydice_slice_copy(uu____0, last[i0], uint8_t);
- }
- blocks[i0][last_len] = 6U;
- size_t uu____1 = i0;
- size_t uu____2 = (size_t)104U - (size_t)1U;
- blocks[uu____1][uu____2] = (uint32_t)blocks[uu____1][uu____2] | 128U;
- }
- uint64_t(*uu____3)[5U] = s->st;
- uint8_t uu____4[1U][200U];
- memcpy(uu____4, blocks, (size_t)1U * sizeof(uint8_t[200U]));
- libcrux_sha3_portable_keccak_load_block_full_5a_d23(uu____3, uu____4);
- libcrux_sha3_generic_keccak_keccakf1600_21(s);
-}
-
-/**
-A monomorphic instance of libcrux_sha3.portable_keccak.store_block
-with const generics
-- RATE= 104
-*/
-static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_store_block_583(
- uint64_t (*s)[5U], Eurydice_slice out[1U]) {
for (size_t i = (size_t)0U; i < (size_t)104U / (size_t)8U; i++) {
size_t i0 = i;
- Eurydice_slice uu____0 = Eurydice_slice_subslice2(
- out[0U], (size_t)8U * i0, (size_t)8U * i0 + (size_t)8U, uint8_t);
+ libcrux_sha3_traits_set_ij_04(
+ state, i0 / (size_t)5U, i0 % (size_t)5U,
+ libcrux_sha3_traits_get_ij_04(state, i0 / (size_t)5U,
+ i0 % (size_t)5U)[0U] ^
+ state_flat[i0]);
+ }
+}
+
+/**
+This function found in impl {libcrux_sha3::traits::Absorb<1usize> for
+libcrux_sha3::generic_keccak::KeccakState<u64, 1usize>[core::marker::Sized<u64>,
+libcrux_sha3::simd::portable::{libcrux_sha3::traits::KeccakItem<1usize> for
+u64}]}
+*/
+/**
+A monomorphic instance of libcrux_sha3.simd.portable.load_block_a1
+with const generics
+- RATE= 104
+*/
+static inline void libcrux_sha3_simd_portable_load_block_a1_7a(
+ libcrux_sha3_generic_keccak_KeccakState_17 *self, Eurydice_slice *input,
+ size_t start) {
+ libcrux_sha3_simd_portable_load_block_7a(self->st, input[0U], start);
+}
+
+/**
+This function found in impl {libcrux_sha3::generic_keccak::KeccakState<T,
+N>[TraitClause@0, TraitClause@1]}
+*/
+/**
+A monomorphic instance of libcrux_sha3.generic_keccak.absorb_block_80
+with types uint64_t
+with const generics
+- N= 1
+- RATE= 104
+*/
+static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_absorb_block_80_c62(
+ libcrux_sha3_generic_keccak_KeccakState_17 *self, Eurydice_slice *blocks,
+ size_t start) {
+ libcrux_sha3_simd_portable_load_block_a1_7a(self, blocks, start);
+ libcrux_sha3_generic_keccak_keccakf1600_80_04(self);
+}
+
+/**
+A monomorphic instance of libcrux_sha3.simd.portable.load_last
+with const generics
+- RATE= 104
+- DELIMITER= 6
+*/
+static KRML_MUSTINLINE void libcrux_sha3_simd_portable_load_last_7c(
+ uint64_t *state, Eurydice_slice blocks, size_t start, size_t len) {
+ uint8_t buffer[104U] = {0U};
+ Eurydice_slice_copy(
+ Eurydice_array_to_subslice3(buffer, (size_t)0U, len, uint8_t *),
+ Eurydice_slice_subslice3(blocks, start, start + len, uint8_t *), uint8_t);
+ buffer[len] = 6U;
+ size_t uu____0 = (size_t)104U - (size_t)1U;
+ buffer[uu____0] = (uint32_t)buffer[uu____0] | 128U;
+ libcrux_sha3_simd_portable_load_block_7a(
+ state, Eurydice_array_to_slice((size_t)104U, buffer, uint8_t),
+ (size_t)0U);
+}
+
+/**
+This function found in impl {libcrux_sha3::traits::Absorb<1usize> for
+libcrux_sha3::generic_keccak::KeccakState<u64, 1usize>[core::marker::Sized<u64>,
+libcrux_sha3::simd::portable::{libcrux_sha3::traits::KeccakItem<1usize> for
+u64}]}
+*/
+/**
+A monomorphic instance of libcrux_sha3.simd.portable.load_last_a1
+with const generics
+- RATE= 104
+- DELIMITER= 6
+*/
+static inline void libcrux_sha3_simd_portable_load_last_a1_7c(
+ libcrux_sha3_generic_keccak_KeccakState_17 *self, Eurydice_slice *input,
+ size_t start, size_t len) {
+ libcrux_sha3_simd_portable_load_last_7c(self->st, input[0U], start, len);
+}
+
+/**
+This function found in impl {libcrux_sha3::generic_keccak::KeccakState<T,
+N>[TraitClause@0, TraitClause@1]}
+*/
+/**
+A monomorphic instance of libcrux_sha3.generic_keccak.absorb_final_80
+with types uint64_t
+with const generics
+- N= 1
+- RATE= 104
+- DELIM= 6
+*/
+static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_absorb_final_80_9e4(
+ libcrux_sha3_generic_keccak_KeccakState_17 *self, Eurydice_slice *last,
+ size_t start, size_t len) {
+ libcrux_sha3_simd_portable_load_last_a1_7c(self, last, start, len);
+ libcrux_sha3_generic_keccak_keccakf1600_80_04(self);
+}
+
+/**
+A monomorphic instance of libcrux_sha3.simd.portable.store_block
+with const generics
+- RATE= 104
+*/
+static KRML_MUSTINLINE void libcrux_sha3_simd_portable_store_block_7a(
+ uint64_t *s, Eurydice_slice out, size_t start, size_t len) {
+ size_t octets = len / (size_t)8U;
+ for (size_t i = (size_t)0U; i < octets; i++) {
+ size_t i0 = i;
+ Eurydice_slice uu____0 = Eurydice_slice_subslice3(
+ out, start + (size_t)8U * i0, start + (size_t)8U * i0 + (size_t)8U,
+ uint8_t *);
uint8_t ret[8U];
- core_num__u64_9__to_le_bytes(s[i0 / (size_t)5U][i0 % (size_t)5U], ret);
+ core_num__u64__to_le_bytes(
+ libcrux_sha3_traits_get_ij_04(s, i0 / (size_t)5U, i0 % (size_t)5U)[0U],
+ ret);
Eurydice_slice_copy(
uu____0, Eurydice_array_to_slice((size_t)8U, ret, uint8_t), uint8_t);
}
-}
-
-/**
-A monomorphic instance of libcrux_sha3.portable_keccak.store_block_full
-with const generics
-- RATE= 104
-*/
-static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_store_block_full_2d2(
- uint64_t (*s)[5U], uint8_t ret[1U][200U]) {
- uint8_t out[200U] = {0U};
- Eurydice_slice buf[1U] = {
- Eurydice_array_to_slice((size_t)200U, out, uint8_t)};
- libcrux_sha3_portable_keccak_store_block_583(s, buf);
- /* Passing arrays by value in Rust generates a copy in C */
- uint8_t copy_of_out[200U];
- memcpy(copy_of_out, out, (size_t)200U * sizeof(uint8_t));
- memcpy(ret[0U], copy_of_out, (size_t)200U * sizeof(uint8_t));
-}
-
-/**
-This function found in impl {(libcrux_sha3::traits::internal::KeccakItem<1:
-usize> for u64)}
-*/
-/**
-A monomorphic instance of libcrux_sha3.portable_keccak.store_block_full_5a
-with const generics
-- RATE= 104
-*/
-static KRML_MUSTINLINE void
-libcrux_sha3_portable_keccak_store_block_full_5a_292(uint64_t (*a)[5U],
- uint8_t ret[1U][200U]) {
- libcrux_sha3_portable_keccak_store_block_full_2d2(a, ret);
-}
-
-/**
-A monomorphic instance of libcrux_sha3.generic_keccak.squeeze_first_and_last
-with types uint64_t
-with const generics
-- N= 1
-- RATE= 104
-*/
-static KRML_MUSTINLINE void
-libcrux_sha3_generic_keccak_squeeze_first_and_last_c52(
- libcrux_sha3_generic_keccak_KeccakState_48 *s, Eurydice_slice out[1U]) {
- uint8_t b[1U][200U];
- libcrux_sha3_portable_keccak_store_block_full_5a_292(s->st, b);
- for (size_t i = (size_t)0U; i < (size_t)1U; i++) {
- size_t i0 = i;
- Eurydice_slice uu____0 = out[i0];
- uint8_t *uu____1 = b[i0];
- core_ops_range_Range_b3 lit;
- lit.start = (size_t)0U;
- lit.end = Eurydice_slice_len(out[i0], uint8_t);
+ size_t remaining = len % (size_t)8U;
+ if (remaining > (size_t)0U) {
+ Eurydice_slice uu____1 = Eurydice_slice_subslice3(
+ out, start + len - remaining, start + len, uint8_t *);
+ uint8_t ret[8U];
+ core_num__u64__to_le_bytes(
+ libcrux_sha3_traits_get_ij_04(s, octets / (size_t)5U,
+ octets % (size_t)5U)[0U],
+ ret);
Eurydice_slice_copy(
- uu____0,
- Eurydice_array_to_subslice((size_t)200U, uu____1, lit, uint8_t,
- core_ops_range_Range_b3),
+ uu____1,
+ Eurydice_array_to_subslice3(ret, (size_t)0U, remaining, uint8_t *),
uint8_t);
}
}
/**
-This function found in impl {(libcrux_sha3::traits::internal::KeccakItem<1:
-usize> for u64)}
+This function found in impl {libcrux_sha3::traits::Squeeze1<u64> for
+libcrux_sha3::generic_keccak::KeccakState<u64, 1usize>[core::marker::Sized<u64>,
+libcrux_sha3::simd::portable::{libcrux_sha3::traits::KeccakItem<1usize> for
+u64}]}
*/
/**
-A monomorphic instance of libcrux_sha3.portable_keccak.store_block_5a
+A monomorphic instance of libcrux_sha3.simd.portable.squeeze_13
with const generics
- RATE= 104
*/
-static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_store_block_5a_593(
- uint64_t (*a)[5U], Eurydice_slice b[1U]) {
- libcrux_sha3_portable_keccak_store_block_583(a, b);
-}
-
-/**
-A monomorphic instance of libcrux_sha3.generic_keccak.squeeze_first_block
-with types uint64_t
-with const generics
-- N= 1
-- RATE= 104
-*/
-static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_squeeze_first_block_843(
- libcrux_sha3_generic_keccak_KeccakState_48 *s, Eurydice_slice out[1U]) {
- libcrux_sha3_portable_keccak_store_block_5a_593(s->st, out);
-}
-
-/**
-A monomorphic instance of libcrux_sha3.generic_keccak.squeeze_next_block
-with types uint64_t
-with const generics
-- N= 1
-- RATE= 104
-*/
-static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_squeeze_next_block_fc3(
- libcrux_sha3_generic_keccak_KeccakState_48 *s, Eurydice_slice out[1U]) {
- libcrux_sha3_generic_keccak_keccakf1600_21(s);
- libcrux_sha3_portable_keccak_store_block_5a_593(s->st, out);
-}
-
-/**
-A monomorphic instance of libcrux_sha3.generic_keccak.squeeze_last
-with types uint64_t
-with const generics
-- N= 1
-- RATE= 104
-*/
-static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_squeeze_last_cf2(
- libcrux_sha3_generic_keccak_KeccakState_48 s, Eurydice_slice out[1U]) {
- libcrux_sha3_generic_keccak_keccakf1600_21(&s);
- uint8_t b[1U][200U];
- libcrux_sha3_portable_keccak_store_block_full_5a_292(s.st, b);
- for (size_t i = (size_t)0U; i < (size_t)1U; i++) {
- size_t i0 = i;
- Eurydice_slice uu____0 = out[i0];
- uint8_t *uu____1 = b[i0];
- core_ops_range_Range_b3 lit;
- lit.start = (size_t)0U;
- lit.end = Eurydice_slice_len(out[i0], uint8_t);
- Eurydice_slice_copy(
- uu____0,
- Eurydice_array_to_subslice((size_t)200U, uu____1, lit, uint8_t,
- core_ops_range_Range_b3),
- uint8_t);
- }
+static inline void libcrux_sha3_simd_portable_squeeze_13_7a(
+ libcrux_sha3_generic_keccak_KeccakState_17 *self, Eurydice_slice out,
+ size_t start, size_t len) {
+ libcrux_sha3_simd_portable_store_block_7a(self->st, out, start, len);
}
/**
-A monomorphic instance of libcrux_sha3.generic_keccak.keccak
-with types uint64_t
+A monomorphic instance of libcrux_sha3.generic_keccak.portable.keccak1
with const generics
-- N= 1
- RATE= 104
- DELIM= 6
*/
-static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_keccak_e93(
- Eurydice_slice data[1U], Eurydice_slice out[1U]) {
- libcrux_sha3_generic_keccak_KeccakState_48 s =
- libcrux_sha3_generic_keccak_new_1e_f4();
- for (size_t i = (size_t)0U;
- i < Eurydice_slice_len(data[0U], uint8_t) / (size_t)104U; i++) {
+static inline void libcrux_sha3_generic_keccak_portable_keccak1_7c(
+ Eurydice_slice data, Eurydice_slice out) {
+ libcrux_sha3_generic_keccak_KeccakState_17 s =
+ libcrux_sha3_generic_keccak_new_80_04();
+ size_t data_len = Eurydice_slice_len(data, uint8_t);
+ for (size_t i = (size_t)0U; i < data_len / (size_t)104U; i++) {
size_t i0 = i;
- libcrux_sha3_generic_keccak_KeccakState_48 *uu____0 = &s;
- /* Passing arrays by value in Rust generates a copy in C */
- Eurydice_slice copy_of_data[1U];
- memcpy(copy_of_data, data, (size_t)1U * sizeof(Eurydice_slice));
- Eurydice_slice ret[1U];
- libcrux_sha3_portable_keccak_slice_n_5a(copy_of_data, i0 * (size_t)104U,
- (size_t)104U, ret);
- libcrux_sha3_generic_keccak_absorb_block_df2(uu____0, ret);
+ Eurydice_slice buf[1U] = {data};
+ libcrux_sha3_generic_keccak_absorb_block_80_c62(&s, buf, i0 * (size_t)104U);
}
- size_t rem = Eurydice_slice_len(data[0U], uint8_t) % (size_t)104U;
- libcrux_sha3_generic_keccak_KeccakState_48 *uu____2 = &s;
- /* Passing arrays by value in Rust generates a copy in C */
- Eurydice_slice copy_of_data[1U];
- memcpy(copy_of_data, data, (size_t)1U * sizeof(Eurydice_slice));
- Eurydice_slice ret[1U];
- libcrux_sha3_portable_keccak_slice_n_5a(
- copy_of_data, Eurydice_slice_len(data[0U], uint8_t) - rem, rem, ret);
- libcrux_sha3_generic_keccak_absorb_final_c74(uu____2, ret);
- size_t outlen = Eurydice_slice_len(out[0U], uint8_t);
+ size_t rem = data_len % (size_t)104U;
+ Eurydice_slice buf[1U] = {data};
+ libcrux_sha3_generic_keccak_absorb_final_80_9e4(&s, buf, data_len - rem, rem);
+ size_t outlen = Eurydice_slice_len(out, uint8_t);
size_t blocks = outlen / (size_t)104U;
size_t last = outlen - outlen % (size_t)104U;
if (blocks == (size_t)0U) {
- libcrux_sha3_generic_keccak_squeeze_first_and_last_c52(&s, out);
+ libcrux_sha3_simd_portable_squeeze_13_7a(&s, out, (size_t)0U, outlen);
} else {
- Eurydice_slice_uint8_t_1size_t__x2 uu____4 =
- libcrux_sha3_portable_keccak_split_at_mut_n_5a(out, (size_t)104U);
- Eurydice_slice o0[1U];
- memcpy(o0, uu____4.fst, (size_t)1U * sizeof(Eurydice_slice));
- Eurydice_slice o1[1U];
- memcpy(o1, uu____4.snd, (size_t)1U * sizeof(Eurydice_slice));
- libcrux_sha3_generic_keccak_squeeze_first_block_843(&s, o0);
- core_ops_range_Range_b3 iter =
- core_iter_traits_collect___core__iter__traits__collect__IntoIterator_for_I__1__into_iter(
- (CLITERAL(core_ops_range_Range_b3){.start = (size_t)1U,
- .end = blocks}),
- core_ops_range_Range_b3, core_ops_range_Range_b3);
- while (true) {
- if (core_iter_range___core__iter__traits__iterator__Iterator_for_core__ops__range__Range_A___6__next(
- &iter, size_t, Option_b3)
- .tag == None) {
- break;
- } else {
- Eurydice_slice_uint8_t_1size_t__x2 uu____5 =
- libcrux_sha3_portable_keccak_split_at_mut_n_5a(o1, (size_t)104U);
- Eurydice_slice o[1U];
- memcpy(o, uu____5.fst, (size_t)1U * sizeof(Eurydice_slice));
- Eurydice_slice orest[1U];
- memcpy(orest, uu____5.snd, (size_t)1U * sizeof(Eurydice_slice));
- libcrux_sha3_generic_keccak_squeeze_next_block_fc3(&s, o);
- memcpy(o1, orest, (size_t)1U * sizeof(Eurydice_slice));
- }
+ libcrux_sha3_simd_portable_squeeze_13_7a(&s, out, (size_t)0U, (size_t)104U);
+ for (size_t i = (size_t)1U; i < blocks; i++) {
+ size_t i0 = i;
+ libcrux_sha3_generic_keccak_keccakf1600_80_04(&s);
+ libcrux_sha3_simd_portable_squeeze_13_7a(&s, out, i0 * (size_t)104U,
+ (size_t)104U);
}
if (last < outlen) {
- libcrux_sha3_generic_keccak_squeeze_last_cf2(s, o1);
+ libcrux_sha3_generic_keccak_keccakf1600_80_04(&s);
+ libcrux_sha3_simd_portable_squeeze_13_7a(&s, out, last, outlen - last);
}
}
}
-/**
-A monomorphic instance of libcrux_sha3.portable.keccakx1
-with const generics
-- RATE= 104
-- DELIM= 6
-*/
-static KRML_MUSTINLINE void libcrux_sha3_portable_keccakx1_ce3(
- Eurydice_slice data[1U], Eurydice_slice out[1U]) {
- /* Passing arrays by value in Rust generates a copy in C */
- Eurydice_slice copy_of_data[1U];
- memcpy(copy_of_data, data, (size_t)1U * sizeof(Eurydice_slice));
- libcrux_sha3_generic_keccak_keccak_e93(copy_of_data, out);
-}
-
/**
A portable SHA3 384 implementation.
*/
static KRML_MUSTINLINE void libcrux_sha3_portable_sha384(Eurydice_slice digest,
Eurydice_slice data) {
- Eurydice_slice buf0[1U] = {data};
- Eurydice_slice buf[1U] = {digest};
- libcrux_sha3_portable_keccakx1_ce3(buf0, buf);
+ libcrux_sha3_generic_keccak_portable_keccak1_7c(data, digest);
}
/**
@@ -3991,16 +4472,15 @@ static KRML_MUSTINLINE void libcrux_sha3_portable_sha384(Eurydice_slice digest,
Preconditions:
- `digest.len() == 28`
*/
-static KRML_MUSTINLINE void libcrux_sha3_sha224_ema(Eurydice_slice digest,
- Eurydice_slice payload) {
+static inline void libcrux_sha3_sha224_ema(Eurydice_slice digest,
+ Eurydice_slice payload) {
libcrux_sha3_portable_sha224(digest, payload);
}
/**
SHA3 224
*/
-static KRML_MUSTINLINE void libcrux_sha3_sha224(Eurydice_slice data,
- uint8_t ret[28U]) {
+static inline void libcrux_sha3_sha224(Eurydice_slice data, uint8_t ret[28U]) {
uint8_t out[28U] = {0U};
libcrux_sha3_sha224_ema(Eurydice_array_to_slice((size_t)28U, out, uint8_t),
data);
@@ -4010,16 +4490,15 @@ static KRML_MUSTINLINE void libcrux_sha3_sha224(Eurydice_slice data,
/**
SHA3 256
*/
-static KRML_MUSTINLINE void libcrux_sha3_sha256_ema(Eurydice_slice digest,
- Eurydice_slice payload) {
+static inline void libcrux_sha3_sha256_ema(Eurydice_slice digest,
+ Eurydice_slice payload) {
libcrux_sha3_portable_sha256(digest, payload);
}
/**
SHA3 256
*/
-static KRML_MUSTINLINE void libcrux_sha3_sha256(Eurydice_slice data,
- uint8_t ret[32U]) {
+static inline void libcrux_sha3_sha256(Eurydice_slice data, uint8_t ret[32U]) {
uint8_t out[32U] = {0U};
libcrux_sha3_sha256_ema(Eurydice_array_to_slice((size_t)32U, out, uint8_t),
data);
@@ -4029,16 +4508,15 @@ static KRML_MUSTINLINE void libcrux_sha3_sha256(Eurydice_slice data,
/**
SHA3 384
*/
-static KRML_MUSTINLINE void libcrux_sha3_sha384_ema(Eurydice_slice digest,
- Eurydice_slice payload) {
+static inline void libcrux_sha3_sha384_ema(Eurydice_slice digest,
+ Eurydice_slice payload) {
libcrux_sha3_portable_sha384(digest, payload);
}
/**
SHA3 384
*/
-static KRML_MUSTINLINE void libcrux_sha3_sha384(Eurydice_slice data,
- uint8_t ret[48U]) {
+static inline void libcrux_sha3_sha384(Eurydice_slice data, uint8_t ret[48U]) {
uint8_t out[48U] = {0U};
libcrux_sha3_sha384_ema(Eurydice_array_to_slice((size_t)48U, out, uint8_t),
data);
@@ -4048,16 +4526,15 @@ static KRML_MUSTINLINE void libcrux_sha3_sha384(Eurydice_slice data,
/**
SHA3 512
*/
-static KRML_MUSTINLINE void libcrux_sha3_sha512_ema(Eurydice_slice digest,
- Eurydice_slice payload) {
+static inline void libcrux_sha3_sha512_ema(Eurydice_slice digest,
+ Eurydice_slice payload) {
libcrux_sha3_portable_sha512(digest, payload);
}
/**
SHA3 512
*/
-static KRML_MUSTINLINE void libcrux_sha3_sha512(Eurydice_slice data,
- uint8_t ret[64U]) {
+static inline void libcrux_sha3_sha512(Eurydice_slice data, uint8_t ret[64U]) {
uint8_t out[64U] = {0U};
libcrux_sha3_sha512_ema(Eurydice_array_to_slice((size_t)64U, out, uint8_t),
data);
@@ -4065,220 +4542,85 @@ static KRML_MUSTINLINE void libcrux_sha3_sha512(Eurydice_slice data,
}
/**
-This function found in impl {(libcrux_sha3::traits::internal::KeccakItem<1:
-usize> for u64)}
+This function found in impl {libcrux_sha3::traits::Absorb<1usize> for
+libcrux_sha3::generic_keccak::KeccakState<u64, 1usize>[core::marker::Sized<u64>,
+libcrux_sha3::simd::portable::{libcrux_sha3::traits::KeccakItem<1usize> for
+u64}]}
*/
/**
-A monomorphic instance of libcrux_sha3.portable_keccak.load_block_5a
+A monomorphic instance of libcrux_sha3.simd.portable.load_block_a1
with const generics
- RATE= 168
*/
-static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_load_block_5a_b83(
- uint64_t (*a)[5U], Eurydice_slice b[1U]) {
- uint64_t(*uu____0)[5U] = a;
- /* Passing arrays by value in Rust generates a copy in C */
- Eurydice_slice copy_of_b[1U];
- memcpy(copy_of_b, b, (size_t)1U * sizeof(Eurydice_slice));
- libcrux_sha3_portable_keccak_load_block_2c1(uu____0, copy_of_b);
+static inline void libcrux_sha3_simd_portable_load_block_a1_3a(
+ libcrux_sha3_generic_keccak_KeccakState_17 *self, Eurydice_slice *input,
+ size_t start) {
+ libcrux_sha3_simd_portable_load_block_3a(self->st, input[0U], start);
}
/**
-A monomorphic instance of libcrux_sha3.generic_keccak.absorb_block
-with types uint64_t
-with const generics
-- N= 1
-- RATE= 168
-*/
-static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_absorb_block_df3(
- libcrux_sha3_generic_keccak_KeccakState_48 *s, Eurydice_slice blocks[1U]) {
- uint64_t(*uu____0)[5U] = s->st;
- Eurydice_slice uu____1[1U];
- memcpy(uu____1, blocks, (size_t)1U * sizeof(Eurydice_slice));
- libcrux_sha3_portable_keccak_load_block_5a_b83(uu____0, uu____1);
- libcrux_sha3_generic_keccak_keccakf1600_21(s);
-}
-
-/**
-A monomorphic instance of libcrux_sha3.portable_keccak.store_block_full
-with const generics
-- RATE= 168
-*/
-static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_store_block_full_2d3(
- uint64_t (*s)[5U], uint8_t ret[1U][200U]) {
- uint8_t out[200U] = {0U};
- Eurydice_slice buf[1U] = {
- Eurydice_array_to_slice((size_t)200U, out, uint8_t)};
- libcrux_sha3_portable_keccak_store_block_581(s, buf);
- /* Passing arrays by value in Rust generates a copy in C */
- uint8_t copy_of_out[200U];
- memcpy(copy_of_out, out, (size_t)200U * sizeof(uint8_t));
- memcpy(ret[0U], copy_of_out, (size_t)200U * sizeof(uint8_t));
-}
-
-/**
-This function found in impl {(libcrux_sha3::traits::internal::KeccakItem<1:
-usize> for u64)}
-*/
-/**
-A monomorphic instance of libcrux_sha3.portable_keccak.store_block_full_5a
-with const generics
-- RATE= 168
+This function found in impl {libcrux_sha3::generic_keccak::KeccakState<T,
+N>[TraitClause@0, TraitClause@1]}
*/
-static KRML_MUSTINLINE void
-libcrux_sha3_portable_keccak_store_block_full_5a_293(uint64_t (*a)[5U],
- uint8_t ret[1U][200U]) {
- libcrux_sha3_portable_keccak_store_block_full_2d3(a, ret);
-}
-
/**
-A monomorphic instance of libcrux_sha3.generic_keccak.squeeze_first_and_last
+A monomorphic instance of libcrux_sha3.generic_keccak.absorb_block_80
with types uint64_t
with const generics
- N= 1
- RATE= 168
*/
-static KRML_MUSTINLINE void
-libcrux_sha3_generic_keccak_squeeze_first_and_last_c53(
- libcrux_sha3_generic_keccak_KeccakState_48 *s, Eurydice_slice out[1U]) {
- uint8_t b[1U][200U];
- libcrux_sha3_portable_keccak_store_block_full_5a_293(s->st, b);
- for (size_t i = (size_t)0U; i < (size_t)1U; i++) {
- size_t i0 = i;
- Eurydice_slice uu____0 = out[i0];
- uint8_t *uu____1 = b[i0];
- core_ops_range_Range_b3 lit;
- lit.start = (size_t)0U;
- lit.end = Eurydice_slice_len(out[i0], uint8_t);
- Eurydice_slice_copy(
- uu____0,
- Eurydice_array_to_subslice((size_t)200U, uu____1, lit, uint8_t,
- core_ops_range_Range_b3),
- uint8_t);
- }
+static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_absorb_block_80_c63(
+ libcrux_sha3_generic_keccak_KeccakState_17 *self, Eurydice_slice *blocks,
+ size_t start) {
+ libcrux_sha3_simd_portable_load_block_a1_3a(self, blocks, start);
+ libcrux_sha3_generic_keccak_keccakf1600_80_04(self);
}
/**
-A monomorphic instance of libcrux_sha3.generic_keccak.squeeze_last
-with types uint64_t
+A monomorphic instance of libcrux_sha3.generic_keccak.portable.keccak1
with const generics
-- N= 1
-- RATE= 168
-*/
-static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_squeeze_last_cf3(
- libcrux_sha3_generic_keccak_KeccakState_48 s, Eurydice_slice out[1U]) {
- libcrux_sha3_generic_keccak_keccakf1600_21(&s);
- uint8_t b[1U][200U];
- libcrux_sha3_portable_keccak_store_block_full_5a_293(s.st, b);
- for (size_t i = (size_t)0U; i < (size_t)1U; i++) {
- size_t i0 = i;
- Eurydice_slice uu____0 = out[i0];
- uint8_t *uu____1 = b[i0];
- core_ops_range_Range_b3 lit;
- lit.start = (size_t)0U;
- lit.end = Eurydice_slice_len(out[i0], uint8_t);
- Eurydice_slice_copy(
- uu____0,
- Eurydice_array_to_subslice((size_t)200U, uu____1, lit, uint8_t,
- core_ops_range_Range_b3),
- uint8_t);
- }
-}
-
-/**
-A monomorphic instance of libcrux_sha3.generic_keccak.keccak
-with types uint64_t
-with const generics
-- N= 1
- RATE= 168
- DELIM= 31
*/
-static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_keccak_e94(
- Eurydice_slice data[1U], Eurydice_slice out[1U]) {
- libcrux_sha3_generic_keccak_KeccakState_48 s =
- libcrux_sha3_generic_keccak_new_1e_f4();
- for (size_t i = (size_t)0U;
- i < Eurydice_slice_len(data[0U], uint8_t) / (size_t)168U; i++) {
+static inline void libcrux_sha3_generic_keccak_portable_keccak1_c6(
+ Eurydice_slice data, Eurydice_slice out) {
+ libcrux_sha3_generic_keccak_KeccakState_17 s =
+ libcrux_sha3_generic_keccak_new_80_04();
+ size_t data_len = Eurydice_slice_len(data, uint8_t);
+ for (size_t i = (size_t)0U; i < data_len / (size_t)168U; i++) {
size_t i0 = i;
- libcrux_sha3_generic_keccak_KeccakState_48 *uu____0 = &s;
- /* Passing arrays by value in Rust generates a copy in C */
- Eurydice_slice copy_of_data[1U];
- memcpy(copy_of_data, data, (size_t)1U * sizeof(Eurydice_slice));
- Eurydice_slice ret[1U];
- libcrux_sha3_portable_keccak_slice_n_5a(copy_of_data, i0 * (size_t)168U,
- (size_t)168U, ret);
- libcrux_sha3_generic_keccak_absorb_block_df3(uu____0, ret);
+ Eurydice_slice buf[1U] = {data};
+ libcrux_sha3_generic_keccak_absorb_block_80_c63(&s, buf, i0 * (size_t)168U);
}
- size_t rem = Eurydice_slice_len(data[0U], uint8_t) % (size_t)168U;
- libcrux_sha3_generic_keccak_KeccakState_48 *uu____2 = &s;
- /* Passing arrays by value in Rust generates a copy in C */
- Eurydice_slice copy_of_data[1U];
- memcpy(copy_of_data, data, (size_t)1U * sizeof(Eurydice_slice));
- Eurydice_slice ret[1U];
- libcrux_sha3_portable_keccak_slice_n_5a(
- copy_of_data, Eurydice_slice_len(data[0U], uint8_t) - rem, rem, ret);
- libcrux_sha3_generic_keccak_absorb_final_c72(uu____2, ret);
- size_t outlen = Eurydice_slice_len(out[0U], uint8_t);
+ size_t rem = data_len % (size_t)168U;
+ Eurydice_slice buf[1U] = {data};
+ libcrux_sha3_generic_keccak_absorb_final_80_9e2(&s, buf, data_len - rem, rem);
+ size_t outlen = Eurydice_slice_len(out, uint8_t);
size_t blocks = outlen / (size_t)168U;
size_t last = outlen - outlen % (size_t)168U;
if (blocks == (size_t)0U) {
- libcrux_sha3_generic_keccak_squeeze_first_and_last_c53(&s, out);
+ libcrux_sha3_simd_portable_squeeze_13_3a(&s, out, (size_t)0U, outlen);
} else {
- Eurydice_slice_uint8_t_1size_t__x2 uu____4 =
- libcrux_sha3_portable_keccak_split_at_mut_n_5a(out, (size_t)168U);
- Eurydice_slice o0[1U];
- memcpy(o0, uu____4.fst, (size_t)1U * sizeof(Eurydice_slice));
- Eurydice_slice o1[1U];
- memcpy(o1, uu____4.snd, (size_t)1U * sizeof(Eurydice_slice));
- libcrux_sha3_generic_keccak_squeeze_first_block_841(&s, o0);
- core_ops_range_Range_b3 iter =
- core_iter_traits_collect___core__iter__traits__collect__IntoIterator_for_I__1__into_iter(
- (CLITERAL(core_ops_range_Range_b3){.start = (size_t)1U,
- .end = blocks}),
- core_ops_range_Range_b3, core_ops_range_Range_b3);
- while (true) {
- if (core_iter_range___core__iter__traits__iterator__Iterator_for_core__ops__range__Range_A___6__next(
- &iter, size_t, Option_b3)
- .tag == None) {
- break;
- } else {
- Eurydice_slice_uint8_t_1size_t__x2 uu____5 =
- libcrux_sha3_portable_keccak_split_at_mut_n_5a(o1, (size_t)168U);
- Eurydice_slice o[1U];
- memcpy(o, uu____5.fst, (size_t)1U * sizeof(Eurydice_slice));
- Eurydice_slice orest[1U];
- memcpy(orest, uu____5.snd, (size_t)1U * sizeof(Eurydice_slice));
- libcrux_sha3_generic_keccak_squeeze_next_block_fc1(&s, o);
- memcpy(o1, orest, (size_t)1U * sizeof(Eurydice_slice));
- }
+ libcrux_sha3_simd_portable_squeeze_13_3a(&s, out, (size_t)0U, (size_t)168U);
+ for (size_t i = (size_t)1U; i < blocks; i++) {
+ size_t i0 = i;
+ libcrux_sha3_generic_keccak_keccakf1600_80_04(&s);
+ libcrux_sha3_simd_portable_squeeze_13_3a(&s, out, i0 * (size_t)168U,
+ (size_t)168U);
}
if (last < outlen) {
- libcrux_sha3_generic_keccak_squeeze_last_cf3(s, o1);
+ libcrux_sha3_generic_keccak_keccakf1600_80_04(&s);
+ libcrux_sha3_simd_portable_squeeze_13_3a(&s, out, last, outlen - last);
}
}
}
-/**
-A monomorphic instance of libcrux_sha3.portable.keccakx1
-with const generics
-- RATE= 168
-- DELIM= 31
-*/
-static KRML_MUSTINLINE void libcrux_sha3_portable_keccakx1_ce4(
- Eurydice_slice data[1U], Eurydice_slice out[1U]) {
- /* Passing arrays by value in Rust generates a copy in C */
- Eurydice_slice copy_of_data[1U];
- memcpy(copy_of_data, data, (size_t)1U * sizeof(Eurydice_slice));
- libcrux_sha3_generic_keccak_keccak_e94(copy_of_data, out);
-}
-
/**
A portable SHAKE128 implementation.
*/
static KRML_MUSTINLINE void libcrux_sha3_portable_shake128(
Eurydice_slice digest, Eurydice_slice data) {
- Eurydice_slice buf0[1U] = {data};
- Eurydice_slice buf[1U] = {digest};
- libcrux_sha3_portable_keccakx1_ce4(buf0, buf);
+ libcrux_sha3_generic_keccak_portable_keccak1_c6(data, digest);
}
/**
@@ -4286,8 +4628,8 @@ static KRML_MUSTINLINE void libcrux_sha3_portable_shake128(
Writes `out.len()` bytes.
*/
-static KRML_MUSTINLINE void libcrux_sha3_shake128_ema(Eurydice_slice out,
- Eurydice_slice data) {
+static inline void libcrux_sha3_shake128_ema(Eurydice_slice out,
+ Eurydice_slice data) {
libcrux_sha3_portable_shake128(out, data);
}
@@ -4296,170 +4638,39 @@ static KRML_MUSTINLINE void libcrux_sha3_shake128_ema(Eurydice_slice out,
Writes `out.len()` bytes.
*/
-static KRML_MUSTINLINE void libcrux_sha3_shake256_ema(Eurydice_slice out,
- Eurydice_slice data) {
+static inline void libcrux_sha3_shake256_ema(Eurydice_slice out,
+ Eurydice_slice data) {
libcrux_sha3_portable_shake256(out, data);
}
-static const size_t libcrux_sha3_generic_keccak__PI[24U] = {
- (size_t)6U, (size_t)12U, (size_t)18U, (size_t)24U, (size_t)3U,
- (size_t)9U, (size_t)10U, (size_t)16U, (size_t)22U, (size_t)1U,
- (size_t)7U, (size_t)13U, (size_t)19U, (size_t)20U, (size_t)4U,
- (size_t)5U, (size_t)11U, (size_t)17U, (size_t)23U, (size_t)2U,
- (size_t)8U, (size_t)14U, (size_t)15U, (size_t)21U};
-
-static const size_t libcrux_sha3_generic_keccak__ROTC[24U] = {
- (size_t)1U, (size_t)62U, (size_t)28U, (size_t)27U, (size_t)36U,
- (size_t)44U, (size_t)6U, (size_t)55U, (size_t)20U, (size_t)3U,
- (size_t)10U, (size_t)43U, (size_t)25U, (size_t)39U, (size_t)41U,
- (size_t)45U, (size_t)15U, (size_t)21U, (size_t)8U, (size_t)18U,
- (size_t)2U, (size_t)61U, (size_t)56U, (size_t)14U};
-
/**
- A portable SHA3 224 implementation.
+This function found in impl {libcrux_sha3::generic_keccak::KeccakState<u64,
+1usize>[core::marker::Sized<u64>,
+libcrux_sha3::simd::portable::{libcrux_sha3::traits::KeccakItem<1usize> for
+u64}]}
*/
-static KRML_MUSTINLINE void libcrux_sha3_neon_sha224(Eurydice_slice digest,
- Eurydice_slice data) {
- KRML_HOST_EPRINTF("KaRaMeL abort at %s:%d\n%s\n", __FILE__, __LINE__,
- "panic!");
- KRML_HOST_EXIT(255U);
-}
-
/**
- A portable SHA3 256 implementation.
-*/
-static KRML_MUSTINLINE void libcrux_sha3_neon_sha256(Eurydice_slice digest,
- Eurydice_slice data) {
- KRML_HOST_EPRINTF("KaRaMeL abort at %s:%d\n%s\n", __FILE__, __LINE__,
- "panic!");
- KRML_HOST_EXIT(255U);
-}
-
-/**
- A portable SHA3 384 implementation.
-*/
-static KRML_MUSTINLINE void libcrux_sha3_neon_sha384(Eurydice_slice digest,
- Eurydice_slice data) {
- KRML_HOST_EPRINTF("KaRaMeL abort at %s:%d\n%s\n", __FILE__, __LINE__,
- "panic!");
- KRML_HOST_EXIT(255U);
-}
-
-/**
- A portable SHA3 512 implementation.
-*/
-static KRML_MUSTINLINE void libcrux_sha3_neon_sha512(Eurydice_slice digest,
- Eurydice_slice data) {
- KRML_HOST_EPRINTF("KaRaMeL abort at %s:%d\n%s\n", __FILE__, __LINE__,
- "panic!");
- KRML_HOST_EXIT(255U);
-}
-
-/**
- Run SHAKE256 on both inputs in parallel.
-
- Writes the two results into `out0` and `out1`
-*/
-static KRML_MUSTINLINE void libcrux_sha3_neon_x2_shake256(Eurydice_slice input0,
- Eurydice_slice input1,
- Eurydice_slice out0,
- Eurydice_slice out1) {
- KRML_HOST_EPRINTF("KaRaMeL abort at %s:%d\n%s\n", __FILE__, __LINE__,
- "panic!");
- KRML_HOST_EXIT(255U);
-}
-
-typedef struct libcrux_sha3_neon_x2_incremental_KeccakState_s {
- libcrux_sha3_generic_keccak_KeccakState_48 state[2U];
-} libcrux_sha3_neon_x2_incremental_KeccakState;
-
-/**
- Initialise the `KeccakState2`.
-*/
-static KRML_MUSTINLINE libcrux_sha3_neon_x2_incremental_KeccakState
-libcrux_sha3_neon_x2_incremental_shake128_init(void) {
- KRML_HOST_EPRINTF("KaRaMeL abort at %s:%d\n%s\n", __FILE__, __LINE__,
- "panic!");
- KRML_HOST_EXIT(255U);
-}
-
-/**
- Shake128 absorb `data0` and `data1` in the [`KeccakState`] `s`.
-*/
-static KRML_MUSTINLINE void
-libcrux_sha3_neon_x2_incremental_shake128_absorb_final(
- libcrux_sha3_neon_x2_incremental_KeccakState *s, Eurydice_slice data0,
- Eurydice_slice data1) {
- KRML_HOST_EPRINTF("KaRaMeL abort at %s:%d\n%s\n", __FILE__, __LINE__,
- "panic!");
- KRML_HOST_EXIT(255U);
-}
-
-/**
- Squeeze 2 times the first three blocks in parallel in the
- [`KeccakState`] and return the output in `out0` and `out1`.
-*/
-static KRML_MUSTINLINE void
-libcrux_sha3_neon_x2_incremental_shake128_squeeze_first_three_blocks(
- libcrux_sha3_neon_x2_incremental_KeccakState *s, Eurydice_slice out0,
- Eurydice_slice out1) {
- KRML_HOST_EPRINTF("KaRaMeL abort at %s:%d\n%s\n", __FILE__, __LINE__,
- "panic!");
- KRML_HOST_EXIT(255U);
-}
-
-/**
- Squeeze 2 times the next block in parallel in the
- [`KeccakState`] and return the output in `out0` and `out1`.
-*/
-static KRML_MUSTINLINE void
-libcrux_sha3_neon_x2_incremental_shake128_squeeze_next_block(
- libcrux_sha3_neon_x2_incremental_KeccakState *s, Eurydice_slice out0,
- Eurydice_slice out1) {
- KRML_HOST_EPRINTF("KaRaMeL abort at %s:%d\n%s\n", __FILE__, __LINE__,
- "panic!");
- KRML_HOST_EXIT(255U);
-}
-
-/**
-A monomorphic instance of libcrux_sha3.generic_keccak.squeeze_first_five_blocks
-with types uint64_t
-with const generics
-- N= 1
+A monomorphic instance of
+libcrux_sha3.generic_keccak.portable.squeeze_first_five_blocks_b4 with const
+generics
- RATE= 168
*/
static KRML_MUSTINLINE void
-libcrux_sha3_generic_keccak_squeeze_first_five_blocks_4f(
- libcrux_sha3_generic_keccak_KeccakState_48 *s, Eurydice_slice out[1U]) {
- Eurydice_slice_uint8_t_1size_t__x2 uu____0 =
- libcrux_sha3_portable_keccak_split_at_mut_n_5a(out, (size_t)168U);
- Eurydice_slice o0[1U];
- memcpy(o0, uu____0.fst, (size_t)1U * sizeof(Eurydice_slice));
- Eurydice_slice o10[1U];
- memcpy(o10, uu____0.snd, (size_t)1U * sizeof(Eurydice_slice));
- libcrux_sha3_generic_keccak_squeeze_first_block_841(s, o0);
- Eurydice_slice_uint8_t_1size_t__x2 uu____1 =
- libcrux_sha3_portable_keccak_split_at_mut_n_5a(o10, (size_t)168U);
- Eurydice_slice o1[1U];
- memcpy(o1, uu____1.fst, (size_t)1U * sizeof(Eurydice_slice));
- Eurydice_slice o20[1U];
- memcpy(o20, uu____1.snd, (size_t)1U * sizeof(Eurydice_slice));
- libcrux_sha3_generic_keccak_squeeze_next_block_fc1(s, o1);
- Eurydice_slice_uint8_t_1size_t__x2 uu____2 =
- libcrux_sha3_portable_keccak_split_at_mut_n_5a(o20, (size_t)168U);
- Eurydice_slice o2[1U];
- memcpy(o2, uu____2.fst, (size_t)1U * sizeof(Eurydice_slice));
- Eurydice_slice o30[1U];
- memcpy(o30, uu____2.snd, (size_t)1U * sizeof(Eurydice_slice));
- libcrux_sha3_generic_keccak_squeeze_next_block_fc1(s, o2);
- Eurydice_slice_uint8_t_1size_t__x2 uu____3 =
- libcrux_sha3_portable_keccak_split_at_mut_n_5a(o30, (size_t)168U);
- Eurydice_slice o3[1U];
- memcpy(o3, uu____3.fst, (size_t)1U * sizeof(Eurydice_slice));
- Eurydice_slice o4[1U];
- memcpy(o4, uu____3.snd, (size_t)1U * sizeof(Eurydice_slice));
- libcrux_sha3_generic_keccak_squeeze_next_block_fc1(s, o3);
- libcrux_sha3_generic_keccak_squeeze_next_block_fc1(s, o4);
+libcrux_sha3_generic_keccak_portable_squeeze_first_five_blocks_b4_3a(
+ libcrux_sha3_generic_keccak_KeccakState_17 *self, Eurydice_slice out) {
+ libcrux_sha3_simd_portable_squeeze_13_3a(self, out, (size_t)0U, (size_t)168U);
+ libcrux_sha3_generic_keccak_keccakf1600_80_04(self);
+ libcrux_sha3_simd_portable_squeeze_13_3a(self, out, (size_t)168U,
+ (size_t)168U);
+ libcrux_sha3_generic_keccak_keccakf1600_80_04(self);
+ libcrux_sha3_simd_portable_squeeze_13_3a(self, out, (size_t)2U * (size_t)168U,
+ (size_t)168U);
+ libcrux_sha3_generic_keccak_keccakf1600_80_04(self);
+ libcrux_sha3_simd_portable_squeeze_13_3a(self, out, (size_t)3U * (size_t)168U,
+ (size_t)168U);
+ libcrux_sha3_generic_keccak_keccakf1600_80_04(self);
+ libcrux_sha3_simd_portable_squeeze_13_3a(self, out, (size_t)4U * (size_t)168U,
+ (size_t)168U);
}
/**
@@ -4467,9 +4678,8 @@ libcrux_sha3_generic_keccak_squeeze_first_five_blocks_4f(
*/
static KRML_MUSTINLINE void
libcrux_sha3_portable_incremental_shake128_squeeze_first_five_blocks(
- libcrux_sha3_generic_keccak_KeccakState_48 *s, Eurydice_slice out0) {
- Eurydice_slice buf[1U] = {out0};
- libcrux_sha3_generic_keccak_squeeze_first_five_blocks_4f(s, buf);
+ libcrux_sha3_generic_keccak_KeccakState_17 *s, Eurydice_slice out0) {
+ libcrux_sha3_generic_keccak_portable_squeeze_first_five_blocks_b4_3a(s, out0);
}
/**
@@ -4477,17 +4687,36 @@ libcrux_sha3_portable_incremental_shake128_squeeze_first_five_blocks(
*/
static KRML_MUSTINLINE void
libcrux_sha3_portable_incremental_shake256_absorb_final(
- libcrux_sha3_generic_keccak_KeccakState_48 *s, Eurydice_slice data) {
- Eurydice_slice buf[1U] = {data};
- libcrux_sha3_generic_keccak_absorb_final_c71(s, buf);
+ libcrux_sha3_generic_keccak_KeccakState_17 *s, Eurydice_slice data) {
+ libcrux_sha3_generic_keccak_KeccakState_17 *uu____0 = s;
+ Eurydice_slice uu____1[1U] = {data};
+ libcrux_sha3_generic_keccak_absorb_final_80_9e1(
+ uu____0, uu____1, (size_t)0U, Eurydice_slice_len(data, uint8_t));
}
/**
Create a new SHAKE-256 state object.
*/
-static KRML_MUSTINLINE libcrux_sha3_generic_keccak_KeccakState_48
+static KRML_MUSTINLINE libcrux_sha3_generic_keccak_KeccakState_17
libcrux_sha3_portable_incremental_shake256_init(void) {
- return libcrux_sha3_generic_keccak_new_1e_f4();
+ return libcrux_sha3_generic_keccak_new_80_04();
+}
+
+/**
+This function found in impl {libcrux_sha3::generic_keccak::KeccakState<u64,
+1usize>[core::marker::Sized<u64>,
+libcrux_sha3::simd::portable::{libcrux_sha3::traits::KeccakItem<1usize> for
+u64}]}
+*/
+/**
+A monomorphic instance of
+libcrux_sha3.generic_keccak.portable.squeeze_first_block_b4 with const generics
+- RATE= 136
+*/
+static KRML_MUSTINLINE void
+libcrux_sha3_generic_keccak_portable_squeeze_first_block_b4_5b(
+ libcrux_sha3_generic_keccak_KeccakState_17 *self, Eurydice_slice out) {
+ libcrux_sha3_simd_portable_squeeze_13_5b(self, out, (size_t)0U, (size_t)136U);
}
/**
@@ -4495,9 +4724,27 @@ libcrux_sha3_portable_incremental_shake256_init(void) {
*/
static KRML_MUSTINLINE void
libcrux_sha3_portable_incremental_shake256_squeeze_first_block(
- libcrux_sha3_generic_keccak_KeccakState_48 *s, Eurydice_slice out) {
- Eurydice_slice buf[1U] = {out};
- libcrux_sha3_generic_keccak_squeeze_first_block_840(s, buf);
+ libcrux_sha3_generic_keccak_KeccakState_17 *s, Eurydice_slice out) {
+ libcrux_sha3_generic_keccak_portable_squeeze_first_block_b4_5b(s, out);
+}
+
+/**
+This function found in impl {libcrux_sha3::generic_keccak::KeccakState<u64,
+1usize>[core::marker::Sized<u64>,
+libcrux_sha3::simd::portable::{libcrux_sha3::traits::KeccakItem<1usize> for
+u64}]}
+*/
+/**
+A monomorphic instance of
+libcrux_sha3.generic_keccak.portable.squeeze_next_block_b4 with const generics
+- RATE= 136
+*/
+static KRML_MUSTINLINE void
+libcrux_sha3_generic_keccak_portable_squeeze_next_block_b4_5b(
+ libcrux_sha3_generic_keccak_KeccakState_17 *self, Eurydice_slice out,
+ size_t start) {
+ libcrux_sha3_generic_keccak_keccakf1600_80_04(self);
+ libcrux_sha3_simd_portable_squeeze_13_5b(self, out, start, (size_t)136U);
}
/**
@@ -4505,51 +4752,43 @@ libcrux_sha3_portable_incremental_shake256_squeeze_first_block(
*/
static KRML_MUSTINLINE void
libcrux_sha3_portable_incremental_shake256_squeeze_next_block(
- libcrux_sha3_generic_keccak_KeccakState_48 *s, Eurydice_slice out) {
- Eurydice_slice buf[1U] = {out};
- libcrux_sha3_generic_keccak_squeeze_next_block_fc0(s, buf);
+ libcrux_sha3_generic_keccak_KeccakState_17 *s, Eurydice_slice out) {
+ libcrux_sha3_generic_keccak_portable_squeeze_next_block_b4_5b(s, out,
+ (size_t)0U);
}
/**
-A monomorphic instance of libcrux_sha3.generic_keccak.KeccakXofState
+A monomorphic instance of libcrux_sha3.generic_keccak.xof.KeccakXofState
with types uint64_t
with const generics
- $1size_t
- $136size_t
*/
-typedef struct libcrux_sha3_generic_keccak_KeccakXofState_4f_s {
- libcrux_sha3_generic_keccak_KeccakState_48 inner;
+typedef struct libcrux_sha3_generic_keccak_xof_KeccakXofState_e2_s {
+ libcrux_sha3_generic_keccak_KeccakState_17 inner;
uint8_t buf[1U][136U];
size_t buf_len;
bool sponge;
-} libcrux_sha3_generic_keccak_KeccakXofState_4f;
+} libcrux_sha3_generic_keccak_xof_KeccakXofState_e2;
-typedef libcrux_sha3_generic_keccak_KeccakXofState_4f
- libcrux_sha3_portable_incremental_Shake256Absorb;
+typedef libcrux_sha3_generic_keccak_xof_KeccakXofState_e2
+ libcrux_sha3_portable_incremental_Shake256Xof;
/**
- Consume the internal buffer and the required amount of the input to pad to
- `RATE`.
-
- Returns the `consumed` bytes from `inputs` if there's enough buffered
- content to consume, and `0` otherwise.
- If `consumed > 0` is returned, `self.buf` contains a full block to be
- loaded.
-*/
-/**
-This function found in impl {libcrux_sha3::generic_keccak::KeccakXofState<STATE,
-PARALLEL_LANES, RATE>[TraitClause@0]#2}
+This function found in impl
+{libcrux_sha3::generic_keccak::xof::KeccakXofState<STATE, PARALLEL_LANES,
+RATE>[TraitClause@0, TraitClause@1]}
*/
/**
-A monomorphic instance of libcrux_sha3.generic_keccak.fill_buffer_9d
+A monomorphic instance of libcrux_sha3.generic_keccak.xof.fill_buffer_35
with types uint64_t
with const generics
- PARALLEL_LANES= 1
- RATE= 136
*/
-static inline size_t libcrux_sha3_generic_keccak_fill_buffer_9d_b0(
- libcrux_sha3_generic_keccak_KeccakXofState_4f *self,
- Eurydice_slice inputs[1U]) {
+static inline size_t libcrux_sha3_generic_keccak_xof_fill_buffer_35_c6(
+ libcrux_sha3_generic_keccak_xof_KeccakXofState_e2 *self,
+ Eurydice_slice *inputs) {
size_t input_len = Eurydice_slice_len(inputs[0U], uint8_t);
size_t consumed = (size_t)0U;
if (self->buf_len > (size_t)0U) {
@@ -4558,10 +4797,12 @@ static inline size_t libcrux_sha3_generic_keccak_fill_buffer_9d_b0(
for (size_t i = (size_t)0U; i < (size_t)1U; i++) {
size_t i0 = i;
Eurydice_slice uu____0 = Eurydice_array_to_subslice_from(
- (size_t)136U, self->buf[i0], self->buf_len, uint8_t, size_t);
+ (size_t)136U, self->buf[i0], self->buf_len, uint8_t, size_t,
+ uint8_t[]);
Eurydice_slice_copy(
uu____0,
- Eurydice_slice_subslice_to(inputs[i0], consumed, uint8_t, size_t),
+ Eurydice_slice_subslice_to(inputs[i0], consumed, uint8_t, size_t,
+ uint8_t[]),
uint8_t);
}
self->buf_len = self->buf_len + consumed;
@@ -4571,42 +4812,37 @@ static inline size_t libcrux_sha3_generic_keccak_fill_buffer_9d_b0(
}
/**
-This function found in impl {libcrux_sha3::generic_keccak::KeccakXofState<STATE,
-PARALLEL_LANES, RATE>[TraitClause@0]#2}
+This function found in impl
+{libcrux_sha3::generic_keccak::xof::KeccakXofState<STATE, PARALLEL_LANES,
+RATE>[TraitClause@0, TraitClause@1]}
*/
/**
-A monomorphic instance of libcrux_sha3.generic_keccak.absorb_full_9d
+A monomorphic instance of libcrux_sha3.generic_keccak.xof.absorb_full_35
with types uint64_t
with const generics
- PARALLEL_LANES= 1
- RATE= 136
*/
-static inline size_t libcrux_sha3_generic_keccak_absorb_full_9d_f8(
- libcrux_sha3_generic_keccak_KeccakXofState_4f *self,
- Eurydice_slice inputs[1U]) {
- libcrux_sha3_generic_keccak_KeccakXofState_4f *uu____0 = self;
- /* Passing arrays by value in Rust generates a copy in C */
- Eurydice_slice copy_of_inputs0[1U];
- memcpy(copy_of_inputs0, inputs, (size_t)1U * sizeof(Eurydice_slice));
+static inline size_t libcrux_sha3_generic_keccak_xof_absorb_full_35_c6(
+ libcrux_sha3_generic_keccak_xof_KeccakXofState_e2 *self,
+ Eurydice_slice *inputs) {
size_t input_consumed =
- libcrux_sha3_generic_keccak_fill_buffer_9d_b0(uu____0, copy_of_inputs0);
+ libcrux_sha3_generic_keccak_xof_fill_buffer_35_c6(self, inputs);
if (input_consumed > (size_t)0U) {
Eurydice_slice borrowed[1U];
for (size_t i = (size_t)0U; i < (size_t)1U; i++) {
uint8_t buf[136U] = {0U};
- borrowed[i] = core_array___Array_T__N__23__as_slice(
- (size_t)136U, buf, uint8_t, Eurydice_slice);
+ borrowed[i] = core_array___Array_T__N___as_slice((size_t)136U, buf,
+ uint8_t, Eurydice_slice);
}
for (size_t i = (size_t)0U; i < (size_t)1U; i++) {
size_t i0 = i;
borrowed[i0] =
Eurydice_array_to_slice((size_t)136U, self->buf[i0], uint8_t);
}
- uint64_t(*uu____2)[5U] = self->inner.st;
- Eurydice_slice uu____3[1U];
- memcpy(uu____3, borrowed, (size_t)1U * sizeof(Eurydice_slice));
- libcrux_sha3_portable_keccak_load_block_5a_b80(uu____2, uu____3);
- libcrux_sha3_generic_keccak_keccakf1600_21(&self->inner);
+ libcrux_sha3_simd_portable_load_block_a1_5b(&self->inner, borrowed,
+ (size_t)0U);
+ libcrux_sha3_generic_keccak_keccakf1600_80_04(&self->inner);
self->buf_len = (size_t)0U;
}
size_t input_to_consume =
@@ -4615,63 +4851,41 @@ static inline size_t libcrux_sha3_generic_keccak_absorb_full_9d_f8(
size_t remainder = input_to_consume % (size_t)136U;
for (size_t i = (size_t)0U; i < num_blocks; i++) {
size_t i0 = i;
- uint64_t(*uu____4)[5U] = self->inner.st;
- /* Passing arrays by value in Rust generates a copy in C */
- Eurydice_slice copy_of_inputs[1U];
- memcpy(copy_of_inputs, inputs, (size_t)1U * sizeof(Eurydice_slice));
- Eurydice_slice ret[1U];
- libcrux_sha3_portable_keccak_slice_n_5a(
- copy_of_inputs, input_consumed + i0 * (size_t)136U, (size_t)136U, ret);
- libcrux_sha3_portable_keccak_load_block_5a_b80(uu____4, ret);
- libcrux_sha3_generic_keccak_keccakf1600_21(&self->inner);
+ libcrux_sha3_simd_portable_load_block_a1_5b(
+ &self->inner, inputs, input_consumed + i0 * (size_t)136U);
+ libcrux_sha3_generic_keccak_keccakf1600_80_04(&self->inner);
}
return remainder;
}
/**
- Absorb
-
- This function takes any number of bytes to absorb and buffers if it's not
- enough. The function assumes that all input slices in `blocks` have the same
- length.
-
- Only a multiple of `RATE` blocks are absorbed.
- For the remaining bytes [`absorb_final`] needs to be called.
-
- This works best with relatively small `inputs`.
+This function found in impl
+{libcrux_sha3::generic_keccak::xof::KeccakXofState<STATE, PARALLEL_LANES,
+RATE>[TraitClause@0, TraitClause@1]}
*/
/**
-This function found in impl {libcrux_sha3::generic_keccak::KeccakXofState<STATE,
-PARALLEL_LANES, RATE>[TraitClause@0]#2}
-*/
-/**
-A monomorphic instance of libcrux_sha3.generic_keccak.absorb_9d
+A monomorphic instance of libcrux_sha3.generic_keccak.xof.absorb_35
with types uint64_t
with const generics
- PARALLEL_LANES= 1
- RATE= 136
*/
-static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_absorb_9d_7b(
- libcrux_sha3_generic_keccak_KeccakXofState_4f *self,
- Eurydice_slice inputs[1U]) {
- libcrux_sha3_generic_keccak_KeccakXofState_4f *uu____0 = self;
- /* Passing arrays by value in Rust generates a copy in C */
- Eurydice_slice copy_of_inputs[1U];
- memcpy(copy_of_inputs, inputs, (size_t)1U * sizeof(Eurydice_slice));
+static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_xof_absorb_35_c6(
+ libcrux_sha3_generic_keccak_xof_KeccakXofState_e2 *self,
+ Eurydice_slice *inputs) {
size_t input_remainder_len =
- libcrux_sha3_generic_keccak_absorb_full_9d_f8(uu____0, copy_of_inputs);
+ libcrux_sha3_generic_keccak_xof_absorb_full_35_c6(self, inputs);
if (input_remainder_len > (size_t)0U) {
size_t input_len = Eurydice_slice_len(inputs[0U], uint8_t);
for (size_t i = (size_t)0U; i < (size_t)1U; i++) {
size_t i0 = i;
- Eurydice_slice uu____2 = Eurydice_array_to_subslice2(
- self->buf[i0], self->buf_len, self->buf_len + input_remainder_len,
- uint8_t);
- Eurydice_slice_copy(
- uu____2,
- Eurydice_slice_subslice_from(
- inputs[i0], input_len - input_remainder_len, uint8_t, size_t),
- uint8_t);
+ Eurydice_slice_copy(Eurydice_array_to_subslice3(
+ self->buf[i0], self->buf_len,
+ self->buf_len + input_remainder_len, uint8_t *),
+ Eurydice_slice_subslice_from(
+ inputs[i0], input_len - input_remainder_len,
+ uint8_t, size_t, uint8_t[]),
+ uint8_t);
}
self->buf_len = self->buf_len + input_remainder_len;
}
@@ -4681,271 +4895,101 @@ static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_absorb_9d_7b(
Shake256 absorb
*/
/**
-This function found in impl
-{(libcrux_sha3::portable::incremental::XofAbsorb<136: usize> for
-libcrux_sha3::portable::incremental::Shake256Absorb)#2}
+This function found in impl {libcrux_sha3::portable::incremental::Xof<136usize>
+for libcrux_sha3::portable::incremental::Shake256Xof}
*/
-static inline void libcrux_sha3_portable_incremental_absorb_7d(
- libcrux_sha3_generic_keccak_KeccakXofState_4f *self, Eurydice_slice input) {
+static inline void libcrux_sha3_portable_incremental_absorb_42(
+ libcrux_sha3_generic_keccak_xof_KeccakXofState_e2 *self,
+ Eurydice_slice input) {
Eurydice_slice buf[1U] = {input};
- libcrux_sha3_generic_keccak_absorb_9d_7b(self, buf);
+ libcrux_sha3_generic_keccak_xof_absorb_35_c6(self, buf);
}
-typedef libcrux_sha3_generic_keccak_KeccakXofState_4f
- libcrux_sha3_portable_incremental_Shake256Squeeze;
-
/**
- Absorb a final block.
-
- The `inputs` block may be empty. Everything in the `inputs` block beyond
- `RATE` bytes is ignored.
+This function found in impl
+{libcrux_sha3::generic_keccak::xof::KeccakXofState<STATE, PARALLEL_LANES,
+RATE>[TraitClause@0, TraitClause@1]}
*/
/**
-This function found in impl {libcrux_sha3::generic_keccak::KeccakXofState<STATE,
-PARALLEL_LANES, RATE>[TraitClause@0]#2}
-*/
-/**
-A monomorphic instance of libcrux_sha3.generic_keccak.absorb_final_9d
+A monomorphic instance of libcrux_sha3.generic_keccak.xof.absorb_final_35
with types uint64_t
with const generics
- PARALLEL_LANES= 1
- RATE= 136
- DELIMITER= 31
*/
-static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_absorb_final_9d_25(
- libcrux_sha3_generic_keccak_KeccakXofState_4f *self,
- Eurydice_slice inputs[1U]) {
- libcrux_sha3_generic_keccak_KeccakXofState_4f *uu____0 = self;
- /* Passing arrays by value in Rust generates a copy in C */
- Eurydice_slice copy_of_inputs[1U];
- memcpy(copy_of_inputs, inputs, (size_t)1U * sizeof(Eurydice_slice));
- size_t input_remainder_len =
- libcrux_sha3_generic_keccak_absorb_full_9d_f8(uu____0, copy_of_inputs);
- size_t input_len = Eurydice_slice_len(inputs[0U], uint8_t);
- uint8_t blocks[1U][200U] = {{0U}};
+static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_xof_absorb_final_35_9e(
+ libcrux_sha3_generic_keccak_xof_KeccakXofState_e2 *self,
+ Eurydice_slice *inputs) {
+ libcrux_sha3_generic_keccak_xof_absorb_35_c6(self, inputs);
+ Eurydice_slice borrowed[1U];
+ for (size_t i = (size_t)0U; i < (size_t)1U; i++) {
+ uint8_t buf[136U] = {0U};
+ borrowed[i] = core_array___Array_T__N___as_slice((size_t)136U, buf, uint8_t,
+ Eurydice_slice);
+ }
for (size_t i = (size_t)0U; i < (size_t)1U; i++) {
size_t i0 = i;
- if (self->buf_len > (size_t)0U) {
- Eurydice_slice uu____2 = Eurydice_array_to_subslice2(
- blocks[i0], (size_t)0U, self->buf_len, uint8_t);
- Eurydice_slice_copy(uu____2,
- Eurydice_array_to_subslice2(self->buf[i0], (size_t)0U,
- self->buf_len, uint8_t),
- uint8_t);
- }
- if (input_remainder_len > (size_t)0U) {
- Eurydice_slice uu____3 = Eurydice_array_to_subslice2(
- blocks[i0], self->buf_len, self->buf_len + input_remainder_len,
- uint8_t);
- Eurydice_slice_copy(
- uu____3,
- Eurydice_slice_subslice_from(
- inputs[i0], input_len - input_remainder_len, uint8_t, size_t),
- uint8_t);
- }
- blocks[i0][self->buf_len + input_remainder_len] = 31U;
- size_t uu____4 = i0;
- size_t uu____5 = (size_t)136U - (size_t)1U;
- blocks[uu____4][uu____5] = (uint32_t)blocks[uu____4][uu____5] | 128U;
+ borrowed[i0] =
+ Eurydice_array_to_slice((size_t)136U, self->buf[i0], uint8_t);
}
- uint64_t(*uu____6)[5U] = self->inner.st;
- uint8_t uu____7[1U][200U];
- memcpy(uu____7, blocks, (size_t)1U * sizeof(uint8_t[200U]));
- libcrux_sha3_portable_keccak_load_block_full_5a_d20(uu____6, uu____7);
- libcrux_sha3_generic_keccak_keccakf1600_21(&self->inner);
+ libcrux_sha3_simd_portable_load_last_a1_ad0(&self->inner, borrowed,
+ (size_t)0U, self->buf_len);
+ libcrux_sha3_generic_keccak_keccakf1600_80_04(&self->inner);
}
/**
Shake256 absorb final
*/
/**
-This function found in impl
-{(libcrux_sha3::portable::incremental::XofAbsorb<136: usize> for
-libcrux_sha3::portable::incremental::Shake256Absorb)#2}
+This function found in impl {libcrux_sha3::portable::incremental::Xof<136usize>
+for libcrux_sha3::portable::incremental::Shake256Xof}
*/
-static inline libcrux_sha3_generic_keccak_KeccakXofState_4f
-libcrux_sha3_portable_incremental_absorb_final_7d(
- libcrux_sha3_generic_keccak_KeccakXofState_4f self, Eurydice_slice input) {
+static inline void libcrux_sha3_portable_incremental_absorb_final_42(
+ libcrux_sha3_generic_keccak_xof_KeccakXofState_e2 *self,
+ Eurydice_slice input) {
Eurydice_slice buf[1U] = {input};
- libcrux_sha3_generic_keccak_absorb_final_9d_25(&self, buf);
- return self;
+ libcrux_sha3_generic_keccak_xof_absorb_final_35_9e(self, buf);
}
/**
- An all zero block
+This function found in impl
+{libcrux_sha3::generic_keccak::xof::KeccakXofState<STATE, PARALLEL_LANES,
+RATE>[TraitClause@0, TraitClause@1]}
*/
/**
-This function found in impl {libcrux_sha3::generic_keccak::KeccakXofState<STATE,
-PARALLEL_LANES, RATE>[TraitClause@0]#2}
-*/
-/**
-A monomorphic instance of libcrux_sha3.generic_keccak.zero_block_9d
+A monomorphic instance of libcrux_sha3.generic_keccak.xof.zero_block_35
with types uint64_t
with const generics
- PARALLEL_LANES= 1
- RATE= 136
*/
-static inline void libcrux_sha3_generic_keccak_zero_block_9d_e6(
+static inline void libcrux_sha3_generic_keccak_xof_zero_block_35_c6(
uint8_t ret[136U]) {
- ret[0U] = 0U;
- ret[1U] = 0U;
- ret[2U] = 0U;
- ret[3U] = 0U;
- ret[4U] = 0U;
- ret[5U] = 0U;
- ret[6U] = 0U;
- ret[7U] = 0U;
- ret[8U] = 0U;
- ret[9U] = 0U;
- ret[10U] = 0U;
- ret[11U] = 0U;
- ret[12U] = 0U;
- ret[13U] = 0U;
- ret[14U] = 0U;
- ret[15U] = 0U;
- ret[16U] = 0U;
- ret[17U] = 0U;
- ret[18U] = 0U;
- ret[19U] = 0U;
- ret[20U] = 0U;
- ret[21U] = 0U;
- ret[22U] = 0U;
- ret[23U] = 0U;
- ret[24U] = 0U;
- ret[25U] = 0U;
- ret[26U] = 0U;
- ret[27U] = 0U;
- ret[28U] = 0U;
- ret[29U] = 0U;
- ret[30U] = 0U;
- ret[31U] = 0U;
- ret[32U] = 0U;
- ret[33U] = 0U;
- ret[34U] = 0U;
- ret[35U] = 0U;
- ret[36U] = 0U;
- ret[37U] = 0U;
- ret[38U] = 0U;
- ret[39U] = 0U;
- ret[40U] = 0U;
- ret[41U] = 0U;
- ret[42U] = 0U;
- ret[43U] = 0U;
- ret[44U] = 0U;
- ret[45U] = 0U;
- ret[46U] = 0U;
- ret[47U] = 0U;
- ret[48U] = 0U;
- ret[49U] = 0U;
- ret[50U] = 0U;
- ret[51U] = 0U;
- ret[52U] = 0U;
- ret[53U] = 0U;
- ret[54U] = 0U;
- ret[55U] = 0U;
- ret[56U] = 0U;
- ret[57U] = 0U;
- ret[58U] = 0U;
- ret[59U] = 0U;
- ret[60U] = 0U;
- ret[61U] = 0U;
- ret[62U] = 0U;
- ret[63U] = 0U;
- ret[64U] = 0U;
- ret[65U] = 0U;
- ret[66U] = 0U;
- ret[67U] = 0U;
- ret[68U] = 0U;
- ret[69U] = 0U;
- ret[70U] = 0U;
- ret[71U] = 0U;
- ret[72U] = 0U;
- ret[73U] = 0U;
- ret[74U] = 0U;
- ret[75U] = 0U;
- ret[76U] = 0U;
- ret[77U] = 0U;
- ret[78U] = 0U;
- ret[79U] = 0U;
- ret[80U] = 0U;
- ret[81U] = 0U;
- ret[82U] = 0U;
- ret[83U] = 0U;
- ret[84U] = 0U;
- ret[85U] = 0U;
- ret[86U] = 0U;
- ret[87U] = 0U;
- ret[88U] = 0U;
- ret[89U] = 0U;
- ret[90U] = 0U;
- ret[91U] = 0U;
- ret[92U] = 0U;
- ret[93U] = 0U;
- ret[94U] = 0U;
- ret[95U] = 0U;
- ret[96U] = 0U;
- ret[97U] = 0U;
- ret[98U] = 0U;
- ret[99U] = 0U;
- ret[100U] = 0U;
- ret[101U] = 0U;
- ret[102U] = 0U;
- ret[103U] = 0U;
- ret[104U] = 0U;
- ret[105U] = 0U;
- ret[106U] = 0U;
- ret[107U] = 0U;
- ret[108U] = 0U;
- ret[109U] = 0U;
- ret[110U] = 0U;
- ret[111U] = 0U;
- ret[112U] = 0U;
- ret[113U] = 0U;
- ret[114U] = 0U;
- ret[115U] = 0U;
- ret[116U] = 0U;
- ret[117U] = 0U;
- ret[118U] = 0U;
- ret[119U] = 0U;
- ret[120U] = 0U;
- ret[121U] = 0U;
- ret[122U] = 0U;
- ret[123U] = 0U;
- ret[124U] = 0U;
- ret[125U] = 0U;
- ret[126U] = 0U;
- ret[127U] = 0U;
- ret[128U] = 0U;
- ret[129U] = 0U;
- ret[130U] = 0U;
- ret[131U] = 0U;
- ret[132U] = 0U;
- ret[133U] = 0U;
- ret[134U] = 0U;
- ret[135U] = 0U;
+ memset(ret, 0U, 136U * sizeof(uint8_t));
}
/**
- Generate a new keccak xof state.
+This function found in impl
+{libcrux_sha3::generic_keccak::xof::KeccakXofState<STATE, PARALLEL_LANES,
+RATE>[TraitClause@0, TraitClause@1]}
*/
/**
-This function found in impl {libcrux_sha3::generic_keccak::KeccakXofState<STATE,
-PARALLEL_LANES, RATE>[TraitClause@0]#2}
-*/
-/**
-A monomorphic instance of libcrux_sha3.generic_keccak.new_9d
+A monomorphic instance of libcrux_sha3.generic_keccak.xof.new_35
with types uint64_t
with const generics
- PARALLEL_LANES= 1
- RATE= 136
*/
-static inline libcrux_sha3_generic_keccak_KeccakXofState_4f
-libcrux_sha3_generic_keccak_new_9d_7e(void) {
- libcrux_sha3_generic_keccak_KeccakXofState_4f lit;
- lit.inner = libcrux_sha3_generic_keccak_new_1e_f4();
- uint8_t ret[136U];
- libcrux_sha3_generic_keccak_zero_block_9d_e6(ret);
- memcpy(lit.buf[0U], ret, (size_t)136U * sizeof(uint8_t));
+static inline libcrux_sha3_generic_keccak_xof_KeccakXofState_e2
+libcrux_sha3_generic_keccak_xof_new_35_c6(void) {
+ libcrux_sha3_generic_keccak_xof_KeccakXofState_e2 lit;
+ lit.inner = libcrux_sha3_generic_keccak_new_80_04();
+ uint8_t repeat_expression[1U][136U];
+ for (size_t i = (size_t)0U; i < (size_t)1U; i++) {
+ libcrux_sha3_generic_keccak_xof_zero_block_35_c6(repeat_expression[i]);
+ }
+ memcpy(lit.buf, repeat_expression, (size_t)1U * sizeof(uint8_t[136U]));
lit.buf_len = (size_t)0U;
lit.sponge = false;
return lit;
@@ -4955,55 +4999,103 @@ libcrux_sha3_generic_keccak_new_9d_7e(void) {
Shake256 new state
*/
/**
+This function found in impl {libcrux_sha3::portable::incremental::Xof<136usize>
+for libcrux_sha3::portable::incremental::Shake256Xof}
+*/
+static inline libcrux_sha3_generic_keccak_xof_KeccakXofState_e2
+libcrux_sha3_portable_incremental_new_42(void) {
+ return libcrux_sha3_generic_keccak_xof_new_35_c6();
+}
+
+/**
+ Squeeze `N` x `LEN` bytes. Only `N = 1` for now.
+*/
+/**
This function found in impl
-{(libcrux_sha3::portable::incremental::XofAbsorb<136: usize> for
-libcrux_sha3::portable::incremental::Shake256Absorb)#2}
+{libcrux_sha3::generic_keccak::xof::KeccakXofState<STATE, 1usize,
+RATE>[TraitClause@0, TraitClause@1]}
*/
-static inline libcrux_sha3_generic_keccak_KeccakXofState_4f
-libcrux_sha3_portable_incremental_new_7d(void) {
- return libcrux_sha3_generic_keccak_new_9d_7e();
+/**
+A monomorphic instance of libcrux_sha3.generic_keccak.xof.squeeze_85
+with types uint64_t
+with const generics
+- RATE= 136
+*/
+static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_xof_squeeze_85_c7(
+ libcrux_sha3_generic_keccak_xof_KeccakXofState_e2 *self,
+ Eurydice_slice out) {
+ if (self->sponge) {
+ libcrux_sha3_generic_keccak_keccakf1600_80_04(&self->inner);
+ }
+ size_t out_len = Eurydice_slice_len(out, uint8_t);
+ if (out_len > (size_t)0U) {
+ if (out_len <= (size_t)136U) {
+ libcrux_sha3_simd_portable_squeeze_13_5b(&self->inner, out, (size_t)0U,
+ out_len);
+ } else {
+ size_t blocks = out_len / (size_t)136U;
+ for (size_t i = (size_t)0U; i < blocks; i++) {
+ size_t i0 = i;
+ libcrux_sha3_generic_keccak_keccakf1600_80_04(&self->inner);
+ libcrux_sha3_simd_portable_squeeze_13_5b(
+ &self->inner, out, i0 * (size_t)136U, (size_t)136U);
+ }
+ size_t remaining = out_len % (size_t)136U;
+ if (remaining > (size_t)0U) {
+ libcrux_sha3_generic_keccak_keccakf1600_80_04(&self->inner);
+ libcrux_sha3_simd_portable_squeeze_13_5b(
+ &self->inner, out, blocks * (size_t)136U, remaining);
+ }
+ }
+ self->sponge = true;
+ }
+}
+
+/**
+ Shake256 squeeze
+*/
+/**
+This function found in impl {libcrux_sha3::portable::incremental::Xof<136usize>
+for libcrux_sha3::portable::incremental::Shake256Xof}
+*/
+static inline void libcrux_sha3_portable_incremental_squeeze_42(
+ libcrux_sha3_generic_keccak_xof_KeccakXofState_e2 *self,
+ Eurydice_slice out) {
+ libcrux_sha3_generic_keccak_xof_squeeze_85_c7(self, out);
}
/**
-A monomorphic instance of libcrux_sha3.generic_keccak.KeccakXofState
+A monomorphic instance of libcrux_sha3.generic_keccak.xof.KeccakXofState
with types uint64_t
with const generics
- $1size_t
- $168size_t
*/
-typedef struct libcrux_sha3_generic_keccak_KeccakXofState_78_s {
- libcrux_sha3_generic_keccak_KeccakState_48 inner;
+typedef struct libcrux_sha3_generic_keccak_xof_KeccakXofState_97_s {
+ libcrux_sha3_generic_keccak_KeccakState_17 inner;
uint8_t buf[1U][168U];
size_t buf_len;
bool sponge;
-} libcrux_sha3_generic_keccak_KeccakXofState_78;
+} libcrux_sha3_generic_keccak_xof_KeccakXofState_97;
-typedef libcrux_sha3_generic_keccak_KeccakXofState_78
- libcrux_sha3_portable_incremental_Shake128Absorb;
+typedef libcrux_sha3_generic_keccak_xof_KeccakXofState_97
+ libcrux_sha3_portable_incremental_Shake128Xof;
/**
- Consume the internal buffer and the required amount of the input to pad to
- `RATE`.
-
- Returns the `consumed` bytes from `inputs` if there's enough buffered
- content to consume, and `0` otherwise.
- If `consumed > 0` is returned, `self.buf` contains a full block to be
- loaded.
-*/
-/**
-This function found in impl {libcrux_sha3::generic_keccak::KeccakXofState<STATE,
-PARALLEL_LANES, RATE>[TraitClause@0]#2}
+This function found in impl
+{libcrux_sha3::generic_keccak::xof::KeccakXofState<STATE, PARALLEL_LANES,
+RATE>[TraitClause@0, TraitClause@1]}
*/
/**
-A monomorphic instance of libcrux_sha3.generic_keccak.fill_buffer_9d
+A monomorphic instance of libcrux_sha3.generic_keccak.xof.fill_buffer_35
with types uint64_t
with const generics
- PARALLEL_LANES= 1
- RATE= 168
*/
-static inline size_t libcrux_sha3_generic_keccak_fill_buffer_9d_b00(
- libcrux_sha3_generic_keccak_KeccakXofState_78 *self,
- Eurydice_slice inputs[1U]) {
+static inline size_t libcrux_sha3_generic_keccak_xof_fill_buffer_35_c60(
+ libcrux_sha3_generic_keccak_xof_KeccakXofState_97 *self,
+ Eurydice_slice *inputs) {
size_t input_len = Eurydice_slice_len(inputs[0U], uint8_t);
size_t consumed = (size_t)0U;
if (self->buf_len > (size_t)0U) {
@@ -5012,10 +5104,12 @@ static inline size_t libcrux_sha3_generic_keccak_fill_buffer_9d_b00(
for (size_t i = (size_t)0U; i < (size_t)1U; i++) {
size_t i0 = i;
Eurydice_slice uu____0 = Eurydice_array_to_subslice_from(
- (size_t)168U, self->buf[i0], self->buf_len, uint8_t, size_t);
+ (size_t)168U, self->buf[i0], self->buf_len, uint8_t, size_t,
+ uint8_t[]);
Eurydice_slice_copy(
uu____0,
- Eurydice_slice_subslice_to(inputs[i0], consumed, uint8_t, size_t),
+ Eurydice_slice_subslice_to(inputs[i0], consumed, uint8_t, size_t,
+ uint8_t[]),
uint8_t);
}
self->buf_len = self->buf_len + consumed;
@@ -5025,42 +5119,37 @@ static inline size_t libcrux_sha3_generic_keccak_fill_buffer_9d_b00(
}
/**
-This function found in impl {libcrux_sha3::generic_keccak::KeccakXofState<STATE,
-PARALLEL_LANES, RATE>[TraitClause@0]#2}
+This function found in impl
+{libcrux_sha3::generic_keccak::xof::KeccakXofState<STATE, PARALLEL_LANES,
+RATE>[TraitClause@0, TraitClause@1]}
*/
/**
-A monomorphic instance of libcrux_sha3.generic_keccak.absorb_full_9d
+A monomorphic instance of libcrux_sha3.generic_keccak.xof.absorb_full_35
with types uint64_t
with const generics
- PARALLEL_LANES= 1
- RATE= 168
*/
-static inline size_t libcrux_sha3_generic_keccak_absorb_full_9d_f80(
- libcrux_sha3_generic_keccak_KeccakXofState_78 *self,
- Eurydice_slice inputs[1U]) {
- libcrux_sha3_generic_keccak_KeccakXofState_78 *uu____0 = self;
- /* Passing arrays by value in Rust generates a copy in C */
- Eurydice_slice copy_of_inputs0[1U];
- memcpy(copy_of_inputs0, inputs, (size_t)1U * sizeof(Eurydice_slice));
+static inline size_t libcrux_sha3_generic_keccak_xof_absorb_full_35_c60(
+ libcrux_sha3_generic_keccak_xof_KeccakXofState_97 *self,
+ Eurydice_slice *inputs) {
size_t input_consumed =
- libcrux_sha3_generic_keccak_fill_buffer_9d_b00(uu____0, copy_of_inputs0);
+ libcrux_sha3_generic_keccak_xof_fill_buffer_35_c60(self, inputs);
if (input_consumed > (size_t)0U) {
Eurydice_slice borrowed[1U];
for (size_t i = (size_t)0U; i < (size_t)1U; i++) {
uint8_t buf[168U] = {0U};
- borrowed[i] = core_array___Array_T__N__23__as_slice(
- (size_t)168U, buf, uint8_t, Eurydice_slice);
+ borrowed[i] = core_array___Array_T__N___as_slice((size_t)168U, buf,
+ uint8_t, Eurydice_slice);
}
for (size_t i = (size_t)0U; i < (size_t)1U; i++) {
size_t i0 = i;
borrowed[i0] =
Eurydice_array_to_slice((size_t)168U, self->buf[i0], uint8_t);
}
- uint64_t(*uu____2)[5U] = self->inner.st;
- Eurydice_slice uu____3[1U];
- memcpy(uu____3, borrowed, (size_t)1U * sizeof(Eurydice_slice));
- libcrux_sha3_portable_keccak_load_block_5a_b83(uu____2, uu____3);
- libcrux_sha3_generic_keccak_keccakf1600_21(&self->inner);
+ libcrux_sha3_simd_portable_load_block_a1_3a(&self->inner, borrowed,
+ (size_t)0U);
+ libcrux_sha3_generic_keccak_keccakf1600_80_04(&self->inner);
self->buf_len = (size_t)0U;
}
size_t input_to_consume =
@@ -5069,648 +5158,237 @@ static inline size_t libcrux_sha3_generic_keccak_absorb_full_9d_f80(
size_t remainder = input_to_consume % (size_t)168U;
for (size_t i = (size_t)0U; i < num_blocks; i++) {
size_t i0 = i;
- uint64_t(*uu____4)[5U] = self->inner.st;
- /* Passing arrays by value in Rust generates a copy in C */
- Eurydice_slice copy_of_inputs[1U];
- memcpy(copy_of_inputs, inputs, (size_t)1U * sizeof(Eurydice_slice));
- Eurydice_slice ret[1U];
- libcrux_sha3_portable_keccak_slice_n_5a(
- copy_of_inputs, input_consumed + i0 * (size_t)168U, (size_t)168U, ret);
- libcrux_sha3_portable_keccak_load_block_5a_b83(uu____4, ret);
- libcrux_sha3_generic_keccak_keccakf1600_21(&self->inner);
+ libcrux_sha3_simd_portable_load_block_a1_3a(
+ &self->inner, inputs, input_consumed + i0 * (size_t)168U);
+ libcrux_sha3_generic_keccak_keccakf1600_80_04(&self->inner);
}
return remainder;
}
/**
- Absorb
-
- This function takes any number of bytes to absorb and buffers if it's not
- enough. The function assumes that all input slices in `blocks` have the same
- length.
-
- Only a multiple of `RATE` blocks are absorbed.
- For the remaining bytes [`absorb_final`] needs to be called.
-
- This works best with relatively small `inputs`.
+This function found in impl
+{libcrux_sha3::generic_keccak::xof::KeccakXofState<STATE, PARALLEL_LANES,
+RATE>[TraitClause@0, TraitClause@1]}
*/
/**
-This function found in impl {libcrux_sha3::generic_keccak::KeccakXofState<STATE,
-PARALLEL_LANES, RATE>[TraitClause@0]#2}
-*/
-/**
-A monomorphic instance of libcrux_sha3.generic_keccak.absorb_9d
+A monomorphic instance of libcrux_sha3.generic_keccak.xof.absorb_35
with types uint64_t
with const generics
- PARALLEL_LANES= 1
- RATE= 168
*/
-static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_absorb_9d_7b0(
- libcrux_sha3_generic_keccak_KeccakXofState_78 *self,
- Eurydice_slice inputs[1U]) {
- libcrux_sha3_generic_keccak_KeccakXofState_78 *uu____0 = self;
- /* Passing arrays by value in Rust generates a copy in C */
- Eurydice_slice copy_of_inputs[1U];
- memcpy(copy_of_inputs, inputs, (size_t)1U * sizeof(Eurydice_slice));
+static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_xof_absorb_35_c60(
+ libcrux_sha3_generic_keccak_xof_KeccakXofState_97 *self,
+ Eurydice_slice *inputs) {
size_t input_remainder_len =
- libcrux_sha3_generic_keccak_absorb_full_9d_f80(uu____0, copy_of_inputs);
+ libcrux_sha3_generic_keccak_xof_absorb_full_35_c60(self, inputs);
if (input_remainder_len > (size_t)0U) {
size_t input_len = Eurydice_slice_len(inputs[0U], uint8_t);
for (size_t i = (size_t)0U; i < (size_t)1U; i++) {
size_t i0 = i;
- Eurydice_slice uu____2 = Eurydice_array_to_subslice2(
- self->buf[i0], self->buf_len, self->buf_len + input_remainder_len,
- uint8_t);
- Eurydice_slice_copy(
- uu____2,
- Eurydice_slice_subslice_from(
- inputs[i0], input_len - input_remainder_len, uint8_t, size_t),
- uint8_t);
+ Eurydice_slice_copy(Eurydice_array_to_subslice3(
+ self->buf[i0], self->buf_len,
+ self->buf_len + input_remainder_len, uint8_t *),
+ Eurydice_slice_subslice_from(
+ inputs[i0], input_len - input_remainder_len,
+ uint8_t, size_t, uint8_t[]),
+ uint8_t);
}
self->buf_len = self->buf_len + input_remainder_len;
}
}
/**
-This function found in impl
-{(libcrux_sha3::portable::incremental::XofAbsorb<168: usize> for
-libcrux_sha3::portable::incremental::Shake128Absorb)}
+This function found in impl {libcrux_sha3::portable::incremental::Xof<168usize>
+for libcrux_sha3::portable::incremental::Shake128Xof}
*/
-static inline void libcrux_sha3_portable_incremental_absorb_1c(
- libcrux_sha3_generic_keccak_KeccakXofState_78 *self, Eurydice_slice input) {
+static inline void libcrux_sha3_portable_incremental_absorb_26(
+ libcrux_sha3_generic_keccak_xof_KeccakXofState_97 *self,
+ Eurydice_slice input) {
Eurydice_slice buf[1U] = {input};
- libcrux_sha3_generic_keccak_absorb_9d_7b0(self, buf);
+ libcrux_sha3_generic_keccak_xof_absorb_35_c60(self, buf);
}
-typedef libcrux_sha3_generic_keccak_KeccakXofState_78
- libcrux_sha3_portable_incremental_Shake128Squeeze;
-
/**
- Absorb a final block.
-
- The `inputs` block may be empty. Everything in the `inputs` block beyond
- `RATE` bytes is ignored.
+This function found in impl
+{libcrux_sha3::generic_keccak::xof::KeccakXofState<STATE, PARALLEL_LANES,
+RATE>[TraitClause@0, TraitClause@1]}
*/
/**
-This function found in impl {libcrux_sha3::generic_keccak::KeccakXofState<STATE,
-PARALLEL_LANES, RATE>[TraitClause@0]#2}
-*/
-/**
-A monomorphic instance of libcrux_sha3.generic_keccak.absorb_final_9d
+A monomorphic instance of libcrux_sha3.generic_keccak.xof.absorb_final_35
with types uint64_t
with const generics
- PARALLEL_LANES= 1
- RATE= 168
- DELIMITER= 31
*/
-static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_absorb_final_9d_250(
- libcrux_sha3_generic_keccak_KeccakXofState_78 *self,
- Eurydice_slice inputs[1U]) {
- libcrux_sha3_generic_keccak_KeccakXofState_78 *uu____0 = self;
- /* Passing arrays by value in Rust generates a copy in C */
- Eurydice_slice copy_of_inputs[1U];
- memcpy(copy_of_inputs, inputs, (size_t)1U * sizeof(Eurydice_slice));
- size_t input_remainder_len =
- libcrux_sha3_generic_keccak_absorb_full_9d_f80(uu____0, copy_of_inputs);
- size_t input_len = Eurydice_slice_len(inputs[0U], uint8_t);
- uint8_t blocks[1U][200U] = {{0U}};
+static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_xof_absorb_final_35_9e0(
+ libcrux_sha3_generic_keccak_xof_KeccakXofState_97 *self,
+ Eurydice_slice *inputs) {
+ libcrux_sha3_generic_keccak_xof_absorb_35_c60(self, inputs);
+ Eurydice_slice borrowed[1U];
+ for (size_t i = (size_t)0U; i < (size_t)1U; i++) {
+ uint8_t buf[168U] = {0U};
+ borrowed[i] = core_array___Array_T__N___as_slice((size_t)168U, buf, uint8_t,
+ Eurydice_slice);
+ }
for (size_t i = (size_t)0U; i < (size_t)1U; i++) {
size_t i0 = i;
- if (self->buf_len > (size_t)0U) {
- Eurydice_slice uu____2 = Eurydice_array_to_subslice2(
- blocks[i0], (size_t)0U, self->buf_len, uint8_t);
- Eurydice_slice_copy(uu____2,
- Eurydice_array_to_subslice2(self->buf[i0], (size_t)0U,
- self->buf_len, uint8_t),
- uint8_t);
- }
- if (input_remainder_len > (size_t)0U) {
- Eurydice_slice uu____3 = Eurydice_array_to_subslice2(
- blocks[i0], self->buf_len, self->buf_len + input_remainder_len,
- uint8_t);
- Eurydice_slice_copy(
- uu____3,
- Eurydice_slice_subslice_from(
- inputs[i0], input_len - input_remainder_len, uint8_t, size_t),
- uint8_t);
- }
- blocks[i0][self->buf_len + input_remainder_len] = 31U;
- size_t uu____4 = i0;
- size_t uu____5 = (size_t)168U - (size_t)1U;
- blocks[uu____4][uu____5] = (uint32_t)blocks[uu____4][uu____5] | 128U;
+ borrowed[i0] =
+ Eurydice_array_to_slice((size_t)168U, self->buf[i0], uint8_t);
}
- uint64_t(*uu____6)[5U] = self->inner.st;
- uint8_t uu____7[1U][200U];
- memcpy(uu____7, blocks, (size_t)1U * sizeof(uint8_t[200U]));
- libcrux_sha3_portable_keccak_load_block_full_5a_d21(uu____6, uu____7);
- libcrux_sha3_generic_keccak_keccakf1600_21(&self->inner);
+ libcrux_sha3_simd_portable_load_last_a1_c6(&self->inner, borrowed, (size_t)0U,
+ self->buf_len);
+ libcrux_sha3_generic_keccak_keccakf1600_80_04(&self->inner);
}
/**
-This function found in impl
-{(libcrux_sha3::portable::incremental::XofAbsorb<168: usize> for
-libcrux_sha3::portable::incremental::Shake128Absorb)}
+This function found in impl {libcrux_sha3::portable::incremental::Xof<168usize>
+for libcrux_sha3::portable::incremental::Shake128Xof}
*/
-static inline libcrux_sha3_generic_keccak_KeccakXofState_78
-libcrux_sha3_portable_incremental_absorb_final_1c(
- libcrux_sha3_generic_keccak_KeccakXofState_78 self, Eurydice_slice input) {
+static inline void libcrux_sha3_portable_incremental_absorb_final_26(
+ libcrux_sha3_generic_keccak_xof_KeccakXofState_97 *self,
+ Eurydice_slice input) {
Eurydice_slice buf[1U] = {input};
- libcrux_sha3_generic_keccak_absorb_final_9d_250(&self, buf);
- return self;
+ libcrux_sha3_generic_keccak_xof_absorb_final_35_9e0(self, buf);
}
/**
- An all zero block
+This function found in impl
+{libcrux_sha3::generic_keccak::xof::KeccakXofState<STATE, PARALLEL_LANES,
+RATE>[TraitClause@0, TraitClause@1]}
*/
/**
-This function found in impl {libcrux_sha3::generic_keccak::KeccakXofState<STATE,
-PARALLEL_LANES, RATE>[TraitClause@0]#2}
-*/
-/**
-A monomorphic instance of libcrux_sha3.generic_keccak.zero_block_9d
+A monomorphic instance of libcrux_sha3.generic_keccak.xof.zero_block_35
with types uint64_t
with const generics
- PARALLEL_LANES= 1
- RATE= 168
*/
-static inline void libcrux_sha3_generic_keccak_zero_block_9d_e60(
+static inline void libcrux_sha3_generic_keccak_xof_zero_block_35_c60(
uint8_t ret[168U]) {
- ret[0U] = 0U;
- ret[1U] = 0U;
- ret[2U] = 0U;
- ret[3U] = 0U;
- ret[4U] = 0U;
- ret[5U] = 0U;
- ret[6U] = 0U;
- ret[7U] = 0U;
- ret[8U] = 0U;
- ret[9U] = 0U;
- ret[10U] = 0U;
- ret[11U] = 0U;
- ret[12U] = 0U;
- ret[13U] = 0U;
- ret[14U] = 0U;
- ret[15U] = 0U;
- ret[16U] = 0U;
- ret[17U] = 0U;
- ret[18U] = 0U;
- ret[19U] = 0U;
- ret[20U] = 0U;
- ret[21U] = 0U;
- ret[22U] = 0U;
- ret[23U] = 0U;
- ret[24U] = 0U;
- ret[25U] = 0U;
- ret[26U] = 0U;
- ret[27U] = 0U;
- ret[28U] = 0U;
- ret[29U] = 0U;
- ret[30U] = 0U;
- ret[31U] = 0U;
- ret[32U] = 0U;
- ret[33U] = 0U;
- ret[34U] = 0U;
- ret[35U] = 0U;
- ret[36U] = 0U;
- ret[37U] = 0U;
- ret[38U] = 0U;
- ret[39U] = 0U;
- ret[40U] = 0U;
- ret[41U] = 0U;
- ret[42U] = 0U;
- ret[43U] = 0U;
- ret[44U] = 0U;
- ret[45U] = 0U;
- ret[46U] = 0U;
- ret[47U] = 0U;
- ret[48U] = 0U;
- ret[49U] = 0U;
- ret[50U] = 0U;
- ret[51U] = 0U;
- ret[52U] = 0U;
- ret[53U] = 0U;
- ret[54U] = 0U;
- ret[55U] = 0U;
- ret[56U] = 0U;
- ret[57U] = 0U;
- ret[58U] = 0U;
- ret[59U] = 0U;
- ret[60U] = 0U;
- ret[61U] = 0U;
- ret[62U] = 0U;
- ret[63U] = 0U;
- ret[64U] = 0U;
- ret[65U] = 0U;
- ret[66U] = 0U;
- ret[67U] = 0U;
- ret[68U] = 0U;
- ret[69U] = 0U;
- ret[70U] = 0U;
- ret[71U] = 0U;
- ret[72U] = 0U;
- ret[73U] = 0U;
- ret[74U] = 0U;
- ret[75U] = 0U;
- ret[76U] = 0U;
- ret[77U] = 0U;
- ret[78U] = 0U;
- ret[79U] = 0U;
- ret[80U] = 0U;
- ret[81U] = 0U;
- ret[82U] = 0U;
- ret[83U] = 0U;
- ret[84U] = 0U;
- ret[85U] = 0U;
- ret[86U] = 0U;
- ret[87U] = 0U;
- ret[88U] = 0U;
- ret[89U] = 0U;
- ret[90U] = 0U;
- ret[91U] = 0U;
- ret[92U] = 0U;
- ret[93U] = 0U;
- ret[94U] = 0U;
- ret[95U] = 0U;
- ret[96U] = 0U;
- ret[97U] = 0U;
- ret[98U] = 0U;
- ret[99U] = 0U;
- ret[100U] = 0U;
- ret[101U] = 0U;
- ret[102U] = 0U;
- ret[103U] = 0U;
- ret[104U] = 0U;
- ret[105U] = 0U;
- ret[106U] = 0U;
- ret[107U] = 0U;
- ret[108U] = 0U;
- ret[109U] = 0U;
- ret[110U] = 0U;
- ret[111U] = 0U;
- ret[112U] = 0U;
- ret[113U] = 0U;
- ret[114U] = 0U;
- ret[115U] = 0U;
- ret[116U] = 0U;
- ret[117U] = 0U;
- ret[118U] = 0U;
- ret[119U] = 0U;
- ret[120U] = 0U;
- ret[121U] = 0U;
- ret[122U] = 0U;
- ret[123U] = 0U;
- ret[124U] = 0U;
- ret[125U] = 0U;
- ret[126U] = 0U;
- ret[127U] = 0U;
- ret[128U] = 0U;
- ret[129U] = 0U;
- ret[130U] = 0U;
- ret[131U] = 0U;
- ret[132U] = 0U;
- ret[133U] = 0U;
- ret[134U] = 0U;
- ret[135U] = 0U;
- ret[136U] = 0U;
- ret[137U] = 0U;
- ret[138U] = 0U;
- ret[139U] = 0U;
- ret[140U] = 0U;
- ret[141U] = 0U;
- ret[142U] = 0U;
- ret[143U] = 0U;
- ret[144U] = 0U;
- ret[145U] = 0U;
- ret[146U] = 0U;
- ret[147U] = 0U;
- ret[148U] = 0U;
- ret[149U] = 0U;
- ret[150U] = 0U;
- ret[151U] = 0U;
- ret[152U] = 0U;
- ret[153U] = 0U;
- ret[154U] = 0U;
- ret[155U] = 0U;
- ret[156U] = 0U;
- ret[157U] = 0U;
- ret[158U] = 0U;
- ret[159U] = 0U;
- ret[160U] = 0U;
- ret[161U] = 0U;
- ret[162U] = 0U;
- ret[163U] = 0U;
- ret[164U] = 0U;
- ret[165U] = 0U;
- ret[166U] = 0U;
- ret[167U] = 0U;
+ memset(ret, 0U, 168U * sizeof(uint8_t));
}
/**
- Generate a new keccak xof state.
+This function found in impl
+{libcrux_sha3::generic_keccak::xof::KeccakXofState<STATE, PARALLEL_LANES,
+RATE>[TraitClause@0, TraitClause@1]}
*/
/**
-This function found in impl {libcrux_sha3::generic_keccak::KeccakXofState<STATE,
-PARALLEL_LANES, RATE>[TraitClause@0]#2}
-*/
-/**
-A monomorphic instance of libcrux_sha3.generic_keccak.new_9d
+A monomorphic instance of libcrux_sha3.generic_keccak.xof.new_35
with types uint64_t
with const generics
- PARALLEL_LANES= 1
- RATE= 168
*/
-static inline libcrux_sha3_generic_keccak_KeccakXofState_78
-libcrux_sha3_generic_keccak_new_9d_7e0(void) {
- libcrux_sha3_generic_keccak_KeccakXofState_78 lit;
- lit.inner = libcrux_sha3_generic_keccak_new_1e_f4();
- uint8_t ret[168U];
- libcrux_sha3_generic_keccak_zero_block_9d_e60(ret);
- memcpy(lit.buf[0U], ret, (size_t)168U * sizeof(uint8_t));
+static inline libcrux_sha3_generic_keccak_xof_KeccakXofState_97
+libcrux_sha3_generic_keccak_xof_new_35_c60(void) {
+ libcrux_sha3_generic_keccak_xof_KeccakXofState_97 lit;
+ lit.inner = libcrux_sha3_generic_keccak_new_80_04();
+ uint8_t repeat_expression[1U][168U];
+ for (size_t i = (size_t)0U; i < (size_t)1U; i++) {
+ libcrux_sha3_generic_keccak_xof_zero_block_35_c60(repeat_expression[i]);
+ }
+ memcpy(lit.buf, repeat_expression, (size_t)1U * sizeof(uint8_t[168U]));
lit.buf_len = (size_t)0U;
lit.sponge = false;
return lit;
}
/**
-This function found in impl
-{(libcrux_sha3::portable::incremental::XofAbsorb<168: usize> for
-libcrux_sha3::portable::incremental::Shake128Absorb)}
+This function found in impl {libcrux_sha3::portable::incremental::Xof<168usize>
+for libcrux_sha3::portable::incremental::Shake128Xof}
*/
-static inline libcrux_sha3_generic_keccak_KeccakXofState_78
-libcrux_sha3_portable_incremental_new_1c(void) {
- return libcrux_sha3_generic_keccak_new_9d_7e0();
+static inline libcrux_sha3_generic_keccak_xof_KeccakXofState_97
+libcrux_sha3_portable_incremental_new_26(void) {
+ return libcrux_sha3_generic_keccak_xof_new_35_c60();
}
/**
- `out` has the exact size we want here. It must be less than or equal to `RATE`.
-*/
-/**
-This function found in impl {(libcrux_sha3::traits::internal::KeccakItem<1:
-usize> for u64)}
-*/
-/**
-A monomorphic instance of libcrux_sha3.portable_keccak.store_5a
-with const generics
-- RATE= 136
-*/
-static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_store_5a_1c(
- uint64_t (*state)[5U], Eurydice_slice out[1U]) {
- size_t num_full_blocks = Eurydice_slice_len(out[0U], uint8_t) / (size_t)8U;
- size_t last_block_len = Eurydice_slice_len(out[0U], uint8_t) % (size_t)8U;
- for (size_t i = (size_t)0U; i < num_full_blocks; i++) {
- size_t i0 = i;
- Eurydice_slice uu____0 = Eurydice_slice_subslice2(
- out[0U], i0 * (size_t)8U, i0 * (size_t)8U + (size_t)8U, uint8_t);
- uint8_t ret[8U];
- core_num__u64_9__to_le_bytes(state[i0 / (size_t)5U][i0 % (size_t)5U], ret);
- Eurydice_slice_copy(
- uu____0, Eurydice_array_to_slice((size_t)8U, ret, uint8_t), uint8_t);
- }
- if (last_block_len != (size_t)0U) {
- Eurydice_slice uu____1 = Eurydice_slice_subslice2(
- out[0U], num_full_blocks * (size_t)8U,
- num_full_blocks * (size_t)8U + last_block_len, uint8_t);
- uint8_t ret[8U];
- core_num__u64_9__to_le_bytes(
- state[num_full_blocks / (size_t)5U][num_full_blocks % (size_t)5U], ret);
- Eurydice_slice_copy(
- uu____1,
- Eurydice_array_to_subslice2(ret, (size_t)0U, last_block_len, uint8_t),
- uint8_t);
- }
-}
-
-/**
- Squeeze `N` x `LEN` bytes.
-*/
-/**
-This function found in impl {libcrux_sha3::generic_keccak::KeccakXofState<STATE,
-PARALLEL_LANES, RATE>[TraitClause@0]#2}
-*/
-/**
-A monomorphic instance of libcrux_sha3.generic_keccak.squeeze_9d
-with types uint64_t
-with const generics
-- PARALLEL_LANES= 1
-- RATE= 136
-*/
-static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_squeeze_9d_96(
- libcrux_sha3_generic_keccak_KeccakXofState_4f *self,
- Eurydice_slice out[1U]) {
- if (self->sponge) {
- libcrux_sha3_generic_keccak_keccakf1600_21(&self->inner);
- }
- size_t out_len = Eurydice_slice_len(out[0U], uint8_t);
- size_t blocks = out_len / (size_t)136U;
- size_t last = out_len - out_len % (size_t)136U;
- size_t mid;
- if ((size_t)136U >= out_len) {
- mid = out_len;
- } else {
- mid = (size_t)136U;
- }
- Eurydice_slice_uint8_t_1size_t__x2 uu____0 =
- libcrux_sha3_portable_keccak_split_at_mut_n_5a(out, mid);
- Eurydice_slice out00[1U];
- memcpy(out00, uu____0.fst, (size_t)1U * sizeof(Eurydice_slice));
- Eurydice_slice out_rest[1U];
- memcpy(out_rest, uu____0.snd, (size_t)1U * sizeof(Eurydice_slice));
- libcrux_sha3_portable_keccak_store_5a_1c(self->inner.st, out00);
- core_ops_range_Range_b3 iter =
- core_iter_traits_collect___core__iter__traits__collect__IntoIterator_for_I__1__into_iter(
- (CLITERAL(core_ops_range_Range_b3){.start = (size_t)1U,
- .end = blocks}),
- core_ops_range_Range_b3, core_ops_range_Range_b3);
- while (true) {
- if (core_iter_range___core__iter__traits__iterator__Iterator_for_core__ops__range__Range_A___6__next(
- &iter, size_t, Option_b3)
- .tag == None) {
- break;
- } else {
- Eurydice_slice_uint8_t_1size_t__x2 uu____1 =
- libcrux_sha3_portable_keccak_split_at_mut_n_5a(out_rest,
- (size_t)136U);
- Eurydice_slice out0[1U];
- memcpy(out0, uu____1.fst, (size_t)1U * sizeof(Eurydice_slice));
- Eurydice_slice tmp[1U];
- memcpy(tmp, uu____1.snd, (size_t)1U * sizeof(Eurydice_slice));
- libcrux_sha3_generic_keccak_keccakf1600_21(&self->inner);
- libcrux_sha3_portable_keccak_store_5a_1c(self->inner.st, out0);
- memcpy(out_rest, tmp, (size_t)1U * sizeof(Eurydice_slice));
- }
- }
- if (last < out_len) {
- libcrux_sha3_generic_keccak_keccakf1600_21(&self->inner);
- libcrux_sha3_portable_keccak_store_5a_1c(self->inner.st, out_rest);
- }
- self->sponge = true;
-}
-
-/**
- Shake256 squeeze
+ Squeeze `N` x `LEN` bytes. Only `N = 1` for now.
*/
/**
This function found in impl
-{(libcrux_sha3::portable::incremental::XofSqueeze<136: usize> for
-libcrux_sha3::portable::incremental::Shake256Squeeze)#3}
-*/
-static inline void libcrux_sha3_portable_incremental_squeeze_8a(
- libcrux_sha3_generic_keccak_KeccakXofState_4f *self, Eurydice_slice out) {
- Eurydice_slice buf[1U] = {out};
- libcrux_sha3_generic_keccak_squeeze_9d_96(self, buf);
-}
-
-/**
- `out` has the exact size we want here. It must be less than or equal to `RATE`.
-*/
-/**
-This function found in impl {(libcrux_sha3::traits::internal::KeccakItem<1:
-usize> for u64)}
-*/
-/**
-A monomorphic instance of libcrux_sha3.portable_keccak.store_5a
-with const generics
-- RATE= 168
-*/
-static KRML_MUSTINLINE void libcrux_sha3_portable_keccak_store_5a_1c0(
- uint64_t (*state)[5U], Eurydice_slice out[1U]) {
- size_t num_full_blocks = Eurydice_slice_len(out[0U], uint8_t) / (size_t)8U;
- size_t last_block_len = Eurydice_slice_len(out[0U], uint8_t) % (size_t)8U;
- for (size_t i = (size_t)0U; i < num_full_blocks; i++) {
- size_t i0 = i;
- Eurydice_slice uu____0 = Eurydice_slice_subslice2(
- out[0U], i0 * (size_t)8U, i0 * (size_t)8U + (size_t)8U, uint8_t);
- uint8_t ret[8U];
- core_num__u64_9__to_le_bytes(state[i0 / (size_t)5U][i0 % (size_t)5U], ret);
- Eurydice_slice_copy(
- uu____0, Eurydice_array_to_slice((size_t)8U, ret, uint8_t), uint8_t);
- }
- if (last_block_len != (size_t)0U) {
- Eurydice_slice uu____1 = Eurydice_slice_subslice2(
- out[0U], num_full_blocks * (size_t)8U,
- num_full_blocks * (size_t)8U + last_block_len, uint8_t);
- uint8_t ret[8U];
- core_num__u64_9__to_le_bytes(
- state[num_full_blocks / (size_t)5U][num_full_blocks % (size_t)5U], ret);
- Eurydice_slice_copy(
- uu____1,
- Eurydice_array_to_subslice2(ret, (size_t)0U, last_block_len, uint8_t),
- uint8_t);
- }
-}
-
-/**
- Squeeze `N` x `LEN` bytes.
-*/
-/**
-This function found in impl {libcrux_sha3::generic_keccak::KeccakXofState<STATE,
-PARALLEL_LANES, RATE>[TraitClause@0]#2}
+{libcrux_sha3::generic_keccak::xof::KeccakXofState<STATE, 1usize,
+RATE>[TraitClause@0, TraitClause@1]}
*/
/**
-A monomorphic instance of libcrux_sha3.generic_keccak.squeeze_9d
+A monomorphic instance of libcrux_sha3.generic_keccak.xof.squeeze_85
with types uint64_t
with const generics
-- PARALLEL_LANES= 1
- RATE= 168
*/
-static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_squeeze_9d_960(
- libcrux_sha3_generic_keccak_KeccakXofState_78 *self,
- Eurydice_slice out[1U]) {
+static KRML_MUSTINLINE void libcrux_sha3_generic_keccak_xof_squeeze_85_13(
+ libcrux_sha3_generic_keccak_xof_KeccakXofState_97 *self,
+ Eurydice_slice out) {
if (self->sponge) {
- libcrux_sha3_generic_keccak_keccakf1600_21(&self->inner);
- }
- size_t out_len = Eurydice_slice_len(out[0U], uint8_t);
- size_t blocks = out_len / (size_t)168U;
- size_t last = out_len - out_len % (size_t)168U;
- size_t mid;
- if ((size_t)168U >= out_len) {
- mid = out_len;
- } else {
- mid = (size_t)168U;
+ libcrux_sha3_generic_keccak_keccakf1600_80_04(&self->inner);
}
- Eurydice_slice_uint8_t_1size_t__x2 uu____0 =
- libcrux_sha3_portable_keccak_split_at_mut_n_5a(out, mid);
- Eurydice_slice out00[1U];
- memcpy(out00, uu____0.fst, (size_t)1U * sizeof(Eurydice_slice));
- Eurydice_slice out_rest[1U];
- memcpy(out_rest, uu____0.snd, (size_t)1U * sizeof(Eurydice_slice));
- libcrux_sha3_portable_keccak_store_5a_1c0(self->inner.st, out00);
- core_ops_range_Range_b3 iter =
- core_iter_traits_collect___core__iter__traits__collect__IntoIterator_for_I__1__into_iter(
- (CLITERAL(core_ops_range_Range_b3){.start = (size_t)1U,
- .end = blocks}),
- core_ops_range_Range_b3, core_ops_range_Range_b3);
- while (true) {
- if (core_iter_range___core__iter__traits__iterator__Iterator_for_core__ops__range__Range_A___6__next(
- &iter, size_t, Option_b3)
- .tag == None) {
- break;
+ size_t out_len = Eurydice_slice_len(out, uint8_t);
+ if (out_len > (size_t)0U) {
+ if (out_len <= (size_t)168U) {
+ libcrux_sha3_simd_portable_squeeze_13_3a(&self->inner, out, (size_t)0U,
+ out_len);
} else {
- Eurydice_slice_uint8_t_1size_t__x2 uu____1 =
- libcrux_sha3_portable_keccak_split_at_mut_n_5a(out_rest,
- (size_t)168U);
- Eurydice_slice out0[1U];
- memcpy(out0, uu____1.fst, (size_t)1U * sizeof(Eurydice_slice));
- Eurydice_slice tmp[1U];
- memcpy(tmp, uu____1.snd, (size_t)1U * sizeof(Eurydice_slice));
- libcrux_sha3_generic_keccak_keccakf1600_21(&self->inner);
- libcrux_sha3_portable_keccak_store_5a_1c0(self->inner.st, out0);
- memcpy(out_rest, tmp, (size_t)1U * sizeof(Eurydice_slice));
+ size_t blocks = out_len / (size_t)168U;
+ for (size_t i = (size_t)0U; i < blocks; i++) {
+ size_t i0 = i;
+ libcrux_sha3_generic_keccak_keccakf1600_80_04(&self->inner);
+ libcrux_sha3_simd_portable_squeeze_13_3a(
+ &self->inner, out, i0 * (size_t)168U, (size_t)168U);
+ }
+ size_t remaining = out_len % (size_t)168U;
+ if (remaining > (size_t)0U) {
+ libcrux_sha3_generic_keccak_keccakf1600_80_04(&self->inner);
+ libcrux_sha3_simd_portable_squeeze_13_3a(
+ &self->inner, out, blocks * (size_t)168U, remaining);
+ }
}
+ self->sponge = true;
}
- if (last < out_len) {
- libcrux_sha3_generic_keccak_keccakf1600_21(&self->inner);
- libcrux_sha3_portable_keccak_store_5a_1c0(self->inner.st, out_rest);
- }
- self->sponge = true;
}
/**
Shake128 squeeze
*/
/**
-This function found in impl
-{(libcrux_sha3::portable::incremental::XofSqueeze<168: usize> for
-libcrux_sha3::portable::incremental::Shake128Squeeze)#1}
+This function found in impl {libcrux_sha3::portable::incremental::Xof<168usize>
+for libcrux_sha3::portable::incremental::Shake128Xof}
*/
-static inline void libcrux_sha3_portable_incremental_squeeze_10(
- libcrux_sha3_generic_keccak_KeccakXofState_78 *self, Eurydice_slice out) {
- Eurydice_slice buf[1U] = {out};
- libcrux_sha3_generic_keccak_squeeze_9d_960(self, buf);
+static inline void libcrux_sha3_portable_incremental_squeeze_26(
+ libcrux_sha3_generic_keccak_xof_KeccakXofState_97 *self,
+ Eurydice_slice out) {
+ libcrux_sha3_generic_keccak_xof_squeeze_85_13(self, out);
}
/**
-This function found in impl {(core::clone::Clone for
-libcrux_sha3::portable::KeccakState)}
+This function found in impl {core::clone::Clone for
+libcrux_sha3::portable::KeccakState}
*/
-static inline libcrux_sha3_generic_keccak_KeccakState_48
-libcrux_sha3_portable_clone_3d(
- libcrux_sha3_generic_keccak_KeccakState_48 *self) {
+static inline libcrux_sha3_generic_keccak_KeccakState_17
+libcrux_sha3_portable_clone_fe(
+ libcrux_sha3_generic_keccak_KeccakState_17 *self) {
return self[0U];
}
/**
-This function found in impl {(core::convert::From<libcrux_sha3::Algorithm> for
-u32)#1}
+This function found in impl {core::convert::From<libcrux_sha3::Algorithm> for
+u32}
*/
-static inline uint32_t libcrux_sha3_from_eb(libcrux_sha3_Algorithm v) {
- uint32_t uu____0;
+static inline uint32_t libcrux_sha3_from_6c(libcrux_sha3_Algorithm v) {
switch (v) {
- case libcrux_sha3_Sha224: {
- uu____0 = 1U;
+ case libcrux_sha3_Algorithm_Sha224: {
break;
}
- case libcrux_sha3_Sha256: {
- uu____0 = 2U;
- break;
+ case libcrux_sha3_Algorithm_Sha256: {
+ return 2U;
}
- case libcrux_sha3_Sha384: {
- uu____0 = 3U;
- break;
+ case libcrux_sha3_Algorithm_Sha384: {
+ return 3U;
}
- case libcrux_sha3_Sha512: {
- uu____0 = 4U;
- break;
+ case libcrux_sha3_Algorithm_Sha512: {
+ return 4U;
}
default: {
KRML_HOST_EPRINTF("KaRaMeL incomplete match at %s:%d\n", __FILE__,
@@ -5718,31 +5396,26 @@ static inline uint32_t libcrux_sha3_from_eb(libcrux_sha3_Algorithm v) {
KRML_HOST_EXIT(253U);
}
}
- return uu____0;
+ return 1U;
}
/**
-This function found in impl {(core::convert::From<u32> for
-libcrux_sha3::Algorithm)}
+This function found in impl {core::convert::From<u32> for
+libcrux_sha3::Algorithm}
*/
-static inline libcrux_sha3_Algorithm libcrux_sha3_from_2d(uint32_t v) {
- libcrux_sha3_Algorithm uu____0;
+static inline libcrux_sha3_Algorithm libcrux_sha3_from_29(uint32_t v) {
switch (v) {
case 1U: {
- uu____0 = libcrux_sha3_Sha224;
break;
}
case 2U: {
- uu____0 = libcrux_sha3_Sha256;
- break;
+ return libcrux_sha3_Algorithm_Sha256;
}
case 3U: {
- uu____0 = libcrux_sha3_Sha384;
- break;
+ return libcrux_sha3_Algorithm_Sha384;
}
case 4U: {
- uu____0 = libcrux_sha3_Sha512;
- break;
+ return libcrux_sha3_Algorithm_Sha512;
}
default: {
KRML_HOST_EPRINTF("KaRaMeL abort at %s:%d\n%s\n", __FILE__, __LINE__,
@@ -5750,52 +5423,40 @@ static inline libcrux_sha3_Algorithm libcrux_sha3_from_2d(uint32_t v) {
KRML_HOST_EXIT(255U);
}
}
- return uu____0;
+ return libcrux_sha3_Algorithm_Sha224;
}
-typedef uint8_t libcrux_sha3_Sha3_512Digest[64U];
-
-typedef uint8_t libcrux_sha3_Sha3_384Digest[48U];
-
-typedef uint8_t libcrux_sha3_Sha3_256Digest[32U];
-
-typedef uint8_t libcrux_sha3_Sha3_224Digest[28U];
-
#if defined(__cplusplus)
}
#endif
-#define __libcrux_sha3_portable_H_DEFINED
-#endif
+#define libcrux_sha3_portable_H_DEFINED
+#endif /* libcrux_sha3_portable_H */
-/* from libcrux/libcrux-ml-kem/cg/libcrux_mlkem768_portable.h */
+/* from libcrux/libcrux-ml-kem/extracts/c_header_only/generated/libcrux_mlkem768_portable.h */
/*
- * SPDX-FileCopyrightText: 2024 Cryspen Sarl <info@cryspen.com>
+ * SPDX-FileCopyrightText: 2025 Cryspen Sarl <info@cryspen.com>
*
* SPDX-License-Identifier: MIT or Apache-2.0
*
* This code was generated with the following revisions:
- * Charon: 6b5e110342a771a3e1c739b10294b1778e4be8b4
- * Eurydice: 31be7d65ca5d6acdacfb33652e478d24dd85c1cb
- * Karamel: 3205d3365ea2790b02368f79fcee38e38d0b5908
- * F*: a32b316e521fa4f239b610ec8f1d15e78d62cbe8-dirty
- * Libcrux: 4ad532b206174114dd4140b718e7794a28fc59ee
+ * Charon: 667d2fc98984ff7f3df989c2367e6c1fa4a000e7
+ * Eurydice: 2381cbc416ef2ad0b561c362c500bc84f36b6785
+ * Karamel: 80f5435f2fc505973c469a4afcc8d875cddd0d8b
+ * F*: 71d8221589d4d438af3706d89cb653cf53e18aab
+ * Libcrux: 68dfed5a4a9e40277f62828471c029afed1ecdcc
*/
-#ifndef __libcrux_mlkem768_portable_H
-#define __libcrux_mlkem768_portable_H
+#ifndef libcrux_mlkem768_portable_H
+#define libcrux_mlkem768_portable_H
+
#if defined(__cplusplus)
extern "C" {
#endif
-#define LIBCRUX_ML_KEM_HASH_FUNCTIONS_BLOCK_SIZE ((size_t)168U)
-
-#define LIBCRUX_ML_KEM_HASH_FUNCTIONS_THREE_BLOCKS \
- (LIBCRUX_ML_KEM_HASH_FUNCTIONS_BLOCK_SIZE * (size_t)3U)
-
-static KRML_MUSTINLINE void libcrux_ml_kem_hash_functions_portable_G(
+static inline void libcrux_ml_kem_hash_functions_portable_G(
Eurydice_slice input, uint8_t ret[64U]) {
uint8_t digest[64U] = {0U};
libcrux_sha3_portable_sha512(
@@ -5803,7 +5464,7 @@ static KRML_MUSTINLINE void libcrux_ml_kem_hash_functions_portable_G(
memcpy(ret, digest, (size_t)64U * sizeof(uint8_t));
}
-static KRML_MUSTINLINE void libcrux_ml_kem_hash_functions_portable_H(
+static inline void libcrux_ml_kem_hash_functions_portable_H(
Eurydice_slice input, uint8_t ret[32U]) {
uint8_t digest[32U] = {0U};
libcrux_sha3_portable_sha256(
@@ -5811,15 +5472,6 @@ static KRML_MUSTINLINE void libcrux_ml_kem_hash_functions_portable_H(
memcpy(ret, digest, (size_t)32U * sizeof(uint8_t));
}
-#define LIBCRUX_ML_KEM_IND_CCA_ENCAPS_SEED_SIZE \
- (LIBCRUX_ML_KEM_CONSTANTS_SHARED_SECRET_SIZE)
-
-#define LIBCRUX_ML_KEM_IND_CCA_KEY_GENERATION_SEED_SIZE \
- (LIBCRUX_ML_KEM_CONSTANTS_CPA_PKE_KEY_GENERATION_SEED_SIZE + \
- LIBCRUX_ML_KEM_CONSTANTS_SHARED_SECRET_SIZE)
-
-typedef uint8_t libcrux_ml_kem_ind_cca_MlKemSharedSecret[32U];
-
static const int16_t libcrux_ml_kem_polynomial_ZETAS_TIMES_MONTGOMERY_R[128U] =
{(int16_t)-1044, (int16_t)-758, (int16_t)-359, (int16_t)-1517,
(int16_t)1493, (int16_t)1422, (int16_t)287, (int16_t)202,
@@ -5854,17 +5506,19 @@ static const int16_t libcrux_ml_kem_polynomial_ZETAS_TIMES_MONTGOMERY_R[128U] =
(int16_t)-108, (int16_t)-308, (int16_t)996, (int16_t)991,
(int16_t)958, (int16_t)-1460, (int16_t)1522, (int16_t)1628};
+static KRML_MUSTINLINE int16_t libcrux_ml_kem_polynomial_zeta(size_t i) {
+ return libcrux_ml_kem_polynomial_ZETAS_TIMES_MONTGOMERY_R[i];
+}
+
+#define LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT ((size_t)16U)
+
#define LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_ELEMENTS_IN_VECTOR ((size_t)16U)
-#define LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT \
- (LIBCRUX_ML_KEM_CONSTANTS_COEFFICIENTS_IN_RING_ELEMENT / \
- LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_ELEMENTS_IN_VECTOR)
-
-#define LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_MODULUS ((int16_t)3329)
-
#define LIBCRUX_ML_KEM_VECTOR_TRAITS_MONTGOMERY_R_SQUARED_MOD_FIELD_MODULUS \
((int16_t)1353)
+#define LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_MODULUS ((int16_t)3329)
+
#define LIBCRUX_ML_KEM_VECTOR_TRAITS_INVERSE_OF_MODULUS_MOD_MONTGOMERY_R \
(62209U)
@@ -5877,155 +5531,23 @@ libcrux_ml_kem_vector_portable_vector_type_from_i16_array(
Eurydice_slice array) {
libcrux_ml_kem_vector_portable_vector_type_PortableVector lit;
int16_t ret[16U];
- Result_c0 dst;
+ Result_0a dst;
Eurydice_slice_to_array2(
- &dst, Eurydice_slice_subslice2(array, (size_t)0U, (size_t)16U, int16_t),
- Eurydice_slice, int16_t[16U]);
- unwrap_41_f9(dst, ret);
+ &dst, Eurydice_slice_subslice3(array, (size_t)0U, (size_t)16U, int16_t *),
+ Eurydice_slice, int16_t[16U], TryFromSliceError);
+ unwrap_26_00(dst, ret);
memcpy(lit.elements, ret, (size_t)16U * sizeof(int16_t));
return lit;
}
/**
-This function found in impl {(libcrux_ml_kem::vector::traits::Operations for
-libcrux_ml_kem::vector::portable::vector_type::PortableVector)}
+This function found in impl {libcrux_ml_kem::vector::traits::Operations for
+libcrux_ml_kem::vector::portable::vector_type::PortableVector}
*/
static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector
-libcrux_ml_kem_vector_portable_from_i16_array_0d(Eurydice_slice array) {
- return libcrux_ml_kem_vector_portable_vector_type_from_i16_array(array);
-}
-
-typedef struct uint8_t_x11_s {
- uint8_t fst;
- uint8_t snd;
- uint8_t thd;
- uint8_t f3;
- uint8_t f4;
- uint8_t f5;
- uint8_t f6;
- uint8_t f7;
- uint8_t f8;
- uint8_t f9;
- uint8_t f10;
-} uint8_t_x11;
-
-static KRML_MUSTINLINE uint8_t_x11
-libcrux_ml_kem_vector_portable_serialize_serialize_11_int(Eurydice_slice v) {
- uint8_t r0 = (uint8_t)Eurydice_slice_index(v, (size_t)0U, int16_t, int16_t *);
- uint8_t r1 = (uint32_t)(uint8_t)(Eurydice_slice_index(v, (size_t)1U, int16_t,
- int16_t *) &
- (int16_t)31)
- << 3U |
- (uint32_t)(uint8_t)(Eurydice_slice_index(v, (size_t)0U, int16_t,
- int16_t *) >>
- 8U);
- uint8_t r2 = (uint32_t)(uint8_t)(Eurydice_slice_index(v, (size_t)2U, int16_t,
- int16_t *) &
- (int16_t)3)
- << 6U |
- (uint32_t)(uint8_t)(Eurydice_slice_index(v, (size_t)1U, int16_t,
- int16_t *) >>
- 5U);
- uint8_t r3 =
- (uint8_t)(Eurydice_slice_index(v, (size_t)2U, int16_t, int16_t *) >> 2U &
- (int16_t)255);
- uint8_t r4 = (uint32_t)(uint8_t)(Eurydice_slice_index(v, (size_t)3U, int16_t,
- int16_t *) &
- (int16_t)127)
- << 1U |
- (uint32_t)(uint8_t)(Eurydice_slice_index(v, (size_t)2U, int16_t,
- int16_t *) >>
- 10U);
- uint8_t r5 = (uint32_t)(uint8_t)(Eurydice_slice_index(v, (size_t)4U, int16_t,
- int16_t *) &
- (int16_t)15)
- << 4U |
- (uint32_t)(uint8_t)(Eurydice_slice_index(v, (size_t)3U, int16_t,
- int16_t *) >>
- 7U);
- uint8_t r6 = (uint32_t)(uint8_t)(Eurydice_slice_index(v, (size_t)5U, int16_t,
- int16_t *) &
- (int16_t)1)
- << 7U |
- (uint32_t)(uint8_t)(Eurydice_slice_index(v, (size_t)4U, int16_t,
- int16_t *) >>
- 4U);
- uint8_t r7 =
- (uint8_t)(Eurydice_slice_index(v, (size_t)5U, int16_t, int16_t *) >> 1U &
- (int16_t)255);
- uint8_t r8 = (uint32_t)(uint8_t)(Eurydice_slice_index(v, (size_t)6U, int16_t,
- int16_t *) &
- (int16_t)63)
- << 2U |
- (uint32_t)(uint8_t)(Eurydice_slice_index(v, (size_t)5U, int16_t,
- int16_t *) >>
- 9U);
- uint8_t r9 = (uint32_t)(uint8_t)(Eurydice_slice_index(v, (size_t)7U, int16_t,
- int16_t *) &
- (int16_t)7)
- << 5U |
- (uint32_t)(uint8_t)(Eurydice_slice_index(v, (size_t)6U, int16_t,
- int16_t *) >>
- 6U);
- uint8_t r10 =
- (uint8_t)(Eurydice_slice_index(v, (size_t)7U, int16_t, int16_t *) >> 3U);
- return (CLITERAL(uint8_t_x11){.fst = r0,
- .snd = r1,
- .thd = r2,
- .f3 = r3,
- .f4 = r4,
- .f5 = r5,
- .f6 = r6,
- .f7 = r7,
- .f8 = r8,
- .f9 = r9,
- .f10 = r10});
-}
-
-static KRML_MUSTINLINE void
-libcrux_ml_kem_vector_portable_serialize_serialize_11(
- libcrux_ml_kem_vector_portable_vector_type_PortableVector v,
- uint8_t ret[22U]) {
- uint8_t_x11 r0_10 = libcrux_ml_kem_vector_portable_serialize_serialize_11_int(
- Eurydice_array_to_subslice2(v.elements, (size_t)0U, (size_t)8U, int16_t));
- uint8_t_x11 r11_21 =
- libcrux_ml_kem_vector_portable_serialize_serialize_11_int(
- Eurydice_array_to_subslice2(v.elements, (size_t)8U, (size_t)16U,
- int16_t));
- uint8_t result[22U] = {0U};
- result[0U] = r0_10.fst;
- result[1U] = r0_10.snd;
- result[2U] = r0_10.thd;
- result[3U] = r0_10.f3;
- result[4U] = r0_10.f4;
- result[5U] = r0_10.f5;
- result[6U] = r0_10.f6;
- result[7U] = r0_10.f7;
- result[8U] = r0_10.f8;
- result[9U] = r0_10.f9;
- result[10U] = r0_10.f10;
- result[11U] = r11_21.fst;
- result[12U] = r11_21.snd;
- result[13U] = r11_21.thd;
- result[14U] = r11_21.f3;
- result[15U] = r11_21.f4;
- result[16U] = r11_21.f5;
- result[17U] = r11_21.f6;
- result[18U] = r11_21.f7;
- result[19U] = r11_21.f8;
- result[20U] = r11_21.f9;
- result[21U] = r11_21.f10;
- memcpy(ret, result, (size_t)22U * sizeof(uint8_t));
-}
-
-/**
-This function found in impl {(libcrux_ml_kem::vector::traits::Operations for
-libcrux_ml_kem::vector::portable::vector_type::PortableVector)}
-*/
-static inline void libcrux_ml_kem_vector_portable_serialize_11_0d(
- libcrux_ml_kem_vector_portable_vector_type_PortableVector a,
- uint8_t ret[22U]) {
- libcrux_ml_kem_vector_portable_serialize_serialize_11(a, ret);
+libcrux_ml_kem_vector_portable_from_i16_array_b8(Eurydice_slice array) {
+ return libcrux_ml_kem_vector_portable_vector_type_from_i16_array(
+ libcrux_secrets_int_classify_public_classify_ref_9b_39(array));
}
typedef struct int16_t_x8_s {
@@ -6039,666 +5561,22 @@ typedef struct int16_t_x8_s {
int16_t f7;
} int16_t_x8;
-static KRML_MUSTINLINE int16_t_x8
-libcrux_ml_kem_vector_portable_serialize_deserialize_11_int(
- Eurydice_slice bytes) {
- int16_t r0 =
- ((int16_t)Eurydice_slice_index(bytes, (size_t)1U, uint8_t, uint8_t *) &
- (int16_t)7)
- << 8U |
- (int16_t)Eurydice_slice_index(bytes, (size_t)0U, uint8_t, uint8_t *);
- int16_t r1 =
- ((int16_t)Eurydice_slice_index(bytes, (size_t)2U, uint8_t, uint8_t *) &
- (int16_t)63)
- << 5U |
- (int16_t)Eurydice_slice_index(bytes, (size_t)1U, uint8_t, uint8_t *) >>
- 3U;
- int16_t r2 =
- (((int16_t)Eurydice_slice_index(bytes, (size_t)4U, uint8_t, uint8_t *) &
- (int16_t)1)
- << 10U |
- (int16_t)Eurydice_slice_index(bytes, (size_t)3U, uint8_t, uint8_t *)
- << 2U) |
- (int16_t)Eurydice_slice_index(bytes, (size_t)2U, uint8_t, uint8_t *) >>
- 6U;
- int16_t r3 =
- ((int16_t)Eurydice_slice_index(bytes, (size_t)5U, uint8_t, uint8_t *) &
- (int16_t)15)
- << 7U |
- (int16_t)Eurydice_slice_index(bytes, (size_t)4U, uint8_t, uint8_t *) >>
- 1U;
- int16_t r4 =
- ((int16_t)Eurydice_slice_index(bytes, (size_t)6U, uint8_t, uint8_t *) &
- (int16_t)127)
- << 4U |
- (int16_t)Eurydice_slice_index(bytes, (size_t)5U, uint8_t, uint8_t *) >>
- 4U;
- int16_t r5 =
- (((int16_t)Eurydice_slice_index(bytes, (size_t)8U, uint8_t, uint8_t *) &
- (int16_t)3)
- << 9U |
- (int16_t)Eurydice_slice_index(bytes, (size_t)7U, uint8_t, uint8_t *)
- << 1U) |
- (int16_t)Eurydice_slice_index(bytes, (size_t)6U, uint8_t, uint8_t *) >>
- 7U;
- int16_t r6 =
- ((int16_t)Eurydice_slice_index(bytes, (size_t)9U, uint8_t, uint8_t *) &
- (int16_t)31)
- << 6U |
- (int16_t)Eurydice_slice_index(bytes, (size_t)8U, uint8_t, uint8_t *) >>
- 2U;
- int16_t r7 =
- (int16_t)Eurydice_slice_index(bytes, (size_t)10U, uint8_t, uint8_t *)
- << 3U |
- (int16_t)Eurydice_slice_index(bytes, (size_t)9U, uint8_t, uint8_t *) >>
- 5U;
- return (CLITERAL(int16_t_x8){.fst = r0,
- .snd = r1,
- .thd = r2,
- .f3 = r3,
- .f4 = r4,
- .f5 = r5,
- .f6 = r6,
- .f7 = r7});
-}
-
static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector
libcrux_ml_kem_vector_portable_vector_type_zero(void) {
libcrux_ml_kem_vector_portable_vector_type_PortableVector lit;
- lit.elements[0U] = (int16_t)0;
- lit.elements[1U] = (int16_t)0;
- lit.elements[2U] = (int16_t)0;
- lit.elements[3U] = (int16_t)0;
- lit.elements[4U] = (int16_t)0;
- lit.elements[5U] = (int16_t)0;
- lit.elements[6U] = (int16_t)0;
- lit.elements[7U] = (int16_t)0;
- lit.elements[8U] = (int16_t)0;
- lit.elements[9U] = (int16_t)0;
- lit.elements[10U] = (int16_t)0;
- lit.elements[11U] = (int16_t)0;
- lit.elements[12U] = (int16_t)0;
- lit.elements[13U] = (int16_t)0;
- lit.elements[14U] = (int16_t)0;
- lit.elements[15U] = (int16_t)0;
+ int16_t ret[16U];
+ int16_t buf[16U] = {0U};
+ libcrux_secrets_int_public_integers_classify_27_46(buf, ret);
+ memcpy(lit.elements, ret, (size_t)16U * sizeof(int16_t));
return lit;
}
-static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector
-libcrux_ml_kem_vector_portable_serialize_deserialize_11(Eurydice_slice bytes) {
- int16_t_x8 v0_7 = libcrux_ml_kem_vector_portable_serialize_deserialize_11_int(
- Eurydice_slice_subslice2(bytes, (size_t)0U, (size_t)11U, uint8_t));
- int16_t_x8 v8_15 =
- libcrux_ml_kem_vector_portable_serialize_deserialize_11_int(
- Eurydice_slice_subslice2(bytes, (size_t)11U, (size_t)22U, uint8_t));
- libcrux_ml_kem_vector_portable_vector_type_PortableVector v =
- libcrux_ml_kem_vector_portable_vector_type_zero();
- v.elements[0U] = v0_7.fst;
- v.elements[1U] = v0_7.snd;
- v.elements[2U] = v0_7.thd;
- v.elements[3U] = v0_7.f3;
- v.elements[4U] = v0_7.f4;
- v.elements[5U] = v0_7.f5;
- v.elements[6U] = v0_7.f6;
- v.elements[7U] = v0_7.f7;
- v.elements[8U] = v8_15.fst;
- v.elements[9U] = v8_15.snd;
- v.elements[10U] = v8_15.thd;
- v.elements[11U] = v8_15.f3;
- v.elements[12U] = v8_15.f4;
- v.elements[13U] = v8_15.f5;
- v.elements[14U] = v8_15.f6;
- v.elements[15U] = v8_15.f7;
- return v;
-}
-
/**
-This function found in impl {(libcrux_ml_kem::vector::traits::Operations for
-libcrux_ml_kem::vector::portable::vector_type::PortableVector)}
+This function found in impl {libcrux_ml_kem::vector::traits::Operations for
+libcrux_ml_kem::vector::portable::vector_type::PortableVector}
*/
static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector
-libcrux_ml_kem_vector_portable_deserialize_11_0d(Eurydice_slice a) {
- return libcrux_ml_kem_vector_portable_serialize_deserialize_11(a);
-}
-
-static KRML_MUSTINLINE void
-libcrux_ml_kem_vector_portable_vector_type_to_i16_array(
- libcrux_ml_kem_vector_portable_vector_type_PortableVector x,
- int16_t ret[16U]) {
- memcpy(ret, x.elements, (size_t)16U * sizeof(int16_t));
-}
-
-/**
-This function found in impl {(libcrux_ml_kem::vector::traits::Operations for
-libcrux_ml_kem::vector::portable::vector_type::PortableVector)}
-*/
-static inline void libcrux_ml_kem_vector_portable_to_i16_array_0d(
- libcrux_ml_kem_vector_portable_vector_type_PortableVector x,
- int16_t ret[16U]) {
- libcrux_ml_kem_vector_portable_vector_type_to_i16_array(x, ret);
-}
-
-static const uint8_t
- libcrux_ml_kem_vector_rej_sample_table_REJECTION_SAMPLE_SHUFFLE_TABLE
- [256U][16U] = {{255U, 255U, 255U, 255U, 255U, 255U, 255U, 255U, 255U,
- 255U, 255U, 255U, 255U, 255U, 255U, 255U},
- {0U, 1U, 255U, 255U, 255U, 255U, 255U, 255U, 255U, 255U,
- 255U, 255U, 255U, 255U, 255U, 255U},
- {2U, 3U, 255U, 255U, 255U, 255U, 255U, 255U, 255U, 255U,
- 255U, 255U, 255U, 255U, 255U, 255U},
- {0U, 1U, 2U, 3U, 255U, 255U, 255U, 255U, 255U, 255U,
- 255U, 255U, 255U, 255U, 255U, 255U},
- {4U, 5U, 255U, 255U, 255U, 255U, 255U, 255U, 255U, 255U,
- 255U, 255U, 255U, 255U, 255U, 255U},
- {0U, 1U, 4U, 5U, 255U, 255U, 255U, 255U, 255U, 255U,
- 255U, 255U, 255U, 255U, 255U, 255U},
- {2U, 3U, 4U, 5U, 255U, 255U, 255U, 255U, 255U, 255U,
- 255U, 255U, 255U, 255U, 255U, 255U},
- {0U, 1U, 2U, 3U, 4U, 5U, 255U, 255U, 255U, 255U, 255U,
- 255U, 255U, 255U, 255U, 255U},
- {6U, 7U, 255U, 255U, 255U, 255U, 255U, 255U, 255U, 255U,
- 255U, 255U, 255U, 255U, 255U, 255U},
- {0U, 1U, 6U, 7U, 255U, 255U, 255U, 255U, 255U, 255U,
- 255U, 255U, 255U, 255U, 255U, 255U},
- {2U, 3U, 6U, 7U, 255U, 255U, 255U, 255U, 255U, 255U,
- 255U, 255U, 255U, 255U, 255U, 255U},
- {0U, 1U, 2U, 3U, 6U, 7U, 255U, 255U, 255U, 255U, 255U,
- 255U, 255U, 255U, 255U, 255U},
- {4U, 5U, 6U, 7U, 255U, 255U, 255U, 255U, 255U, 255U,
- 255U, 255U, 255U, 255U, 255U, 255U},
- {0U, 1U, 4U, 5U, 6U, 7U, 255U, 255U, 255U, 255U, 255U,
- 255U, 255U, 255U, 255U, 255U},
- {2U, 3U, 4U, 5U, 6U, 7U, 255U, 255U, 255U, 255U, 255U,
- 255U, 255U, 255U, 255U, 255U},
- {0U, 1U, 2U, 3U, 4U, 5U, 6U, 7U, 255U, 255U, 255U, 255U,
- 255U, 255U, 255U, 255U},
- {8U, 9U, 255U, 255U, 255U, 255U, 255U, 255U, 255U, 255U,
- 255U, 255U, 255U, 255U, 255U, 255U},
- {0U, 1U, 8U, 9U, 255U, 255U, 255U, 255U, 255U, 255U,
- 255U, 255U, 255U, 255U, 255U, 255U},
- {2U, 3U, 8U, 9U, 255U, 255U, 255U, 255U, 255U, 255U,
- 255U, 255U, 255U, 255U, 255U, 255U},
- {0U, 1U, 2U, 3U, 8U, 9U, 255U, 255U, 255U, 255U, 255U,
- 255U, 255U, 255U, 255U, 255U},
- {4U, 5U, 8U, 9U, 255U, 255U, 255U, 255U, 255U, 255U,
- 255U, 255U, 255U, 255U, 255U, 255U},
- {0U, 1U, 4U, 5U, 8U, 9U, 255U, 255U, 255U, 255U, 255U,
- 255U, 255U, 255U, 255U, 255U},
- {2U, 3U, 4U, 5U, 8U, 9U, 255U, 255U, 255U, 255U, 255U,
- 255U, 255U, 255U, 255U, 255U},
- {0U, 1U, 2U, 3U, 4U, 5U, 8U, 9U, 255U, 255U, 255U, 255U,
- 255U, 255U, 255U, 255U},
- {6U, 7U, 8U, 9U, 255U, 255U, 255U, 255U, 255U, 255U,
- 255U, 255U, 255U, 255U, 255U, 255U},
- {0U, 1U, 6U, 7U, 8U, 9U, 255U, 255U, 255U, 255U, 255U,
- 255U, 255U, 255U, 255U, 255U},
- {2U, 3U, 6U, 7U, 8U, 9U, 255U, 255U, 255U, 255U, 255U,
- 255U, 255U, 255U, 255U, 255U},
- {0U, 1U, 2U, 3U, 6U, 7U, 8U, 9U, 255U, 255U, 255U, 255U,
- 255U, 255U, 255U, 255U},
- {4U, 5U, 6U, 7U, 8U, 9U, 255U, 255U, 255U, 255U, 255U,
- 255U, 255U, 255U, 255U, 255U},
- {0U, 1U, 4U, 5U, 6U, 7U, 8U, 9U, 255U, 255U, 255U, 255U,
- 255U, 255U, 255U, 255U},
- {2U, 3U, 4U, 5U, 6U, 7U, 8U, 9U, 255U, 255U, 255U, 255U,
- 255U, 255U, 255U, 255U},
- {0U, 1U, 2U, 3U, 4U, 5U, 6U, 7U, 8U, 9U, 255U, 255U,
- 255U, 255U, 255U, 255U},
- {10U, 11U, 255U, 255U, 255U, 255U, 255U, 255U, 255U,
- 255U, 255U, 255U, 255U, 255U, 255U, 255U},
- {0U, 1U, 10U, 11U, 255U, 255U, 255U, 255U, 255U, 255U,
- 255U, 255U, 255U, 255U, 255U, 255U},
- {2U, 3U, 10U, 11U, 255U, 255U, 255U, 255U, 255U, 255U,
- 255U, 255U, 255U, 255U, 255U, 255U},
- {0U, 1U, 2U, 3U, 10U, 11U, 255U, 255U, 255U, 255U, 255U,
- 255U, 255U, 255U, 255U, 255U},
- {4U, 5U, 10U, 11U, 255U, 255U, 255U, 255U, 255U, 255U,
- 255U, 255U, 255U, 255U, 255U, 255U},
- {0U, 1U, 4U, 5U, 10U, 11U, 255U, 255U, 255U, 255U, 255U,
- 255U, 255U, 255U, 255U, 255U},
- {2U, 3U, 4U, 5U, 10U, 11U, 255U, 255U, 255U, 255U, 255U,
- 255U, 255U, 255U, 255U, 255U},
- {0U, 1U, 2U, 3U, 4U, 5U, 10U, 11U, 255U, 255U, 255U,
- 255U, 255U, 255U, 255U, 255U},
- {6U, 7U, 10U, 11U, 255U, 255U, 255U, 255U, 255U, 255U,
- 255U, 255U, 255U, 255U, 255U, 255U},
- {0U, 1U, 6U, 7U, 10U, 11U, 255U, 255U, 255U, 255U, 255U,
- 255U, 255U, 255U, 255U, 255U},
- {2U, 3U, 6U, 7U, 10U, 11U, 255U, 255U, 255U, 255U, 255U,
- 255U, 255U, 255U, 255U, 255U},
- {0U, 1U, 2U, 3U, 6U, 7U, 10U, 11U, 255U, 255U, 255U,
- 255U, 255U, 255U, 255U, 255U},
- {4U, 5U, 6U, 7U, 10U, 11U, 255U, 255U, 255U, 255U, 255U,
- 255U, 255U, 255U, 255U, 255U},
- {0U, 1U, 4U, 5U, 6U, 7U, 10U, 11U, 255U, 255U, 255U,
- 255U, 255U, 255U, 255U, 255U},
- {2U, 3U, 4U, 5U, 6U, 7U, 10U, 11U, 255U, 255U, 255U,
- 255U, 255U, 255U, 255U, 255U},
- {0U, 1U, 2U, 3U, 4U, 5U, 6U, 7U, 10U, 11U, 255U, 255U,
- 255U, 255U, 255U, 255U},
- {8U, 9U, 10U, 11U, 255U, 255U, 255U, 255U, 255U, 255U,
- 255U, 255U, 255U, 255U, 255U, 255U},
- {0U, 1U, 8U, 9U, 10U, 11U, 255U, 255U, 255U, 255U, 255U,
- 255U, 255U, 255U, 255U, 255U},
- {2U, 3U, 8U, 9U, 10U, 11U, 255U, 255U, 255U, 255U, 255U,
- 255U, 255U, 255U, 255U, 255U},
- {0U, 1U, 2U, 3U, 8U, 9U, 10U, 11U, 255U, 255U, 255U,
- 255U, 255U, 255U, 255U, 255U},
- {4U, 5U, 8U, 9U, 10U, 11U, 255U, 255U, 255U, 255U, 255U,
- 255U, 255U, 255U, 255U, 255U},
- {0U, 1U, 4U, 5U, 8U, 9U, 10U, 11U, 255U, 255U, 255U,
- 255U, 255U, 255U, 255U, 255U},
- {2U, 3U, 4U, 5U, 8U, 9U, 10U, 11U, 255U, 255U, 255U,
- 255U, 255U, 255U, 255U, 255U},
- {0U, 1U, 2U, 3U, 4U, 5U, 8U, 9U, 10U, 11U, 255U, 255U,
- 255U, 255U, 255U, 255U},
- {6U, 7U, 8U, 9U, 10U, 11U, 255U, 255U, 255U, 255U, 255U,
- 255U, 255U, 255U, 255U, 255U},
- {0U, 1U, 6U, 7U, 8U, 9U, 10U, 11U, 255U, 255U, 255U,
- 255U, 255U, 255U, 255U, 255U},
- {2U, 3U, 6U, 7U, 8U, 9U, 10U, 11U, 255U, 255U, 255U,
- 255U, 255U, 255U, 255U, 255U},
- {0U, 1U, 2U, 3U, 6U, 7U, 8U, 9U, 10U, 11U, 255U, 255U,
- 255U, 255U, 255U, 255U},
- {4U, 5U, 6U, 7U, 8U, 9U, 10U, 11U, 255U, 255U, 255U,
- 255U, 255U, 255U, 255U, 255U},
- {0U, 1U, 4U, 5U, 6U, 7U, 8U, 9U, 10U, 11U, 255U, 255U,
- 255U, 255U, 255U, 255U},
- {2U, 3U, 4U, 5U, 6U, 7U, 8U, 9U, 10U, 11U, 255U, 255U,
- 255U, 255U, 255U, 255U},
- {0U, 1U, 2U, 3U, 4U, 5U, 6U, 7U, 8U, 9U, 10U, 11U, 255U,
- 255U, 255U, 255U},
- {12U, 13U, 255U, 255U, 255U, 255U, 255U, 255U, 255U,
- 255U, 255U, 255U, 255U, 255U, 255U, 255U},
- {0U, 1U, 12U, 13U, 255U, 255U, 255U, 255U, 255U, 255U,
- 255U, 255U, 255U, 255U, 255U, 255U},
- {2U, 3U, 12U, 13U, 255U, 255U, 255U, 255U, 255U, 255U,
- 255U, 255U, 255U, 255U, 255U, 255U},
- {0U, 1U, 2U, 3U, 12U, 13U, 255U, 255U, 255U, 255U, 255U,
- 255U, 255U, 255U, 255U, 255U},
- {4U, 5U, 12U, 13U, 255U, 255U, 255U, 255U, 255U, 255U,
- 255U, 255U, 255U, 255U, 255U, 255U},
- {0U, 1U, 4U, 5U, 12U, 13U, 255U, 255U, 255U, 255U, 255U,
- 255U, 255U, 255U, 255U, 255U},
- {2U, 3U, 4U, 5U, 12U, 13U, 255U, 255U, 255U, 255U, 255U,
- 255U, 255U, 255U, 255U, 255U},
- {0U, 1U, 2U, 3U, 4U, 5U, 12U, 13U, 255U, 255U, 255U,
- 255U, 255U, 255U, 255U, 255U},
- {6U, 7U, 12U, 13U, 255U, 255U, 255U, 255U, 255U, 255U,
- 255U, 255U, 255U, 255U, 255U, 255U},
- {0U, 1U, 6U, 7U, 12U, 13U, 255U, 255U, 255U, 255U, 255U,
- 255U, 255U, 255U, 255U, 255U},
- {2U, 3U, 6U, 7U, 12U, 13U, 255U, 255U, 255U, 255U, 255U,
- 255U, 255U, 255U, 255U, 255U},
- {0U, 1U, 2U, 3U, 6U, 7U, 12U, 13U, 255U, 255U, 255U,
- 255U, 255U, 255U, 255U, 255U},
- {4U, 5U, 6U, 7U, 12U, 13U, 255U, 255U, 255U, 255U, 255U,
- 255U, 255U, 255U, 255U, 255U},
- {0U, 1U, 4U, 5U, 6U, 7U, 12U, 13U, 255U, 255U, 255U,
- 255U, 255U, 255U, 255U, 255U},
- {2U, 3U, 4U, 5U, 6U, 7U, 12U, 13U, 255U, 255U, 255U,
- 255U, 255U, 255U, 255U, 255U},
- {0U, 1U, 2U, 3U, 4U, 5U, 6U, 7U, 12U, 13U, 255U, 255U,
- 255U, 255U, 255U, 255U},
- {8U, 9U, 12U, 13U, 255U, 255U, 255U, 255U, 255U, 255U,
- 255U, 255U, 255U, 255U, 255U, 255U},
- {0U, 1U, 8U, 9U, 12U, 13U, 255U, 255U, 255U, 255U, 255U,
- 255U, 255U, 255U, 255U, 255U},
- {2U, 3U, 8U, 9U, 12U, 13U, 255U, 255U, 255U, 255U, 255U,
- 255U, 255U, 255U, 255U, 255U},
- {0U, 1U, 2U, 3U, 8U, 9U, 12U, 13U, 255U, 255U, 255U,
- 255U, 255U, 255U, 255U, 255U},
- {4U, 5U, 8U, 9U, 12U, 13U, 255U, 255U, 255U, 255U, 255U,
- 255U, 255U, 255U, 255U, 255U},
- {0U, 1U, 4U, 5U, 8U, 9U, 12U, 13U, 255U, 255U, 255U,
- 255U, 255U, 255U, 255U, 255U},
- {2U, 3U, 4U, 5U, 8U, 9U, 12U, 13U, 255U, 255U, 255U,
- 255U, 255U, 255U, 255U, 255U},
- {0U, 1U, 2U, 3U, 4U, 5U, 8U, 9U, 12U, 13U, 255U, 255U,
- 255U, 255U, 255U, 255U},
- {6U, 7U, 8U, 9U, 12U, 13U, 255U, 255U, 255U, 255U, 255U,
- 255U, 255U, 255U, 255U, 255U},
- {0U, 1U, 6U, 7U, 8U, 9U, 12U, 13U, 255U, 255U, 255U,
- 255U, 255U, 255U, 255U, 255U},
- {2U, 3U, 6U, 7U, 8U, 9U, 12U, 13U, 255U, 255U, 255U,
- 255U, 255U, 255U, 255U, 255U},
- {0U, 1U, 2U, 3U, 6U, 7U, 8U, 9U, 12U, 13U, 255U, 255U,
- 255U, 255U, 255U, 255U},
- {4U, 5U, 6U, 7U, 8U, 9U, 12U, 13U, 255U, 255U, 255U,
- 255U, 255U, 255U, 255U, 255U},
- {0U, 1U, 4U, 5U, 6U, 7U, 8U, 9U, 12U, 13U, 255U, 255U,
- 255U, 255U, 255U, 255U},
- {2U, 3U, 4U, 5U, 6U, 7U, 8U, 9U, 12U, 13U, 255U, 255U,
- 255U, 255U, 255U, 255U},
- {0U, 1U, 2U, 3U, 4U, 5U, 6U, 7U, 8U, 9U, 12U, 13U, 255U,
- 255U, 255U, 255U},
- {10U, 11U, 12U, 13U, 255U, 255U, 255U, 255U, 255U, 255U,
- 255U, 255U, 255U, 255U, 255U, 255U},
- {0U, 1U, 10U, 11U, 12U, 13U, 255U, 255U, 255U, 255U,
- 255U, 255U, 255U, 255U, 255U, 255U},
- {2U, 3U, 10U, 11U, 12U, 13U, 255U, 255U, 255U, 255U,
- 255U, 255U, 255U, 255U, 255U, 255U},
- {0U, 1U, 2U, 3U, 10U, 11U, 12U, 13U, 255U, 255U, 255U,
- 255U, 255U, 255U, 255U, 255U},
- {4U, 5U, 10U, 11U, 12U, 13U, 255U, 255U, 255U, 255U,
- 255U, 255U, 255U, 255U, 255U, 255U},
- {0U, 1U, 4U, 5U, 10U, 11U, 12U, 13U, 255U, 255U, 255U,
- 255U, 255U, 255U, 255U, 255U},
- {2U, 3U, 4U, 5U, 10U, 11U, 12U, 13U, 255U, 255U, 255U,
- 255U, 255U, 255U, 255U, 255U},
- {0U, 1U, 2U, 3U, 4U, 5U, 10U, 11U, 12U, 13U, 255U, 255U,
- 255U, 255U, 255U, 255U},
- {6U, 7U, 10U, 11U, 12U, 13U, 255U, 255U, 255U, 255U,
- 255U, 255U, 255U, 255U, 255U, 255U},
- {0U, 1U, 6U, 7U, 10U, 11U, 12U, 13U, 255U, 255U, 255U,
- 255U, 255U, 255U, 255U, 255U},
- {2U, 3U, 6U, 7U, 10U, 11U, 12U, 13U, 255U, 255U, 255U,
- 255U, 255U, 255U, 255U, 255U},
- {0U, 1U, 2U, 3U, 6U, 7U, 10U, 11U, 12U, 13U, 255U, 255U,
- 255U, 255U, 255U, 255U},
- {4U, 5U, 6U, 7U, 10U, 11U, 12U, 13U, 255U, 255U, 255U,
- 255U, 255U, 255U, 255U, 255U},
- {0U, 1U, 4U, 5U, 6U, 7U, 10U, 11U, 12U, 13U, 255U, 255U,
- 255U, 255U, 255U, 255U},
- {2U, 3U, 4U, 5U, 6U, 7U, 10U, 11U, 12U, 13U, 255U, 255U,
- 255U, 255U, 255U, 255U},
- {0U, 1U, 2U, 3U, 4U, 5U, 6U, 7U, 10U, 11U, 12U, 13U,
- 255U, 255U, 255U, 255U},
- {8U, 9U, 10U, 11U, 12U, 13U, 255U, 255U, 255U, 255U,
- 255U, 255U, 255U, 255U, 255U, 255U},
- {0U, 1U, 8U, 9U, 10U, 11U, 12U, 13U, 255U, 255U, 255U,
- 255U, 255U, 255U, 255U, 255U},
- {2U, 3U, 8U, 9U, 10U, 11U, 12U, 13U, 255U, 255U, 255U,
- 255U, 255U, 255U, 255U, 255U},
- {0U, 1U, 2U, 3U, 8U, 9U, 10U, 11U, 12U, 13U, 255U, 255U,
- 255U, 255U, 255U, 255U},
- {4U, 5U, 8U, 9U, 10U, 11U, 12U, 13U, 255U, 255U, 255U,
- 255U, 255U, 255U, 255U, 255U},
- {0U, 1U, 4U, 5U, 8U, 9U, 10U, 11U, 12U, 13U, 255U, 255U,
- 255U, 255U, 255U, 255U},
- {2U, 3U, 4U, 5U, 8U, 9U, 10U, 11U, 12U, 13U, 255U, 255U,
- 255U, 255U, 255U, 255U},
- {0U, 1U, 2U, 3U, 4U, 5U, 8U, 9U, 10U, 11U, 12U, 13U,
- 255U, 255U, 255U, 255U},
- {6U, 7U, 8U, 9U, 10U, 11U, 12U, 13U, 255U, 255U, 255U,
- 255U, 255U, 255U, 255U, 255U},
- {0U, 1U, 6U, 7U, 8U, 9U, 10U, 11U, 12U, 13U, 255U, 255U,
- 255U, 255U, 255U, 255U},
- {2U, 3U, 6U, 7U, 8U, 9U, 10U, 11U, 12U, 13U, 255U, 255U,
- 255U, 255U, 255U, 255U},
- {0U, 1U, 2U, 3U, 6U, 7U, 8U, 9U, 10U, 11U, 12U, 13U,
- 255U, 255U, 255U, 255U},
- {4U, 5U, 6U, 7U, 8U, 9U, 10U, 11U, 12U, 13U, 255U, 255U,
- 255U, 255U, 255U, 255U},
- {0U, 1U, 4U, 5U, 6U, 7U, 8U, 9U, 10U, 11U, 12U, 13U,
- 255U, 255U, 255U, 255U},
- {2U, 3U, 4U, 5U, 6U, 7U, 8U, 9U, 10U, 11U, 12U, 13U,
- 255U, 255U, 255U, 255U},
- {0U, 1U, 2U, 3U, 4U, 5U, 6U, 7U, 8U, 9U, 10U, 11U, 12U,
- 13U, 255U, 255U},
- {14U, 15U, 255U, 255U, 255U, 255U, 255U, 255U, 255U,
- 255U, 255U, 255U, 255U, 255U, 255U, 255U},
- {0U, 1U, 14U, 15U, 255U, 255U, 255U, 255U, 255U, 255U,
- 255U, 255U, 255U, 255U, 255U, 255U},
- {2U, 3U, 14U, 15U, 255U, 255U, 255U, 255U, 255U, 255U,
- 255U, 255U, 255U, 255U, 255U, 255U},
- {0U, 1U, 2U, 3U, 14U, 15U, 255U, 255U, 255U, 255U, 255U,
- 255U, 255U, 255U, 255U, 255U},
- {4U, 5U, 14U, 15U, 255U, 255U, 255U, 255U, 255U, 255U,
- 255U, 255U, 255U, 255U, 255U, 255U},
- {0U, 1U, 4U, 5U, 14U, 15U, 255U, 255U, 255U, 255U, 255U,
- 255U, 255U, 255U, 255U, 255U},
- {2U, 3U, 4U, 5U, 14U, 15U, 255U, 255U, 255U, 255U, 255U,
- 255U, 255U, 255U, 255U, 255U},
- {0U, 1U, 2U, 3U, 4U, 5U, 14U, 15U, 255U, 255U, 255U,
- 255U, 255U, 255U, 255U, 255U},
- {6U, 7U, 14U, 15U, 255U, 255U, 255U, 255U, 255U, 255U,
- 255U, 255U, 255U, 255U, 255U, 255U},
- {0U, 1U, 6U, 7U, 14U, 15U, 255U, 255U, 255U, 255U, 255U,
- 255U, 255U, 255U, 255U, 255U},
- {2U, 3U, 6U, 7U, 14U, 15U, 255U, 255U, 255U, 255U, 255U,
- 255U, 255U, 255U, 255U, 255U},
- {0U, 1U, 2U, 3U, 6U, 7U, 14U, 15U, 255U, 255U, 255U,
- 255U, 255U, 255U, 255U, 255U},
- {4U, 5U, 6U, 7U, 14U, 15U, 255U, 255U, 255U, 255U, 255U,
- 255U, 255U, 255U, 255U, 255U},
- {0U, 1U, 4U, 5U, 6U, 7U, 14U, 15U, 255U, 255U, 255U,
- 255U, 255U, 255U, 255U, 255U},
- {2U, 3U, 4U, 5U, 6U, 7U, 14U, 15U, 255U, 255U, 255U,
- 255U, 255U, 255U, 255U, 255U},
- {0U, 1U, 2U, 3U, 4U, 5U, 6U, 7U, 14U, 15U, 255U, 255U,
- 255U, 255U, 255U, 255U},
- {8U, 9U, 14U, 15U, 255U, 255U, 255U, 255U, 255U, 255U,
- 255U, 255U, 255U, 255U, 255U, 255U},
- {0U, 1U, 8U, 9U, 14U, 15U, 255U, 255U, 255U, 255U, 255U,
- 255U, 255U, 255U, 255U, 255U},
- {2U, 3U, 8U, 9U, 14U, 15U, 255U, 255U, 255U, 255U, 255U,
- 255U, 255U, 255U, 255U, 255U},
- {0U, 1U, 2U, 3U, 8U, 9U, 14U, 15U, 255U, 255U, 255U,
- 255U, 255U, 255U, 255U, 255U},
- {4U, 5U, 8U, 9U, 14U, 15U, 255U, 255U, 255U, 255U, 255U,
- 255U, 255U, 255U, 255U, 255U},
- {0U, 1U, 4U, 5U, 8U, 9U, 14U, 15U, 255U, 255U, 255U,
- 255U, 255U, 255U, 255U, 255U},
- {2U, 3U, 4U, 5U, 8U, 9U, 14U, 15U, 255U, 255U, 255U,
- 255U, 255U, 255U, 255U, 255U},
- {0U, 1U, 2U, 3U, 4U, 5U, 8U, 9U, 14U, 15U, 255U, 255U,
- 255U, 255U, 255U, 255U},
- {6U, 7U, 8U, 9U, 14U, 15U, 255U, 255U, 255U, 255U, 255U,
- 255U, 255U, 255U, 255U, 255U},
- {0U, 1U, 6U, 7U, 8U, 9U, 14U, 15U, 255U, 255U, 255U,
- 255U, 255U, 255U, 255U, 255U},
- {2U, 3U, 6U, 7U, 8U, 9U, 14U, 15U, 255U, 255U, 255U,
- 255U, 255U, 255U, 255U, 255U},
- {0U, 1U, 2U, 3U, 6U, 7U, 8U, 9U, 14U, 15U, 255U, 255U,
- 255U, 255U, 255U, 255U},
- {4U, 5U, 6U, 7U, 8U, 9U, 14U, 15U, 255U, 255U, 255U,
- 255U, 255U, 255U, 255U, 255U},
- {0U, 1U, 4U, 5U, 6U, 7U, 8U, 9U, 14U, 15U, 255U, 255U,
- 255U, 255U, 255U, 255U},
- {2U, 3U, 4U, 5U, 6U, 7U, 8U, 9U, 14U, 15U, 255U, 255U,
- 255U, 255U, 255U, 255U},
- {0U, 1U, 2U, 3U, 4U, 5U, 6U, 7U, 8U, 9U, 14U, 15U, 255U,
- 255U, 255U, 255U},
- {10U, 11U, 14U, 15U, 255U, 255U, 255U, 255U, 255U, 255U,
- 255U, 255U, 255U, 255U, 255U, 255U},
- {0U, 1U, 10U, 11U, 14U, 15U, 255U, 255U, 255U, 255U,
- 255U, 255U, 255U, 255U, 255U, 255U},
- {2U, 3U, 10U, 11U, 14U, 15U, 255U, 255U, 255U, 255U,
- 255U, 255U, 255U, 255U, 255U, 255U},
- {0U, 1U, 2U, 3U, 10U, 11U, 14U, 15U, 255U, 255U, 255U,
- 255U, 255U, 255U, 255U, 255U},
- {4U, 5U, 10U, 11U, 14U, 15U, 255U, 255U, 255U, 255U,
- 255U, 255U, 255U, 255U, 255U, 255U},
- {0U, 1U, 4U, 5U, 10U, 11U, 14U, 15U, 255U, 255U, 255U,
- 255U, 255U, 255U, 255U, 255U},
- {2U, 3U, 4U, 5U, 10U, 11U, 14U, 15U, 255U, 255U, 255U,
- 255U, 255U, 255U, 255U, 255U},
- {0U, 1U, 2U, 3U, 4U, 5U, 10U, 11U, 14U, 15U, 255U, 255U,
- 255U, 255U, 255U, 255U},
- {6U, 7U, 10U, 11U, 14U, 15U, 255U, 255U, 255U, 255U,
- 255U, 255U, 255U, 255U, 255U, 255U},
- {0U, 1U, 6U, 7U, 10U, 11U, 14U, 15U, 255U, 255U, 255U,
- 255U, 255U, 255U, 255U, 255U},
- {2U, 3U, 6U, 7U, 10U, 11U, 14U, 15U, 255U, 255U, 255U,
- 255U, 255U, 255U, 255U, 255U},
- {0U, 1U, 2U, 3U, 6U, 7U, 10U, 11U, 14U, 15U, 255U, 255U,
- 255U, 255U, 255U, 255U},
- {4U, 5U, 6U, 7U, 10U, 11U, 14U, 15U, 255U, 255U, 255U,
- 255U, 255U, 255U, 255U, 255U},
- {0U, 1U, 4U, 5U, 6U, 7U, 10U, 11U, 14U, 15U, 255U, 255U,
- 255U, 255U, 255U, 255U},
- {2U, 3U, 4U, 5U, 6U, 7U, 10U, 11U, 14U, 15U, 255U, 255U,
- 255U, 255U, 255U, 255U},
- {0U, 1U, 2U, 3U, 4U, 5U, 6U, 7U, 10U, 11U, 14U, 15U,
- 255U, 255U, 255U, 255U},
- {8U, 9U, 10U, 11U, 14U, 15U, 255U, 255U, 255U, 255U,
- 255U, 255U, 255U, 255U, 255U, 255U},
- {0U, 1U, 8U, 9U, 10U, 11U, 14U, 15U, 255U, 255U, 255U,
- 255U, 255U, 255U, 255U, 255U},
- {2U, 3U, 8U, 9U, 10U, 11U, 14U, 15U, 255U, 255U, 255U,
- 255U, 255U, 255U, 255U, 255U},
- {0U, 1U, 2U, 3U, 8U, 9U, 10U, 11U, 14U, 15U, 255U, 255U,
- 255U, 255U, 255U, 255U},
- {4U, 5U, 8U, 9U, 10U, 11U, 14U, 15U, 255U, 255U, 255U,
- 255U, 255U, 255U, 255U, 255U},
- {0U, 1U, 4U, 5U, 8U, 9U, 10U, 11U, 14U, 15U, 255U, 255U,
- 255U, 255U, 255U, 255U},
- {2U, 3U, 4U, 5U, 8U, 9U, 10U, 11U, 14U, 15U, 255U, 255U,
- 255U, 255U, 255U, 255U},
- {0U, 1U, 2U, 3U, 4U, 5U, 8U, 9U, 10U, 11U, 14U, 15U,
- 255U, 255U, 255U, 255U},
- {6U, 7U, 8U, 9U, 10U, 11U, 14U, 15U, 255U, 255U, 255U,
- 255U, 255U, 255U, 255U, 255U},
- {0U, 1U, 6U, 7U, 8U, 9U, 10U, 11U, 14U, 15U, 255U, 255U,
- 255U, 255U, 255U, 255U},
- {2U, 3U, 6U, 7U, 8U, 9U, 10U, 11U, 14U, 15U, 255U, 255U,
- 255U, 255U, 255U, 255U},
- {0U, 1U, 2U, 3U, 6U, 7U, 8U, 9U, 10U, 11U, 14U, 15U,
- 255U, 255U, 255U, 255U},
- {4U, 5U, 6U, 7U, 8U, 9U, 10U, 11U, 14U, 15U, 255U, 255U,
- 255U, 255U, 255U, 255U},
- {0U, 1U, 4U, 5U, 6U, 7U, 8U, 9U, 10U, 11U, 14U, 15U,
- 255U, 255U, 255U, 255U},
- {2U, 3U, 4U, 5U, 6U, 7U, 8U, 9U, 10U, 11U, 14U, 15U,
- 255U, 255U, 255U, 255U},
- {0U, 1U, 2U, 3U, 4U, 5U, 6U, 7U, 8U, 9U, 10U, 11U, 14U,
- 15U, 255U, 255U},
- {12U, 13U, 14U, 15U, 255U, 255U, 255U, 255U, 255U, 255U,
- 255U, 255U, 255U, 255U, 255U, 255U},
- {0U, 1U, 12U, 13U, 14U, 15U, 255U, 255U, 255U, 255U,
- 255U, 255U, 255U, 255U, 255U, 255U},
- {2U, 3U, 12U, 13U, 14U, 15U, 255U, 255U, 255U, 255U,
- 255U, 255U, 255U, 255U, 255U, 255U},
- {0U, 1U, 2U, 3U, 12U, 13U, 14U, 15U, 255U, 255U, 255U,
- 255U, 255U, 255U, 255U, 255U},
- {4U, 5U, 12U, 13U, 14U, 15U, 255U, 255U, 255U, 255U,
- 255U, 255U, 255U, 255U, 255U, 255U},
- {0U, 1U, 4U, 5U, 12U, 13U, 14U, 15U, 255U, 255U, 255U,
- 255U, 255U, 255U, 255U, 255U},
- {2U, 3U, 4U, 5U, 12U, 13U, 14U, 15U, 255U, 255U, 255U,
- 255U, 255U, 255U, 255U, 255U},
- {0U, 1U, 2U, 3U, 4U, 5U, 12U, 13U, 14U, 15U, 255U, 255U,
- 255U, 255U, 255U, 255U},
- {6U, 7U, 12U, 13U, 14U, 15U, 255U, 255U, 255U, 255U,
- 255U, 255U, 255U, 255U, 255U, 255U},
- {0U, 1U, 6U, 7U, 12U, 13U, 14U, 15U, 255U, 255U, 255U,
- 255U, 255U, 255U, 255U, 255U},
- {2U, 3U, 6U, 7U, 12U, 13U, 14U, 15U, 255U, 255U, 255U,
- 255U, 255U, 255U, 255U, 255U},
- {0U, 1U, 2U, 3U, 6U, 7U, 12U, 13U, 14U, 15U, 255U, 255U,
- 255U, 255U, 255U, 255U},
- {4U, 5U, 6U, 7U, 12U, 13U, 14U, 15U, 255U, 255U, 255U,
- 255U, 255U, 255U, 255U, 255U},
- {0U, 1U, 4U, 5U, 6U, 7U, 12U, 13U, 14U, 15U, 255U, 255U,
- 255U, 255U, 255U, 255U},
- {2U, 3U, 4U, 5U, 6U, 7U, 12U, 13U, 14U, 15U, 255U, 255U,
- 255U, 255U, 255U, 255U},
- {0U, 1U, 2U, 3U, 4U, 5U, 6U, 7U, 12U, 13U, 14U, 15U,
- 255U, 255U, 255U, 255U},
- {8U, 9U, 12U, 13U, 14U, 15U, 255U, 255U, 255U, 255U,
- 255U, 255U, 255U, 255U, 255U, 255U},
- {0U, 1U, 8U, 9U, 12U, 13U, 14U, 15U, 255U, 255U, 255U,
- 255U, 255U, 255U, 255U, 255U},
- {2U, 3U, 8U, 9U, 12U, 13U, 14U, 15U, 255U, 255U, 255U,
- 255U, 255U, 255U, 255U, 255U},
- {0U, 1U, 2U, 3U, 8U, 9U, 12U, 13U, 14U, 15U, 255U, 255U,
- 255U, 255U, 255U, 255U},
- {4U, 5U, 8U, 9U, 12U, 13U, 14U, 15U, 255U, 255U, 255U,
- 255U, 255U, 255U, 255U, 255U},
- {0U, 1U, 4U, 5U, 8U, 9U, 12U, 13U, 14U, 15U, 255U, 255U,
- 255U, 255U, 255U, 255U},
- {2U, 3U, 4U, 5U, 8U, 9U, 12U, 13U, 14U, 15U, 255U, 255U,
- 255U, 255U, 255U, 255U},
- {0U, 1U, 2U, 3U, 4U, 5U, 8U, 9U, 12U, 13U, 14U, 15U,
- 255U, 255U, 255U, 255U},
- {6U, 7U, 8U, 9U, 12U, 13U, 14U, 15U, 255U, 255U, 255U,
- 255U, 255U, 255U, 255U, 255U},
- {0U, 1U, 6U, 7U, 8U, 9U, 12U, 13U, 14U, 15U, 255U, 255U,
- 255U, 255U, 255U, 255U},
- {2U, 3U, 6U, 7U, 8U, 9U, 12U, 13U, 14U, 15U, 255U, 255U,
- 255U, 255U, 255U, 255U},
- {0U, 1U, 2U, 3U, 6U, 7U, 8U, 9U, 12U, 13U, 14U, 15U,
- 255U, 255U, 255U, 255U},
- {4U, 5U, 6U, 7U, 8U, 9U, 12U, 13U, 14U, 15U, 255U, 255U,
- 255U, 255U, 255U, 255U},
- {0U, 1U, 4U, 5U, 6U, 7U, 8U, 9U, 12U, 13U, 14U, 15U,
- 255U, 255U, 255U, 255U},
- {2U, 3U, 4U, 5U, 6U, 7U, 8U, 9U, 12U, 13U, 14U, 15U,
- 255U, 255U, 255U, 255U},
- {0U, 1U, 2U, 3U, 4U, 5U, 6U, 7U, 8U, 9U, 12U, 13U, 14U,
- 15U, 255U, 255U},
- {10U, 11U, 12U, 13U, 14U, 15U, 255U, 255U, 255U, 255U,
- 255U, 255U, 255U, 255U, 255U, 255U},
- {0U, 1U, 10U, 11U, 12U, 13U, 14U, 15U, 255U, 255U, 255U,
- 255U, 255U, 255U, 255U, 255U},
- {2U, 3U, 10U, 11U, 12U, 13U, 14U, 15U, 255U, 255U, 255U,
- 255U, 255U, 255U, 255U, 255U},
- {0U, 1U, 2U, 3U, 10U, 11U, 12U, 13U, 14U, 15U, 255U,
- 255U, 255U, 255U, 255U, 255U},
- {4U, 5U, 10U, 11U, 12U, 13U, 14U, 15U, 255U, 255U, 255U,
- 255U, 255U, 255U, 255U, 255U},
- {0U, 1U, 4U, 5U, 10U, 11U, 12U, 13U, 14U, 15U, 255U,
- 255U, 255U, 255U, 255U, 255U},
- {2U, 3U, 4U, 5U, 10U, 11U, 12U, 13U, 14U, 15U, 255U,
- 255U, 255U, 255U, 255U, 255U},
- {0U, 1U, 2U, 3U, 4U, 5U, 10U, 11U, 12U, 13U, 14U, 15U,
- 255U, 255U, 255U, 255U},
- {6U, 7U, 10U, 11U, 12U, 13U, 14U, 15U, 255U, 255U, 255U,
- 255U, 255U, 255U, 255U, 255U},
- {0U, 1U, 6U, 7U, 10U, 11U, 12U, 13U, 14U, 15U, 255U,
- 255U, 255U, 255U, 255U, 255U},
- {2U, 3U, 6U, 7U, 10U, 11U, 12U, 13U, 14U, 15U, 255U,
- 255U, 255U, 255U, 255U, 255U},
- {0U, 1U, 2U, 3U, 6U, 7U, 10U, 11U, 12U, 13U, 14U, 15U,
- 255U, 255U, 255U, 255U},
- {4U, 5U, 6U, 7U, 10U, 11U, 12U, 13U, 14U, 15U, 255U,
- 255U, 255U, 255U, 255U, 255U},
- {0U, 1U, 4U, 5U, 6U, 7U, 10U, 11U, 12U, 13U, 14U, 15U,
- 255U, 255U, 255U, 255U},
- {2U, 3U, 4U, 5U, 6U, 7U, 10U, 11U, 12U, 13U, 14U, 15U,
- 255U, 255U, 255U, 255U},
- {0U, 1U, 2U, 3U, 4U, 5U, 6U, 7U, 10U, 11U, 12U, 13U, 14U,
- 15U, 255U, 255U},
- {8U, 9U, 10U, 11U, 12U, 13U, 14U, 15U, 255U, 255U, 255U,
- 255U, 255U, 255U, 255U, 255U},
- {0U, 1U, 8U, 9U, 10U, 11U, 12U, 13U, 14U, 15U, 255U,
- 255U, 255U, 255U, 255U, 255U},
- {2U, 3U, 8U, 9U, 10U, 11U, 12U, 13U, 14U, 15U, 255U,
- 255U, 255U, 255U, 255U, 255U},
- {0U, 1U, 2U, 3U, 8U, 9U, 10U, 11U, 12U, 13U, 14U, 15U,
- 255U, 255U, 255U, 255U},
- {4U, 5U, 8U, 9U, 10U, 11U, 12U, 13U, 14U, 15U, 255U,
- 255U, 255U, 255U, 255U, 255U},
- {0U, 1U, 4U, 5U, 8U, 9U, 10U, 11U, 12U, 13U, 14U, 15U,
- 255U, 255U, 255U, 255U},
- {2U, 3U, 4U, 5U, 8U, 9U, 10U, 11U, 12U, 13U, 14U, 15U,
- 255U, 255U, 255U, 255U},
- {0U, 1U, 2U, 3U, 4U, 5U, 8U, 9U, 10U, 11U, 12U, 13U, 14U,
- 15U, 255U, 255U},
- {6U, 7U, 8U, 9U, 10U, 11U, 12U, 13U, 14U, 15U, 255U,
- 255U, 255U, 255U, 255U, 255U},
- {0U, 1U, 6U, 7U, 8U, 9U, 10U, 11U, 12U, 13U, 14U, 15U,
- 255U, 255U, 255U, 255U},
- {2U, 3U, 6U, 7U, 8U, 9U, 10U, 11U, 12U, 13U, 14U, 15U,
- 255U, 255U, 255U, 255U},
- {0U, 1U, 2U, 3U, 6U, 7U, 8U, 9U, 10U, 11U, 12U, 13U, 14U,
- 15U, 255U, 255U},
- {4U, 5U, 6U, 7U, 8U, 9U, 10U, 11U, 12U, 13U, 14U, 15U,
- 255U, 255U, 255U, 255U},
- {0U, 1U, 4U, 5U, 6U, 7U, 8U, 9U, 10U, 11U, 12U, 13U, 14U,
- 15U, 255U, 255U},
- {2U, 3U, 4U, 5U, 6U, 7U, 8U, 9U, 10U, 11U, 12U, 13U, 14U,
- 15U, 255U, 255U},
- {0U, 1U, 2U, 3U, 4U, 5U, 6U, 7U, 8U, 9U, 10U, 11U, 12U,
- 13U, 14U, 15U}};
-
-/**
-This function found in impl {(libcrux_ml_kem::vector::traits::Operations for
-libcrux_ml_kem::vector::portable::vector_type::PortableVector)}
-*/
-static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector
-libcrux_ml_kem_vector_portable_ZERO_0d(void) {
+libcrux_ml_kem_vector_portable_ZERO_b8(void) {
return libcrux_ml_kem_vector_portable_vector_type_zero();
}
@@ -6716,11 +5594,11 @@ libcrux_ml_kem_vector_portable_arithmetic_add(
}
/**
-This function found in impl {(libcrux_ml_kem::vector::traits::Operations for
-libcrux_ml_kem::vector::portable::vector_type::PortableVector)}
+This function found in impl {libcrux_ml_kem::vector::traits::Operations for
+libcrux_ml_kem::vector::portable::vector_type::PortableVector}
*/
static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector
-libcrux_ml_kem_vector_portable_add_0d(
+libcrux_ml_kem_vector_portable_add_b8(
libcrux_ml_kem_vector_portable_vector_type_PortableVector lhs,
libcrux_ml_kem_vector_portable_vector_type_PortableVector *rhs) {
return libcrux_ml_kem_vector_portable_arithmetic_add(lhs, rhs);
@@ -6740,11 +5618,11 @@ libcrux_ml_kem_vector_portable_arithmetic_sub(
}
/**
-This function found in impl {(libcrux_ml_kem::vector::traits::Operations for
-libcrux_ml_kem::vector::portable::vector_type::PortableVector)}
+This function found in impl {libcrux_ml_kem::vector::traits::Operations for
+libcrux_ml_kem::vector::portable::vector_type::PortableVector}
*/
static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector
-libcrux_ml_kem_vector_portable_sub_0d(
+libcrux_ml_kem_vector_portable_sub_b8(
libcrux_ml_kem_vector_portable_vector_type_PortableVector lhs,
libcrux_ml_kem_vector_portable_vector_type_PortableVector *rhs) {
return libcrux_ml_kem_vector_portable_arithmetic_sub(lhs, rhs);
@@ -6752,80 +5630,51 @@ libcrux_ml_kem_vector_portable_sub_0d(
static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector
libcrux_ml_kem_vector_portable_arithmetic_multiply_by_constant(
- libcrux_ml_kem_vector_portable_vector_type_PortableVector v, int16_t c) {
+ libcrux_ml_kem_vector_portable_vector_type_PortableVector vec, int16_t c) {
for (size_t i = (size_t)0U;
i < LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_ELEMENTS_IN_VECTOR; i++) {
size_t i0 = i;
size_t uu____0 = i0;
- v.elements[uu____0] = v.elements[uu____0] * c;
+ vec.elements[uu____0] = vec.elements[uu____0] * c;
}
- return v;
+ return vec;
}
/**
-This function found in impl {(libcrux_ml_kem::vector::traits::Operations for
-libcrux_ml_kem::vector::portable::vector_type::PortableVector)}
+This function found in impl {libcrux_ml_kem::vector::traits::Operations for
+libcrux_ml_kem::vector::portable::vector_type::PortableVector}
*/
static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector
-libcrux_ml_kem_vector_portable_multiply_by_constant_0d(
- libcrux_ml_kem_vector_portable_vector_type_PortableVector v, int16_t c) {
- return libcrux_ml_kem_vector_portable_arithmetic_multiply_by_constant(v, c);
-}
-
-static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector
-libcrux_ml_kem_vector_portable_arithmetic_bitwise_and_with_constant(
- libcrux_ml_kem_vector_portable_vector_type_PortableVector v, int16_t c) {
- for (size_t i = (size_t)0U;
- i < LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_ELEMENTS_IN_VECTOR; i++) {
- size_t i0 = i;
- size_t uu____0 = i0;
- v.elements[uu____0] = v.elements[uu____0] & c;
- }
- return v;
+libcrux_ml_kem_vector_portable_multiply_by_constant_b8(
+ libcrux_ml_kem_vector_portable_vector_type_PortableVector vec, int16_t c) {
+ return libcrux_ml_kem_vector_portable_arithmetic_multiply_by_constant(vec, c);
}
/**
-This function found in impl {(libcrux_ml_kem::vector::traits::Operations for
-libcrux_ml_kem::vector::portable::vector_type::PortableVector)}
+ Note: This function is not secret independent
+ Only use with public values.
*/
-static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector
-libcrux_ml_kem_vector_portable_bitwise_and_with_constant_0d(
- libcrux_ml_kem_vector_portable_vector_type_PortableVector v, int16_t c) {
- return libcrux_ml_kem_vector_portable_arithmetic_bitwise_and_with_constant(v,
- c);
-}
-
static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector
libcrux_ml_kem_vector_portable_arithmetic_cond_subtract_3329(
- libcrux_ml_kem_vector_portable_vector_type_PortableVector v) {
- core_ops_range_Range_b3 iter =
- core_iter_traits_collect___core__iter__traits__collect__IntoIterator_for_I__1__into_iter(
- (CLITERAL(core_ops_range_Range_b3){
- .start = (size_t)0U,
- .end = LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_ELEMENTS_IN_VECTOR}),
- core_ops_range_Range_b3, core_ops_range_Range_b3);
- while (true) {
- Option_b3 uu____0 =
- core_iter_range___core__iter__traits__iterator__Iterator_for_core__ops__range__Range_A___6__next(
- &iter, size_t, Option_b3);
- if (!(uu____0.tag == None)) {
- size_t i = uu____0.f0;
- if (v.elements[i] >= (int16_t)3329) {
- size_t uu____1 = i;
- v.elements[uu____1] = v.elements[uu____1] - (int16_t)3329;
- }
- continue;
+ libcrux_ml_kem_vector_portable_vector_type_PortableVector vec) {
+ for (size_t i = (size_t)0U;
+ i < LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_ELEMENTS_IN_VECTOR; i++) {
+ size_t i0 = i;
+ if (libcrux_secrets_int_public_integers_declassify_d8_39(
+ vec.elements[i0]) >= (int16_t)3329) {
+ size_t uu____0 = i0;
+ vec.elements[uu____0] = vec.elements[uu____0] - (int16_t)3329;
}
- return v;
}
+ return vec;
}
/**
-This function found in impl {(libcrux_ml_kem::vector::traits::Operations for
-libcrux_ml_kem::vector::portable::vector_type::PortableVector)}
+This function found in impl {libcrux_ml_kem::vector::traits::Operations for
+libcrux_ml_kem::vector::portable::vector_type::PortableVector}
*/
static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector
-libcrux_ml_kem_vector_portable_cond_subtract_3329_0d(
+libcrux_ml_kem_vector_portable_cond_subtract_3329_b8(
libcrux_ml_kem_vector_portable_vector_type_PortableVector v) {
return libcrux_ml_kem_vector_portable_arithmetic_cond_subtract_3329(v);
}
@@ -6833,11 +5682,10 @@ libcrux_ml_kem_vector_portable_cond_subtract_3329_0d(
#define LIBCRUX_ML_KEM_VECTOR_PORTABLE_ARITHMETIC_BARRETT_MULTIPLIER \
((int32_t)20159)
-#define LIBCRUX_ML_KEM_VECTOR_PORTABLE_ARITHMETIC_BARRETT_SHIFT ((int32_t)26)
+#define LIBCRUX_ML_KEM_VECTOR_TRAITS_BARRETT_SHIFT ((int32_t)26)
-#define LIBCRUX_ML_KEM_VECTOR_PORTABLE_ARITHMETIC_BARRETT_R \
- ((int32_t)1 << (uint32_t) \
- LIBCRUX_ML_KEM_VECTOR_PORTABLE_ARITHMETIC_BARRETT_SHIFT)
+#define LIBCRUX_ML_KEM_VECTOR_TRAITS_BARRETT_R \
+ ((int32_t)1 << (uint32_t)LIBCRUX_ML_KEM_VECTOR_TRAITS_BARRETT_SHIFT)
/**
Signed Barrett Reduction
@@ -6850,50 +5698,47 @@ libcrux_ml_kem_vector_portable_cond_subtract_3329_0d(
`|result| ≤ FIELD_MODULUS / 2 · (|value|/BARRETT_R + 1)
- In particular, if `|value| < BARRETT_R`, then `|result| < FIELD_MODULUS`.
+ Note: The input bound is 28296 to prevent overflow in the multiplication of
+ quotient by FIELD_MODULUS
+
*/
static inline int16_t
libcrux_ml_kem_vector_portable_arithmetic_barrett_reduce_element(
int16_t value) {
- int32_t t = (int32_t)value *
+ int32_t t = libcrux_secrets_int_as_i32_f5(value) *
LIBCRUX_ML_KEM_VECTOR_PORTABLE_ARITHMETIC_BARRETT_MULTIPLIER +
- (LIBCRUX_ML_KEM_VECTOR_PORTABLE_ARITHMETIC_BARRETT_R >> 1U);
- int16_t quotient =
- (int16_t)(t >>
- (uint32_t)
- LIBCRUX_ML_KEM_VECTOR_PORTABLE_ARITHMETIC_BARRETT_SHIFT);
+ (LIBCRUX_ML_KEM_VECTOR_TRAITS_BARRETT_R >> 1U);
+ int16_t quotient = libcrux_secrets_int_as_i16_36(
+ t >> (uint32_t)LIBCRUX_ML_KEM_VECTOR_TRAITS_BARRETT_SHIFT);
return value - quotient * LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_MODULUS;
}
static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector
libcrux_ml_kem_vector_portable_arithmetic_barrett_reduce(
- libcrux_ml_kem_vector_portable_vector_type_PortableVector v) {
+ libcrux_ml_kem_vector_portable_vector_type_PortableVector vec) {
for (size_t i = (size_t)0U;
i < LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_ELEMENTS_IN_VECTOR; i++) {
size_t i0 = i;
- v.elements[i0] =
+ int16_t vi =
libcrux_ml_kem_vector_portable_arithmetic_barrett_reduce_element(
- v.elements[i0]);
+ vec.elements[i0]);
+ vec.elements[i0] = vi;
}
- return v;
+ return vec;
}
/**
-This function found in impl {(libcrux_ml_kem::vector::traits::Operations for
-libcrux_ml_kem::vector::portable::vector_type::PortableVector)}
+This function found in impl {libcrux_ml_kem::vector::traits::Operations for
+libcrux_ml_kem::vector::portable::vector_type::PortableVector}
*/
static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector
-libcrux_ml_kem_vector_portable_barrett_reduce_0d(
- libcrux_ml_kem_vector_portable_vector_type_PortableVector v) {
- return libcrux_ml_kem_vector_portable_arithmetic_barrett_reduce(v);
+libcrux_ml_kem_vector_portable_barrett_reduce_b8(
+ libcrux_ml_kem_vector_portable_vector_type_PortableVector vector) {
+ return libcrux_ml_kem_vector_portable_arithmetic_barrett_reduce(vector);
}
#define LIBCRUX_ML_KEM_VECTOR_PORTABLE_ARITHMETIC_MONTGOMERY_SHIFT (16U)
-#define LIBCRUX_ML_KEM_VECTOR_PORTABLE_ARITHMETIC_MONTGOMERY_R \
- ((int32_t)1 << (uint32_t) \
- LIBCRUX_ML_KEM_VECTOR_PORTABLE_ARITHMETIC_MONTGOMERY_SHIFT)
-
/**
Signed Montgomery Reduction
@@ -6903,27 +5748,32 @@ libcrux_ml_kem_vector_portable_barrett_reduce_0d(
- o ≡ value · MONTGOMERY_R^(-1) (mod FIELD_MODULUS)
- the absolute value of `o` is bound as follows:
- `|result| ≤ (|value| / MONTGOMERY_R) + (FIELD_MODULUS / 2)
+ `|result| ≤ ceil(|value| / MONTGOMERY_R) + 1665
+
+ In particular, if `|value| ≤ FIELD_MODULUS-1 * FIELD_MODULUS-1`, then `|o| <=
+ FIELD_MODULUS-1`. And, if `|value| ≤ pow2 16 * FIELD_MODULUS-1`, then `|o| <=
+ FIELD_MODULUS + 1664
- In particular, if `|value| ≤ FIELD_MODULUS * MONTGOMERY_R`, then `|o| < (3 ·
- FIELD_MODULUS) / 2`.
*/
static inline int16_t
libcrux_ml_kem_vector_portable_arithmetic_montgomery_reduce_element(
int32_t value) {
int32_t k =
- (int32_t)(int16_t)value *
- (int32_t)LIBCRUX_ML_KEM_VECTOR_TRAITS_INVERSE_OF_MODULUS_MOD_MONTGOMERY_R;
+ libcrux_secrets_int_as_i32_f5(libcrux_secrets_int_as_i16_36(value)) *
+ libcrux_secrets_int_as_i32_b8(
+ libcrux_secrets_int_public_integers_classify_27_df(
+ LIBCRUX_ML_KEM_VECTOR_TRAITS_INVERSE_OF_MODULUS_MOD_MONTGOMERY_R));
int32_t k_times_modulus =
- (int32_t)(int16_t)k * (int32_t)LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_MODULUS;
- int16_t c =
- (int16_t)(k_times_modulus >>
- (uint32_t)
- LIBCRUX_ML_KEM_VECTOR_PORTABLE_ARITHMETIC_MONTGOMERY_SHIFT);
- int16_t value_high =
- (int16_t)(value >>
- (uint32_t)
- LIBCRUX_ML_KEM_VECTOR_PORTABLE_ARITHMETIC_MONTGOMERY_SHIFT);
+ libcrux_secrets_int_as_i32_f5(libcrux_secrets_int_as_i16_36(k)) *
+ libcrux_secrets_int_as_i32_f5(
+ libcrux_secrets_int_public_integers_classify_27_39(
+ LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_MODULUS));
+ int16_t c = libcrux_secrets_int_as_i16_36(
+ k_times_modulus >>
+ (uint32_t)LIBCRUX_ML_KEM_VECTOR_PORTABLE_ARITHMETIC_MONTGOMERY_SHIFT);
+ int16_t value_high = libcrux_secrets_int_as_i16_36(
+ value >>
+ (uint32_t)LIBCRUX_ML_KEM_VECTOR_PORTABLE_ARITHMETIC_MONTGOMERY_SHIFT);
return value_high - c;
}
@@ -6941,32 +5791,85 @@ libcrux_ml_kem_vector_portable_arithmetic_montgomery_reduce_element(
static KRML_MUSTINLINE int16_t
libcrux_ml_kem_vector_portable_arithmetic_montgomery_multiply_fe_by_fer(
int16_t fe, int16_t fer) {
+ int32_t product =
+ libcrux_secrets_int_as_i32_f5(fe) * libcrux_secrets_int_as_i32_f5(fer);
return libcrux_ml_kem_vector_portable_arithmetic_montgomery_reduce_element(
- (int32_t)fe * (int32_t)fer);
+ product);
}
static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector
libcrux_ml_kem_vector_portable_arithmetic_montgomery_multiply_by_constant(
- libcrux_ml_kem_vector_portable_vector_type_PortableVector v, int16_t c) {
+ libcrux_ml_kem_vector_portable_vector_type_PortableVector vec, int16_t c) {
for (size_t i = (size_t)0U;
i < LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_ELEMENTS_IN_VECTOR; i++) {
size_t i0 = i;
- v.elements[i0] =
+ vec.elements[i0] =
libcrux_ml_kem_vector_portable_arithmetic_montgomery_multiply_fe_by_fer(
- v.elements[i0], c);
+ vec.elements[i0], c);
}
- return v;
+ return vec;
}
/**
-This function found in impl {(libcrux_ml_kem::vector::traits::Operations for
-libcrux_ml_kem::vector::portable::vector_type::PortableVector)}
+This function found in impl {libcrux_ml_kem::vector::traits::Operations for
+libcrux_ml_kem::vector::portable::vector_type::PortableVector}
*/
static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector
-libcrux_ml_kem_vector_portable_montgomery_multiply_by_constant_0d(
- libcrux_ml_kem_vector_portable_vector_type_PortableVector v, int16_t r) {
+libcrux_ml_kem_vector_portable_montgomery_multiply_by_constant_b8(
+ libcrux_ml_kem_vector_portable_vector_type_PortableVector vector,
+ int16_t constant) {
return libcrux_ml_kem_vector_portable_arithmetic_montgomery_multiply_by_constant(
- v, r);
+ vector, libcrux_secrets_int_public_integers_classify_27_39(constant));
+}
+
+static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector
+libcrux_ml_kem_vector_portable_arithmetic_bitwise_and_with_constant(
+ libcrux_ml_kem_vector_portable_vector_type_PortableVector vec, int16_t c) {
+ for (size_t i = (size_t)0U;
+ i < LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_ELEMENTS_IN_VECTOR; i++) {
+ size_t i0 = i;
+ size_t uu____0 = i0;
+ vec.elements[uu____0] = vec.elements[uu____0] & c;
+ }
+ return vec;
+}
+
+/**
+A monomorphic instance of libcrux_ml_kem.vector.portable.arithmetic.shift_right
+with const generics
+- SHIFT_BY= 15
+*/
+static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector
+libcrux_ml_kem_vector_portable_arithmetic_shift_right_ef(
+ libcrux_ml_kem_vector_portable_vector_type_PortableVector vec) {
+ for (size_t i = (size_t)0U;
+ i < LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_ELEMENTS_IN_VECTOR; i++) {
+ size_t i0 = i;
+ vec.elements[i0] = vec.elements[i0] >> (uint32_t)(int32_t)15;
+ }
+ return vec;
+}
+
+static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector
+libcrux_ml_kem_vector_portable_arithmetic_to_unsigned_representative(
+ libcrux_ml_kem_vector_portable_vector_type_PortableVector a) {
+ libcrux_ml_kem_vector_portable_vector_type_PortableVector t =
+ libcrux_ml_kem_vector_portable_arithmetic_shift_right_ef(a);
+ libcrux_ml_kem_vector_portable_vector_type_PortableVector fm =
+ libcrux_ml_kem_vector_portable_arithmetic_bitwise_and_with_constant(
+ t, LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_MODULUS);
+ return libcrux_ml_kem_vector_portable_arithmetic_add(a, &fm);
+}
+
+/**
+This function found in impl {libcrux_ml_kem::vector::traits::Operations for
+libcrux_ml_kem::vector::portable::vector_type::PortableVector}
+*/
+static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector
+libcrux_ml_kem_vector_portable_to_unsigned_representative_b8(
+ libcrux_ml_kem_vector_portable_vector_type_PortableVector a) {
+ return libcrux_ml_kem_vector_portable_arithmetic_to_unsigned_representative(
+ a);
}
/**
@@ -6994,34 +5897,38 @@ libcrux_ml_kem_vector_portable_montgomery_multiply_by_constant_0d(
static inline uint8_t
libcrux_ml_kem_vector_portable_compress_compress_message_coefficient(
uint16_t fe) {
- int16_t shifted = (int16_t)1664 - (int16_t)fe;
+ int16_t shifted =
+ libcrux_secrets_int_public_integers_classify_27_39((int16_t)1664) -
+ libcrux_secrets_int_as_i16_ca(fe);
int16_t mask = shifted >> 15U;
int16_t shifted_to_positive = mask ^ shifted;
int16_t shifted_positive_in_range = shifted_to_positive - (int16_t)832;
- return (uint8_t)(shifted_positive_in_range >> 15U & (int16_t)1);
+ int16_t r0 = shifted_positive_in_range >> 15U;
+ int16_t r1 = r0 & (int16_t)1;
+ return libcrux_secrets_int_as_u8_f5(r1);
}
static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector
libcrux_ml_kem_vector_portable_compress_compress_1(
- libcrux_ml_kem_vector_portable_vector_type_PortableVector v) {
+ libcrux_ml_kem_vector_portable_vector_type_PortableVector a) {
for (size_t i = (size_t)0U;
i < LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_ELEMENTS_IN_VECTOR; i++) {
size_t i0 = i;
- v.elements[i0] = (int16_t)
+ a.elements[i0] = libcrux_secrets_int_as_i16_59(
libcrux_ml_kem_vector_portable_compress_compress_message_coefficient(
- (uint16_t)v.elements[i0]);
+ libcrux_secrets_int_as_u16_f5(a.elements[i0])));
}
- return v;
+ return a;
}
/**
-This function found in impl {(libcrux_ml_kem::vector::traits::Operations for
-libcrux_ml_kem::vector::portable::vector_type::PortableVector)}
+This function found in impl {libcrux_ml_kem::vector::traits::Operations for
+libcrux_ml_kem::vector::portable::vector_type::PortableVector}
*/
static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector
-libcrux_ml_kem_vector_portable_compress_1_0d(
- libcrux_ml_kem_vector_portable_vector_type_PortableVector v) {
- return libcrux_ml_kem_vector_portable_compress_compress_1(v);
+libcrux_ml_kem_vector_portable_compress_1_b8(
+ libcrux_ml_kem_vector_portable_vector_type_PortableVector a) {
+ return libcrux_ml_kem_vector_portable_compress_compress_1(a);
}
static KRML_MUSTINLINE uint32_t
@@ -7033,54 +5940,81 @@ libcrux_ml_kem_vector_portable_arithmetic_get_n_least_significant_bits(
static inline int16_t
libcrux_ml_kem_vector_portable_compress_compress_ciphertext_coefficient(
uint8_t coefficient_bits, uint16_t fe) {
- uint64_t compressed = (uint64_t)fe << (uint32_t)coefficient_bits;
+ uint64_t compressed = libcrux_secrets_int_as_u64_ca(fe)
+ << (uint32_t)coefficient_bits;
compressed = compressed + 1664ULL;
compressed = compressed * 10321340ULL;
compressed = compressed >> 35U;
- return (int16_t)
+ return libcrux_secrets_int_as_i16_b8(
libcrux_ml_kem_vector_portable_arithmetic_get_n_least_significant_bits(
- coefficient_bits, (uint32_t)compressed);
+ coefficient_bits, libcrux_secrets_int_as_u32_a3(compressed)));
+}
+
+static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector
+libcrux_ml_kem_vector_portable_compress_decompress_1(
+ libcrux_ml_kem_vector_portable_vector_type_PortableVector a) {
+ libcrux_ml_kem_vector_portable_vector_type_PortableVector z =
+ libcrux_ml_kem_vector_portable_vector_type_zero();
+ libcrux_ml_kem_vector_portable_vector_type_PortableVector s =
+ libcrux_ml_kem_vector_portable_arithmetic_sub(z, &a);
+ libcrux_ml_kem_vector_portable_vector_type_PortableVector res =
+ libcrux_ml_kem_vector_portable_arithmetic_bitwise_and_with_constant(
+ s, (int16_t)1665);
+ return res;
+}
+
+/**
+This function found in impl {libcrux_ml_kem::vector::traits::Operations for
+libcrux_ml_kem::vector::portable::vector_type::PortableVector}
+*/
+static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector
+libcrux_ml_kem_vector_portable_decompress_1_b8(
+ libcrux_ml_kem_vector_portable_vector_type_PortableVector a) {
+ return libcrux_ml_kem_vector_portable_compress_decompress_1(a);
}
static KRML_MUSTINLINE void libcrux_ml_kem_vector_portable_ntt_ntt_step(
- libcrux_ml_kem_vector_portable_vector_type_PortableVector *v, int16_t zeta,
- size_t i, size_t j) {
+ libcrux_ml_kem_vector_portable_vector_type_PortableVector *vec,
+ int16_t zeta, size_t i, size_t j) {
int16_t t =
libcrux_ml_kem_vector_portable_arithmetic_montgomery_multiply_fe_by_fer(
- v->elements[j], zeta);
- v->elements[j] = v->elements[i] - t;
- v->elements[i] = v->elements[i] + t;
+ vec->elements[j],
+ libcrux_secrets_int_public_integers_classify_27_39(zeta));
+ int16_t a_minus_t = vec->elements[i] - t;
+ int16_t a_plus_t = vec->elements[i] + t;
+ vec->elements[j] = a_minus_t;
+ vec->elements[i] = a_plus_t;
}
static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector
libcrux_ml_kem_vector_portable_ntt_ntt_layer_1_step(
- libcrux_ml_kem_vector_portable_vector_type_PortableVector v, int16_t zeta0,
- int16_t zeta1, int16_t zeta2, int16_t zeta3) {
- libcrux_ml_kem_vector_portable_ntt_ntt_step(&v, zeta0, (size_t)0U,
+ libcrux_ml_kem_vector_portable_vector_type_PortableVector vec,
+ int16_t zeta0, int16_t zeta1, int16_t zeta2, int16_t zeta3) {
+ libcrux_ml_kem_vector_portable_ntt_ntt_step(&vec, zeta0, (size_t)0U,
(size_t)2U);
- libcrux_ml_kem_vector_portable_ntt_ntt_step(&v, zeta0, (size_t)1U,
+ libcrux_ml_kem_vector_portable_ntt_ntt_step(&vec, zeta0, (size_t)1U,
(size_t)3U);
- libcrux_ml_kem_vector_portable_ntt_ntt_step(&v, zeta1, (size_t)4U,
+ libcrux_ml_kem_vector_portable_ntt_ntt_step(&vec, zeta1, (size_t)4U,
(size_t)6U);
- libcrux_ml_kem_vector_portable_ntt_ntt_step(&v, zeta1, (size_t)5U,
+ libcrux_ml_kem_vector_portable_ntt_ntt_step(&vec, zeta1, (size_t)5U,
(size_t)7U);
- libcrux_ml_kem_vector_portable_ntt_ntt_step(&v, zeta2, (size_t)8U,
+ libcrux_ml_kem_vector_portable_ntt_ntt_step(&vec, zeta2, (size_t)8U,
(size_t)10U);
- libcrux_ml_kem_vector_portable_ntt_ntt_step(&v, zeta2, (size_t)9U,
+ libcrux_ml_kem_vector_portable_ntt_ntt_step(&vec, zeta2, (size_t)9U,
(size_t)11U);
- libcrux_ml_kem_vector_portable_ntt_ntt_step(&v, zeta3, (size_t)12U,
+ libcrux_ml_kem_vector_portable_ntt_ntt_step(&vec, zeta3, (size_t)12U,
(size_t)14U);
- libcrux_ml_kem_vector_portable_ntt_ntt_step(&v, zeta3, (size_t)13U,
+ libcrux_ml_kem_vector_portable_ntt_ntt_step(&vec, zeta3, (size_t)13U,
(size_t)15U);
- return v;
+ return vec;
}
/**
-This function found in impl {(libcrux_ml_kem::vector::traits::Operations for
-libcrux_ml_kem::vector::portable::vector_type::PortableVector)}
+This function found in impl {libcrux_ml_kem::vector::traits::Operations for
+libcrux_ml_kem::vector::portable::vector_type::PortableVector}
*/
static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector
-libcrux_ml_kem_vector_portable_ntt_layer_1_step_0d(
+libcrux_ml_kem_vector_portable_ntt_layer_1_step_b8(
libcrux_ml_kem_vector_portable_vector_type_PortableVector a, int16_t zeta0,
int16_t zeta1, int16_t zeta2, int16_t zeta3) {
return libcrux_ml_kem_vector_portable_ntt_ntt_layer_1_step(a, zeta0, zeta1,
@@ -7089,33 +6023,33 @@ libcrux_ml_kem_vector_portable_ntt_layer_1_step_0d(
static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector
libcrux_ml_kem_vector_portable_ntt_ntt_layer_2_step(
- libcrux_ml_kem_vector_portable_vector_type_PortableVector v, int16_t zeta0,
- int16_t zeta1) {
- libcrux_ml_kem_vector_portable_ntt_ntt_step(&v, zeta0, (size_t)0U,
+ libcrux_ml_kem_vector_portable_vector_type_PortableVector vec,
+ int16_t zeta0, int16_t zeta1) {
+ libcrux_ml_kem_vector_portable_ntt_ntt_step(&vec, zeta0, (size_t)0U,
(size_t)4U);
- libcrux_ml_kem_vector_portable_ntt_ntt_step(&v, zeta0, (size_t)1U,
+ libcrux_ml_kem_vector_portable_ntt_ntt_step(&vec, zeta0, (size_t)1U,
(size_t)5U);
- libcrux_ml_kem_vector_portable_ntt_ntt_step(&v, zeta0, (size_t)2U,
+ libcrux_ml_kem_vector_portable_ntt_ntt_step(&vec, zeta0, (size_t)2U,
(size_t)6U);
- libcrux_ml_kem_vector_portable_ntt_ntt_step(&v, zeta0, (size_t)3U,
+ libcrux_ml_kem_vector_portable_ntt_ntt_step(&vec, zeta0, (size_t)3U,
(size_t)7U);
- libcrux_ml_kem_vector_portable_ntt_ntt_step(&v, zeta1, (size_t)8U,
+ libcrux_ml_kem_vector_portable_ntt_ntt_step(&vec, zeta1, (size_t)8U,
(size_t)12U);
- libcrux_ml_kem_vector_portable_ntt_ntt_step(&v, zeta1, (size_t)9U,
+ libcrux_ml_kem_vector_portable_ntt_ntt_step(&vec, zeta1, (size_t)9U,
(size_t)13U);
- libcrux_ml_kem_vector_portable_ntt_ntt_step(&v, zeta1, (size_t)10U,
+ libcrux_ml_kem_vector_portable_ntt_ntt_step(&vec, zeta1, (size_t)10U,
(size_t)14U);
- libcrux_ml_kem_vector_portable_ntt_ntt_step(&v, zeta1, (size_t)11U,
+ libcrux_ml_kem_vector_portable_ntt_ntt_step(&vec, zeta1, (size_t)11U,
(size_t)15U);
- return v;
+ return vec;
}
/**
-This function found in impl {(libcrux_ml_kem::vector::traits::Operations for
-libcrux_ml_kem::vector::portable::vector_type::PortableVector)}
+This function found in impl {libcrux_ml_kem::vector::traits::Operations for
+libcrux_ml_kem::vector::portable::vector_type::PortableVector}
*/
static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector
-libcrux_ml_kem_vector_portable_ntt_layer_2_step_0d(
+libcrux_ml_kem_vector_portable_ntt_layer_2_step_b8(
libcrux_ml_kem_vector_portable_vector_type_PortableVector a, int16_t zeta0,
int16_t zeta1) {
return libcrux_ml_kem_vector_portable_ntt_ntt_layer_2_step(a, zeta0, zeta1);
@@ -7123,75 +6057,80 @@ libcrux_ml_kem_vector_portable_ntt_layer_2_step_0d(
static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector
libcrux_ml_kem_vector_portable_ntt_ntt_layer_3_step(
- libcrux_ml_kem_vector_portable_vector_type_PortableVector v, int16_t zeta) {
- libcrux_ml_kem_vector_portable_ntt_ntt_step(&v, zeta, (size_t)0U, (size_t)8U);
- libcrux_ml_kem_vector_portable_ntt_ntt_step(&v, zeta, (size_t)1U, (size_t)9U);
- libcrux_ml_kem_vector_portable_ntt_ntt_step(&v, zeta, (size_t)2U,
+ libcrux_ml_kem_vector_portable_vector_type_PortableVector vec,
+ int16_t zeta) {
+ libcrux_ml_kem_vector_portable_ntt_ntt_step(&vec, zeta, (size_t)0U,
+ (size_t)8U);
+ libcrux_ml_kem_vector_portable_ntt_ntt_step(&vec, zeta, (size_t)1U,
+ (size_t)9U);
+ libcrux_ml_kem_vector_portable_ntt_ntt_step(&vec, zeta, (size_t)2U,
(size_t)10U);
- libcrux_ml_kem_vector_portable_ntt_ntt_step(&v, zeta, (size_t)3U,
+ libcrux_ml_kem_vector_portable_ntt_ntt_step(&vec, zeta, (size_t)3U,
(size_t)11U);
- libcrux_ml_kem_vector_portable_ntt_ntt_step(&v, zeta, (size_t)4U,
+ libcrux_ml_kem_vector_portable_ntt_ntt_step(&vec, zeta, (size_t)4U,
(size_t)12U);
- libcrux_ml_kem_vector_portable_ntt_ntt_step(&v, zeta, (size_t)5U,
+ libcrux_ml_kem_vector_portable_ntt_ntt_step(&vec, zeta, (size_t)5U,
(size_t)13U);
- libcrux_ml_kem_vector_portable_ntt_ntt_step(&v, zeta, (size_t)6U,
+ libcrux_ml_kem_vector_portable_ntt_ntt_step(&vec, zeta, (size_t)6U,
(size_t)14U);
- libcrux_ml_kem_vector_portable_ntt_ntt_step(&v, zeta, (size_t)7U,
+ libcrux_ml_kem_vector_portable_ntt_ntt_step(&vec, zeta, (size_t)7U,
(size_t)15U);
- return v;
+ return vec;
}
/**
-This function found in impl {(libcrux_ml_kem::vector::traits::Operations for
-libcrux_ml_kem::vector::portable::vector_type::PortableVector)}
+This function found in impl {libcrux_ml_kem::vector::traits::Operations for
+libcrux_ml_kem::vector::portable::vector_type::PortableVector}
*/
static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector
-libcrux_ml_kem_vector_portable_ntt_layer_3_step_0d(
+libcrux_ml_kem_vector_portable_ntt_layer_3_step_b8(
libcrux_ml_kem_vector_portable_vector_type_PortableVector a, int16_t zeta) {
return libcrux_ml_kem_vector_portable_ntt_ntt_layer_3_step(a, zeta);
}
static KRML_MUSTINLINE void libcrux_ml_kem_vector_portable_ntt_inv_ntt_step(
- libcrux_ml_kem_vector_portable_vector_type_PortableVector *v, int16_t zeta,
- size_t i, size_t j) {
- int16_t a_minus_b = v->elements[j] - v->elements[i];
- v->elements[i] =
- libcrux_ml_kem_vector_portable_arithmetic_barrett_reduce_element(
- v->elements[i] + v->elements[j]);
- v->elements[j] =
+ libcrux_ml_kem_vector_portable_vector_type_PortableVector *vec,
+ int16_t zeta, size_t i, size_t j) {
+ int16_t a_minus_b = vec->elements[j] - vec->elements[i];
+ int16_t a_plus_b = vec->elements[j] + vec->elements[i];
+ int16_t o0 = libcrux_ml_kem_vector_portable_arithmetic_barrett_reduce_element(
+ a_plus_b);
+ int16_t o1 =
libcrux_ml_kem_vector_portable_arithmetic_montgomery_multiply_fe_by_fer(
- a_minus_b, zeta);
+ a_minus_b, libcrux_secrets_int_public_integers_classify_27_39(zeta));
+ vec->elements[i] = o0;
+ vec->elements[j] = o1;
}
static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector
libcrux_ml_kem_vector_portable_ntt_inv_ntt_layer_1_step(
- libcrux_ml_kem_vector_portable_vector_type_PortableVector v, int16_t zeta0,
- int16_t zeta1, int16_t zeta2, int16_t zeta3) {
- libcrux_ml_kem_vector_portable_ntt_inv_ntt_step(&v, zeta0, (size_t)0U,
+ libcrux_ml_kem_vector_portable_vector_type_PortableVector vec,
+ int16_t zeta0, int16_t zeta1, int16_t zeta2, int16_t zeta3) {
+ libcrux_ml_kem_vector_portable_ntt_inv_ntt_step(&vec, zeta0, (size_t)0U,
(size_t)2U);
- libcrux_ml_kem_vector_portable_ntt_inv_ntt_step(&v, zeta0, (size_t)1U,
+ libcrux_ml_kem_vector_portable_ntt_inv_ntt_step(&vec, zeta0, (size_t)1U,
(size_t)3U);
- libcrux_ml_kem_vector_portable_ntt_inv_ntt_step(&v, zeta1, (size_t)4U,
+ libcrux_ml_kem_vector_portable_ntt_inv_ntt_step(&vec, zeta1, (size_t)4U,
(size_t)6U);
- libcrux_ml_kem_vector_portable_ntt_inv_ntt_step(&v, zeta1, (size_t)5U,
+ libcrux_ml_kem_vector_portable_ntt_inv_ntt_step(&vec, zeta1, (size_t)5U,
(size_t)7U);
- libcrux_ml_kem_vector_portable_ntt_inv_ntt_step(&v, zeta2, (size_t)8U,
+ libcrux_ml_kem_vector_portable_ntt_inv_ntt_step(&vec, zeta2, (size_t)8U,
(size_t)10U);
- libcrux_ml_kem_vector_portable_ntt_inv_ntt_step(&v, zeta2, (size_t)9U,
+ libcrux_ml_kem_vector_portable_ntt_inv_ntt_step(&vec, zeta2, (size_t)9U,
(size_t)11U);
- libcrux_ml_kem_vector_portable_ntt_inv_ntt_step(&v, zeta3, (size_t)12U,
+ libcrux_ml_kem_vector_portable_ntt_inv_ntt_step(&vec, zeta3, (size_t)12U,
(size_t)14U);
- libcrux_ml_kem_vector_portable_ntt_inv_ntt_step(&v, zeta3, (size_t)13U,
+ libcrux_ml_kem_vector_portable_ntt_inv_ntt_step(&vec, zeta3, (size_t)13U,
(size_t)15U);
- return v;
+ return vec;
}
/**
-This function found in impl {(libcrux_ml_kem::vector::traits::Operations for
-libcrux_ml_kem::vector::portable::vector_type::PortableVector)}
+This function found in impl {libcrux_ml_kem::vector::traits::Operations for
+libcrux_ml_kem::vector::portable::vector_type::PortableVector}
*/
static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector
-libcrux_ml_kem_vector_portable_inv_ntt_layer_1_step_0d(
+libcrux_ml_kem_vector_portable_inv_ntt_layer_1_step_b8(
libcrux_ml_kem_vector_portable_vector_type_PortableVector a, int16_t zeta0,
int16_t zeta1, int16_t zeta2, int16_t zeta3) {
return libcrux_ml_kem_vector_portable_ntt_inv_ntt_layer_1_step(
@@ -7200,33 +6139,33 @@ libcrux_ml_kem_vector_portable_inv_ntt_layer_1_step_0d(
static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector
libcrux_ml_kem_vector_portable_ntt_inv_ntt_layer_2_step(
- libcrux_ml_kem_vector_portable_vector_type_PortableVector v, int16_t zeta0,
- int16_t zeta1) {
- libcrux_ml_kem_vector_portable_ntt_inv_ntt_step(&v, zeta0, (size_t)0U,
+ libcrux_ml_kem_vector_portable_vector_type_PortableVector vec,
+ int16_t zeta0, int16_t zeta1) {
+ libcrux_ml_kem_vector_portable_ntt_inv_ntt_step(&vec, zeta0, (size_t)0U,
(size_t)4U);
- libcrux_ml_kem_vector_portable_ntt_inv_ntt_step(&v, zeta0, (size_t)1U,
+ libcrux_ml_kem_vector_portable_ntt_inv_ntt_step(&vec, zeta0, (size_t)1U,
(size_t)5U);
- libcrux_ml_kem_vector_portable_ntt_inv_ntt_step(&v, zeta0, (size_t)2U,
+ libcrux_ml_kem_vector_portable_ntt_inv_ntt_step(&vec, zeta0, (size_t)2U,
(size_t)6U);
- libcrux_ml_kem_vector_portable_ntt_inv_ntt_step(&v, zeta0, (size_t)3U,
+ libcrux_ml_kem_vector_portable_ntt_inv_ntt_step(&vec, zeta0, (size_t)3U,
(size_t)7U);
- libcrux_ml_kem_vector_portable_ntt_inv_ntt_step(&v, zeta1, (size_t)8U,
+ libcrux_ml_kem_vector_portable_ntt_inv_ntt_step(&vec, zeta1, (size_t)8U,
(size_t)12U);
- libcrux_ml_kem_vector_portable_ntt_inv_ntt_step(&v, zeta1, (size_t)9U,
+ libcrux_ml_kem_vector_portable_ntt_inv_ntt_step(&vec, zeta1, (size_t)9U,
(size_t)13U);
- libcrux_ml_kem_vector_portable_ntt_inv_ntt_step(&v, zeta1, (size_t)10U,
+ libcrux_ml_kem_vector_portable_ntt_inv_ntt_step(&vec, zeta1, (size_t)10U,
(size_t)14U);
- libcrux_ml_kem_vector_portable_ntt_inv_ntt_step(&v, zeta1, (size_t)11U,
+ libcrux_ml_kem_vector_portable_ntt_inv_ntt_step(&vec, zeta1, (size_t)11U,
(size_t)15U);
- return v;
+ return vec;
}
/**
-This function found in impl {(libcrux_ml_kem::vector::traits::Operations for
-libcrux_ml_kem::vector::portable::vector_type::PortableVector)}
+This function found in impl {libcrux_ml_kem::vector::traits::Operations for
+libcrux_ml_kem::vector::portable::vector_type::PortableVector}
*/
static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector
-libcrux_ml_kem_vector_portable_inv_ntt_layer_2_step_0d(
+libcrux_ml_kem_vector_portable_inv_ntt_layer_2_step_b8(
libcrux_ml_kem_vector_portable_vector_type_PortableVector a, int16_t zeta0,
int16_t zeta1) {
return libcrux_ml_kem_vector_portable_ntt_inv_ntt_layer_2_step(a, zeta0,
@@ -7235,32 +6174,33 @@ libcrux_ml_kem_vector_portable_inv_ntt_layer_2_step_0d(
static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector
libcrux_ml_kem_vector_portable_ntt_inv_ntt_layer_3_step(
- libcrux_ml_kem_vector_portable_vector_type_PortableVector v, int16_t zeta) {
- libcrux_ml_kem_vector_portable_ntt_inv_ntt_step(&v, zeta, (size_t)0U,
+ libcrux_ml_kem_vector_portable_vector_type_PortableVector vec,
+ int16_t zeta) {
+ libcrux_ml_kem_vector_portable_ntt_inv_ntt_step(&vec, zeta, (size_t)0U,
(size_t)8U);
- libcrux_ml_kem_vector_portable_ntt_inv_ntt_step(&v, zeta, (size_t)1U,
+ libcrux_ml_kem_vector_portable_ntt_inv_ntt_step(&vec, zeta, (size_t)1U,
(size_t)9U);
- libcrux_ml_kem_vector_portable_ntt_inv_ntt_step(&v, zeta, (size_t)2U,
+ libcrux_ml_kem_vector_portable_ntt_inv_ntt_step(&vec, zeta, (size_t)2U,
(size_t)10U);
- libcrux_ml_kem_vector_portable_ntt_inv_ntt_step(&v, zeta, (size_t)3U,
+ libcrux_ml_kem_vector_portable_ntt_inv_ntt_step(&vec, zeta, (size_t)3U,
(size_t)11U);
- libcrux_ml_kem_vector_portable_ntt_inv_ntt_step(&v, zeta, (size_t)4U,
+ libcrux_ml_kem_vector_portable_ntt_inv_ntt_step(&vec, zeta, (size_t)4U,
(size_t)12U);
- libcrux_ml_kem_vector_portable_ntt_inv_ntt_step(&v, zeta, (size_t)5U,
+ libcrux_ml_kem_vector_portable_ntt_inv_ntt_step(&vec, zeta, (size_t)5U,
(size_t)13U);
- libcrux_ml_kem_vector_portable_ntt_inv_ntt_step(&v, zeta, (size_t)6U,
+ libcrux_ml_kem_vector_portable_ntt_inv_ntt_step(&vec, zeta, (size_t)6U,
(size_t)14U);
- libcrux_ml_kem_vector_portable_ntt_inv_ntt_step(&v, zeta, (size_t)7U,
+ libcrux_ml_kem_vector_portable_ntt_inv_ntt_step(&vec, zeta, (size_t)7U,
(size_t)15U);
- return v;
+ return vec;
}
/**
-This function found in impl {(libcrux_ml_kem::vector::traits::Operations for
-libcrux_ml_kem::vector::portable::vector_type::PortableVector)}
+This function found in impl {libcrux_ml_kem::vector::traits::Operations for
+libcrux_ml_kem::vector::portable::vector_type::PortableVector}
*/
static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector
-libcrux_ml_kem_vector_portable_inv_ntt_layer_3_step_0d(
+libcrux_ml_kem_vector_portable_inv_ntt_layer_3_step_b8(
libcrux_ml_kem_vector_portable_vector_type_PortableVector a, int16_t zeta) {
return libcrux_ml_kem_vector_portable_ntt_inv_ntt_layer_3_step(a, zeta);
}
@@ -7291,20 +6231,34 @@ static KRML_MUSTINLINE void
libcrux_ml_kem_vector_portable_ntt_ntt_multiply_binomials(
libcrux_ml_kem_vector_portable_vector_type_PortableVector *a,
libcrux_ml_kem_vector_portable_vector_type_PortableVector *b, int16_t zeta,
- size_t i, size_t j,
- libcrux_ml_kem_vector_portable_vector_type_PortableVector *out) {
- int16_t o0 = libcrux_ml_kem_vector_portable_arithmetic_montgomery_reduce_element(
- (int32_t)a->elements[i] * (int32_t)b->elements[i] +
- (int32_t)
- libcrux_ml_kem_vector_portable_arithmetic_montgomery_reduce_element(
- (int32_t)a->elements[j] * (int32_t)b->elements[j]) *
- (int32_t)zeta);
+ size_t i, libcrux_ml_kem_vector_portable_vector_type_PortableVector *out) {
+ int16_t ai = a->elements[(size_t)2U * i];
+ int16_t bi = b->elements[(size_t)2U * i];
+ int16_t aj = a->elements[(size_t)2U * i + (size_t)1U];
+ int16_t bj = b->elements[(size_t)2U * i + (size_t)1U];
+ int32_t ai_bi =
+ libcrux_secrets_int_as_i32_f5(ai) * libcrux_secrets_int_as_i32_f5(bi);
+ int32_t aj_bj_ =
+ libcrux_secrets_int_as_i32_f5(aj) * libcrux_secrets_int_as_i32_f5(bj);
+ int16_t aj_bj =
+ libcrux_ml_kem_vector_portable_arithmetic_montgomery_reduce_element(
+ aj_bj_);
+ int32_t aj_bj_zeta = libcrux_secrets_int_as_i32_f5(aj_bj) *
+ libcrux_secrets_int_as_i32_f5(zeta);
+ int32_t ai_bi_aj_bj = ai_bi + aj_bj_zeta;
+ int16_t o0 =
+ libcrux_ml_kem_vector_portable_arithmetic_montgomery_reduce_element(
+ ai_bi_aj_bj);
+ int32_t ai_bj =
+ libcrux_secrets_int_as_i32_f5(ai) * libcrux_secrets_int_as_i32_f5(bj);
+ int32_t aj_bi =
+ libcrux_secrets_int_as_i32_f5(aj) * libcrux_secrets_int_as_i32_f5(bi);
+ int32_t ai_bj_aj_bi = ai_bj + aj_bi;
int16_t o1 =
libcrux_ml_kem_vector_portable_arithmetic_montgomery_reduce_element(
- (int32_t)a->elements[i] * (int32_t)b->elements[j] +
- (int32_t)a->elements[j] * (int32_t)b->elements[i]);
- out->elements[i] = o0;
- out->elements[j] = o1;
+ ai_bj_aj_bi);
+ out->elements[(size_t)2U * i] = o0;
+ out->elements[(size_t)2U * i + (size_t)1U] = o1;
}
static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector
@@ -7312,33 +6266,45 @@ libcrux_ml_kem_vector_portable_ntt_ntt_multiply(
libcrux_ml_kem_vector_portable_vector_type_PortableVector *lhs,
libcrux_ml_kem_vector_portable_vector_type_PortableVector *rhs,
int16_t zeta0, int16_t zeta1, int16_t zeta2, int16_t zeta3) {
+ int16_t nzeta0 = -zeta0;
+ int16_t nzeta1 = -zeta1;
+ int16_t nzeta2 = -zeta2;
+ int16_t nzeta3 = -zeta3;
libcrux_ml_kem_vector_portable_vector_type_PortableVector out =
libcrux_ml_kem_vector_portable_vector_type_zero();
libcrux_ml_kem_vector_portable_ntt_ntt_multiply_binomials(
- lhs, rhs, zeta0, (size_t)0U, (size_t)1U, &out);
+ lhs, rhs, libcrux_secrets_int_public_integers_classify_27_39(zeta0),
+ (size_t)0U, &out);
libcrux_ml_kem_vector_portable_ntt_ntt_multiply_binomials(
- lhs, rhs, -zeta0, (size_t)2U, (size_t)3U, &out);
+ lhs, rhs, libcrux_secrets_int_public_integers_classify_27_39(nzeta0),
+ (size_t)1U, &out);
libcrux_ml_kem_vector_portable_ntt_ntt_multiply_binomials(
- lhs, rhs, zeta1, (size_t)4U, (size_t)5U, &out);
+ lhs, rhs, libcrux_secrets_int_public_integers_classify_27_39(zeta1),
+ (size_t)2U, &out);
libcrux_ml_kem_vector_portable_ntt_ntt_multiply_binomials(
- lhs, rhs, -zeta1, (size_t)6U, (size_t)7U, &out);
+ lhs, rhs, libcrux_secrets_int_public_integers_classify_27_39(nzeta1),
+ (size_t)3U, &out);
libcrux_ml_kem_vector_portable_ntt_ntt_multiply_binomials(
- lhs, rhs, zeta2, (size_t)8U, (size_t)9U, &out);
+ lhs, rhs, libcrux_secrets_int_public_integers_classify_27_39(zeta2),
+ (size_t)4U, &out);
libcrux_ml_kem_vector_portable_ntt_ntt_multiply_binomials(
- lhs, rhs, -zeta2, (size_t)10U, (size_t)11U, &out);
+ lhs, rhs, libcrux_secrets_int_public_integers_classify_27_39(nzeta2),
+ (size_t)5U, &out);
libcrux_ml_kem_vector_portable_ntt_ntt_multiply_binomials(
- lhs, rhs, zeta3, (size_t)12U, (size_t)13U, &out);
+ lhs, rhs, libcrux_secrets_int_public_integers_classify_27_39(zeta3),
+ (size_t)6U, &out);
libcrux_ml_kem_vector_portable_ntt_ntt_multiply_binomials(
- lhs, rhs, -zeta3, (size_t)14U, (size_t)15U, &out);
+ lhs, rhs, libcrux_secrets_int_public_integers_classify_27_39(nzeta3),
+ (size_t)7U, &out);
return out;
}
/**
-This function found in impl {(libcrux_ml_kem::vector::traits::Operations for
-libcrux_ml_kem::vector::portable::vector_type::PortableVector)}
+This function found in impl {libcrux_ml_kem::vector::traits::Operations for
+libcrux_ml_kem::vector::portable::vector_type::PortableVector}
*/
static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector
-libcrux_ml_kem_vector_portable_ntt_multiply_0d(
+libcrux_ml_kem_vector_portable_ntt_multiply_b8(
libcrux_ml_kem_vector_portable_vector_type_PortableVector *lhs,
libcrux_ml_kem_vector_portable_vector_type_PortableVector *rhs,
int16_t zeta0, int16_t zeta1, int16_t zeta2, int16_t zeta3) {
@@ -7350,62 +6316,114 @@ static KRML_MUSTINLINE void
libcrux_ml_kem_vector_portable_serialize_serialize_1(
libcrux_ml_kem_vector_portable_vector_type_PortableVector v,
uint8_t ret[2U]) {
- uint8_t result[2U] = {0U};
- for (size_t i = (size_t)0U; i < (size_t)8U; i++) {
- size_t i0 = i;
- size_t uu____0 = (size_t)0U;
- result[uu____0] = (uint32_t)result[uu____0] |
- (uint32_t)(uint8_t)v.elements[i0] << (uint32_t)i0;
- }
- for (size_t i = (size_t)8U; i < (size_t)16U; i++) {
- size_t i0 = i;
- size_t uu____1 = (size_t)1U;
- result[uu____1] =
- (uint32_t)result[uu____1] | (uint32_t)(uint8_t)v.elements[i0]
- << (uint32_t)(i0 - (size_t)8U);
- }
- memcpy(ret, result, (size_t)2U * sizeof(uint8_t));
+ uint8_t result0 =
+ (((((((uint32_t)libcrux_secrets_int_as_u8_f5(v.elements[0U]) |
+ (uint32_t)libcrux_secrets_int_as_u8_f5(v.elements[1U]) << 1U) |
+ (uint32_t)libcrux_secrets_int_as_u8_f5(v.elements[2U]) << 2U) |
+ (uint32_t)libcrux_secrets_int_as_u8_f5(v.elements[3U]) << 3U) |
+ (uint32_t)libcrux_secrets_int_as_u8_f5(v.elements[4U]) << 4U) |
+ (uint32_t)libcrux_secrets_int_as_u8_f5(v.elements[5U]) << 5U) |
+ (uint32_t)libcrux_secrets_int_as_u8_f5(v.elements[6U]) << 6U) |
+ (uint32_t)libcrux_secrets_int_as_u8_f5(v.elements[7U]) << 7U;
+ uint8_t result1 =
+ (((((((uint32_t)libcrux_secrets_int_as_u8_f5(v.elements[8U]) |
+ (uint32_t)libcrux_secrets_int_as_u8_f5(v.elements[9U]) << 1U) |
+ (uint32_t)libcrux_secrets_int_as_u8_f5(v.elements[10U]) << 2U) |
+ (uint32_t)libcrux_secrets_int_as_u8_f5(v.elements[11U]) << 3U) |
+ (uint32_t)libcrux_secrets_int_as_u8_f5(v.elements[12U]) << 4U) |
+ (uint32_t)libcrux_secrets_int_as_u8_f5(v.elements[13U]) << 5U) |
+ (uint32_t)libcrux_secrets_int_as_u8_f5(v.elements[14U]) << 6U) |
+ (uint32_t)libcrux_secrets_int_as_u8_f5(v.elements[15U]) << 7U;
+ ret[0U] = result0;
+ ret[1U] = result1;
+}
+
+static inline void libcrux_ml_kem_vector_portable_serialize_1(
+ libcrux_ml_kem_vector_portable_vector_type_PortableVector a,
+ uint8_t ret[2U]) {
+ uint8_t ret0[2U];
+ libcrux_ml_kem_vector_portable_serialize_serialize_1(a, ret0);
+ libcrux_secrets_int_public_integers_declassify_d8_d4(ret0, ret);
}
/**
-This function found in impl {(libcrux_ml_kem::vector::traits::Operations for
-libcrux_ml_kem::vector::portable::vector_type::PortableVector)}
+This function found in impl {libcrux_ml_kem::vector::traits::Operations for
+libcrux_ml_kem::vector::portable::vector_type::PortableVector}
*/
-static inline void libcrux_ml_kem_vector_portable_serialize_1_0d(
+static inline void libcrux_ml_kem_vector_portable_serialize_1_b8(
libcrux_ml_kem_vector_portable_vector_type_PortableVector a,
uint8_t ret[2U]) {
- libcrux_ml_kem_vector_portable_serialize_serialize_1(a, ret);
+ libcrux_ml_kem_vector_portable_serialize_1(a, ret);
}
static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector
libcrux_ml_kem_vector_portable_serialize_deserialize_1(Eurydice_slice v) {
- libcrux_ml_kem_vector_portable_vector_type_PortableVector result =
- libcrux_ml_kem_vector_portable_vector_type_zero();
- for (size_t i = (size_t)0U; i < (size_t)8U; i++) {
- size_t i0 = i;
- result.elements[i0] = (int16_t)((uint32_t)Eurydice_slice_index(
- v, (size_t)0U, uint8_t, uint8_t *) >>
- (uint32_t)i0 &
- 1U);
- }
- for (size_t i = (size_t)8U;
- i < LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_ELEMENTS_IN_VECTOR; i++) {
- size_t i0 = i;
- result.elements[i0] = (int16_t)((uint32_t)Eurydice_slice_index(
- v, (size_t)1U, uint8_t, uint8_t *) >>
- (uint32_t)(i0 - (size_t)8U) &
- 1U);
- }
- return result;
+ int16_t result0 = libcrux_secrets_int_as_i16_59(
+ (uint32_t)Eurydice_slice_index(v, (size_t)0U, uint8_t, uint8_t *) & 1U);
+ int16_t result1 = libcrux_secrets_int_as_i16_59(
+ (uint32_t)Eurydice_slice_index(v, (size_t)0U, uint8_t, uint8_t *) >> 1U &
+ 1U);
+ int16_t result2 = libcrux_secrets_int_as_i16_59(
+ (uint32_t)Eurydice_slice_index(v, (size_t)0U, uint8_t, uint8_t *) >> 2U &
+ 1U);
+ int16_t result3 = libcrux_secrets_int_as_i16_59(
+ (uint32_t)Eurydice_slice_index(v, (size_t)0U, uint8_t, uint8_t *) >> 3U &
+ 1U);
+ int16_t result4 = libcrux_secrets_int_as_i16_59(
+ (uint32_t)Eurydice_slice_index(v, (size_t)0U, uint8_t, uint8_t *) >> 4U &
+ 1U);
+ int16_t result5 = libcrux_secrets_int_as_i16_59(
+ (uint32_t)Eurydice_slice_index(v, (size_t)0U, uint8_t, uint8_t *) >> 5U &
+ 1U);
+ int16_t result6 = libcrux_secrets_int_as_i16_59(
+ (uint32_t)Eurydice_slice_index(v, (size_t)0U, uint8_t, uint8_t *) >> 6U &
+ 1U);
+ int16_t result7 = libcrux_secrets_int_as_i16_59(
+ (uint32_t)Eurydice_slice_index(v, (size_t)0U, uint8_t, uint8_t *) >> 7U &
+ 1U);
+ int16_t result8 = libcrux_secrets_int_as_i16_59(
+ (uint32_t)Eurydice_slice_index(v, (size_t)1U, uint8_t, uint8_t *) & 1U);
+ int16_t result9 = libcrux_secrets_int_as_i16_59(
+ (uint32_t)Eurydice_slice_index(v, (size_t)1U, uint8_t, uint8_t *) >> 1U &
+ 1U);
+ int16_t result10 = libcrux_secrets_int_as_i16_59(
+ (uint32_t)Eurydice_slice_index(v, (size_t)1U, uint8_t, uint8_t *) >> 2U &
+ 1U);
+ int16_t result11 = libcrux_secrets_int_as_i16_59(
+ (uint32_t)Eurydice_slice_index(v, (size_t)1U, uint8_t, uint8_t *) >> 3U &
+ 1U);
+ int16_t result12 = libcrux_secrets_int_as_i16_59(
+ (uint32_t)Eurydice_slice_index(v, (size_t)1U, uint8_t, uint8_t *) >> 4U &
+ 1U);
+ int16_t result13 = libcrux_secrets_int_as_i16_59(
+ (uint32_t)Eurydice_slice_index(v, (size_t)1U, uint8_t, uint8_t *) >> 5U &
+ 1U);
+ int16_t result14 = libcrux_secrets_int_as_i16_59(
+ (uint32_t)Eurydice_slice_index(v, (size_t)1U, uint8_t, uint8_t *) >> 6U &
+ 1U);
+ int16_t result15 = libcrux_secrets_int_as_i16_59(
+ (uint32_t)Eurydice_slice_index(v, (size_t)1U, uint8_t, uint8_t *) >> 7U &
+ 1U);
+ return (
+ KRML_CLITERAL(libcrux_ml_kem_vector_portable_vector_type_PortableVector){
+ .elements = {result0, result1, result2, result3, result4, result5,
+ result6, result7, result8, result9, result10, result11,
+ result12, result13, result14, result15}});
+}
+
+static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector
+libcrux_ml_kem_vector_portable_deserialize_1(Eurydice_slice a) {
+ return libcrux_ml_kem_vector_portable_serialize_deserialize_1(
+ libcrux_secrets_int_classify_public_classify_ref_9b_90(a));
}
/**
-This function found in impl {(libcrux_ml_kem::vector::traits::Operations for
-libcrux_ml_kem::vector::portable::vector_type::PortableVector)}
+This function found in impl {libcrux_ml_kem::vector::traits::Operations for
+libcrux_ml_kem::vector::portable::vector_type::PortableVector}
*/
static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector
-libcrux_ml_kem_vector_portable_deserialize_1_0d(Eurydice_slice a) {
- return libcrux_ml_kem_vector_portable_serialize_deserialize_1(a);
+libcrux_ml_kem_vector_portable_deserialize_1_b8(Eurydice_slice a) {
+ return libcrux_ml_kem_vector_portable_deserialize_1(a);
}
typedef struct uint8_t_x4_s {
@@ -7417,27 +6435,27 @@ typedef struct uint8_t_x4_s {
static KRML_MUSTINLINE uint8_t_x4
libcrux_ml_kem_vector_portable_serialize_serialize_4_int(Eurydice_slice v) {
- uint8_t result0 =
- (uint32_t)(uint8_t)Eurydice_slice_index(v, (size_t)1U, int16_t, int16_t *)
- << 4U |
- (uint32_t)(uint8_t)Eurydice_slice_index(v, (size_t)0U, int16_t,
- int16_t *);
- uint8_t result1 =
- (uint32_t)(uint8_t)Eurydice_slice_index(v, (size_t)3U, int16_t, int16_t *)
- << 4U |
- (uint32_t)(uint8_t)Eurydice_slice_index(v, (size_t)2U, int16_t,
- int16_t *);
- uint8_t result2 =
- (uint32_t)(uint8_t)Eurydice_slice_index(v, (size_t)5U, int16_t, int16_t *)
- << 4U |
- (uint32_t)(uint8_t)Eurydice_slice_index(v, (size_t)4U, int16_t,
- int16_t *);
- uint8_t result3 =
- (uint32_t)(uint8_t)Eurydice_slice_index(v, (size_t)7U, int16_t, int16_t *)
- << 4U |
- (uint32_t)(uint8_t)Eurydice_slice_index(v, (size_t)6U, int16_t,
- int16_t *);
- return (CLITERAL(uint8_t_x4){
+ uint8_t result0 = (uint32_t)libcrux_secrets_int_as_u8_f5(
+ Eurydice_slice_index(v, (size_t)1U, int16_t, int16_t *))
+ << 4U |
+ (uint32_t)libcrux_secrets_int_as_u8_f5(Eurydice_slice_index(
+ v, (size_t)0U, int16_t, int16_t *));
+ uint8_t result1 = (uint32_t)libcrux_secrets_int_as_u8_f5(
+ Eurydice_slice_index(v, (size_t)3U, int16_t, int16_t *))
+ << 4U |
+ (uint32_t)libcrux_secrets_int_as_u8_f5(Eurydice_slice_index(
+ v, (size_t)2U, int16_t, int16_t *));
+ uint8_t result2 = (uint32_t)libcrux_secrets_int_as_u8_f5(
+ Eurydice_slice_index(v, (size_t)5U, int16_t, int16_t *))
+ << 4U |
+ (uint32_t)libcrux_secrets_int_as_u8_f5(Eurydice_slice_index(
+ v, (size_t)4U, int16_t, int16_t *));
+ uint8_t result3 = (uint32_t)libcrux_secrets_int_as_u8_f5(
+ Eurydice_slice_index(v, (size_t)7U, int16_t, int16_t *))
+ << 4U |
+ (uint32_t)libcrux_secrets_int_as_u8_f5(Eurydice_slice_index(
+ v, (size_t)6U, int16_t, int16_t *));
+ return (KRML_CLITERAL(uint8_t_x4){
.fst = result0, .snd = result1, .thd = result2, .f3 = result3});
}
@@ -7447,109 +6465,107 @@ libcrux_ml_kem_vector_portable_serialize_serialize_4(
uint8_t ret[8U]) {
uint8_t_x4 result0_3 =
libcrux_ml_kem_vector_portable_serialize_serialize_4_int(
- Eurydice_array_to_subslice2(v.elements, (size_t)0U, (size_t)8U,
- int16_t));
+ Eurydice_array_to_subslice3(v.elements, (size_t)0U, (size_t)8U,
+ int16_t *));
uint8_t_x4 result4_7 =
libcrux_ml_kem_vector_portable_serialize_serialize_4_int(
- Eurydice_array_to_subslice2(v.elements, (size_t)8U, (size_t)16U,
- int16_t));
- uint8_t result[8U] = {0U};
- result[0U] = result0_3.fst;
- result[1U] = result0_3.snd;
- result[2U] = result0_3.thd;
- result[3U] = result0_3.f3;
- result[4U] = result4_7.fst;
- result[5U] = result4_7.snd;
- result[6U] = result4_7.thd;
- result[7U] = result4_7.f3;
- memcpy(ret, result, (size_t)8U * sizeof(uint8_t));
+ Eurydice_array_to_subslice3(v.elements, (size_t)8U, (size_t)16U,
+ int16_t *));
+ ret[0U] = result0_3.fst;
+ ret[1U] = result0_3.snd;
+ ret[2U] = result0_3.thd;
+ ret[3U] = result0_3.f3;
+ ret[4U] = result4_7.fst;
+ ret[5U] = result4_7.snd;
+ ret[6U] = result4_7.thd;
+ ret[7U] = result4_7.f3;
+}
+
+static inline void libcrux_ml_kem_vector_portable_serialize_4(
+ libcrux_ml_kem_vector_portable_vector_type_PortableVector a,
+ uint8_t ret[8U]) {
+ uint8_t ret0[8U];
+ libcrux_ml_kem_vector_portable_serialize_serialize_4(a, ret0);
+ libcrux_secrets_int_public_integers_declassify_d8_76(ret0, ret);
}
/**
-This function found in impl {(libcrux_ml_kem::vector::traits::Operations for
-libcrux_ml_kem::vector::portable::vector_type::PortableVector)}
+This function found in impl {libcrux_ml_kem::vector::traits::Operations for
+libcrux_ml_kem::vector::portable::vector_type::PortableVector}
*/
-static inline void libcrux_ml_kem_vector_portable_serialize_4_0d(
+static inline void libcrux_ml_kem_vector_portable_serialize_4_b8(
libcrux_ml_kem_vector_portable_vector_type_PortableVector a,
uint8_t ret[8U]) {
- libcrux_ml_kem_vector_portable_serialize_serialize_4(a, ret);
+ libcrux_ml_kem_vector_portable_serialize_4(a, ret);
}
static KRML_MUSTINLINE int16_t_x8
libcrux_ml_kem_vector_portable_serialize_deserialize_4_int(
Eurydice_slice bytes) {
- int16_t v0 = (int16_t)((uint32_t)Eurydice_slice_index(bytes, (size_t)0U,
- uint8_t, uint8_t *) &
- 15U);
- int16_t v1 = (int16_t)((uint32_t)Eurydice_slice_index(bytes, (size_t)0U,
- uint8_t, uint8_t *) >>
- 4U &
- 15U);
- int16_t v2 = (int16_t)((uint32_t)Eurydice_slice_index(bytes, (size_t)1U,
- uint8_t, uint8_t *) &
- 15U);
- int16_t v3 = (int16_t)((uint32_t)Eurydice_slice_index(bytes, (size_t)1U,
- uint8_t, uint8_t *) >>
- 4U &
- 15U);
- int16_t v4 = (int16_t)((uint32_t)Eurydice_slice_index(bytes, (size_t)2U,
- uint8_t, uint8_t *) &
- 15U);
- int16_t v5 = (int16_t)((uint32_t)Eurydice_slice_index(bytes, (size_t)2U,
- uint8_t, uint8_t *) >>
- 4U &
- 15U);
- int16_t v6 = (int16_t)((uint32_t)Eurydice_slice_index(bytes, (size_t)3U,
- uint8_t, uint8_t *) &
- 15U);
- int16_t v7 = (int16_t)((uint32_t)Eurydice_slice_index(bytes, (size_t)3U,
- uint8_t, uint8_t *) >>
- 4U &
- 15U);
- return (CLITERAL(int16_t_x8){.fst = v0,
- .snd = v1,
- .thd = v2,
- .f3 = v3,
- .f4 = v4,
- .f5 = v5,
- .f6 = v6,
- .f7 = v7});
+ int16_t v0 = libcrux_secrets_int_as_i16_59(
+ (uint32_t)Eurydice_slice_index(bytes, (size_t)0U, uint8_t, uint8_t *) &
+ 15U);
+ int16_t v1 = libcrux_secrets_int_as_i16_59(
+ (uint32_t)Eurydice_slice_index(bytes, (size_t)0U, uint8_t, uint8_t *) >>
+ 4U &
+ 15U);
+ int16_t v2 = libcrux_secrets_int_as_i16_59(
+ (uint32_t)Eurydice_slice_index(bytes, (size_t)1U, uint8_t, uint8_t *) &
+ 15U);
+ int16_t v3 = libcrux_secrets_int_as_i16_59(
+ (uint32_t)Eurydice_slice_index(bytes, (size_t)1U, uint8_t, uint8_t *) >>
+ 4U &
+ 15U);
+ int16_t v4 = libcrux_secrets_int_as_i16_59(
+ (uint32_t)Eurydice_slice_index(bytes, (size_t)2U, uint8_t, uint8_t *) &
+ 15U);
+ int16_t v5 = libcrux_secrets_int_as_i16_59(
+ (uint32_t)Eurydice_slice_index(bytes, (size_t)2U, uint8_t, uint8_t *) >>
+ 4U &
+ 15U);
+ int16_t v6 = libcrux_secrets_int_as_i16_59(
+ (uint32_t)Eurydice_slice_index(bytes, (size_t)3U, uint8_t, uint8_t *) &
+ 15U);
+ int16_t v7 = libcrux_secrets_int_as_i16_59(
+ (uint32_t)Eurydice_slice_index(bytes, (size_t)3U, uint8_t, uint8_t *) >>
+ 4U &
+ 15U);
+ return (KRML_CLITERAL(int16_t_x8){.fst = v0,
+ .snd = v1,
+ .thd = v2,
+ .f3 = v3,
+ .f4 = v4,
+ .f5 = v5,
+ .f6 = v6,
+ .f7 = v7});
}
static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector
libcrux_ml_kem_vector_portable_serialize_deserialize_4(Eurydice_slice bytes) {
int16_t_x8 v0_7 = libcrux_ml_kem_vector_portable_serialize_deserialize_4_int(
- Eurydice_slice_subslice2(bytes, (size_t)0U, (size_t)4U, uint8_t));
+ Eurydice_slice_subslice3(bytes, (size_t)0U, (size_t)4U, uint8_t *));
int16_t_x8 v8_15 = libcrux_ml_kem_vector_portable_serialize_deserialize_4_int(
- Eurydice_slice_subslice2(bytes, (size_t)4U, (size_t)8U, uint8_t));
- libcrux_ml_kem_vector_portable_vector_type_PortableVector v =
- libcrux_ml_kem_vector_portable_vector_type_zero();
- v.elements[0U] = v0_7.fst;
- v.elements[1U] = v0_7.snd;
- v.elements[2U] = v0_7.thd;
- v.elements[3U] = v0_7.f3;
- v.elements[4U] = v0_7.f4;
- v.elements[5U] = v0_7.f5;
- v.elements[6U] = v0_7.f6;
- v.elements[7U] = v0_7.f7;
- v.elements[8U] = v8_15.fst;
- v.elements[9U] = v8_15.snd;
- v.elements[10U] = v8_15.thd;
- v.elements[11U] = v8_15.f3;
- v.elements[12U] = v8_15.f4;
- v.elements[13U] = v8_15.f5;
- v.elements[14U] = v8_15.f6;
- v.elements[15U] = v8_15.f7;
- return v;
+ Eurydice_slice_subslice3(bytes, (size_t)4U, (size_t)8U, uint8_t *));
+ return (
+ KRML_CLITERAL(libcrux_ml_kem_vector_portable_vector_type_PortableVector){
+ .elements = {v0_7.fst, v0_7.snd, v0_7.thd, v0_7.f3, v0_7.f4, v0_7.f5,
+ v0_7.f6, v0_7.f7, v8_15.fst, v8_15.snd, v8_15.thd,
+ v8_15.f3, v8_15.f4, v8_15.f5, v8_15.f6, v8_15.f7}});
+}
+
+static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector
+libcrux_ml_kem_vector_portable_deserialize_4(Eurydice_slice a) {
+ return libcrux_ml_kem_vector_portable_serialize_deserialize_4(
+ libcrux_secrets_int_classify_public_classify_ref_9b_90(a));
}
/**
-This function found in impl {(libcrux_ml_kem::vector::traits::Operations for
-libcrux_ml_kem::vector::portable::vector_type::PortableVector)}
+This function found in impl {libcrux_ml_kem::vector::traits::Operations for
+libcrux_ml_kem::vector::portable::vector_type::PortableVector}
*/
static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector
-libcrux_ml_kem_vector_portable_deserialize_4_0d(Eurydice_slice a) {
- return libcrux_ml_kem_vector_portable_serialize_deserialize_4(a);
+libcrux_ml_kem_vector_portable_deserialize_4_b8(Eurydice_slice a) {
+ return libcrux_ml_kem_vector_portable_deserialize_4(a);
}
typedef struct uint8_t_x5_s {
@@ -7560,185 +6576,35 @@ typedef struct uint8_t_x5_s {
uint8_t f4;
} uint8_t_x5;
-static KRML_MUSTINLINE uint8_t_x5
-libcrux_ml_kem_vector_portable_serialize_serialize_5_int(Eurydice_slice v) {
- uint8_t r0 =
- (uint8_t)(Eurydice_slice_index(v, (size_t)0U, int16_t, int16_t *) |
- Eurydice_slice_index(v, (size_t)1U, int16_t, int16_t *) << 5U);
- uint8_t r1 =
- (uint8_t)((Eurydice_slice_index(v, (size_t)1U, int16_t, int16_t *) >> 3U |
- Eurydice_slice_index(v, (size_t)2U, int16_t, int16_t *)
- << 2U) |
- Eurydice_slice_index(v, (size_t)3U, int16_t, int16_t *) << 7U);
- uint8_t r2 =
- (uint8_t)(Eurydice_slice_index(v, (size_t)3U, int16_t, int16_t *) >> 1U |
- Eurydice_slice_index(v, (size_t)4U, int16_t, int16_t *) << 4U);
- uint8_t r3 =
- (uint8_t)((Eurydice_slice_index(v, (size_t)4U, int16_t, int16_t *) >> 4U |
- Eurydice_slice_index(v, (size_t)5U, int16_t, int16_t *)
- << 1U) |
- Eurydice_slice_index(v, (size_t)6U, int16_t, int16_t *) << 6U);
- uint8_t r4 =
- (uint8_t)(Eurydice_slice_index(v, (size_t)6U, int16_t, int16_t *) >> 2U |
- Eurydice_slice_index(v, (size_t)7U, int16_t, int16_t *) << 3U);
- return (CLITERAL(uint8_t_x5){
- .fst = r0, .snd = r1, .thd = r2, .f3 = r3, .f4 = r4});
-}
-
-static KRML_MUSTINLINE void
-libcrux_ml_kem_vector_portable_serialize_serialize_5(
- libcrux_ml_kem_vector_portable_vector_type_PortableVector v,
- uint8_t ret[10U]) {
- uint8_t_x5 r0_4 = libcrux_ml_kem_vector_portable_serialize_serialize_5_int(
- Eurydice_array_to_subslice2(v.elements, (size_t)0U, (size_t)8U, int16_t));
- uint8_t_x5 r5_9 = libcrux_ml_kem_vector_portable_serialize_serialize_5_int(
- Eurydice_array_to_subslice2(v.elements, (size_t)8U, (size_t)16U,
- int16_t));
- uint8_t result[10U] = {0U};
- result[0U] = r0_4.fst;
- result[1U] = r0_4.snd;
- result[2U] = r0_4.thd;
- result[3U] = r0_4.f3;
- result[4U] = r0_4.f4;
- result[5U] = r5_9.fst;
- result[6U] = r5_9.snd;
- result[7U] = r5_9.thd;
- result[8U] = r5_9.f3;
- result[9U] = r5_9.f4;
- memcpy(ret, result, (size_t)10U * sizeof(uint8_t));
-}
-
-/**
-This function found in impl {(libcrux_ml_kem::vector::traits::Operations for
-libcrux_ml_kem::vector::portable::vector_type::PortableVector)}
-*/
-static inline void libcrux_ml_kem_vector_portable_serialize_5_0d(
- libcrux_ml_kem_vector_portable_vector_type_PortableVector a,
- uint8_t ret[10U]) {
- libcrux_ml_kem_vector_portable_serialize_serialize_5(a, ret);
-}
-
-static KRML_MUSTINLINE int16_t_x8
-libcrux_ml_kem_vector_portable_serialize_deserialize_5_int(
- Eurydice_slice bytes) {
- int16_t v0 = (int16_t)((uint32_t)Eurydice_slice_index(bytes, (size_t)0U,
- uint8_t, uint8_t *) &
- 31U);
- int16_t v1 = (int16_t)(((uint32_t)Eurydice_slice_index(bytes, (size_t)1U,
- uint8_t, uint8_t *) &
- 3U) << 3U |
- (uint32_t)Eurydice_slice_index(bytes, (size_t)0U,
- uint8_t, uint8_t *) >>
- 5U);
- int16_t v2 = (int16_t)((uint32_t)Eurydice_slice_index(bytes, (size_t)1U,
- uint8_t, uint8_t *) >>
- 2U &
- 31U);
- int16_t v3 = (int16_t)(((uint32_t)Eurydice_slice_index(bytes, (size_t)2U,
- uint8_t, uint8_t *) &
- 15U)
- << 1U |
- (uint32_t)Eurydice_slice_index(bytes, (size_t)1U,
- uint8_t, uint8_t *) >>
- 7U);
- int16_t v4 = (int16_t)(((uint32_t)Eurydice_slice_index(bytes, (size_t)3U,
- uint8_t, uint8_t *) &
- 1U) << 4U |
- (uint32_t)Eurydice_slice_index(bytes, (size_t)2U,
- uint8_t, uint8_t *) >>
- 4U);
- int16_t v5 = (int16_t)((uint32_t)Eurydice_slice_index(bytes, (size_t)3U,
- uint8_t, uint8_t *) >>
- 1U &
- 31U);
- int16_t v6 = (int16_t)(((uint32_t)Eurydice_slice_index(bytes, (size_t)4U,
- uint8_t, uint8_t *) &
- 7U) << 2U |
- (uint32_t)Eurydice_slice_index(bytes, (size_t)3U,
- uint8_t, uint8_t *) >>
- 6U);
- int16_t v7 = (int16_t)((uint32_t)Eurydice_slice_index(bytes, (size_t)4U,
- uint8_t, uint8_t *) >>
- 3U);
- return (CLITERAL(int16_t_x8){.fst = v0,
- .snd = v1,
- .thd = v2,
- .f3 = v3,
- .f4 = v4,
- .f5 = v5,
- .f6 = v6,
- .f7 = v7});
-}
-
-static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector
-libcrux_ml_kem_vector_portable_serialize_deserialize_5(Eurydice_slice bytes) {
- int16_t_x8 v0_7 = libcrux_ml_kem_vector_portable_serialize_deserialize_5_int(
- Eurydice_slice_subslice2(bytes, (size_t)0U, (size_t)5U, uint8_t));
- int16_t_x8 v8_15 = libcrux_ml_kem_vector_portable_serialize_deserialize_5_int(
- Eurydice_slice_subslice2(bytes, (size_t)5U, (size_t)10U, uint8_t));
- libcrux_ml_kem_vector_portable_vector_type_PortableVector v =
- libcrux_ml_kem_vector_portable_vector_type_zero();
- v.elements[0U] = v0_7.fst;
- v.elements[1U] = v0_7.snd;
- v.elements[2U] = v0_7.thd;
- v.elements[3U] = v0_7.f3;
- v.elements[4U] = v0_7.f4;
- v.elements[5U] = v0_7.f5;
- v.elements[6U] = v0_7.f6;
- v.elements[7U] = v0_7.f7;
- v.elements[8U] = v8_15.fst;
- v.elements[9U] = v8_15.snd;
- v.elements[10U] = v8_15.thd;
- v.elements[11U] = v8_15.f3;
- v.elements[12U] = v8_15.f4;
- v.elements[13U] = v8_15.f5;
- v.elements[14U] = v8_15.f6;
- v.elements[15U] = v8_15.f7;
- return v;
-}
-
-/**
-This function found in impl {(libcrux_ml_kem::vector::traits::Operations for
-libcrux_ml_kem::vector::portable::vector_type::PortableVector)}
-*/
-static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector
-libcrux_ml_kem_vector_portable_deserialize_5_0d(Eurydice_slice a) {
- return libcrux_ml_kem_vector_portable_serialize_deserialize_5(a);
-}
-
static KRML_MUSTINLINE uint8_t_x5
libcrux_ml_kem_vector_portable_serialize_serialize_10_int(Eurydice_slice v) {
- uint8_t r0 =
- (uint8_t)(Eurydice_slice_index(v, (size_t)0U, int16_t, int16_t *) &
- (int16_t)255);
- uint8_t r1 = (uint32_t)(uint8_t)(Eurydice_slice_index(v, (size_t)1U, int16_t,
- int16_t *) &
- (int16_t)63)
- << 2U |
- (uint32_t)(uint8_t)(Eurydice_slice_index(v, (size_t)0U, int16_t,
- int16_t *) >>
- 8U &
- (int16_t)3);
- uint8_t r2 = (uint32_t)(uint8_t)(Eurydice_slice_index(v, (size_t)2U, int16_t,
- int16_t *) &
- (int16_t)15)
- << 4U |
- (uint32_t)(uint8_t)(Eurydice_slice_index(v, (size_t)1U, int16_t,
- int16_t *) >>
- 6U &
- (int16_t)15);
- uint8_t r3 = (uint32_t)(uint8_t)(Eurydice_slice_index(v, (size_t)3U, int16_t,
- int16_t *) &
- (int16_t)3)
- << 6U |
- (uint32_t)(uint8_t)(Eurydice_slice_index(v, (size_t)2U, int16_t,
- int16_t *) >>
- 4U &
- (int16_t)63);
- uint8_t r4 =
- (uint8_t)(Eurydice_slice_index(v, (size_t)3U, int16_t, int16_t *) >> 2U &
- (int16_t)255);
- return (CLITERAL(uint8_t_x5){
+ uint8_t r0 = libcrux_secrets_int_as_u8_f5(
+ Eurydice_slice_index(v, (size_t)0U, int16_t, int16_t *) & (int16_t)255);
+ uint8_t r1 =
+ (uint32_t)libcrux_secrets_int_as_u8_f5(
+ Eurydice_slice_index(v, (size_t)1U, int16_t, int16_t *) & (int16_t)63)
+ << 2U |
+ (uint32_t)libcrux_secrets_int_as_u8_f5(
+ Eurydice_slice_index(v, (size_t)0U, int16_t, int16_t *) >> 8U &
+ (int16_t)3);
+ uint8_t r2 =
+ (uint32_t)libcrux_secrets_int_as_u8_f5(
+ Eurydice_slice_index(v, (size_t)2U, int16_t, int16_t *) & (int16_t)15)
+ << 4U |
+ (uint32_t)libcrux_secrets_int_as_u8_f5(
+ Eurydice_slice_index(v, (size_t)1U, int16_t, int16_t *) >> 6U &
+ (int16_t)15);
+ uint8_t r3 =
+ (uint32_t)libcrux_secrets_int_as_u8_f5(
+ Eurydice_slice_index(v, (size_t)3U, int16_t, int16_t *) & (int16_t)3)
+ << 6U |
+ (uint32_t)libcrux_secrets_int_as_u8_f5(
+ Eurydice_slice_index(v, (size_t)2U, int16_t, int16_t *) >> 4U &
+ (int16_t)63);
+ uint8_t r4 = libcrux_secrets_int_as_u8_f5(
+ Eurydice_slice_index(v, (size_t)3U, int16_t, int16_t *) >> 2U &
+ (int16_t)255);
+ return (KRML_CLITERAL(uint8_t_x5){
.fst = r0, .snd = r1, .thd = r2, .f3 = r3, .f4 = r4});
}
@@ -7747,143 +6613,159 @@ libcrux_ml_kem_vector_portable_serialize_serialize_10(
libcrux_ml_kem_vector_portable_vector_type_PortableVector v,
uint8_t ret[20U]) {
uint8_t_x5 r0_4 = libcrux_ml_kem_vector_portable_serialize_serialize_10_int(
- Eurydice_array_to_subslice2(v.elements, (size_t)0U, (size_t)4U, int16_t));
+ Eurydice_array_to_subslice3(v.elements, (size_t)0U, (size_t)4U,
+ int16_t *));
uint8_t_x5 r5_9 = libcrux_ml_kem_vector_portable_serialize_serialize_10_int(
- Eurydice_array_to_subslice2(v.elements, (size_t)4U, (size_t)8U, int16_t));
+ Eurydice_array_to_subslice3(v.elements, (size_t)4U, (size_t)8U,
+ int16_t *));
uint8_t_x5 r10_14 = libcrux_ml_kem_vector_portable_serialize_serialize_10_int(
- Eurydice_array_to_subslice2(v.elements, (size_t)8U, (size_t)12U,
- int16_t));
+ Eurydice_array_to_subslice3(v.elements, (size_t)8U, (size_t)12U,
+ int16_t *));
uint8_t_x5 r15_19 = libcrux_ml_kem_vector_portable_serialize_serialize_10_int(
- Eurydice_array_to_subslice2(v.elements, (size_t)12U, (size_t)16U,
- int16_t));
- uint8_t result[20U] = {0U};
- result[0U] = r0_4.fst;
- result[1U] = r0_4.snd;
- result[2U] = r0_4.thd;
- result[3U] = r0_4.f3;
- result[4U] = r0_4.f4;
- result[5U] = r5_9.fst;
- result[6U] = r5_9.snd;
- result[7U] = r5_9.thd;
- result[8U] = r5_9.f3;
- result[9U] = r5_9.f4;
- result[10U] = r10_14.fst;
- result[11U] = r10_14.snd;
- result[12U] = r10_14.thd;
- result[13U] = r10_14.f3;
- result[14U] = r10_14.f4;
- result[15U] = r15_19.fst;
- result[16U] = r15_19.snd;
- result[17U] = r15_19.thd;
- result[18U] = r15_19.f3;
- result[19U] = r15_19.f4;
- memcpy(ret, result, (size_t)20U * sizeof(uint8_t));
+ Eurydice_array_to_subslice3(v.elements, (size_t)12U, (size_t)16U,
+ int16_t *));
+ ret[0U] = r0_4.fst;
+ ret[1U] = r0_4.snd;
+ ret[2U] = r0_4.thd;
+ ret[3U] = r0_4.f3;
+ ret[4U] = r0_4.f4;
+ ret[5U] = r5_9.fst;
+ ret[6U] = r5_9.snd;
+ ret[7U] = r5_9.thd;
+ ret[8U] = r5_9.f3;
+ ret[9U] = r5_9.f4;
+ ret[10U] = r10_14.fst;
+ ret[11U] = r10_14.snd;
+ ret[12U] = r10_14.thd;
+ ret[13U] = r10_14.f3;
+ ret[14U] = r10_14.f4;
+ ret[15U] = r15_19.fst;
+ ret[16U] = r15_19.snd;
+ ret[17U] = r15_19.thd;
+ ret[18U] = r15_19.f3;
+ ret[19U] = r15_19.f4;
+}
+
+static inline void libcrux_ml_kem_vector_portable_serialize_10(
+ libcrux_ml_kem_vector_portable_vector_type_PortableVector a,
+ uint8_t ret[20U]) {
+ uint8_t ret0[20U];
+ libcrux_ml_kem_vector_portable_serialize_serialize_10(a, ret0);
+ libcrux_secrets_int_public_integers_declassify_d8_57(ret0, ret);
}
/**
-This function found in impl {(libcrux_ml_kem::vector::traits::Operations for
-libcrux_ml_kem::vector::portable::vector_type::PortableVector)}
+This function found in impl {libcrux_ml_kem::vector::traits::Operations for
+libcrux_ml_kem::vector::portable::vector_type::PortableVector}
*/
-static inline void libcrux_ml_kem_vector_portable_serialize_10_0d(
+static inline void libcrux_ml_kem_vector_portable_serialize_10_b8(
libcrux_ml_kem_vector_portable_vector_type_PortableVector a,
uint8_t ret[20U]) {
- libcrux_ml_kem_vector_portable_serialize_serialize_10(a, ret);
+ libcrux_ml_kem_vector_portable_serialize_10(a, ret);
}
static KRML_MUSTINLINE int16_t_x8
libcrux_ml_kem_vector_portable_serialize_deserialize_10_int(
Eurydice_slice bytes) {
- int16_t r0 =
- ((int16_t)Eurydice_slice_index(bytes, (size_t)1U, uint8_t, uint8_t *) &
+ int16_t r0 = libcrux_secrets_int_as_i16_f5(
+ (libcrux_secrets_int_as_i16_59(
+ Eurydice_slice_index(bytes, (size_t)1U, uint8_t, uint8_t *)) &
(int16_t)3)
<< 8U |
- ((int16_t)Eurydice_slice_index(bytes, (size_t)0U, uint8_t, uint8_t *) &
- (int16_t)255);
- int16_t r1 =
- ((int16_t)Eurydice_slice_index(bytes, (size_t)2U, uint8_t, uint8_t *) &
+ (libcrux_secrets_int_as_i16_59(
+ Eurydice_slice_index(bytes, (size_t)0U, uint8_t, uint8_t *)) &
+ (int16_t)255));
+ int16_t r1 = libcrux_secrets_int_as_i16_f5(
+ (libcrux_secrets_int_as_i16_59(
+ Eurydice_slice_index(bytes, (size_t)2U, uint8_t, uint8_t *)) &
(int16_t)15)
<< 6U |
- (int16_t)Eurydice_slice_index(bytes, (size_t)1U, uint8_t, uint8_t *) >>
- 2U;
- int16_t r2 =
- ((int16_t)Eurydice_slice_index(bytes, (size_t)3U, uint8_t, uint8_t *) &
+ libcrux_secrets_int_as_i16_59(
+ Eurydice_slice_index(bytes, (size_t)1U, uint8_t, uint8_t *)) >>
+ 2U);
+ int16_t r2 = libcrux_secrets_int_as_i16_f5(
+ (libcrux_secrets_int_as_i16_59(
+ Eurydice_slice_index(bytes, (size_t)3U, uint8_t, uint8_t *)) &
(int16_t)63)
<< 4U |
- (int16_t)Eurydice_slice_index(bytes, (size_t)2U, uint8_t, uint8_t *) >>
- 4U;
- int16_t r3 =
- (int16_t)Eurydice_slice_index(bytes, (size_t)4U, uint8_t, uint8_t *)
+ libcrux_secrets_int_as_i16_59(
+ Eurydice_slice_index(bytes, (size_t)2U, uint8_t, uint8_t *)) >>
+ 4U);
+ int16_t r3 = libcrux_secrets_int_as_i16_f5(
+ libcrux_secrets_int_as_i16_59(
+ Eurydice_slice_index(bytes, (size_t)4U, uint8_t, uint8_t *))
<< 2U |
- (int16_t)Eurydice_slice_index(bytes, (size_t)3U, uint8_t, uint8_t *) >>
- 6U;
- int16_t r4 =
- ((int16_t)Eurydice_slice_index(bytes, (size_t)6U, uint8_t, uint8_t *) &
+ libcrux_secrets_int_as_i16_59(
+ Eurydice_slice_index(bytes, (size_t)3U, uint8_t, uint8_t *)) >>
+ 6U);
+ int16_t r4 = libcrux_secrets_int_as_i16_f5(
+ (libcrux_secrets_int_as_i16_59(
+ Eurydice_slice_index(bytes, (size_t)6U, uint8_t, uint8_t *)) &
(int16_t)3)
<< 8U |
- ((int16_t)Eurydice_slice_index(bytes, (size_t)5U, uint8_t, uint8_t *) &
- (int16_t)255);
- int16_t r5 =
- ((int16_t)Eurydice_slice_index(bytes, (size_t)7U, uint8_t, uint8_t *) &
+ (libcrux_secrets_int_as_i16_59(
+ Eurydice_slice_index(bytes, (size_t)5U, uint8_t, uint8_t *)) &
+ (int16_t)255));
+ int16_t r5 = libcrux_secrets_int_as_i16_f5(
+ (libcrux_secrets_int_as_i16_59(
+ Eurydice_slice_index(bytes, (size_t)7U, uint8_t, uint8_t *)) &
(int16_t)15)
<< 6U |
- (int16_t)Eurydice_slice_index(bytes, (size_t)6U, uint8_t, uint8_t *) >>
- 2U;
- int16_t r6 =
- ((int16_t)Eurydice_slice_index(bytes, (size_t)8U, uint8_t, uint8_t *) &
+ libcrux_secrets_int_as_i16_59(
+ Eurydice_slice_index(bytes, (size_t)6U, uint8_t, uint8_t *)) >>
+ 2U);
+ int16_t r6 = libcrux_secrets_int_as_i16_f5(
+ (libcrux_secrets_int_as_i16_59(
+ Eurydice_slice_index(bytes, (size_t)8U, uint8_t, uint8_t *)) &
(int16_t)63)
<< 4U |
- (int16_t)Eurydice_slice_index(bytes, (size_t)7U, uint8_t, uint8_t *) >>
- 4U;
- int16_t r7 =
- (int16_t)Eurydice_slice_index(bytes, (size_t)9U, uint8_t, uint8_t *)
+ libcrux_secrets_int_as_i16_59(
+ Eurydice_slice_index(bytes, (size_t)7U, uint8_t, uint8_t *)) >>
+ 4U);
+ int16_t r7 = libcrux_secrets_int_as_i16_f5(
+ libcrux_secrets_int_as_i16_59(
+ Eurydice_slice_index(bytes, (size_t)9U, uint8_t, uint8_t *))
<< 2U |
- (int16_t)Eurydice_slice_index(bytes, (size_t)8U, uint8_t, uint8_t *) >>
- 6U;
- return (CLITERAL(int16_t_x8){.fst = r0,
- .snd = r1,
- .thd = r2,
- .f3 = r3,
- .f4 = r4,
- .f5 = r5,
- .f6 = r6,
- .f7 = r7});
+ libcrux_secrets_int_as_i16_59(
+ Eurydice_slice_index(bytes, (size_t)8U, uint8_t, uint8_t *)) >>
+ 6U);
+ return (KRML_CLITERAL(int16_t_x8){.fst = r0,
+ .snd = r1,
+ .thd = r2,
+ .f3 = r3,
+ .f4 = r4,
+ .f5 = r5,
+ .f6 = r6,
+ .f7 = r7});
}
static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector
libcrux_ml_kem_vector_portable_serialize_deserialize_10(Eurydice_slice bytes) {
int16_t_x8 v0_7 = libcrux_ml_kem_vector_portable_serialize_deserialize_10_int(
- Eurydice_slice_subslice2(bytes, (size_t)0U, (size_t)10U, uint8_t));
+ Eurydice_slice_subslice3(bytes, (size_t)0U, (size_t)10U, uint8_t *));
int16_t_x8 v8_15 =
libcrux_ml_kem_vector_portable_serialize_deserialize_10_int(
- Eurydice_slice_subslice2(bytes, (size_t)10U, (size_t)20U, uint8_t));
- libcrux_ml_kem_vector_portable_vector_type_PortableVector v =
- libcrux_ml_kem_vector_portable_vector_type_zero();
- v.elements[0U] = v0_7.fst;
- v.elements[1U] = v0_7.snd;
- v.elements[2U] = v0_7.thd;
- v.elements[3U] = v0_7.f3;
- v.elements[4U] = v0_7.f4;
- v.elements[5U] = v0_7.f5;
- v.elements[6U] = v0_7.f6;
- v.elements[7U] = v0_7.f7;
- v.elements[8U] = v8_15.fst;
- v.elements[9U] = v8_15.snd;
- v.elements[10U] = v8_15.thd;
- v.elements[11U] = v8_15.f3;
- v.elements[12U] = v8_15.f4;
- v.elements[13U] = v8_15.f5;
- v.elements[14U] = v8_15.f6;
- v.elements[15U] = v8_15.f7;
- return v;
+ Eurydice_slice_subslice3(bytes, (size_t)10U, (size_t)20U, uint8_t *));
+ return (
+ KRML_CLITERAL(libcrux_ml_kem_vector_portable_vector_type_PortableVector){
+ .elements = {v0_7.fst, v0_7.snd, v0_7.thd, v0_7.f3, v0_7.f4, v0_7.f5,
+ v0_7.f6, v0_7.f7, v8_15.fst, v8_15.snd, v8_15.thd,
+ v8_15.f3, v8_15.f4, v8_15.f5, v8_15.f6, v8_15.f7}});
+}
+
+static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector
+libcrux_ml_kem_vector_portable_deserialize_10(Eurydice_slice a) {
+ return libcrux_ml_kem_vector_portable_serialize_deserialize_10(
+ libcrux_secrets_int_classify_public_classify_ref_9b_90(a));
}
/**
-This function found in impl {(libcrux_ml_kem::vector::traits::Operations for
-libcrux_ml_kem::vector::portable::vector_type::PortableVector)}
+This function found in impl {libcrux_ml_kem::vector::traits::Operations for
+libcrux_ml_kem::vector::portable::vector_type::PortableVector}
*/
static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector
-libcrux_ml_kem_vector_portable_deserialize_10_0d(Eurydice_slice a) {
- return libcrux_ml_kem_vector_portable_serialize_deserialize_10(a);
+libcrux_ml_kem_vector_portable_deserialize_10_b8(Eurydice_slice a) {
+ return libcrux_ml_kem_vector_portable_deserialize_10(a);
}
typedef struct uint8_t_x3_s {
@@ -7894,18 +6776,16 @@ typedef struct uint8_t_x3_s {
static KRML_MUSTINLINE uint8_t_x3
libcrux_ml_kem_vector_portable_serialize_serialize_12_int(Eurydice_slice v) {
- uint8_t r0 =
- (uint8_t)(Eurydice_slice_index(v, (size_t)0U, int16_t, int16_t *) &
- (int16_t)255);
- uint8_t r1 =
- (uint8_t)(Eurydice_slice_index(v, (size_t)0U, int16_t, int16_t *) >> 8U |
- (Eurydice_slice_index(v, (size_t)1U, int16_t, int16_t *) &
- (int16_t)15)
- << 4U);
- uint8_t r2 =
- (uint8_t)(Eurydice_slice_index(v, (size_t)1U, int16_t, int16_t *) >> 4U &
- (int16_t)255);
- return (CLITERAL(uint8_t_x3){.fst = r0, .snd = r1, .thd = r2});
+ uint8_t r0 = libcrux_secrets_int_as_u8_f5(
+ Eurydice_slice_index(v, (size_t)0U, int16_t, int16_t *) & (int16_t)255);
+ uint8_t r1 = libcrux_secrets_int_as_u8_f5(
+ Eurydice_slice_index(v, (size_t)0U, int16_t, int16_t *) >> 8U |
+ (Eurydice_slice_index(v, (size_t)1U, int16_t, int16_t *) & (int16_t)15)
+ << 4U);
+ uint8_t r2 = libcrux_secrets_int_as_u8_f5(
+ Eurydice_slice_index(v, (size_t)1U, int16_t, int16_t *) >> 4U &
+ (int16_t)255);
+ return (KRML_CLITERAL(uint8_t_x3){.fst = r0, .snd = r1, .thd = r2});
}
static KRML_MUSTINLINE void
@@ -7913,61 +6793,71 @@ libcrux_ml_kem_vector_portable_serialize_serialize_12(
libcrux_ml_kem_vector_portable_vector_type_PortableVector v,
uint8_t ret[24U]) {
uint8_t_x3 r0_2 = libcrux_ml_kem_vector_portable_serialize_serialize_12_int(
- Eurydice_array_to_subslice2(v.elements, (size_t)0U, (size_t)2U, int16_t));
+ Eurydice_array_to_subslice3(v.elements, (size_t)0U, (size_t)2U,
+ int16_t *));
uint8_t_x3 r3_5 = libcrux_ml_kem_vector_portable_serialize_serialize_12_int(
- Eurydice_array_to_subslice2(v.elements, (size_t)2U, (size_t)4U, int16_t));
+ Eurydice_array_to_subslice3(v.elements, (size_t)2U, (size_t)4U,
+ int16_t *));
uint8_t_x3 r6_8 = libcrux_ml_kem_vector_portable_serialize_serialize_12_int(
- Eurydice_array_to_subslice2(v.elements, (size_t)4U, (size_t)6U, int16_t));
+ Eurydice_array_to_subslice3(v.elements, (size_t)4U, (size_t)6U,
+ int16_t *));
uint8_t_x3 r9_11 = libcrux_ml_kem_vector_portable_serialize_serialize_12_int(
- Eurydice_array_to_subslice2(v.elements, (size_t)6U, (size_t)8U, int16_t));
+ Eurydice_array_to_subslice3(v.elements, (size_t)6U, (size_t)8U,
+ int16_t *));
uint8_t_x3 r12_14 = libcrux_ml_kem_vector_portable_serialize_serialize_12_int(
- Eurydice_array_to_subslice2(v.elements, (size_t)8U, (size_t)10U,
- int16_t));
+ Eurydice_array_to_subslice3(v.elements, (size_t)8U, (size_t)10U,
+ int16_t *));
uint8_t_x3 r15_17 = libcrux_ml_kem_vector_portable_serialize_serialize_12_int(
- Eurydice_array_to_subslice2(v.elements, (size_t)10U, (size_t)12U,
- int16_t));
+ Eurydice_array_to_subslice3(v.elements, (size_t)10U, (size_t)12U,
+ int16_t *));
uint8_t_x3 r18_20 = libcrux_ml_kem_vector_portable_serialize_serialize_12_int(
- Eurydice_array_to_subslice2(v.elements, (size_t)12U, (size_t)14U,
- int16_t));
+ Eurydice_array_to_subslice3(v.elements, (size_t)12U, (size_t)14U,
+ int16_t *));
uint8_t_x3 r21_23 = libcrux_ml_kem_vector_portable_serialize_serialize_12_int(
- Eurydice_array_to_subslice2(v.elements, (size_t)14U, (size_t)16U,
- int16_t));
- uint8_t result[24U] = {0U};
- result[0U] = r0_2.fst;
- result[1U] = r0_2.snd;
- result[2U] = r0_2.thd;
- result[3U] = r3_5.fst;
- result[4U] = r3_5.snd;
- result[5U] = r3_5.thd;
- result[6U] = r6_8.fst;
- result[7U] = r6_8.snd;
- result[8U] = r6_8.thd;
- result[9U] = r9_11.fst;
- result[10U] = r9_11.snd;
- result[11U] = r9_11.thd;
- result[12U] = r12_14.fst;
- result[13U] = r12_14.snd;
- result[14U] = r12_14.thd;
- result[15U] = r15_17.fst;
- result[16U] = r15_17.snd;
- result[17U] = r15_17.thd;
- result[18U] = r18_20.fst;
- result[19U] = r18_20.snd;
- result[20U] = r18_20.thd;
- result[21U] = r21_23.fst;
- result[22U] = r21_23.snd;
- result[23U] = r21_23.thd;
- memcpy(ret, result, (size_t)24U * sizeof(uint8_t));
+ Eurydice_array_to_subslice3(v.elements, (size_t)14U, (size_t)16U,
+ int16_t *));
+ ret[0U] = r0_2.fst;
+ ret[1U] = r0_2.snd;
+ ret[2U] = r0_2.thd;
+ ret[3U] = r3_5.fst;
+ ret[4U] = r3_5.snd;
+ ret[5U] = r3_5.thd;
+ ret[6U] = r6_8.fst;
+ ret[7U] = r6_8.snd;
+ ret[8U] = r6_8.thd;
+ ret[9U] = r9_11.fst;
+ ret[10U] = r9_11.snd;
+ ret[11U] = r9_11.thd;
+ ret[12U] = r12_14.fst;
+ ret[13U] = r12_14.snd;
+ ret[14U] = r12_14.thd;
+ ret[15U] = r15_17.fst;
+ ret[16U] = r15_17.snd;
+ ret[17U] = r15_17.thd;
+ ret[18U] = r18_20.fst;
+ ret[19U] = r18_20.snd;
+ ret[20U] = r18_20.thd;
+ ret[21U] = r21_23.fst;
+ ret[22U] = r21_23.snd;
+ ret[23U] = r21_23.thd;
+}
+
+static inline void libcrux_ml_kem_vector_portable_serialize_12(
+ libcrux_ml_kem_vector_portable_vector_type_PortableVector a,
+ uint8_t ret[24U]) {
+ uint8_t ret0[24U];
+ libcrux_ml_kem_vector_portable_serialize_serialize_12(a, ret0);
+ libcrux_secrets_int_public_integers_declassify_d8_d2(ret0, ret);
}
/**
-This function found in impl {(libcrux_ml_kem::vector::traits::Operations for
-libcrux_ml_kem::vector::portable::vector_type::PortableVector)}
+This function found in impl {libcrux_ml_kem::vector::traits::Operations for
+libcrux_ml_kem::vector::portable::vector_type::PortableVector}
*/
-static inline void libcrux_ml_kem_vector_portable_serialize_12_0d(
+static inline void libcrux_ml_kem_vector_portable_serialize_12_b8(
libcrux_ml_kem_vector_portable_vector_type_PortableVector a,
uint8_t ret[24U]) {
- libcrux_ml_kem_vector_portable_serialize_serialize_12(a, ret);
+ libcrux_ml_kem_vector_portable_serialize_12(a, ret);
}
typedef struct int16_t_x2_s {
@@ -7978,66 +6868,59 @@ typedef struct int16_t_x2_s {
static KRML_MUSTINLINE int16_t_x2
libcrux_ml_kem_vector_portable_serialize_deserialize_12_int(
Eurydice_slice bytes) {
- int16_t byte0 =
- (int16_t)Eurydice_slice_index(bytes, (size_t)0U, uint8_t, uint8_t *);
- int16_t byte1 =
- (int16_t)Eurydice_slice_index(bytes, (size_t)1U, uint8_t, uint8_t *);
- int16_t byte2 =
- (int16_t)Eurydice_slice_index(bytes, (size_t)2U, uint8_t, uint8_t *);
+ int16_t byte0 = libcrux_secrets_int_as_i16_59(
+ Eurydice_slice_index(bytes, (size_t)0U, uint8_t, uint8_t *));
+ int16_t byte1 = libcrux_secrets_int_as_i16_59(
+ Eurydice_slice_index(bytes, (size_t)1U, uint8_t, uint8_t *));
+ int16_t byte2 = libcrux_secrets_int_as_i16_59(
+ Eurydice_slice_index(bytes, (size_t)2U, uint8_t, uint8_t *));
int16_t r0 = (byte1 & (int16_t)15) << 8U | (byte0 & (int16_t)255);
int16_t r1 = byte2 << 4U | (byte1 >> 4U & (int16_t)15);
- return (CLITERAL(int16_t_x2){.fst = r0, .snd = r1});
+ return (KRML_CLITERAL(int16_t_x2){.fst = r0, .snd = r1});
}
static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector
libcrux_ml_kem_vector_portable_serialize_deserialize_12(Eurydice_slice bytes) {
int16_t_x2 v0_1 = libcrux_ml_kem_vector_portable_serialize_deserialize_12_int(
- Eurydice_slice_subslice2(bytes, (size_t)0U, (size_t)3U, uint8_t));
+ Eurydice_slice_subslice3(bytes, (size_t)0U, (size_t)3U, uint8_t *));
int16_t_x2 v2_3 = libcrux_ml_kem_vector_portable_serialize_deserialize_12_int(
- Eurydice_slice_subslice2(bytes, (size_t)3U, (size_t)6U, uint8_t));
+ Eurydice_slice_subslice3(bytes, (size_t)3U, (size_t)6U, uint8_t *));
int16_t_x2 v4_5 = libcrux_ml_kem_vector_portable_serialize_deserialize_12_int(
- Eurydice_slice_subslice2(bytes, (size_t)6U, (size_t)9U, uint8_t));
+ Eurydice_slice_subslice3(bytes, (size_t)6U, (size_t)9U, uint8_t *));
int16_t_x2 v6_7 = libcrux_ml_kem_vector_portable_serialize_deserialize_12_int(
- Eurydice_slice_subslice2(bytes, (size_t)9U, (size_t)12U, uint8_t));
+ Eurydice_slice_subslice3(bytes, (size_t)9U, (size_t)12U, uint8_t *));
int16_t_x2 v8_9 = libcrux_ml_kem_vector_portable_serialize_deserialize_12_int(
- Eurydice_slice_subslice2(bytes, (size_t)12U, (size_t)15U, uint8_t));
+ Eurydice_slice_subslice3(bytes, (size_t)12U, (size_t)15U, uint8_t *));
int16_t_x2 v10_11 =
libcrux_ml_kem_vector_portable_serialize_deserialize_12_int(
- Eurydice_slice_subslice2(bytes, (size_t)15U, (size_t)18U, uint8_t));
+ Eurydice_slice_subslice3(bytes, (size_t)15U, (size_t)18U, uint8_t *));
int16_t_x2 v12_13 =
libcrux_ml_kem_vector_portable_serialize_deserialize_12_int(
- Eurydice_slice_subslice2(bytes, (size_t)18U, (size_t)21U, uint8_t));
+ Eurydice_slice_subslice3(bytes, (size_t)18U, (size_t)21U, uint8_t *));
int16_t_x2 v14_15 =
libcrux_ml_kem_vector_portable_serialize_deserialize_12_int(
- Eurydice_slice_subslice2(bytes, (size_t)21U, (size_t)24U, uint8_t));
- libcrux_ml_kem_vector_portable_vector_type_PortableVector re =
- libcrux_ml_kem_vector_portable_vector_type_zero();
- re.elements[0U] = v0_1.fst;
- re.elements[1U] = v0_1.snd;
- re.elements[2U] = v2_3.fst;
- re.elements[3U] = v2_3.snd;
- re.elements[4U] = v4_5.fst;
- re.elements[5U] = v4_5.snd;
- re.elements[6U] = v6_7.fst;
- re.elements[7U] = v6_7.snd;
- re.elements[8U] = v8_9.fst;
- re.elements[9U] = v8_9.snd;
- re.elements[10U] = v10_11.fst;
- re.elements[11U] = v10_11.snd;
- re.elements[12U] = v12_13.fst;
- re.elements[13U] = v12_13.snd;
- re.elements[14U] = v14_15.fst;
- re.elements[15U] = v14_15.snd;
- return re;
+ Eurydice_slice_subslice3(bytes, (size_t)21U, (size_t)24U, uint8_t *));
+ return (
+ KRML_CLITERAL(libcrux_ml_kem_vector_portable_vector_type_PortableVector){
+ .elements = {v0_1.fst, v0_1.snd, v2_3.fst, v2_3.snd, v4_5.fst,
+ v4_5.snd, v6_7.fst, v6_7.snd, v8_9.fst, v8_9.snd,
+ v10_11.fst, v10_11.snd, v12_13.fst, v12_13.snd,
+ v14_15.fst, v14_15.snd}});
+}
+
+static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector
+libcrux_ml_kem_vector_portable_deserialize_12(Eurydice_slice a) {
+ return libcrux_ml_kem_vector_portable_serialize_deserialize_12(
+ libcrux_secrets_int_classify_public_classify_ref_9b_90(a));
}
/**
-This function found in impl {(libcrux_ml_kem::vector::traits::Operations for
-libcrux_ml_kem::vector::portable::vector_type::PortableVector)}
+This function found in impl {libcrux_ml_kem::vector::traits::Operations for
+libcrux_ml_kem::vector::portable::vector_type::PortableVector}
*/
static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector
-libcrux_ml_kem_vector_portable_deserialize_12_0d(Eurydice_slice a) {
- return libcrux_ml_kem_vector_portable_serialize_deserialize_12(a);
+libcrux_ml_kem_vector_portable_deserialize_12_b8(Eurydice_slice a) {
+ return libcrux_ml_kem_vector_portable_deserialize_12(a);
}
static KRML_MUSTINLINE size_t
@@ -8055,46 +6938,16 @@ libcrux_ml_kem_vector_portable_sampling_rej_sample(Eurydice_slice a,
uint8_t, uint8_t *);
int16_t d1 = (b2 & (int16_t)15) << 8U | b1;
int16_t d2 = b3 << 4U | b2 >> 4U;
- bool uu____0;
- int16_t uu____1;
- bool uu____2;
- size_t uu____3;
- int16_t uu____4;
- size_t uu____5;
- int16_t uu____6;
if (d1 < LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_MODULUS) {
if (sampled < (size_t)16U) {
Eurydice_slice_index(result, sampled, int16_t, int16_t *) = d1;
sampled++;
- uu____1 = d2;
- uu____6 = LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_MODULUS;
- uu____0 = uu____1 < uu____6;
- if (uu____0) {
- uu____3 = sampled;
- uu____2 = uu____3 < (size_t)16U;
- if (uu____2) {
- uu____4 = d2;
- uu____5 = sampled;
- Eurydice_slice_index(result, uu____5, int16_t, int16_t *) = uu____4;
- sampled++;
- continue;
- }
- }
- continue;
}
}
- uu____1 = d2;
- uu____6 = LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_MODULUS;
- uu____0 = uu____1 < uu____6;
- if (uu____0) {
- uu____3 = sampled;
- uu____2 = uu____3 < (size_t)16U;
- if (uu____2) {
- uu____4 = d2;
- uu____5 = sampled;
- Eurydice_slice_index(result, uu____5, int16_t, int16_t *) = uu____4;
+ if (d2 < LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_MODULUS) {
+ if (sampled < (size_t)16U) {
+ Eurydice_slice_index(result, sampled, int16_t, int16_t *) = d2;
sampled++;
- continue;
}
}
}
@@ -8102,45 +6955,45 @@ libcrux_ml_kem_vector_portable_sampling_rej_sample(Eurydice_slice a,
}
/**
-This function found in impl {(libcrux_ml_kem::vector::traits::Operations for
-libcrux_ml_kem::vector::portable::vector_type::PortableVector)}
+This function found in impl {libcrux_ml_kem::vector::traits::Operations for
+libcrux_ml_kem::vector::portable::vector_type::PortableVector}
*/
-static inline size_t libcrux_ml_kem_vector_portable_rej_sample_0d(
+static inline size_t libcrux_ml_kem_vector_portable_rej_sample_b8(
Eurydice_slice a, Eurydice_slice out) {
return libcrux_ml_kem_vector_portable_sampling_rej_sample(a, out);
}
-#define LIBCRUX_ML_KEM_MLKEM768_VECTOR_U_COMPRESSION_FACTOR_768 ((size_t)10U)
+#define LIBCRUX_ML_KEM_MLKEM768_VECTOR_U_COMPRESSION_FACTOR ((size_t)10U)
-#define LIBCRUX_ML_KEM_MLKEM768_C1_BLOCK_SIZE_768 \
+#define LIBCRUX_ML_KEM_MLKEM768_C1_BLOCK_SIZE \
(LIBCRUX_ML_KEM_CONSTANTS_COEFFICIENTS_IN_RING_ELEMENT * \
- LIBCRUX_ML_KEM_MLKEM768_VECTOR_U_COMPRESSION_FACTOR_768 / (size_t)8U)
+ LIBCRUX_ML_KEM_MLKEM768_VECTOR_U_COMPRESSION_FACTOR / (size_t)8U)
-#define LIBCRUX_ML_KEM_MLKEM768_RANK_768 ((size_t)3U)
+#define LIBCRUX_ML_KEM_MLKEM768_RANK ((size_t)3U)
-#define LIBCRUX_ML_KEM_MLKEM768_C1_SIZE_768 \
- (LIBCRUX_ML_KEM_MLKEM768_C1_BLOCK_SIZE_768 * LIBCRUX_ML_KEM_MLKEM768_RANK_768)
+#define LIBCRUX_ML_KEM_MLKEM768_C1_SIZE \
+ (LIBCRUX_ML_KEM_MLKEM768_C1_BLOCK_SIZE * LIBCRUX_ML_KEM_MLKEM768_RANK)
-#define LIBCRUX_ML_KEM_MLKEM768_VECTOR_V_COMPRESSION_FACTOR_768 ((size_t)4U)
+#define LIBCRUX_ML_KEM_MLKEM768_VECTOR_V_COMPRESSION_FACTOR ((size_t)4U)
-#define LIBCRUX_ML_KEM_MLKEM768_C2_SIZE_768 \
+#define LIBCRUX_ML_KEM_MLKEM768_C2_SIZE \
(LIBCRUX_ML_KEM_CONSTANTS_COEFFICIENTS_IN_RING_ELEMENT * \
- LIBCRUX_ML_KEM_MLKEM768_VECTOR_V_COMPRESSION_FACTOR_768 / (size_t)8U)
+ LIBCRUX_ML_KEM_MLKEM768_VECTOR_V_COMPRESSION_FACTOR / (size_t)8U)
-#define LIBCRUX_ML_KEM_MLKEM768_CPA_PKE_CIPHERTEXT_SIZE_768 \
- (LIBCRUX_ML_KEM_MLKEM768_C1_SIZE_768 + LIBCRUX_ML_KEM_MLKEM768_C2_SIZE_768)
+#define LIBCRUX_ML_KEM_MLKEM768_CPA_PKE_CIPHERTEXT_SIZE \
+ (LIBCRUX_ML_KEM_MLKEM768_C1_SIZE + LIBCRUX_ML_KEM_MLKEM768_C2_SIZE)
-#define LIBCRUX_ML_KEM_MLKEM768_T_AS_NTT_ENCODED_SIZE_768 \
- (LIBCRUX_ML_KEM_MLKEM768_RANK_768 * \
+#define LIBCRUX_ML_KEM_MLKEM768_T_AS_NTT_ENCODED_SIZE \
+ (LIBCRUX_ML_KEM_MLKEM768_RANK * \
LIBCRUX_ML_KEM_CONSTANTS_COEFFICIENTS_IN_RING_ELEMENT * \
LIBCRUX_ML_KEM_CONSTANTS_BITS_PER_COEFFICIENT / (size_t)8U)
-#define LIBCRUX_ML_KEM_MLKEM768_CPA_PKE_PUBLIC_KEY_SIZE_768 \
- (LIBCRUX_ML_KEM_MLKEM768_T_AS_NTT_ENCODED_SIZE_768 + (size_t)32U)
+#define LIBCRUX_ML_KEM_MLKEM768_CPA_PKE_PUBLIC_KEY_SIZE \
+ (LIBCRUX_ML_KEM_MLKEM768_T_AS_NTT_ENCODED_SIZE + (size_t)32U)
-#define LIBCRUX_ML_KEM_MLKEM768_CPA_PKE_SECRET_KEY_SIZE_768 \
- (LIBCRUX_ML_KEM_MLKEM768_RANK_768 * \
- LIBCRUX_ML_KEM_CONSTANTS_COEFFICIENTS_IN_RING_ELEMENT * \
+#define LIBCRUX_ML_KEM_MLKEM768_CPA_PKE_SECRET_KEY_SIZE \
+ (LIBCRUX_ML_KEM_MLKEM768_RANK * \
+ LIBCRUX_ML_KEM_CONSTANTS_COEFFICIENTS_IN_RING_ELEMENT * \
LIBCRUX_ML_KEM_CONSTANTS_BITS_PER_COEFFICIENT / (size_t)8U)
#define LIBCRUX_ML_KEM_MLKEM768_ETA1 ((size_t)2U)
@@ -8155,22 +7008,22 @@ static inline size_t libcrux_ml_kem_vector_portable_rej_sample_0d(
#define LIBCRUX_ML_KEM_MLKEM768_IMPLICIT_REJECTION_HASH_INPUT_SIZE \
(LIBCRUX_ML_KEM_CONSTANTS_SHARED_SECRET_SIZE + \
- LIBCRUX_ML_KEM_MLKEM768_CPA_PKE_CIPHERTEXT_SIZE_768)
+ LIBCRUX_ML_KEM_MLKEM768_CPA_PKE_CIPHERTEXT_SIZE)
-typedef libcrux_ml_kem_types_MlKemPrivateKey_55
+typedef libcrux_ml_kem_types_MlKemPrivateKey_d9
libcrux_ml_kem_mlkem768_MlKem768PrivateKey;
-typedef libcrux_ml_kem_types_MlKemPublicKey_15
+typedef libcrux_ml_kem_types_MlKemPublicKey_30
libcrux_ml_kem_mlkem768_MlKem768PublicKey;
-#define LIBCRUX_ML_KEM_MLKEM768_RANKED_BYTES_PER_RING_ELEMENT_768 \
- (LIBCRUX_ML_KEM_MLKEM768_RANK_768 * \
+#define LIBCRUX_ML_KEM_MLKEM768_RANKED_BYTES_PER_RING_ELEMENT \
+ (LIBCRUX_ML_KEM_MLKEM768_RANK * \
LIBCRUX_ML_KEM_CONSTANTS_BITS_PER_RING_ELEMENT / (size_t)8U)
-#define LIBCRUX_ML_KEM_MLKEM768_SECRET_KEY_SIZE_768 \
- (LIBCRUX_ML_KEM_MLKEM768_CPA_PKE_SECRET_KEY_SIZE_768 + \
- LIBCRUX_ML_KEM_MLKEM768_CPA_PKE_PUBLIC_KEY_SIZE_768 + \
- LIBCRUX_ML_KEM_CONSTANTS_H_DIGEST_SIZE + \
+#define LIBCRUX_ML_KEM_MLKEM768_SECRET_KEY_SIZE \
+ (LIBCRUX_ML_KEM_MLKEM768_CPA_PKE_SECRET_KEY_SIZE + \
+ LIBCRUX_ML_KEM_MLKEM768_CPA_PKE_PUBLIC_KEY_SIZE + \
+ LIBCRUX_ML_KEM_CONSTANTS_H_DIGEST_SIZE + \
LIBCRUX_ML_KEM_CONSTANTS_SHARED_SECRET_SIZE)
/**
@@ -8178,51 +7031,65 @@ A monomorphic instance of libcrux_ml_kem.polynomial.PolynomialRingElement
with types libcrux_ml_kem_vector_portable_vector_type_PortableVector
*/
-typedef struct libcrux_ml_kem_polynomial_PolynomialRingElement_f0_s {
+typedef struct libcrux_ml_kem_polynomial_PolynomialRingElement_1d_s {
libcrux_ml_kem_vector_portable_vector_type_PortableVector coefficients[16U];
-} libcrux_ml_kem_polynomial_PolynomialRingElement_f0;
+} libcrux_ml_kem_polynomial_PolynomialRingElement_1d;
+
+/**
+A monomorphic instance of
+libcrux_ml_kem.ind_cpa.unpacked.IndCpaPrivateKeyUnpacked with types
+libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics
+- $3size_t
+*/
+typedef struct libcrux_ml_kem_ind_cpa_unpacked_IndCpaPrivateKeyUnpacked_a0_s {
+ libcrux_ml_kem_polynomial_PolynomialRingElement_1d secret_as_ntt[3U];
+} libcrux_ml_kem_ind_cpa_unpacked_IndCpaPrivateKeyUnpacked_a0;
/**
This function found in impl
-{libcrux_ml_kem::polynomial::PolynomialRingElement<Vector>[TraitClause@0]}
+{libcrux_ml_kem::polynomial::PolynomialRingElement<Vector>[TraitClause@0,
+TraitClause@1]}
*/
/**
-A monomorphic instance of libcrux_ml_kem.polynomial.ZERO_89
+A monomorphic instance of libcrux_ml_kem.polynomial.ZERO_d6
with types libcrux_ml_kem_vector_portable_vector_type_PortableVector
with const generics
*/
-static inline libcrux_ml_kem_polynomial_PolynomialRingElement_f0
-libcrux_ml_kem_polynomial_ZERO_89_ea(void) {
- libcrux_ml_kem_polynomial_PolynomialRingElement_f0 lit;
- lit.coefficients[0U] = libcrux_ml_kem_vector_portable_ZERO_0d();
- lit.coefficients[1U] = libcrux_ml_kem_vector_portable_ZERO_0d();
- lit.coefficients[2U] = libcrux_ml_kem_vector_portable_ZERO_0d();
- lit.coefficients[3U] = libcrux_ml_kem_vector_portable_ZERO_0d();
- lit.coefficients[4U] = libcrux_ml_kem_vector_portable_ZERO_0d();
- lit.coefficients[5U] = libcrux_ml_kem_vector_portable_ZERO_0d();
- lit.coefficients[6U] = libcrux_ml_kem_vector_portable_ZERO_0d();
- lit.coefficients[7U] = libcrux_ml_kem_vector_portable_ZERO_0d();
- lit.coefficients[8U] = libcrux_ml_kem_vector_portable_ZERO_0d();
- lit.coefficients[9U] = libcrux_ml_kem_vector_portable_ZERO_0d();
- lit.coefficients[10U] = libcrux_ml_kem_vector_portable_ZERO_0d();
- lit.coefficients[11U] = libcrux_ml_kem_vector_portable_ZERO_0d();
- lit.coefficients[12U] = libcrux_ml_kem_vector_portable_ZERO_0d();
- lit.coefficients[13U] = libcrux_ml_kem_vector_portable_ZERO_0d();
- lit.coefficients[14U] = libcrux_ml_kem_vector_portable_ZERO_0d();
- lit.coefficients[15U] = libcrux_ml_kem_vector_portable_ZERO_0d();
+static inline libcrux_ml_kem_polynomial_PolynomialRingElement_1d
+libcrux_ml_kem_polynomial_ZERO_d6_ea(void) {
+ libcrux_ml_kem_polynomial_PolynomialRingElement_1d lit;
+ libcrux_ml_kem_vector_portable_vector_type_PortableVector
+ repeat_expression[16U];
+ for (size_t i = (size_t)0U; i < (size_t)16U; i++) {
+ repeat_expression[i] = libcrux_ml_kem_vector_portable_ZERO_b8();
+ }
+ memcpy(lit.coefficients, repeat_expression,
+ (size_t)16U *
+ sizeof(libcrux_ml_kem_vector_portable_vector_type_PortableVector));
return lit;
}
/**
-A monomorphic instance of libcrux_ml_kem.ind_cpa.deserialize_secret_key.closure
+This function found in impl {core::ops::function::FnMut<(usize),
+libcrux_ml_kem::polynomial::PolynomialRingElement<Vector>[TraitClause@0,
+TraitClause@1]> for libcrux_ml_kem::ind_cpa::decrypt::closure<Vector, K,
+CIPHERTEXT_SIZE, VECTOR_U_ENCODED_SIZE, U_COMPRESSION_FACTOR,
+V_COMPRESSION_FACTOR>[TraitClause@0, TraitClause@1]}
+*/
+/**
+A monomorphic instance of libcrux_ml_kem.ind_cpa.decrypt.call_mut_0b
with types libcrux_ml_kem_vector_portable_vector_type_PortableVector
with const generics
- K= 3
+- CIPHERTEXT_SIZE= 1088
+- VECTOR_U_ENCODED_SIZE= 960
+- U_COMPRESSION_FACTOR= 10
+- V_COMPRESSION_FACTOR= 4
*/
-static inline libcrux_ml_kem_polynomial_PolynomialRingElement_f0
-libcrux_ml_kem_ind_cpa_deserialize_secret_key_closure_6b(size_t _) {
- return libcrux_ml_kem_polynomial_ZERO_89_ea();
+static inline libcrux_ml_kem_polynomial_PolynomialRingElement_1d
+libcrux_ml_kem_ind_cpa_decrypt_call_mut_0b_42(void **_, size_t tupled_args) {
+ return libcrux_ml_kem_polynomial_ZERO_d6_ea();
}
/**
@@ -8231,18 +7098,19 @@ libcrux_ml_kem.serialize.deserialize_to_uncompressed_ring_element with types
libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics
*/
-static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0
-libcrux_ml_kem_serialize_deserialize_to_uncompressed_ring_element_af(
+static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_1d
+libcrux_ml_kem_serialize_deserialize_to_uncompressed_ring_element_ea(
Eurydice_slice serialized) {
- libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re =
- libcrux_ml_kem_polynomial_ZERO_89_ea();
+ libcrux_ml_kem_polynomial_PolynomialRingElement_1d re =
+ libcrux_ml_kem_polynomial_ZERO_d6_ea();
for (size_t i = (size_t)0U;
i < Eurydice_slice_len(serialized, uint8_t) / (size_t)24U; i++) {
size_t i0 = i;
- Eurydice_slice bytes = Eurydice_slice_subslice2(
- serialized, i0 * (size_t)24U, i0 * (size_t)24U + (size_t)24U, uint8_t);
+ Eurydice_slice bytes =
+ Eurydice_slice_subslice3(serialized, i0 * (size_t)24U,
+ i0 * (size_t)24U + (size_t)24U, uint8_t *);
libcrux_ml_kem_vector_portable_vector_type_PortableVector uu____0 =
- libcrux_ml_kem_vector_portable_deserialize_12_0d(bytes);
+ libcrux_ml_kem_vector_portable_deserialize_12_b8(bytes);
re.coefficients[i0] = uu____0;
}
return re;
@@ -8252,59 +7120,47 @@ libcrux_ml_kem_serialize_deserialize_to_uncompressed_ring_element_af(
Call [`deserialize_to_uncompressed_ring_element`] for each ring element.
*/
/**
-A monomorphic instance of libcrux_ml_kem.ind_cpa.deserialize_secret_key
+A monomorphic instance of libcrux_ml_kem.ind_cpa.deserialize_vector
with types libcrux_ml_kem_vector_portable_vector_type_PortableVector
with const generics
- K= 3
*/
-static KRML_MUSTINLINE void libcrux_ml_kem_ind_cpa_deserialize_secret_key_24(
+static KRML_MUSTINLINE void libcrux_ml_kem_ind_cpa_deserialize_vector_1b(
Eurydice_slice secret_key,
- libcrux_ml_kem_polynomial_PolynomialRingElement_f0 ret[3U]) {
- libcrux_ml_kem_polynomial_PolynomialRingElement_f0 secret_as_ntt[3U];
+ libcrux_ml_kem_polynomial_PolynomialRingElement_1d *secret_as_ntt) {
for (size_t i = (size_t)0U; i < (size_t)3U; i++) {
- secret_as_ntt[i] = libcrux_ml_kem_polynomial_ZERO_89_ea();
- }
- for (size_t i = (size_t)0U;
- i < Eurydice_slice_len(secret_key, uint8_t) /
- LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT;
- i++) {
size_t i0 = i;
- Eurydice_slice secret_bytes = Eurydice_slice_subslice2(
- secret_key, i0 * LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT,
- i0 * LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT +
- LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT,
- uint8_t);
- libcrux_ml_kem_polynomial_PolynomialRingElement_f0 uu____0 =
- libcrux_ml_kem_serialize_deserialize_to_uncompressed_ring_element_af(
- secret_bytes);
+ libcrux_ml_kem_polynomial_PolynomialRingElement_1d uu____0 =
+ libcrux_ml_kem_serialize_deserialize_to_uncompressed_ring_element_ea(
+ Eurydice_slice_subslice3(
+ secret_key,
+ i0 * LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT,
+ (i0 + (size_t)1U) *
+ LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT,
+ uint8_t *));
secret_as_ntt[i0] = uu____0;
}
- memcpy(
- ret, secret_as_ntt,
- (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0));
}
/**
-A monomorphic instance of
-libcrux_ml_kem.ind_cpa.unpacked.IndCpaPrivateKeyUnpacked with types
-libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics
-- $3size_t
+This function found in impl {core::ops::function::FnMut<(usize),
+libcrux_ml_kem::polynomial::PolynomialRingElement<Vector>[TraitClause@0,
+TraitClause@1]> for
+libcrux_ml_kem::ind_cpa::deserialize_then_decompress_u::closure<Vector, K,
+CIPHERTEXT_SIZE, U_COMPRESSION_FACTOR>[TraitClause@0, TraitClause@1]}
*/
-typedef struct libcrux_ml_kem_ind_cpa_unpacked_IndCpaPrivateKeyUnpacked_f8_s {
- libcrux_ml_kem_polynomial_PolynomialRingElement_f0 secret_as_ntt[3U];
-} libcrux_ml_kem_ind_cpa_unpacked_IndCpaPrivateKeyUnpacked_f8;
-
/**
A monomorphic instance of
-libcrux_ml_kem.ind_cpa.deserialize_then_decompress_u.closure with types
+libcrux_ml_kem.ind_cpa.deserialize_then_decompress_u.call_mut_35 with types
libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics
- K= 3
- CIPHERTEXT_SIZE= 1088
- U_COMPRESSION_FACTOR= 10
*/
-static inline libcrux_ml_kem_polynomial_PolynomialRingElement_f0
-libcrux_ml_kem_ind_cpa_deserialize_then_decompress_u_closure_7c(size_t _) {
- return libcrux_ml_kem_polynomial_ZERO_89_ea();
+static inline libcrux_ml_kem_polynomial_PolynomialRingElement_1d
+libcrux_ml_kem_ind_cpa_deserialize_then_decompress_u_call_mut_35_6c(
+ void **_, size_t tupled_args) {
+ return libcrux_ml_kem_polynomial_ZERO_d6_ea();
}
/**
@@ -8314,35 +7170,38 @@ const generics
- COEFFICIENT_BITS= 10
*/
static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector
-libcrux_ml_kem_vector_portable_compress_decompress_ciphertext_coefficient_6b(
- libcrux_ml_kem_vector_portable_vector_type_PortableVector v) {
+libcrux_ml_kem_vector_portable_compress_decompress_ciphertext_coefficient_ef(
+ libcrux_ml_kem_vector_portable_vector_type_PortableVector a) {
for (size_t i = (size_t)0U;
i < LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_ELEMENTS_IN_VECTOR; i++) {
size_t i0 = i;
- int32_t decompressed = (int32_t)v.elements[i0] *
- (int32_t)LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_MODULUS;
+ int32_t decompressed =
+ libcrux_secrets_int_as_i32_f5(a.elements[i0]) *
+ libcrux_secrets_int_as_i32_f5(
+ libcrux_secrets_int_public_integers_classify_27_39(
+ LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_MODULUS));
decompressed = (decompressed << 1U) + ((int32_t)1 << (uint32_t)(int32_t)10);
decompressed = decompressed >> (uint32_t)((int32_t)10 + (int32_t)1);
- v.elements[i0] = (int16_t)decompressed;
+ a.elements[i0] = libcrux_secrets_int_as_i16_36(decompressed);
}
- return v;
+ return a;
}
/**
-This function found in impl {(libcrux_ml_kem::vector::traits::Operations for
-libcrux_ml_kem::vector::portable::vector_type::PortableVector)}
+This function found in impl {libcrux_ml_kem::vector::traits::Operations for
+libcrux_ml_kem::vector::portable::vector_type::PortableVector}
*/
/**
A monomorphic instance of
-libcrux_ml_kem.vector.portable.decompress_ciphertext_coefficient_0d with const
+libcrux_ml_kem.vector.portable.decompress_ciphertext_coefficient_b8 with const
generics
- COEFFICIENT_BITS= 10
*/
static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector
-libcrux_ml_kem_vector_portable_decompress_ciphertext_coefficient_0d_5a(
- libcrux_ml_kem_vector_portable_vector_type_PortableVector v) {
- return libcrux_ml_kem_vector_portable_compress_decompress_ciphertext_coefficient_6b(
- v);
+libcrux_ml_kem_vector_portable_decompress_ciphertext_coefficient_b8_ef(
+ libcrux_ml_kem_vector_portable_vector_type_PortableVector a) {
+ return libcrux_ml_kem_vector_portable_compress_decompress_ciphertext_coefficient_ef(
+ a);
}
/**
@@ -8351,84 +7210,21 @@ libcrux_ml_kem.serialize.deserialize_then_decompress_10 with types
libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics
*/
-static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0
-libcrux_ml_kem_serialize_deserialize_then_decompress_10_2c(
+static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_1d
+libcrux_ml_kem_serialize_deserialize_then_decompress_10_ea(
Eurydice_slice serialized) {
- libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re =
- libcrux_ml_kem_polynomial_ZERO_89_ea();
+ libcrux_ml_kem_polynomial_PolynomialRingElement_1d re =
+ libcrux_ml_kem_polynomial_ZERO_d6_ea();
for (size_t i = (size_t)0U;
i < Eurydice_slice_len(serialized, uint8_t) / (size_t)20U; i++) {
size_t i0 = i;
- Eurydice_slice bytes = Eurydice_slice_subslice2(
- serialized, i0 * (size_t)20U, i0 * (size_t)20U + (size_t)20U, uint8_t);
+ Eurydice_slice bytes =
+ Eurydice_slice_subslice3(serialized, i0 * (size_t)20U,
+ i0 * (size_t)20U + (size_t)20U, uint8_t *);
libcrux_ml_kem_vector_portable_vector_type_PortableVector coefficient =
- libcrux_ml_kem_vector_portable_deserialize_10_0d(bytes);
+ libcrux_ml_kem_vector_portable_deserialize_10_b8(bytes);
libcrux_ml_kem_vector_portable_vector_type_PortableVector uu____0 =
- libcrux_ml_kem_vector_portable_decompress_ciphertext_coefficient_0d_5a(
- coefficient);
- re.coefficients[i0] = uu____0;
- }
- return re;
-}
-
-/**
-A monomorphic instance of
-libcrux_ml_kem.vector.portable.compress.decompress_ciphertext_coefficient with
-const generics
-- COEFFICIENT_BITS= 11
-*/
-static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector
-libcrux_ml_kem_vector_portable_compress_decompress_ciphertext_coefficient_6b0(
- libcrux_ml_kem_vector_portable_vector_type_PortableVector v) {
- for (size_t i = (size_t)0U;
- i < LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_ELEMENTS_IN_VECTOR; i++) {
- size_t i0 = i;
- int32_t decompressed = (int32_t)v.elements[i0] *
- (int32_t)LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_MODULUS;
- decompressed = (decompressed << 1U) + ((int32_t)1 << (uint32_t)(int32_t)11);
- decompressed = decompressed >> (uint32_t)((int32_t)11 + (int32_t)1);
- v.elements[i0] = (int16_t)decompressed;
- }
- return v;
-}
-
-/**
-This function found in impl {(libcrux_ml_kem::vector::traits::Operations for
-libcrux_ml_kem::vector::portable::vector_type::PortableVector)}
-*/
-/**
-A monomorphic instance of
-libcrux_ml_kem.vector.portable.decompress_ciphertext_coefficient_0d with const
-generics
-- COEFFICIENT_BITS= 11
-*/
-static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector
-libcrux_ml_kem_vector_portable_decompress_ciphertext_coefficient_0d_5a0(
- libcrux_ml_kem_vector_portable_vector_type_PortableVector v) {
- return libcrux_ml_kem_vector_portable_compress_decompress_ciphertext_coefficient_6b0(
- v);
-}
-
-/**
-A monomorphic instance of
-libcrux_ml_kem.serialize.deserialize_then_decompress_11 with types
-libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics
-
-*/
-static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0
-libcrux_ml_kem_serialize_deserialize_then_decompress_11_8d(
- Eurydice_slice serialized) {
- libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re =
- libcrux_ml_kem_polynomial_ZERO_89_ea();
- for (size_t i = (size_t)0U;
- i < Eurydice_slice_len(serialized, uint8_t) / (size_t)22U; i++) {
- size_t i0 = i;
- Eurydice_slice bytes = Eurydice_slice_subslice2(
- serialized, i0 * (size_t)22U, i0 * (size_t)22U + (size_t)22U, uint8_t);
- libcrux_ml_kem_vector_portable_vector_type_PortableVector coefficient =
- libcrux_ml_kem_vector_portable_deserialize_11_0d(bytes);
- libcrux_ml_kem_vector_portable_vector_type_PortableVector uu____0 =
- libcrux_ml_kem_vector_portable_decompress_ciphertext_coefficient_0d_5a0(
+ libcrux_ml_kem_vector_portable_decompress_ciphertext_coefficient_b8_ef(
coefficient);
re.coefficients[i0] = uu____0;
}
@@ -8441,10 +7237,10 @@ libcrux_ml_kem.serialize.deserialize_then_decompress_ring_element_u with types
libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics
- COMPRESSION_FACTOR= 10
*/
-static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0
-libcrux_ml_kem_serialize_deserialize_then_decompress_ring_element_u_34(
+static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_1d
+libcrux_ml_kem_serialize_deserialize_then_decompress_ring_element_u_0a(
Eurydice_slice serialized) {
- return libcrux_ml_kem_serialize_deserialize_then_decompress_10_2c(serialized);
+ return libcrux_ml_kem_serialize_deserialize_then_decompress_10_ea(serialized);
}
typedef struct libcrux_ml_kem_vector_portable_vector_type_PortableVector_x2_s {
@@ -8452,19 +7248,6 @@ typedef struct libcrux_ml_kem_vector_portable_vector_type_PortableVector_x2_s {
libcrux_ml_kem_vector_portable_vector_type_PortableVector snd;
} libcrux_ml_kem_vector_portable_vector_type_PortableVector_x2;
-/**
-A monomorphic instance of libcrux_ml_kem.vector.traits.montgomery_multiply_fe
-with types libcrux_ml_kem_vector_portable_vector_type_PortableVector
-with const generics
-
-*/
-static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector
-libcrux_ml_kem_vector_traits_montgomery_multiply_fe_67(
- libcrux_ml_kem_vector_portable_vector_type_PortableVector v, int16_t fer) {
- return libcrux_ml_kem_vector_portable_montgomery_multiply_by_constant_0d(v,
- fer);
-}
-
/**
A monomorphic instance of libcrux_ml_kem.ntt.ntt_layer_int_vec_step
with types libcrux_ml_kem_vector_portable_vector_type_PortableVector
@@ -8473,17 +7256,18 @@ with const generics
*/
static KRML_MUSTINLINE
libcrux_ml_kem_vector_portable_vector_type_PortableVector_x2
- libcrux_ml_kem_ntt_ntt_layer_int_vec_step_0c(
+ libcrux_ml_kem_ntt_ntt_layer_int_vec_step_ea(
libcrux_ml_kem_vector_portable_vector_type_PortableVector a,
libcrux_ml_kem_vector_portable_vector_type_PortableVector b,
int16_t zeta_r) {
libcrux_ml_kem_vector_portable_vector_type_PortableVector t =
- libcrux_ml_kem_vector_traits_montgomery_multiply_fe_67(b, zeta_r);
- b = libcrux_ml_kem_vector_portable_sub_0d(a, &t);
- a = libcrux_ml_kem_vector_portable_add_0d(a, &t);
- return (
- CLITERAL(libcrux_ml_kem_vector_portable_vector_type_PortableVector_x2){
- .fst = a, .snd = b});
+ libcrux_ml_kem_vector_portable_montgomery_multiply_by_constant_b8(b,
+ zeta_r);
+ b = libcrux_ml_kem_vector_portable_sub_b8(a, &t);
+ a = libcrux_ml_kem_vector_portable_add_b8(a, &t);
+ return (KRML_CLITERAL(
+ libcrux_ml_kem_vector_portable_vector_type_PortableVector_x2){.fst = a,
+ .snd = b});
}
/**
@@ -8492,8 +7276,8 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector
with const generics
*/
-static KRML_MUSTINLINE void libcrux_ml_kem_ntt_ntt_at_layer_4_plus_51(
- size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re,
+static KRML_MUSTINLINE void libcrux_ml_kem_ntt_ntt_at_layer_4_plus_ea(
+ size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_1d *re,
size_t layer, size_t _initial_coefficient_bound) {
size_t step = (size_t)1U << (uint32_t)layer;
for (size_t i0 = (size_t)0U; i0 < (size_t)128U >> (uint32_t)layer; i0++) {
@@ -8505,9 +7289,9 @@ static KRML_MUSTINLINE void libcrux_ml_kem_ntt_ntt_at_layer_4_plus_51(
for (size_t i = offset_vec; i < offset_vec + step_vec; i++) {
size_t j = i;
libcrux_ml_kem_vector_portable_vector_type_PortableVector_x2 uu____0 =
- libcrux_ml_kem_ntt_ntt_layer_int_vec_step_0c(
+ libcrux_ml_kem_ntt_ntt_layer_int_vec_step_ea(
re->coefficients[j], re->coefficients[j + step_vec],
- libcrux_ml_kem_polynomial_ZETAS_TIMES_MONTGOMERY_R[zeta_i[0U]]);
+ libcrux_ml_kem_polynomial_zeta(zeta_i[0U]));
libcrux_ml_kem_vector_portable_vector_type_PortableVector x = uu____0.fst;
libcrux_ml_kem_vector_portable_vector_type_PortableVector y = uu____0.snd;
re->coefficients[j] = x;
@@ -8522,16 +7306,16 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector
with const generics
*/
-static KRML_MUSTINLINE void libcrux_ml_kem_ntt_ntt_at_layer_3_fd(
- size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re,
- size_t _layer, size_t _initial_coefficient_bound) {
+static KRML_MUSTINLINE void libcrux_ml_kem_ntt_ntt_at_layer_3_ea(
+ size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_1d *re,
+ size_t _initial_coefficient_bound) {
for (size_t i = (size_t)0U; i < (size_t)16U; i++) {
size_t round = i;
zeta_i[0U] = zeta_i[0U] + (size_t)1U;
libcrux_ml_kem_vector_portable_vector_type_PortableVector uu____0 =
- libcrux_ml_kem_vector_portable_ntt_layer_3_step_0d(
+ libcrux_ml_kem_vector_portable_ntt_layer_3_step_b8(
re->coefficients[round],
- libcrux_ml_kem_polynomial_ZETAS_TIMES_MONTGOMERY_R[zeta_i[0U]]);
+ libcrux_ml_kem_polynomial_zeta(zeta_i[0U]));
re->coefficients[round] = uu____0;
}
}
@@ -8542,18 +7326,16 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector
with const generics
*/
-static KRML_MUSTINLINE void libcrux_ml_kem_ntt_ntt_at_layer_2_ad(
- size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re,
- size_t _layer, size_t _initial_coefficient_bound) {
+static KRML_MUSTINLINE void libcrux_ml_kem_ntt_ntt_at_layer_2_ea(
+ size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_1d *re,
+ size_t _initial_coefficient_bound) {
for (size_t i = (size_t)0U; i < (size_t)16U; i++) {
size_t round = i;
zeta_i[0U] = zeta_i[0U] + (size_t)1U;
re->coefficients[round] =
- libcrux_ml_kem_vector_portable_ntt_layer_2_step_0d(
- re->coefficients[round],
- libcrux_ml_kem_polynomial_ZETAS_TIMES_MONTGOMERY_R[zeta_i[0U]],
- libcrux_ml_kem_polynomial_ZETAS_TIMES_MONTGOMERY_R[zeta_i[0U] +
- (size_t)1U]);
+ libcrux_ml_kem_vector_portable_ntt_layer_2_step_b8(
+ re->coefficients[round], libcrux_ml_kem_polynomial_zeta(zeta_i[0U]),
+ libcrux_ml_kem_polynomial_zeta(zeta_i[0U] + (size_t)1U));
zeta_i[0U] = zeta_i[0U] + (size_t)1U;
}
}
@@ -8564,69 +7346,77 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector
with const generics
*/
-static KRML_MUSTINLINE void libcrux_ml_kem_ntt_ntt_at_layer_1_a2(
- size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re,
- size_t _layer, size_t _initial_coefficient_bound) {
+static KRML_MUSTINLINE void libcrux_ml_kem_ntt_ntt_at_layer_1_ea(
+ size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_1d *re,
+ size_t _initial_coefficient_bound) {
for (size_t i = (size_t)0U; i < (size_t)16U; i++) {
size_t round = i;
zeta_i[0U] = zeta_i[0U] + (size_t)1U;
re->coefficients[round] =
- libcrux_ml_kem_vector_portable_ntt_layer_1_step_0d(
- re->coefficients[round],
- libcrux_ml_kem_polynomial_ZETAS_TIMES_MONTGOMERY_R[zeta_i[0U]],
- libcrux_ml_kem_polynomial_ZETAS_TIMES_MONTGOMERY_R[zeta_i[0U] +
- (size_t)1U],
- libcrux_ml_kem_polynomial_ZETAS_TIMES_MONTGOMERY_R[zeta_i[0U] +
- (size_t)2U],
- libcrux_ml_kem_polynomial_ZETAS_TIMES_MONTGOMERY_R[zeta_i[0U] +
- (size_t)3U]);
+ libcrux_ml_kem_vector_portable_ntt_layer_1_step_b8(
+ re->coefficients[round], libcrux_ml_kem_polynomial_zeta(zeta_i[0U]),
+ libcrux_ml_kem_polynomial_zeta(zeta_i[0U] + (size_t)1U),
+ libcrux_ml_kem_polynomial_zeta(zeta_i[0U] + (size_t)2U),
+ libcrux_ml_kem_polynomial_zeta(zeta_i[0U] + (size_t)3U));
zeta_i[0U] = zeta_i[0U] + (size_t)3U;
}
}
/**
-This function found in impl
-{libcrux_ml_kem::polynomial::PolynomialRingElement<Vector>[TraitClause@0]}
-*/
-/**
-A monomorphic instance of libcrux_ml_kem.polynomial.poly_barrett_reduce_89
+A monomorphic instance of libcrux_ml_kem.polynomial.poly_barrett_reduce
with types libcrux_ml_kem_vector_portable_vector_type_PortableVector
with const generics
*/
-static KRML_MUSTINLINE void libcrux_ml_kem_polynomial_poly_barrett_reduce_89_8b(
- libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *self) {
+static KRML_MUSTINLINE void libcrux_ml_kem_polynomial_poly_barrett_reduce_ea(
+ libcrux_ml_kem_polynomial_PolynomialRingElement_1d *myself) {
for (size_t i = (size_t)0U;
i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) {
size_t i0 = i;
libcrux_ml_kem_vector_portable_vector_type_PortableVector uu____0 =
- libcrux_ml_kem_vector_portable_barrett_reduce_0d(
- self->coefficients[i0]);
- self->coefficients[i0] = uu____0;
+ libcrux_ml_kem_vector_portable_barrett_reduce_b8(
+ myself->coefficients[i0]);
+ myself->coefficients[i0] = uu____0;
}
}
+/**
+This function found in impl
+{libcrux_ml_kem::polynomial::PolynomialRingElement<Vector>[TraitClause@0,
+TraitClause@1]}
+*/
+/**
+A monomorphic instance of libcrux_ml_kem.polynomial.poly_barrett_reduce_d6
+with types libcrux_ml_kem_vector_portable_vector_type_PortableVector
+with const generics
+
+*/
+static KRML_MUSTINLINE void libcrux_ml_kem_polynomial_poly_barrett_reduce_d6_ea(
+ libcrux_ml_kem_polynomial_PolynomialRingElement_1d *self) {
+ libcrux_ml_kem_polynomial_poly_barrett_reduce_ea(self);
+}
+
/**
A monomorphic instance of libcrux_ml_kem.ntt.ntt_vector_u
with types libcrux_ml_kem_vector_portable_vector_type_PortableVector
with const generics
- VECTOR_U_COMPRESSION_FACTOR= 10
*/
-static KRML_MUSTINLINE void libcrux_ml_kem_ntt_ntt_vector_u_9f(
- libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re) {
+static KRML_MUSTINLINE void libcrux_ml_kem_ntt_ntt_vector_u_0a(
+ libcrux_ml_kem_polynomial_PolynomialRingElement_1d *re) {
size_t zeta_i = (size_t)0U;
- libcrux_ml_kem_ntt_ntt_at_layer_4_plus_51(&zeta_i, re, (size_t)7U,
- (size_t)3328U);
- libcrux_ml_kem_ntt_ntt_at_layer_4_plus_51(&zeta_i, re, (size_t)6U,
- (size_t)3328U);
- libcrux_ml_kem_ntt_ntt_at_layer_4_plus_51(&zeta_i, re, (size_t)5U,
- (size_t)3328U);
- libcrux_ml_kem_ntt_ntt_at_layer_4_plus_51(&zeta_i, re, (size_t)4U,
- (size_t)3328U);
- libcrux_ml_kem_ntt_ntt_at_layer_3_fd(&zeta_i, re, (size_t)3U, (size_t)3328U);
- libcrux_ml_kem_ntt_ntt_at_layer_2_ad(&zeta_i, re, (size_t)2U, (size_t)3328U);
- libcrux_ml_kem_ntt_ntt_at_layer_1_a2(&zeta_i, re, (size_t)1U, (size_t)3328U);
- libcrux_ml_kem_polynomial_poly_barrett_reduce_89_8b(re);
+ libcrux_ml_kem_ntt_ntt_at_layer_4_plus_ea(&zeta_i, re, (size_t)7U,
+ (size_t)3328U);
+ libcrux_ml_kem_ntt_ntt_at_layer_4_plus_ea(&zeta_i, re, (size_t)6U,
+ (size_t)2U * (size_t)3328U);
+ libcrux_ml_kem_ntt_ntt_at_layer_4_plus_ea(&zeta_i, re, (size_t)5U,
+ (size_t)3U * (size_t)3328U);
+ libcrux_ml_kem_ntt_ntt_at_layer_4_plus_ea(&zeta_i, re, (size_t)4U,
+ (size_t)4U * (size_t)3328U);
+ libcrux_ml_kem_ntt_ntt_at_layer_3_ea(&zeta_i, re, (size_t)5U * (size_t)3328U);
+ libcrux_ml_kem_ntt_ntt_at_layer_2_ea(&zeta_i, re, (size_t)6U * (size_t)3328U);
+ libcrux_ml_kem_ntt_ntt_at_layer_1_ea(&zeta_i, re, (size_t)7U * (size_t)3328U);
+ libcrux_ml_kem_polynomial_poly_barrett_reduce_d6_ea(re);
}
/**
@@ -8642,12 +7432,16 @@ with const generics
- U_COMPRESSION_FACTOR= 10
*/
static KRML_MUSTINLINE void
-libcrux_ml_kem_ind_cpa_deserialize_then_decompress_u_f4(
+libcrux_ml_kem_ind_cpa_deserialize_then_decompress_u_6c(
uint8_t *ciphertext,
- libcrux_ml_kem_polynomial_PolynomialRingElement_f0 ret[3U]) {
- libcrux_ml_kem_polynomial_PolynomialRingElement_f0 u_as_ntt[3U];
+ libcrux_ml_kem_polynomial_PolynomialRingElement_1d ret[3U]) {
+ libcrux_ml_kem_polynomial_PolynomialRingElement_1d u_as_ntt[3U];
for (size_t i = (size_t)0U; i < (size_t)3U; i++) {
- u_as_ntt[i] = libcrux_ml_kem_polynomial_ZERO_89_ea();
+ /* original Rust expression is not an lvalue in C */
+ void *lvalue = (void *)0U;
+ u_as_ntt[i] =
+ libcrux_ml_kem_ind_cpa_deserialize_then_decompress_u_call_mut_35_6c(
+ &lvalue, i);
}
for (size_t i = (size_t)0U;
i < Eurydice_slice_len(
@@ -8657,7 +7451,7 @@ libcrux_ml_kem_ind_cpa_deserialize_then_decompress_u_f4(
(size_t)10U / (size_t)8U);
i++) {
size_t i0 = i;
- Eurydice_slice u_bytes = Eurydice_array_to_subslice2(
+ Eurydice_slice u_bytes = Eurydice_array_to_subslice3(
ciphertext,
i0 * (LIBCRUX_ML_KEM_CONSTANTS_COEFFICIENTS_IN_RING_ELEMENT *
(size_t)10U / (size_t)8U),
@@ -8665,15 +7459,15 @@ libcrux_ml_kem_ind_cpa_deserialize_then_decompress_u_f4(
(size_t)10U / (size_t)8U) +
LIBCRUX_ML_KEM_CONSTANTS_COEFFICIENTS_IN_RING_ELEMENT *
(size_t)10U / (size_t)8U,
- uint8_t);
+ uint8_t *);
u_as_ntt[i0] =
- libcrux_ml_kem_serialize_deserialize_then_decompress_ring_element_u_34(
+ libcrux_ml_kem_serialize_deserialize_then_decompress_ring_element_u_0a(
u_bytes);
- libcrux_ml_kem_ntt_ntt_vector_u_9f(&u_as_ntt[i0]);
+ libcrux_ml_kem_ntt_ntt_vector_u_0a(&u_as_ntt[i0]);
}
memcpy(
ret, u_as_ntt,
- (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0));
+ (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_1d));
}
/**
@@ -8683,35 +7477,38 @@ const generics
- COEFFICIENT_BITS= 4
*/
static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector
-libcrux_ml_kem_vector_portable_compress_decompress_ciphertext_coefficient_6b1(
- libcrux_ml_kem_vector_portable_vector_type_PortableVector v) {
+libcrux_ml_kem_vector_portable_compress_decompress_ciphertext_coefficient_d1(
+ libcrux_ml_kem_vector_portable_vector_type_PortableVector a) {
for (size_t i = (size_t)0U;
i < LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_ELEMENTS_IN_VECTOR; i++) {
size_t i0 = i;
- int32_t decompressed = (int32_t)v.elements[i0] *
- (int32_t)LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_MODULUS;
+ int32_t decompressed =
+ libcrux_secrets_int_as_i32_f5(a.elements[i0]) *
+ libcrux_secrets_int_as_i32_f5(
+ libcrux_secrets_int_public_integers_classify_27_39(
+ LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_MODULUS));
decompressed = (decompressed << 1U) + ((int32_t)1 << (uint32_t)(int32_t)4);
decompressed = decompressed >> (uint32_t)((int32_t)4 + (int32_t)1);
- v.elements[i0] = (int16_t)decompressed;
+ a.elements[i0] = libcrux_secrets_int_as_i16_36(decompressed);
}
- return v;
+ return a;
}
/**
-This function found in impl {(libcrux_ml_kem::vector::traits::Operations for
-libcrux_ml_kem::vector::portable::vector_type::PortableVector)}
+This function found in impl {libcrux_ml_kem::vector::traits::Operations for
+libcrux_ml_kem::vector::portable::vector_type::PortableVector}
*/
/**
A monomorphic instance of
-libcrux_ml_kem.vector.portable.decompress_ciphertext_coefficient_0d with const
+libcrux_ml_kem.vector.portable.decompress_ciphertext_coefficient_b8 with const
generics
- COEFFICIENT_BITS= 4
*/
static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector
-libcrux_ml_kem_vector_portable_decompress_ciphertext_coefficient_0d_5a1(
- libcrux_ml_kem_vector_portable_vector_type_PortableVector v) {
- return libcrux_ml_kem_vector_portable_compress_decompress_ciphertext_coefficient_6b1(
- v);
+libcrux_ml_kem_vector_portable_decompress_ciphertext_coefficient_b8_d1(
+ libcrux_ml_kem_vector_portable_vector_type_PortableVector a) {
+ return libcrux_ml_kem_vector_portable_compress_decompress_ciphertext_coefficient_d1(
+ a);
}
/**
@@ -8720,100 +7517,57 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector
with const generics
*/
-static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0
-libcrux_ml_kem_serialize_deserialize_then_decompress_4_41(
+static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_1d
+libcrux_ml_kem_serialize_deserialize_then_decompress_4_ea(
Eurydice_slice serialized) {
- libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re =
- libcrux_ml_kem_polynomial_ZERO_89_ea();
+ libcrux_ml_kem_polynomial_PolynomialRingElement_1d re =
+ libcrux_ml_kem_polynomial_ZERO_d6_ea();
for (size_t i = (size_t)0U;
i < Eurydice_slice_len(serialized, uint8_t) / (size_t)8U; i++) {
size_t i0 = i;
- Eurydice_slice bytes = Eurydice_slice_subslice2(
- serialized, i0 * (size_t)8U, i0 * (size_t)8U + (size_t)8U, uint8_t);
+ Eurydice_slice bytes = Eurydice_slice_subslice3(
+ serialized, i0 * (size_t)8U, i0 * (size_t)8U + (size_t)8U, uint8_t *);
libcrux_ml_kem_vector_portable_vector_type_PortableVector coefficient =
- libcrux_ml_kem_vector_portable_deserialize_4_0d(bytes);
+ libcrux_ml_kem_vector_portable_deserialize_4_b8(bytes);
libcrux_ml_kem_vector_portable_vector_type_PortableVector uu____0 =
- libcrux_ml_kem_vector_portable_decompress_ciphertext_coefficient_0d_5a1(
+ libcrux_ml_kem_vector_portable_decompress_ciphertext_coefficient_b8_d1(
coefficient);
re.coefficients[i0] = uu____0;
}
return re;
}
-/**
-A monomorphic instance of
-libcrux_ml_kem.vector.portable.compress.decompress_ciphertext_coefficient with
-const generics
-- COEFFICIENT_BITS= 5
-*/
-static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector
-libcrux_ml_kem_vector_portable_compress_decompress_ciphertext_coefficient_6b2(
- libcrux_ml_kem_vector_portable_vector_type_PortableVector v) {
- for (size_t i = (size_t)0U;
- i < LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_ELEMENTS_IN_VECTOR; i++) {
- size_t i0 = i;
- int32_t decompressed = (int32_t)v.elements[i0] *
- (int32_t)LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_MODULUS;
- decompressed = (decompressed << 1U) + ((int32_t)1 << (uint32_t)(int32_t)5);
- decompressed = decompressed >> (uint32_t)((int32_t)5 + (int32_t)1);
- v.elements[i0] = (int16_t)decompressed;
- }
- return v;
-}
-
-/**
-This function found in impl {(libcrux_ml_kem::vector::traits::Operations for
-libcrux_ml_kem::vector::portable::vector_type::PortableVector)}
-*/
-/**
-A monomorphic instance of
-libcrux_ml_kem.vector.portable.decompress_ciphertext_coefficient_0d with const
-generics
-- COEFFICIENT_BITS= 5
-*/
-static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector
-libcrux_ml_kem_vector_portable_decompress_ciphertext_coefficient_0d_5a2(
- libcrux_ml_kem_vector_portable_vector_type_PortableVector v) {
- return libcrux_ml_kem_vector_portable_compress_decompress_ciphertext_coefficient_6b2(
- v);
-}
-
-/**
-A monomorphic instance of libcrux_ml_kem.serialize.deserialize_then_decompress_5
-with types libcrux_ml_kem_vector_portable_vector_type_PortableVector
-with const generics
-
-*/
-static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0
-libcrux_ml_kem_serialize_deserialize_then_decompress_5_4e(
- Eurydice_slice serialized) {
- libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re =
- libcrux_ml_kem_polynomial_ZERO_89_ea();
- for (size_t i = (size_t)0U;
- i < Eurydice_slice_len(serialized, uint8_t) / (size_t)10U; i++) {
- size_t i0 = i;
- Eurydice_slice bytes = Eurydice_slice_subslice2(
- serialized, i0 * (size_t)10U, i0 * (size_t)10U + (size_t)10U, uint8_t);
- re.coefficients[i0] =
- libcrux_ml_kem_vector_portable_deserialize_5_0d(bytes);
- libcrux_ml_kem_vector_portable_vector_type_PortableVector uu____1 =
- libcrux_ml_kem_vector_portable_decompress_ciphertext_coefficient_0d_5a2(
- re.coefficients[i0]);
- re.coefficients[i0] = uu____1;
- }
- return re;
-}
-
/**
A monomorphic instance of
libcrux_ml_kem.serialize.deserialize_then_decompress_ring_element_v with types
libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics
+- K= 3
- COMPRESSION_FACTOR= 4
*/
-static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0
-libcrux_ml_kem_serialize_deserialize_then_decompress_ring_element_v_56(
+static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_1d
+libcrux_ml_kem_serialize_deserialize_then_decompress_ring_element_v_89(
Eurydice_slice serialized) {
- return libcrux_ml_kem_serialize_deserialize_then_decompress_4_41(serialized);
+ return libcrux_ml_kem_serialize_deserialize_then_decompress_4_ea(serialized);
+}
+
+/**
+A monomorphic instance of libcrux_ml_kem.polynomial.ZERO
+with types libcrux_ml_kem_vector_portable_vector_type_PortableVector
+with const generics
+
+*/
+static inline libcrux_ml_kem_polynomial_PolynomialRingElement_1d
+libcrux_ml_kem_polynomial_ZERO_ea(void) {
+ libcrux_ml_kem_polynomial_PolynomialRingElement_1d lit;
+ libcrux_ml_kem_vector_portable_vector_type_PortableVector
+ repeat_expression[16U];
+ for (size_t i = (size_t)0U; i < (size_t)16U; i++) {
+ repeat_expression[i] = libcrux_ml_kem_vector_portable_ZERO_b8();
+ }
+ memcpy(lit.coefficients, repeat_expression,
+ (size_t)16U *
+ sizeof(libcrux_ml_kem_vector_portable_vector_type_PortableVector));
+ return lit;
}
/**
@@ -8844,97 +7598,115 @@ libcrux_ml_kem_serialize_deserialize_then_decompress_ring_element_v_56(
<https://csrc.nist.gov/pubs/fips/203/ipd>.
*/
/**
-This function found in impl
-{libcrux_ml_kem::polynomial::PolynomialRingElement<Vector>[TraitClause@0]}
-*/
-/**
-A monomorphic instance of libcrux_ml_kem.polynomial.ntt_multiply_89
+A monomorphic instance of libcrux_ml_kem.polynomial.ntt_multiply
with types libcrux_ml_kem_vector_portable_vector_type_PortableVector
with const generics
*/
-static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0
-libcrux_ml_kem_polynomial_ntt_multiply_89_2a(
- libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *self,
- libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *rhs) {
- libcrux_ml_kem_polynomial_PolynomialRingElement_f0 out =
- libcrux_ml_kem_polynomial_ZERO_89_ea();
+static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_1d
+libcrux_ml_kem_polynomial_ntt_multiply_ea(
+ libcrux_ml_kem_polynomial_PolynomialRingElement_1d *myself,
+ libcrux_ml_kem_polynomial_PolynomialRingElement_1d *rhs) {
+ libcrux_ml_kem_polynomial_PolynomialRingElement_1d out =
+ libcrux_ml_kem_polynomial_ZERO_ea();
for (size_t i = (size_t)0U;
i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) {
size_t i0 = i;
libcrux_ml_kem_vector_portable_vector_type_PortableVector uu____0 =
- libcrux_ml_kem_vector_portable_ntt_multiply_0d(
- &self->coefficients[i0], &rhs->coefficients[i0],
- libcrux_ml_kem_polynomial_ZETAS_TIMES_MONTGOMERY_R[(size_t)64U +
- (size_t)4U * i0],
- libcrux_ml_kem_polynomial_ZETAS_TIMES_MONTGOMERY_R[(size_t)64U +
- (size_t)4U * i0 +
- (size_t)1U],
- libcrux_ml_kem_polynomial_ZETAS_TIMES_MONTGOMERY_R[(size_t)64U +
- (size_t)4U * i0 +
- (size_t)2U],
- libcrux_ml_kem_polynomial_ZETAS_TIMES_MONTGOMERY_R[(size_t)64U +
- (size_t)4U * i0 +
- (size_t)3U]);
+ libcrux_ml_kem_vector_portable_ntt_multiply_b8(
+ &myself->coefficients[i0], &rhs->coefficients[i0],
+ libcrux_ml_kem_polynomial_zeta((size_t)64U + (size_t)4U * i0),
+ libcrux_ml_kem_polynomial_zeta((size_t)64U + (size_t)4U * i0 +
+ (size_t)1U),
+ libcrux_ml_kem_polynomial_zeta((size_t)64U + (size_t)4U * i0 +
+ (size_t)2U),
+ libcrux_ml_kem_polynomial_zeta((size_t)64U + (size_t)4U * i0 +
+ (size_t)3U));
out.coefficients[i0] = uu____0;
}
return out;
}
+/**
+This function found in impl
+{libcrux_ml_kem::polynomial::PolynomialRingElement<Vector>[TraitClause@0,
+TraitClause@1]}
+*/
+/**
+A monomorphic instance of libcrux_ml_kem.polynomial.ntt_multiply_d6
+with types libcrux_ml_kem_vector_portable_vector_type_PortableVector
+with const generics
+
+*/
+static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_1d
+libcrux_ml_kem_polynomial_ntt_multiply_d6_ea(
+ libcrux_ml_kem_polynomial_PolynomialRingElement_1d *self,
+ libcrux_ml_kem_polynomial_PolynomialRingElement_1d *rhs) {
+ return libcrux_ml_kem_polynomial_ntt_multiply_ea(self, rhs);
+}
+
/**
Given two polynomial ring elements `lhs` and `rhs`, compute the pointwise
sum of their constituent coefficients.
*/
/**
-This function found in impl
-{libcrux_ml_kem::polynomial::PolynomialRingElement<Vector>[TraitClause@0]}
-*/
-/**
-A monomorphic instance of libcrux_ml_kem.polynomial.add_to_ring_element_89
+A monomorphic instance of libcrux_ml_kem.polynomial.add_to_ring_element
with types libcrux_ml_kem_vector_portable_vector_type_PortableVector
with const generics
- K= 3
*/
-static KRML_MUSTINLINE void libcrux_ml_kem_polynomial_add_to_ring_element_89_84(
- libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *self,
- libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *rhs) {
+static KRML_MUSTINLINE void libcrux_ml_kem_polynomial_add_to_ring_element_1b(
+ libcrux_ml_kem_polynomial_PolynomialRingElement_1d *myself,
+ libcrux_ml_kem_polynomial_PolynomialRingElement_1d *rhs) {
for (size_t i = (size_t)0U;
i < Eurydice_slice_len(
Eurydice_array_to_slice(
- (size_t)16U, self->coefficients,
+ (size_t)16U, myself->coefficients,
libcrux_ml_kem_vector_portable_vector_type_PortableVector),
libcrux_ml_kem_vector_portable_vector_type_PortableVector);
i++) {
size_t i0 = i;
libcrux_ml_kem_vector_portable_vector_type_PortableVector uu____0 =
- libcrux_ml_kem_vector_portable_add_0d(self->coefficients[i0],
+ libcrux_ml_kem_vector_portable_add_b8(myself->coefficients[i0],
&rhs->coefficients[i0]);
- self->coefficients[i0] = uu____0;
+ myself->coefficients[i0] = uu____0;
}
}
+/**
+This function found in impl
+{libcrux_ml_kem::polynomial::PolynomialRingElement<Vector>[TraitClause@0,
+TraitClause@1]}
+*/
+/**
+A monomorphic instance of libcrux_ml_kem.polynomial.add_to_ring_element_d6
+with types libcrux_ml_kem_vector_portable_vector_type_PortableVector
+with const generics
+- K= 3
+*/
+static KRML_MUSTINLINE void libcrux_ml_kem_polynomial_add_to_ring_element_d6_1b(
+ libcrux_ml_kem_polynomial_PolynomialRingElement_1d *self,
+ libcrux_ml_kem_polynomial_PolynomialRingElement_1d *rhs) {
+ libcrux_ml_kem_polynomial_add_to_ring_element_1b(self, rhs);
+}
+
/**
A monomorphic instance of libcrux_ml_kem.invert_ntt.invert_ntt_at_layer_1
with types libcrux_ml_kem_vector_portable_vector_type_PortableVector
with const generics
*/
-static KRML_MUSTINLINE void libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_1_83(
- size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re,
- size_t _layer) {
+static KRML_MUSTINLINE void libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_1_ea(
+ size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_1d *re) {
for (size_t i = (size_t)0U; i < (size_t)16U; i++) {
size_t round = i;
zeta_i[0U] = zeta_i[0U] - (size_t)1U;
re->coefficients[round] =
- libcrux_ml_kem_vector_portable_inv_ntt_layer_1_step_0d(
- re->coefficients[round],
- libcrux_ml_kem_polynomial_ZETAS_TIMES_MONTGOMERY_R[zeta_i[0U]],
- libcrux_ml_kem_polynomial_ZETAS_TIMES_MONTGOMERY_R[zeta_i[0U] -
- (size_t)1U],
- libcrux_ml_kem_polynomial_ZETAS_TIMES_MONTGOMERY_R[zeta_i[0U] -
- (size_t)2U],
- libcrux_ml_kem_polynomial_ZETAS_TIMES_MONTGOMERY_R[zeta_i[0U] -
- (size_t)3U]);
+ libcrux_ml_kem_vector_portable_inv_ntt_layer_1_step_b8(
+ re->coefficients[round], libcrux_ml_kem_polynomial_zeta(zeta_i[0U]),
+ libcrux_ml_kem_polynomial_zeta(zeta_i[0U] - (size_t)1U),
+ libcrux_ml_kem_polynomial_zeta(zeta_i[0U] - (size_t)2U),
+ libcrux_ml_kem_polynomial_zeta(zeta_i[0U] - (size_t)3U));
zeta_i[0U] = zeta_i[0U] - (size_t)3U;
}
}
@@ -8945,18 +7717,15 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector
with const generics
*/
-static KRML_MUSTINLINE void libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_2_c3(
- size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re,
- size_t _layer) {
+static KRML_MUSTINLINE void libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_2_ea(
+ size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_1d *re) {
for (size_t i = (size_t)0U; i < (size_t)16U; i++) {
size_t round = i;
zeta_i[0U] = zeta_i[0U] - (size_t)1U;
re->coefficients[round] =
- libcrux_ml_kem_vector_portable_inv_ntt_layer_2_step_0d(
- re->coefficients[round],
- libcrux_ml_kem_polynomial_ZETAS_TIMES_MONTGOMERY_R[zeta_i[0U]],
- libcrux_ml_kem_polynomial_ZETAS_TIMES_MONTGOMERY_R[zeta_i[0U] -
- (size_t)1U]);
+ libcrux_ml_kem_vector_portable_inv_ntt_layer_2_step_b8(
+ re->coefficients[round], libcrux_ml_kem_polynomial_zeta(zeta_i[0U]),
+ libcrux_ml_kem_polynomial_zeta(zeta_i[0U] - (size_t)1U));
zeta_i[0U] = zeta_i[0U] - (size_t)1U;
}
}
@@ -8967,16 +7736,15 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector
with const generics
*/
-static KRML_MUSTINLINE void libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_3_68(
- size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re,
- size_t _layer) {
+static KRML_MUSTINLINE void libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_3_ea(
+ size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_1d *re) {
for (size_t i = (size_t)0U; i < (size_t)16U; i++) {
size_t round = i;
zeta_i[0U] = zeta_i[0U] - (size_t)1U;
libcrux_ml_kem_vector_portable_vector_type_PortableVector uu____0 =
- libcrux_ml_kem_vector_portable_inv_ntt_layer_3_step_0d(
+ libcrux_ml_kem_vector_portable_inv_ntt_layer_3_step_b8(
re->coefficients[round],
- libcrux_ml_kem_polynomial_ZETAS_TIMES_MONTGOMERY_R[zeta_i[0U]]);
+ libcrux_ml_kem_polynomial_zeta(zeta_i[0U]));
re->coefficients[round] = uu____0;
}
}
@@ -8989,18 +7757,19 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics
*/
static KRML_MUSTINLINE
libcrux_ml_kem_vector_portable_vector_type_PortableVector_x2
- libcrux_ml_kem_invert_ntt_inv_ntt_layer_int_vec_step_reduce_65(
+ libcrux_ml_kem_invert_ntt_inv_ntt_layer_int_vec_step_reduce_ea(
libcrux_ml_kem_vector_portable_vector_type_PortableVector a,
libcrux_ml_kem_vector_portable_vector_type_PortableVector b,
int16_t zeta_r) {
libcrux_ml_kem_vector_portable_vector_type_PortableVector a_minus_b =
- libcrux_ml_kem_vector_portable_sub_0d(b, &a);
- a = libcrux_ml_kem_vector_portable_barrett_reduce_0d(
- libcrux_ml_kem_vector_portable_add_0d(a, &b));
- b = libcrux_ml_kem_vector_traits_montgomery_multiply_fe_67(a_minus_b, zeta_r);
- return (
- CLITERAL(libcrux_ml_kem_vector_portable_vector_type_PortableVector_x2){
- .fst = a, .snd = b});
+ libcrux_ml_kem_vector_portable_sub_b8(b, &a);
+ a = libcrux_ml_kem_vector_portable_barrett_reduce_b8(
+ libcrux_ml_kem_vector_portable_add_b8(a, &b));
+ b = libcrux_ml_kem_vector_portable_montgomery_multiply_by_constant_b8(
+ a_minus_b, zeta_r);
+ return (KRML_CLITERAL(
+ libcrux_ml_kem_vector_portable_vector_type_PortableVector_x2){.fst = a,
+ .snd = b});
}
/**
@@ -9010,8 +7779,8 @@ with const generics
*/
static KRML_MUSTINLINE void
-libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_4_plus_6e(
- size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re,
+libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_4_plus_ea(
+ size_t *zeta_i, libcrux_ml_kem_polynomial_PolynomialRingElement_1d *re,
size_t layer) {
size_t step = (size_t)1U << (uint32_t)layer;
for (size_t i0 = (size_t)0U; i0 < (size_t)128U >> (uint32_t)layer; i0++) {
@@ -9025,9 +7794,9 @@ libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_4_plus_6e(
for (size_t i = offset_vec; i < offset_vec + step_vec; i++) {
size_t j = i;
libcrux_ml_kem_vector_portable_vector_type_PortableVector_x2 uu____0 =
- libcrux_ml_kem_invert_ntt_inv_ntt_layer_int_vec_step_reduce_65(
+ libcrux_ml_kem_invert_ntt_inv_ntt_layer_int_vec_step_reduce_ea(
re->coefficients[j], re->coefficients[j + step_vec],
- libcrux_ml_kem_polynomial_ZETAS_TIMES_MONTGOMERY_R[zeta_i[0U]]);
+ libcrux_ml_kem_polynomial_zeta(zeta_i[0U]));
libcrux_ml_kem_vector_portable_vector_type_PortableVector x = uu____0.fst;
libcrux_ml_kem_vector_portable_vector_type_PortableVector y = uu____0.snd;
re->coefficients[j] = x;
@@ -9042,54 +7811,69 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector
with const generics
- K= 3
*/
-static KRML_MUSTINLINE void libcrux_ml_kem_invert_ntt_invert_ntt_montgomery_f6(
- libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re) {
+static KRML_MUSTINLINE void libcrux_ml_kem_invert_ntt_invert_ntt_montgomery_1b(
+ libcrux_ml_kem_polynomial_PolynomialRingElement_1d *re) {
size_t zeta_i =
LIBCRUX_ML_KEM_CONSTANTS_COEFFICIENTS_IN_RING_ELEMENT / (size_t)2U;
- libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_1_83(&zeta_i, re, (size_t)1U);
- libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_2_c3(&zeta_i, re, (size_t)2U);
- libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_3_68(&zeta_i, re, (size_t)3U);
- libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_4_plus_6e(&zeta_i, re,
+ libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_1_ea(&zeta_i, re);
+ libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_2_ea(&zeta_i, re);
+ libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_3_ea(&zeta_i, re);
+ libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_4_plus_ea(&zeta_i, re,
(size_t)4U);
- libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_4_plus_6e(&zeta_i, re,
+ libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_4_plus_ea(&zeta_i, re,
(size_t)5U);
- libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_4_plus_6e(&zeta_i, re,
+ libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_4_plus_ea(&zeta_i, re,
(size_t)6U);
- libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_4_plus_6e(&zeta_i, re,
+ libcrux_ml_kem_invert_ntt_invert_ntt_at_layer_4_plus_ea(&zeta_i, re,
(size_t)7U);
- libcrux_ml_kem_polynomial_poly_barrett_reduce_89_8b(re);
+ libcrux_ml_kem_polynomial_poly_barrett_reduce_d6_ea(re);
}
/**
-This function found in impl
-{libcrux_ml_kem::polynomial::PolynomialRingElement<Vector>[TraitClause@0]}
-*/
-/**
-A monomorphic instance of libcrux_ml_kem.polynomial.subtract_reduce_89
+A monomorphic instance of libcrux_ml_kem.polynomial.subtract_reduce
with types libcrux_ml_kem_vector_portable_vector_type_PortableVector
with const generics
*/
-static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0
-libcrux_ml_kem_polynomial_subtract_reduce_89_d4(
- libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *self,
- libcrux_ml_kem_polynomial_PolynomialRingElement_f0 b) {
+static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_1d
+libcrux_ml_kem_polynomial_subtract_reduce_ea(
+ libcrux_ml_kem_polynomial_PolynomialRingElement_1d *myself,
+ libcrux_ml_kem_polynomial_PolynomialRingElement_1d b) {
for (size_t i = (size_t)0U;
i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) {
size_t i0 = i;
libcrux_ml_kem_vector_portable_vector_type_PortableVector
coefficient_normal_form =
- libcrux_ml_kem_vector_portable_montgomery_multiply_by_constant_0d(
+ libcrux_ml_kem_vector_portable_montgomery_multiply_by_constant_b8(
b.coefficients[i0], (int16_t)1441);
- libcrux_ml_kem_vector_portable_vector_type_PortableVector uu____0 =
- libcrux_ml_kem_vector_portable_barrett_reduce_0d(
- libcrux_ml_kem_vector_portable_sub_0d(self->coefficients[i0],
- &coefficient_normal_form));
- b.coefficients[i0] = uu____0;
+ libcrux_ml_kem_vector_portable_vector_type_PortableVector diff =
+ libcrux_ml_kem_vector_portable_sub_b8(myself->coefficients[i0],
+ &coefficient_normal_form);
+ libcrux_ml_kem_vector_portable_vector_type_PortableVector red =
+ libcrux_ml_kem_vector_portable_barrett_reduce_b8(diff);
+ b.coefficients[i0] = red;
}
return b;
}
+/**
+This function found in impl
+{libcrux_ml_kem::polynomial::PolynomialRingElement<Vector>[TraitClause@0,
+TraitClause@1]}
+*/
+/**
+A monomorphic instance of libcrux_ml_kem.polynomial.subtract_reduce_d6
+with types libcrux_ml_kem_vector_portable_vector_type_PortableVector
+with const generics
+
+*/
+static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_1d
+libcrux_ml_kem_polynomial_subtract_reduce_d6_ea(
+ libcrux_ml_kem_polynomial_PolynomialRingElement_1d *self,
+ libcrux_ml_kem_polynomial_PolynomialRingElement_1d b) {
+ return libcrux_ml_kem_polynomial_subtract_reduce_ea(self, b);
+}
+
/**
The following functions compute various expressions involving
vectors and matrices. The computation of these expressions has been
@@ -9102,71 +7886,34 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector
with const generics
- K= 3
*/
-static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0
-libcrux_ml_kem_matrix_compute_message_b3(
- libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *v,
- libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *secret_as_ntt,
- libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *u_as_ntt) {
- libcrux_ml_kem_polynomial_PolynomialRingElement_f0 result =
- libcrux_ml_kem_polynomial_ZERO_89_ea();
+static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_1d
+libcrux_ml_kem_matrix_compute_message_1b(
+ libcrux_ml_kem_polynomial_PolynomialRingElement_1d *v,
+ libcrux_ml_kem_polynomial_PolynomialRingElement_1d *secret_as_ntt,
+ libcrux_ml_kem_polynomial_PolynomialRingElement_1d *u_as_ntt) {
+ libcrux_ml_kem_polynomial_PolynomialRingElement_1d result =
+ libcrux_ml_kem_polynomial_ZERO_d6_ea();
for (size_t i = (size_t)0U; i < (size_t)3U; i++) {
size_t i0 = i;
- libcrux_ml_kem_polynomial_PolynomialRingElement_f0 product =
- libcrux_ml_kem_polynomial_ntt_multiply_89_2a(&secret_as_ntt[i0],
+ libcrux_ml_kem_polynomial_PolynomialRingElement_1d product =
+ libcrux_ml_kem_polynomial_ntt_multiply_d6_ea(&secret_as_ntt[i0],
&u_as_ntt[i0]);
- libcrux_ml_kem_polynomial_add_to_ring_element_89_84(&result, &product);
+ libcrux_ml_kem_polynomial_add_to_ring_element_d6_1b(&result, &product);
}
- libcrux_ml_kem_invert_ntt_invert_ntt_montgomery_f6(&result);
- result = libcrux_ml_kem_polynomial_subtract_reduce_89_d4(v, result);
- return result;
+ libcrux_ml_kem_invert_ntt_invert_ntt_montgomery_1b(&result);
+ return libcrux_ml_kem_polynomial_subtract_reduce_d6_ea(v, result);
}
/**
-A monomorphic instance of libcrux_ml_kem.vector.portable.arithmetic.shift_right
+A monomorphic instance of libcrux_ml_kem.serialize.to_unsigned_field_modulus
+with types libcrux_ml_kem_vector_portable_vector_type_PortableVector
with const generics
-- SHIFT_BY= 15
+
*/
static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector
-libcrux_ml_kem_vector_portable_arithmetic_shift_right_94(
- libcrux_ml_kem_vector_portable_vector_type_PortableVector v) {
- for (size_t i = (size_t)0U;
- i < LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_ELEMENTS_IN_VECTOR; i++) {
- size_t i0 = i;
- v.elements[i0] = v.elements[i0] >> (uint32_t)(int32_t)15;
- }
- return v;
-}
-
-/**
-This function found in impl {(libcrux_ml_kem::vector::traits::Operations for
-libcrux_ml_kem::vector::portable::vector_type::PortableVector)}
-*/
-/**
-A monomorphic instance of libcrux_ml_kem.vector.portable.shift_right_0d
-with const generics
-- SHIFT_BY= 15
-*/
-static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector
-libcrux_ml_kem_vector_portable_shift_right_0d_19(
- libcrux_ml_kem_vector_portable_vector_type_PortableVector v) {
- return libcrux_ml_kem_vector_portable_arithmetic_shift_right_94(v);
-}
-
-/**
-A monomorphic instance of
-libcrux_ml_kem.vector.traits.to_unsigned_representative with types
-libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics
-
-*/
-static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector
-libcrux_ml_kem_vector_traits_to_unsigned_representative_db(
+libcrux_ml_kem_serialize_to_unsigned_field_modulus_ea(
libcrux_ml_kem_vector_portable_vector_type_PortableVector a) {
- libcrux_ml_kem_vector_portable_vector_type_PortableVector t =
- libcrux_ml_kem_vector_portable_shift_right_0d_19(a);
- libcrux_ml_kem_vector_portable_vector_type_PortableVector fm =
- libcrux_ml_kem_vector_portable_bitwise_and_with_constant_0d(
- t, LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_MODULUS);
- return libcrux_ml_kem_vector_portable_add_0d(a, &fm);
+ return libcrux_ml_kem_vector_portable_to_unsigned_representative_b8(a);
}
/**
@@ -9176,24 +7923,24 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics
*/
static KRML_MUSTINLINE void
-libcrux_ml_kem_serialize_compress_then_serialize_message_aa(
- libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re, uint8_t ret[32U]) {
+libcrux_ml_kem_serialize_compress_then_serialize_message_ea(
+ libcrux_ml_kem_polynomial_PolynomialRingElement_1d re, uint8_t ret[32U]) {
uint8_t serialized[32U] = {0U};
for (size_t i = (size_t)0U; i < (size_t)16U; i++) {
size_t i0 = i;
libcrux_ml_kem_vector_portable_vector_type_PortableVector coefficient =
- libcrux_ml_kem_vector_traits_to_unsigned_representative_db(
+ libcrux_ml_kem_serialize_to_unsigned_field_modulus_ea(
re.coefficients[i0]);
libcrux_ml_kem_vector_portable_vector_type_PortableVector
coefficient_compressed =
- libcrux_ml_kem_vector_portable_compress_1_0d(coefficient);
+ libcrux_ml_kem_vector_portable_compress_1_b8(coefficient);
uint8_t bytes[2U];
- libcrux_ml_kem_vector_portable_serialize_1_0d(coefficient_compressed,
+ libcrux_ml_kem_vector_portable_serialize_1_b8(coefficient_compressed,
bytes);
- Eurydice_slice uu____0 = Eurydice_array_to_subslice2(
- serialized, (size_t)2U * i0, (size_t)2U * i0 + (size_t)2U, uint8_t);
Eurydice_slice_copy(
- uu____0, Eurydice_array_to_slice((size_t)2U, bytes, uint8_t), uint8_t);
+ Eurydice_array_to_subslice3(serialized, (size_t)2U * i0,
+ (size_t)2U * i0 + (size_t)2U, uint8_t *),
+ Eurydice_array_to_slice((size_t)2U, bytes, uint8_t), uint8_t);
}
memcpy(ret, serialized, (size_t)32U * sizeof(uint8_t));
}
@@ -9232,20 +7979,21 @@ with const generics
- U_COMPRESSION_FACTOR= 10
- V_COMPRESSION_FACTOR= 4
*/
-static inline void libcrux_ml_kem_ind_cpa_decrypt_unpacked_6d(
- libcrux_ml_kem_ind_cpa_unpacked_IndCpaPrivateKeyUnpacked_f8 *secret_key,
+static KRML_MUSTINLINE void libcrux_ml_kem_ind_cpa_decrypt_unpacked_42(
+ libcrux_ml_kem_ind_cpa_unpacked_IndCpaPrivateKeyUnpacked_a0 *secret_key,
uint8_t *ciphertext, uint8_t ret[32U]) {
- libcrux_ml_kem_polynomial_PolynomialRingElement_f0 u_as_ntt[3U];
- libcrux_ml_kem_ind_cpa_deserialize_then_decompress_u_f4(ciphertext, u_as_ntt);
- libcrux_ml_kem_polynomial_PolynomialRingElement_f0 v =
- libcrux_ml_kem_serialize_deserialize_then_decompress_ring_element_v_56(
+ libcrux_ml_kem_polynomial_PolynomialRingElement_1d u_as_ntt[3U];
+ libcrux_ml_kem_ind_cpa_deserialize_then_decompress_u_6c(ciphertext, u_as_ntt);
+ libcrux_ml_kem_polynomial_PolynomialRingElement_1d v =
+ libcrux_ml_kem_serialize_deserialize_then_decompress_ring_element_v_89(
Eurydice_array_to_subslice_from((size_t)1088U, ciphertext,
- (size_t)960U, uint8_t, size_t));
- libcrux_ml_kem_polynomial_PolynomialRingElement_f0 message =
- libcrux_ml_kem_matrix_compute_message_b3(&v, secret_key->secret_as_ntt,
+ (size_t)960U, uint8_t, size_t,
+ uint8_t[]));
+ libcrux_ml_kem_polynomial_PolynomialRingElement_1d message =
+ libcrux_ml_kem_matrix_compute_message_1b(&v, secret_key->secret_as_ntt,
u_as_ntt);
uint8_t ret0[32U];
- libcrux_ml_kem_serialize_compress_then_serialize_message_aa(message, ret0);
+ libcrux_ml_kem_serialize_compress_then_serialize_message_ea(message, ret0);
memcpy(ret, ret0, (size_t)32U * sizeof(uint8_t));
}
@@ -9259,37 +8007,37 @@ with const generics
- U_COMPRESSION_FACTOR= 10
- V_COMPRESSION_FACTOR= 4
*/
-static inline void libcrux_ml_kem_ind_cpa_decrypt_43(Eurydice_slice secret_key,
- uint8_t *ciphertext,
- uint8_t ret[32U]) {
- libcrux_ml_kem_polynomial_PolynomialRingElement_f0 secret_as_ntt[3U];
- libcrux_ml_kem_ind_cpa_deserialize_secret_key_24(secret_key, secret_as_ntt);
- /* Passing arrays by value in Rust generates a copy in C */
- libcrux_ml_kem_polynomial_PolynomialRingElement_f0 copy_of_secret_as_ntt[3U];
- memcpy(
- copy_of_secret_as_ntt, secret_as_ntt,
- (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0));
- libcrux_ml_kem_ind_cpa_unpacked_IndCpaPrivateKeyUnpacked_f8
+static KRML_MUSTINLINE void libcrux_ml_kem_ind_cpa_decrypt_42(
+ Eurydice_slice secret_key, uint8_t *ciphertext, uint8_t ret[32U]) {
+ libcrux_ml_kem_ind_cpa_unpacked_IndCpaPrivateKeyUnpacked_a0
secret_key_unpacked;
+ libcrux_ml_kem_polynomial_PolynomialRingElement_1d ret0[3U];
+ for (size_t i = (size_t)0U; i < (size_t)3U; i++) {
+ /* original Rust expression is not an lvalue in C */
+ void *lvalue = (void *)0U;
+ ret0[i] = libcrux_ml_kem_ind_cpa_decrypt_call_mut_0b_42(&lvalue, i);
+ }
memcpy(
- secret_key_unpacked.secret_as_ntt, copy_of_secret_as_ntt,
- (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0));
- uint8_t ret0[32U];
- libcrux_ml_kem_ind_cpa_decrypt_unpacked_6d(&secret_key_unpacked, ciphertext,
- ret0);
- memcpy(ret, ret0, (size_t)32U * sizeof(uint8_t));
+ secret_key_unpacked.secret_as_ntt, ret0,
+ (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_1d));
+ libcrux_ml_kem_ind_cpa_deserialize_vector_1b(
+ secret_key, secret_key_unpacked.secret_as_ntt);
+ uint8_t ret1[32U];
+ libcrux_ml_kem_ind_cpa_decrypt_unpacked_42(&secret_key_unpacked, ciphertext,
+ ret1);
+ memcpy(ret, ret1, (size_t)32U * sizeof(uint8_t));
}
/**
-This function found in impl {(libcrux_ml_kem::hash_functions::Hash<K> for
-libcrux_ml_kem::hash_functions::portable::PortableHash<K>)}
+This function found in impl {libcrux_ml_kem::hash_functions::Hash<K> for
+libcrux_ml_kem::hash_functions::portable::PortableHash<K>}
*/
/**
-A monomorphic instance of libcrux_ml_kem.hash_functions.portable.G_f1
+A monomorphic instance of libcrux_ml_kem.hash_functions.portable.G_4a
with const generics
- K= 3
*/
-static KRML_MUSTINLINE void libcrux_ml_kem_hash_functions_portable_G_f1_e4(
+static inline void libcrux_ml_kem_hash_functions_portable_G_4a_e0(
Eurydice_slice input, uint8_t ret[64U]) {
libcrux_ml_kem_hash_functions_portable_G(input, ret);
}
@@ -9299,7 +8047,7 @@ A monomorphic instance of libcrux_ml_kem.hash_functions.portable.PRF
with const generics
- LEN= 32
*/
-static KRML_MUSTINLINE void libcrux_ml_kem_hash_functions_portable_PRF_2b(
+static inline void libcrux_ml_kem_hash_functions_portable_PRF_9e(
Eurydice_slice input, uint8_t ret[32U]) {
uint8_t digest[32U] = {0U};
libcrux_sha3_portable_shake256(
@@ -9308,31 +8056,69 @@ static KRML_MUSTINLINE void libcrux_ml_kem_hash_functions_portable_PRF_2b(
}
/**
-This function found in impl {(libcrux_ml_kem::hash_functions::Hash<K> for
-libcrux_ml_kem::hash_functions::portable::PortableHash<K>)}
+This function found in impl {libcrux_ml_kem::hash_functions::Hash<K> for
+libcrux_ml_kem::hash_functions::portable::PortableHash<K>}
*/
/**
-A monomorphic instance of libcrux_ml_kem.hash_functions.portable.PRF_f1
+A monomorphic instance of libcrux_ml_kem.hash_functions.portable.PRF_4a
with const generics
- K= 3
- LEN= 32
*/
-static KRML_MUSTINLINE void libcrux_ml_kem_hash_functions_portable_PRF_f1_ee(
+static inline void libcrux_ml_kem_hash_functions_portable_PRF_4a_41(
Eurydice_slice input, uint8_t ret[32U]) {
- libcrux_ml_kem_hash_functions_portable_PRF_2b(input, ret);
+ libcrux_ml_kem_hash_functions_portable_PRF_9e(input, ret);
}
/**
A monomorphic instance of
-libcrux_ml_kem.serialize.deserialize_ring_elements_reduced.closure with types
+libcrux_ml_kem.ind_cpa.unpacked.IndCpaPublicKeyUnpacked with types
libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics
-- PUBLIC_KEY_SIZE= 1152
+- $3size_t
+*/
+typedef struct libcrux_ml_kem_ind_cpa_unpacked_IndCpaPublicKeyUnpacked_a0_s {
+ libcrux_ml_kem_polynomial_PolynomialRingElement_1d t_as_ntt[3U];
+ uint8_t seed_for_A[32U];
+ libcrux_ml_kem_polynomial_PolynomialRingElement_1d A[3U][3U];
+} libcrux_ml_kem_ind_cpa_unpacked_IndCpaPublicKeyUnpacked_a0;
+
+/**
+This function found in impl {core::default::Default for
+libcrux_ml_kem::ind_cpa::unpacked::IndCpaPublicKeyUnpacked<Vector,
+K>[TraitClause@0, TraitClause@1]}
+*/
+/**
+A monomorphic instance of libcrux_ml_kem.ind_cpa.unpacked.default_8b
+with types libcrux_ml_kem_vector_portable_vector_type_PortableVector
+with const generics
- K= 3
*/
-static inline libcrux_ml_kem_polynomial_PolynomialRingElement_f0
-libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_closure_cd(
- size_t _i) {
- return libcrux_ml_kem_polynomial_ZERO_89_ea();
+static inline libcrux_ml_kem_ind_cpa_unpacked_IndCpaPublicKeyUnpacked_a0
+libcrux_ml_kem_ind_cpa_unpacked_default_8b_1b(void) {
+ libcrux_ml_kem_polynomial_PolynomialRingElement_1d uu____0[3U];
+ for (size_t i = (size_t)0U; i < (size_t)3U; i++) {
+ uu____0[i] = libcrux_ml_kem_polynomial_ZERO_d6_ea();
+ }
+ uint8_t uu____1[32U] = {0U};
+ libcrux_ml_kem_ind_cpa_unpacked_IndCpaPublicKeyUnpacked_a0 lit;
+ memcpy(
+ lit.t_as_ntt, uu____0,
+ (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_1d));
+ memcpy(lit.seed_for_A, uu____1, (size_t)32U * sizeof(uint8_t));
+ libcrux_ml_kem_polynomial_PolynomialRingElement_1d repeat_expression0[3U][3U];
+ for (size_t i0 = (size_t)0U; i0 < (size_t)3U; i0++) {
+ libcrux_ml_kem_polynomial_PolynomialRingElement_1d repeat_expression[3U];
+ for (size_t i = (size_t)0U; i < (size_t)3U; i++) {
+ repeat_expression[i] = libcrux_ml_kem_polynomial_ZERO_d6_ea();
+ }
+ memcpy(repeat_expression0[i0], repeat_expression,
+ (size_t)3U *
+ sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_1d));
+ }
+ memcpy(lit.A, repeat_expression0,
+ (size_t)3U *
+ sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_1d[3U]));
+ return lit;
}
/**
@@ -9347,90 +8133,54 @@ libcrux_ml_kem.serialize.deserialize_to_reduced_ring_element with types
libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics
*/
-static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0
-libcrux_ml_kem_serialize_deserialize_to_reduced_ring_element_4c(
+static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_1d
+libcrux_ml_kem_serialize_deserialize_to_reduced_ring_element_ea(
Eurydice_slice serialized) {
- libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re =
- libcrux_ml_kem_polynomial_ZERO_89_ea();
+ libcrux_ml_kem_polynomial_PolynomialRingElement_1d re =
+ libcrux_ml_kem_polynomial_ZERO_d6_ea();
for (size_t i = (size_t)0U;
i < Eurydice_slice_len(serialized, uint8_t) / (size_t)24U; i++) {
size_t i0 = i;
- Eurydice_slice bytes = Eurydice_slice_subslice2(
- serialized, i0 * (size_t)24U, i0 * (size_t)24U + (size_t)24U, uint8_t);
+ Eurydice_slice bytes =
+ Eurydice_slice_subslice3(serialized, i0 * (size_t)24U,
+ i0 * (size_t)24U + (size_t)24U, uint8_t *);
libcrux_ml_kem_vector_portable_vector_type_PortableVector coefficient =
- libcrux_ml_kem_vector_portable_deserialize_12_0d(bytes);
+ libcrux_ml_kem_vector_portable_deserialize_12_b8(bytes);
libcrux_ml_kem_vector_portable_vector_type_PortableVector uu____0 =
- libcrux_ml_kem_vector_portable_cond_subtract_3329_0d(coefficient);
+ libcrux_ml_kem_vector_portable_cond_subtract_3329_b8(coefficient);
re.coefficients[i0] = uu____0;
}
return re;
}
/**
- This function deserializes ring elements and reduces the result by the field
- modulus.
-
- This function MUST NOT be used on secret inputs.
+ See [deserialize_ring_elements_reduced_out].
*/
/**
A monomorphic instance of
libcrux_ml_kem.serialize.deserialize_ring_elements_reduced with types
libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics
-- PUBLIC_KEY_SIZE= 1152
- K= 3
*/
static KRML_MUSTINLINE void
-libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_33(
+libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_1b(
Eurydice_slice public_key,
- libcrux_ml_kem_polynomial_PolynomialRingElement_f0 ret[3U]) {
- libcrux_ml_kem_polynomial_PolynomialRingElement_f0 deserialized_pk[3U];
- for (size_t i = (size_t)0U; i < (size_t)3U; i++) {
- deserialized_pk[i] = libcrux_ml_kem_polynomial_ZERO_89_ea();
- }
+ libcrux_ml_kem_polynomial_PolynomialRingElement_1d *deserialized_pk) {
for (size_t i = (size_t)0U;
i < Eurydice_slice_len(public_key, uint8_t) /
LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT;
i++) {
size_t i0 = i;
- Eurydice_slice ring_element = Eurydice_slice_subslice2(
+ Eurydice_slice ring_element = Eurydice_slice_subslice3(
public_key, i0 * LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT,
i0 * LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT +
LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT,
- uint8_t);
- libcrux_ml_kem_polynomial_PolynomialRingElement_f0 uu____0 =
- libcrux_ml_kem_serialize_deserialize_to_reduced_ring_element_4c(
+ uint8_t *);
+ libcrux_ml_kem_polynomial_PolynomialRingElement_1d uu____0 =
+ libcrux_ml_kem_serialize_deserialize_to_reduced_ring_element_ea(
ring_element);
deserialized_pk[i0] = uu____0;
}
- memcpy(
- ret, deserialized_pk,
- (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0));
-}
-
-/**
-A monomorphic instance of libcrux_ml_kem.matrix.sample_matrix_A.closure.closure
-with types libcrux_ml_kem_vector_portable_vector_type_PortableVector,
-libcrux_ml_kem_hash_functions_portable_PortableHash[[$3size_t]] with const
-generics
-- K= 3
-*/
-static inline libcrux_ml_kem_polynomial_PolynomialRingElement_f0
-libcrux_ml_kem_matrix_sample_matrix_A_closure_closure_78(size_t _j) {
- return libcrux_ml_kem_polynomial_ZERO_89_ea();
-}
-
-/**
-A monomorphic instance of libcrux_ml_kem.matrix.sample_matrix_A.closure
-with types libcrux_ml_kem_vector_portable_vector_type_PortableVector,
-libcrux_ml_kem_hash_functions_portable_PortableHash[[$3size_t]] with const
-generics
-- K= 3
-*/
-static inline void libcrux_ml_kem_matrix_sample_matrix_A_closure_4b(
- size_t _i, libcrux_ml_kem_polynomial_PolynomialRingElement_f0 ret[3U]) {
- for (size_t i = (size_t)0U; i < (size_t)3U; i++) {
- ret[i] = libcrux_ml_kem_polynomial_ZERO_89_ea();
- }
}
/**
@@ -9438,67 +8188,61 @@ A monomorphic instance of libcrux_ml_kem.hash_functions.portable.PortableHash
with const generics
- $3size_t
*/
-typedef struct libcrux_ml_kem_hash_functions_portable_PortableHash_58_s {
- libcrux_sha3_generic_keccak_KeccakState_48 shake128_state[3U];
-} libcrux_ml_kem_hash_functions_portable_PortableHash_58;
+typedef struct libcrux_ml_kem_hash_functions_portable_PortableHash_88_s {
+ libcrux_sha3_generic_keccak_KeccakState_17 shake128_state[3U];
+} libcrux_ml_kem_hash_functions_portable_PortableHash_88;
/**
A monomorphic instance of
-libcrux_ml_kem.hash_functions.portable.shake128_init_absorb with const generics
+libcrux_ml_kem.hash_functions.portable.shake128_init_absorb_final with const
+generics
- K= 3
*/
-static KRML_MUSTINLINE libcrux_ml_kem_hash_functions_portable_PortableHash_58
-libcrux_ml_kem_hash_functions_portable_shake128_init_absorb_b7(
- uint8_t input[3U][34U]) {
- libcrux_sha3_generic_keccak_KeccakState_48 shake128_state[3U];
+static inline libcrux_ml_kem_hash_functions_portable_PortableHash_88
+libcrux_ml_kem_hash_functions_portable_shake128_init_absorb_final_e0(
+ uint8_t (*input)[34U]) {
+ libcrux_ml_kem_hash_functions_portable_PortableHash_88 shake128_state;
+ libcrux_sha3_generic_keccak_KeccakState_17 repeat_expression[3U];
for (size_t i = (size_t)0U; i < (size_t)3U; i++) {
- shake128_state[i] = libcrux_sha3_portable_incremental_shake128_init();
+ repeat_expression[i] = libcrux_sha3_portable_incremental_shake128_init();
}
+ memcpy(shake128_state.shake128_state, repeat_expression,
+ (size_t)3U * sizeof(libcrux_sha3_generic_keccak_KeccakState_17));
for (size_t i = (size_t)0U; i < (size_t)3U; i++) {
size_t i0 = i;
libcrux_sha3_portable_incremental_shake128_absorb_final(
- &shake128_state[i0],
+ &shake128_state.shake128_state[i0],
Eurydice_array_to_slice((size_t)34U, input[i0], uint8_t));
}
- /* Passing arrays by value in Rust generates a copy in C */
- libcrux_sha3_generic_keccak_KeccakState_48 copy_of_shake128_state[3U];
- memcpy(copy_of_shake128_state, shake128_state,
- (size_t)3U * sizeof(libcrux_sha3_generic_keccak_KeccakState_48));
- libcrux_ml_kem_hash_functions_portable_PortableHash_58 lit;
- memcpy(lit.shake128_state, copy_of_shake128_state,
- (size_t)3U * sizeof(libcrux_sha3_generic_keccak_KeccakState_48));
- return lit;
+ return shake128_state;
}
/**
-This function found in impl {(libcrux_ml_kem::hash_functions::Hash<K> for
-libcrux_ml_kem::hash_functions::portable::PortableHash<K>)}
+This function found in impl {libcrux_ml_kem::hash_functions::Hash<K> for
+libcrux_ml_kem::hash_functions::portable::PortableHash<K>}
*/
/**
A monomorphic instance of
-libcrux_ml_kem.hash_functions.portable.shake128_init_absorb_f1 with const
+libcrux_ml_kem.hash_functions.portable.shake128_init_absorb_final_4a with const
generics
- K= 3
*/
-static KRML_MUSTINLINE libcrux_ml_kem_hash_functions_portable_PortableHash_58
-libcrux_ml_kem_hash_functions_portable_shake128_init_absorb_f1_8c(
- uint8_t input[3U][34U]) {
- /* Passing arrays by value in Rust generates a copy in C */
- uint8_t copy_of_input[3U][34U];
- memcpy(copy_of_input, input, (size_t)3U * sizeof(uint8_t[34U]));
- return libcrux_ml_kem_hash_functions_portable_shake128_init_absorb_b7(
- copy_of_input);
+static inline libcrux_ml_kem_hash_functions_portable_PortableHash_88
+libcrux_ml_kem_hash_functions_portable_shake128_init_absorb_final_4a_e0(
+ uint8_t (*input)[34U]) {
+ return libcrux_ml_kem_hash_functions_portable_shake128_init_absorb_final_e0(
+ input);
}
/**
A monomorphic instance of
-libcrux_ml_kem.hash_functions.portable.shake128_squeeze_three_blocks with const
-generics
+libcrux_ml_kem.hash_functions.portable.shake128_squeeze_first_three_blocks with
+const generics
- K= 3
*/
-static KRML_MUSTINLINE void
-libcrux_ml_kem_hash_functions_portable_shake128_squeeze_three_blocks_ca(
- libcrux_ml_kem_hash_functions_portable_PortableHash_58 *st,
+static inline void
+libcrux_ml_kem_hash_functions_portable_shake128_squeeze_first_three_blocks_e0(
+ libcrux_ml_kem_hash_functions_portable_PortableHash_88 *st,
uint8_t ret[3U][504U]) {
uint8_t out[3U][504U] = {{0U}};
for (size_t i = (size_t)0U; i < (size_t)3U; i++) {
@@ -9511,21 +8255,21 @@ libcrux_ml_kem_hash_functions_portable_shake128_squeeze_three_blocks_ca(
}
/**
-This function found in impl {(libcrux_ml_kem::hash_functions::Hash<K> for
-libcrux_ml_kem::hash_functions::portable::PortableHash<K>)}
+This function found in impl {libcrux_ml_kem::hash_functions::Hash<K> for
+libcrux_ml_kem::hash_functions::portable::PortableHash<K>}
*/
/**
A monomorphic instance of
-libcrux_ml_kem.hash_functions.portable.shake128_squeeze_three_blocks_f1 with
-const generics
+libcrux_ml_kem.hash_functions.portable.shake128_squeeze_first_three_blocks_4a
+with const generics
- K= 3
*/
-static KRML_MUSTINLINE void
-libcrux_ml_kem_hash_functions_portable_shake128_squeeze_three_blocks_f1_69(
- libcrux_ml_kem_hash_functions_portable_PortableHash_58 *self,
+static inline void
+libcrux_ml_kem_hash_functions_portable_shake128_squeeze_first_three_blocks_4a_e0(
+ libcrux_ml_kem_hash_functions_portable_PortableHash_88 *self,
uint8_t ret[3U][504U]) {
- libcrux_ml_kem_hash_functions_portable_shake128_squeeze_three_blocks_ca(self,
- ret);
+ libcrux_ml_kem_hash_functions_portable_shake128_squeeze_first_three_blocks_e0(
+ self, ret);
}
/**
@@ -9577,8 +8321,8 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics
- N= 504
*/
static KRML_MUSTINLINE bool
-libcrux_ml_kem_sampling_sample_from_uniform_distribution_next_db(
- uint8_t randomness[3U][504U], size_t *sampled_coefficients,
+libcrux_ml_kem_sampling_sample_from_uniform_distribution_next_89(
+ uint8_t (*randomness)[504U], size_t *sampled_coefficients,
int16_t (*out)[272U]) {
for (size_t i0 = (size_t)0U; i0 < (size_t)3U; i0++) {
size_t i1 = i0;
@@ -9586,15 +8330,15 @@ libcrux_ml_kem_sampling_sample_from_uniform_distribution_next_db(
size_t r = i;
if (sampled_coefficients[i1] <
LIBCRUX_ML_KEM_CONSTANTS_COEFFICIENTS_IN_RING_ELEMENT) {
- Eurydice_slice uu____0 =
- Eurydice_array_to_subslice2(randomness[i1], r * (size_t)24U,
- r * (size_t)24U + (size_t)24U, uint8_t);
- size_t sampled = libcrux_ml_kem_vector_portable_rej_sample_0d(
- uu____0, Eurydice_array_to_subslice2(
- out[i1], sampled_coefficients[i1],
- sampled_coefficients[i1] + (size_t)16U, int16_t));
- size_t uu____1 = i1;
- sampled_coefficients[uu____1] = sampled_coefficients[uu____1] + sampled;
+ size_t sampled = libcrux_ml_kem_vector_portable_rej_sample_b8(
+ Eurydice_array_to_subslice3(randomness[i1], r * (size_t)24U,
+ r * (size_t)24U + (size_t)24U,
+ uint8_t *),
+ Eurydice_array_to_subslice3(out[i1], sampled_coefficients[i1],
+ sampled_coefficients[i1] + (size_t)16U,
+ int16_t *));
+ size_t uu____0 = i1;
+ sampled_coefficients[uu____0] = sampled_coefficients[uu____0] + sampled;
}
}
}
@@ -9614,13 +8358,13 @@ libcrux_ml_kem_sampling_sample_from_uniform_distribution_next_db(
/**
A monomorphic instance of
-libcrux_ml_kem.hash_functions.portable.shake128_squeeze_block with const
+libcrux_ml_kem.hash_functions.portable.shake128_squeeze_next_block with const
generics
- K= 3
*/
-static KRML_MUSTINLINE void
-libcrux_ml_kem_hash_functions_portable_shake128_squeeze_block_dd(
- libcrux_ml_kem_hash_functions_portable_PortableHash_58 *st,
+static inline void
+libcrux_ml_kem_hash_functions_portable_shake128_squeeze_next_block_e0(
+ libcrux_ml_kem_hash_functions_portable_PortableHash_88 *st,
uint8_t ret[3U][168U]) {
uint8_t out[3U][168U] = {{0U}};
for (size_t i = (size_t)0U; i < (size_t)3U; i++) {
@@ -9633,20 +8377,21 @@ libcrux_ml_kem_hash_functions_portable_shake128_squeeze_block_dd(
}
/**
-This function found in impl {(libcrux_ml_kem::hash_functions::Hash<K> for
-libcrux_ml_kem::hash_functions::portable::PortableHash<K>)}
+This function found in impl {libcrux_ml_kem::hash_functions::Hash<K> for
+libcrux_ml_kem::hash_functions::portable::PortableHash<K>}
*/
/**
A monomorphic instance of
-libcrux_ml_kem.hash_functions.portable.shake128_squeeze_block_f1 with const
+libcrux_ml_kem.hash_functions.portable.shake128_squeeze_next_block_4a with const
generics
- K= 3
*/
-static KRML_MUSTINLINE void
-libcrux_ml_kem_hash_functions_portable_shake128_squeeze_block_f1_60(
- libcrux_ml_kem_hash_functions_portable_PortableHash_58 *self,
+static inline void
+libcrux_ml_kem_hash_functions_portable_shake128_squeeze_next_block_4a_e0(
+ libcrux_ml_kem_hash_functions_portable_PortableHash_88 *self,
uint8_t ret[3U][168U]) {
- libcrux_ml_kem_hash_functions_portable_shake128_squeeze_block_dd(self, ret);
+ libcrux_ml_kem_hash_functions_portable_shake128_squeeze_next_block_e0(self,
+ ret);
}
/**
@@ -9698,8 +8443,8 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics
- N= 168
*/
static KRML_MUSTINLINE bool
-libcrux_ml_kem_sampling_sample_from_uniform_distribution_next_db0(
- uint8_t randomness[3U][168U], size_t *sampled_coefficients,
+libcrux_ml_kem_sampling_sample_from_uniform_distribution_next_890(
+ uint8_t (*randomness)[168U], size_t *sampled_coefficients,
int16_t (*out)[272U]) {
for (size_t i0 = (size_t)0U; i0 < (size_t)3U; i0++) {
size_t i1 = i0;
@@ -9707,15 +8452,15 @@ libcrux_ml_kem_sampling_sample_from_uniform_distribution_next_db0(
size_t r = i;
if (sampled_coefficients[i1] <
LIBCRUX_ML_KEM_CONSTANTS_COEFFICIENTS_IN_RING_ELEMENT) {
- Eurydice_slice uu____0 =
- Eurydice_array_to_subslice2(randomness[i1], r * (size_t)24U,
- r * (size_t)24U + (size_t)24U, uint8_t);
- size_t sampled = libcrux_ml_kem_vector_portable_rej_sample_0d(
- uu____0, Eurydice_array_to_subslice2(
- out[i1], sampled_coefficients[i1],
- sampled_coefficients[i1] + (size_t)16U, int16_t));
- size_t uu____1 = i1;
- sampled_coefficients[uu____1] = sampled_coefficients[uu____1] + sampled;
+ size_t sampled = libcrux_ml_kem_vector_portable_rej_sample_b8(
+ Eurydice_array_to_subslice3(randomness[i1], r * (size_t)24U,
+ r * (size_t)24U + (size_t)24U,
+ uint8_t *),
+ Eurydice_array_to_subslice3(out[i1], sampled_coefficients[i1],
+ sampled_coefficients[i1] + (size_t)16U,
+ int16_t *));
+ size_t uu____0 = i1;
+ sampled_coefficients[uu____0] = sampled_coefficients[uu____0] + sampled;
}
}
}
@@ -9734,42 +8479,64 @@ libcrux_ml_kem_sampling_sample_from_uniform_distribution_next_db0(
}
/**
-This function found in impl
-{libcrux_ml_kem::polynomial::PolynomialRingElement<Vector>[TraitClause@0]}
-*/
-/**
-A monomorphic instance of libcrux_ml_kem.polynomial.from_i16_array_89
+A monomorphic instance of libcrux_ml_kem.polynomial.from_i16_array
with types libcrux_ml_kem_vector_portable_vector_type_PortableVector
with const generics
*/
-static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0
-libcrux_ml_kem_polynomial_from_i16_array_89_c1(Eurydice_slice a) {
- libcrux_ml_kem_polynomial_PolynomialRingElement_f0 result =
- libcrux_ml_kem_polynomial_ZERO_89_ea();
+static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_1d
+libcrux_ml_kem_polynomial_from_i16_array_ea(Eurydice_slice a) {
+ libcrux_ml_kem_polynomial_PolynomialRingElement_1d result =
+ libcrux_ml_kem_polynomial_ZERO_ea();
for (size_t i = (size_t)0U;
i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) {
size_t i0 = i;
libcrux_ml_kem_vector_portable_vector_type_PortableVector uu____0 =
- libcrux_ml_kem_vector_portable_from_i16_array_0d(
- Eurydice_slice_subslice2(a, i0 * (size_t)16U,
- (i0 + (size_t)1U) * (size_t)16U, int16_t));
+ libcrux_ml_kem_vector_portable_from_i16_array_b8(
+ Eurydice_slice_subslice3(a, i0 * (size_t)16U,
+ (i0 + (size_t)1U) * (size_t)16U,
+ int16_t *));
result.coefficients[i0] = uu____0;
}
return result;
}
/**
-A monomorphic instance of libcrux_ml_kem.sampling.sample_from_xof.closure
+This function found in impl
+{libcrux_ml_kem::polynomial::PolynomialRingElement<Vector>[TraitClause@0,
+TraitClause@1]}
+*/
+/**
+A monomorphic instance of libcrux_ml_kem.polynomial.from_i16_array_d6
+with types libcrux_ml_kem_vector_portable_vector_type_PortableVector
+with const generics
+
+*/
+static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_1d
+libcrux_ml_kem_polynomial_from_i16_array_d6_ea(Eurydice_slice a) {
+ return libcrux_ml_kem_polynomial_from_i16_array_ea(a);
+}
+
+/**
+This function found in impl {core::ops::function::FnMut<(@Array<i16, 272usize>),
+libcrux_ml_kem::polynomial::PolynomialRingElement<Vector>[TraitClause@0,
+TraitClause@2]> for libcrux_ml_kem::sampling::sample_from_xof::closure<Vector,
+Hasher, K>[TraitClause@0, TraitClause@1, TraitClause@2, TraitClause@3]}
+*/
+/**
+A monomorphic instance of libcrux_ml_kem.sampling.sample_from_xof.call_mut_e7
with types libcrux_ml_kem_vector_portable_vector_type_PortableVector,
libcrux_ml_kem_hash_functions_portable_PortableHash[[$3size_t]] with const
generics
- K= 3
*/
-static inline libcrux_ml_kem_polynomial_PolynomialRingElement_f0
-libcrux_ml_kem_sampling_sample_from_xof_closure_04(int16_t s[272U]) {
- return libcrux_ml_kem_polynomial_from_i16_array_89_c1(
- Eurydice_array_to_subslice2(s, (size_t)0U, (size_t)256U, int16_t));
+static inline libcrux_ml_kem_polynomial_PolynomialRingElement_1d
+libcrux_ml_kem_sampling_sample_from_xof_call_mut_e7_2b(
+ void **_, int16_t tupled_args[272U]) {
+ int16_t s[272U];
+ memcpy(s, tupled_args, (size_t)272U * sizeof(int16_t));
+ return libcrux_ml_kem_polynomial_from_i16_array_d6_ea(
+ Eurydice_array_to_subslice3(s, (size_t)0U, (size_t)256U, int16_t *));
}
/**
@@ -9779,51 +8546,43 @@ libcrux_ml_kem_hash_functions_portable_PortableHash[[$3size_t]] with const
generics
- K= 3
*/
-static KRML_MUSTINLINE void libcrux_ml_kem_sampling_sample_from_xof_3f(
- uint8_t seeds[3U][34U],
- libcrux_ml_kem_polynomial_PolynomialRingElement_f0 ret[3U]) {
+static KRML_MUSTINLINE void libcrux_ml_kem_sampling_sample_from_xof_2b(
+ uint8_t (*seeds)[34U],
+ libcrux_ml_kem_polynomial_PolynomialRingElement_1d ret[3U]) {
size_t sampled_coefficients[3U] = {0U};
int16_t out[3U][272U] = {{0U}};
- /* Passing arrays by value in Rust generates a copy in C */
- uint8_t copy_of_seeds[3U][34U];
- memcpy(copy_of_seeds, seeds, (size_t)3U * sizeof(uint8_t[34U]));
- libcrux_ml_kem_hash_functions_portable_PortableHash_58 xof_state =
- libcrux_ml_kem_hash_functions_portable_shake128_init_absorb_f1_8c(
- copy_of_seeds);
+ libcrux_ml_kem_hash_functions_portable_PortableHash_88 xof_state =
+ libcrux_ml_kem_hash_functions_portable_shake128_init_absorb_final_4a_e0(
+ seeds);
uint8_t randomness0[3U][504U];
- libcrux_ml_kem_hash_functions_portable_shake128_squeeze_three_blocks_f1_69(
+ libcrux_ml_kem_hash_functions_portable_shake128_squeeze_first_three_blocks_4a_e0(
&xof_state, randomness0);
- /* Passing arrays by value in Rust generates a copy in C */
- uint8_t copy_of_randomness0[3U][504U];
- memcpy(copy_of_randomness0, randomness0, (size_t)3U * sizeof(uint8_t[504U]));
- bool done = libcrux_ml_kem_sampling_sample_from_uniform_distribution_next_db(
- copy_of_randomness0, sampled_coefficients, out);
+ bool done = libcrux_ml_kem_sampling_sample_from_uniform_distribution_next_89(
+ randomness0, sampled_coefficients, out);
while (true) {
if (done) {
break;
} else {
uint8_t randomness[3U][168U];
- libcrux_ml_kem_hash_functions_portable_shake128_squeeze_block_f1_60(
+ libcrux_ml_kem_hash_functions_portable_shake128_squeeze_next_block_4a_e0(
&xof_state, randomness);
- /* Passing arrays by value in Rust generates a copy in C */
- uint8_t copy_of_randomness[3U][168U];
- memcpy(copy_of_randomness, randomness,
- (size_t)3U * sizeof(uint8_t[168U]));
- done = libcrux_ml_kem_sampling_sample_from_uniform_distribution_next_db0(
- copy_of_randomness, sampled_coefficients, out);
+ done = libcrux_ml_kem_sampling_sample_from_uniform_distribution_next_890(
+ randomness, sampled_coefficients, out);
}
}
/* Passing arrays by value in Rust generates a copy in C */
int16_t copy_of_out[3U][272U];
memcpy(copy_of_out, out, (size_t)3U * sizeof(int16_t[272U]));
- libcrux_ml_kem_polynomial_PolynomialRingElement_f0 ret0[3U];
+ libcrux_ml_kem_polynomial_PolynomialRingElement_1d ret0[3U];
for (size_t i = (size_t)0U; i < (size_t)3U; i++) {
- ret0[i] =
- libcrux_ml_kem_sampling_sample_from_xof_closure_04(copy_of_out[i]);
+ /* original Rust expression is not an lvalue in C */
+ void *lvalue = (void *)0U;
+ ret0[i] = libcrux_ml_kem_sampling_sample_from_xof_call_mut_e7_2b(
+ &lvalue, copy_of_out[i]);
}
memcpy(
ret, ret0,
- (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0));
+ (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_1d));
}
/**
@@ -9833,41 +8592,32 @@ libcrux_ml_kem_hash_functions_portable_PortableHash[[$3size_t]] with const
generics
- K= 3
*/
-static KRML_MUSTINLINE void libcrux_ml_kem_matrix_sample_matrix_A_38(
- uint8_t seed[34U], bool transpose,
- libcrux_ml_kem_polynomial_PolynomialRingElement_f0 ret[3U][3U]) {
- libcrux_ml_kem_polynomial_PolynomialRingElement_f0 A_transpose[3U][3U];
- for (size_t i = (size_t)0U; i < (size_t)3U; i++) {
- libcrux_ml_kem_matrix_sample_matrix_A_closure_4b(i, A_transpose[i]);
- }
+static KRML_MUSTINLINE void libcrux_ml_kem_matrix_sample_matrix_A_2b(
+ libcrux_ml_kem_polynomial_PolynomialRingElement_1d (*A_transpose)[3U],
+ uint8_t *seed, bool transpose) {
for (size_t i0 = (size_t)0U; i0 < (size_t)3U; i0++) {
size_t i1 = i0;
- /* Passing arrays by value in Rust generates a copy in C */
- uint8_t copy_of_seed[34U];
- memcpy(copy_of_seed, seed, (size_t)34U * sizeof(uint8_t));
uint8_t seeds[3U][34U];
for (size_t i = (size_t)0U; i < (size_t)3U; i++) {
- memcpy(seeds[i], copy_of_seed, (size_t)34U * sizeof(uint8_t));
+ core_array__core__clone__Clone_for__Array_T__N___clone(
+ (size_t)34U, seed, seeds[i], uint8_t, void *);
}
for (size_t i = (size_t)0U; i < (size_t)3U; i++) {
size_t j = i;
seeds[j][32U] = (uint8_t)i1;
seeds[j][33U] = (uint8_t)j;
}
- /* Passing arrays by value in Rust generates a copy in C */
- uint8_t copy_of_seeds[3U][34U];
- memcpy(copy_of_seeds, seeds, (size_t)3U * sizeof(uint8_t[34U]));
- libcrux_ml_kem_polynomial_PolynomialRingElement_f0 sampled[3U];
- libcrux_ml_kem_sampling_sample_from_xof_3f(copy_of_seeds, sampled);
+ libcrux_ml_kem_polynomial_PolynomialRingElement_1d sampled[3U];
+ libcrux_ml_kem_sampling_sample_from_xof_2b(seeds, sampled);
for (size_t i = (size_t)0U;
i < Eurydice_slice_len(
Eurydice_array_to_slice(
(size_t)3U, sampled,
- libcrux_ml_kem_polynomial_PolynomialRingElement_f0),
- libcrux_ml_kem_polynomial_PolynomialRingElement_f0);
+ libcrux_ml_kem_polynomial_PolynomialRingElement_1d),
+ libcrux_ml_kem_polynomial_PolynomialRingElement_1d);
i++) {
size_t j = i;
- libcrux_ml_kem_polynomial_PolynomialRingElement_f0 sample = sampled[j];
+ libcrux_ml_kem_polynomial_PolynomialRingElement_1d sample = sampled[j];
if (transpose) {
A_transpose[j][i1] = sample;
} else {
@@ -9875,35 +8625,91 @@ static KRML_MUSTINLINE void libcrux_ml_kem_matrix_sample_matrix_A_38(
}
}
}
- memcpy(ret, A_transpose,
- (size_t)3U *
- sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0[3U]));
+}
+
+/**
+A monomorphic instance of libcrux_ml_kem.ind_cpa.build_unpacked_public_key_mut
+with types libcrux_ml_kem_vector_portable_vector_type_PortableVector,
+libcrux_ml_kem_hash_functions_portable_PortableHash[[$3size_t]] with const
+generics
+- K= 3
+- T_AS_NTT_ENCODED_SIZE= 1152
+*/
+static KRML_MUSTINLINE void
+libcrux_ml_kem_ind_cpa_build_unpacked_public_key_mut_3f(
+ Eurydice_slice public_key,
+ libcrux_ml_kem_ind_cpa_unpacked_IndCpaPublicKeyUnpacked_a0
+ *unpacked_public_key) {
+ Eurydice_slice uu____0 = Eurydice_slice_subslice_to(
+ public_key, (size_t)1152U, uint8_t, size_t, uint8_t[]);
+ libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_1b(
+ uu____0, unpacked_public_key->t_as_ntt);
+ Eurydice_slice seed = Eurydice_slice_subslice_from(
+ public_key, (size_t)1152U, uint8_t, size_t, uint8_t[]);
+ libcrux_ml_kem_polynomial_PolynomialRingElement_1d(*uu____1)[3U] =
+ unpacked_public_key->A;
+ uint8_t ret[34U];
+ libcrux_ml_kem_utils_into_padded_array_b6(seed, ret);
+ libcrux_ml_kem_matrix_sample_matrix_A_2b(uu____1, ret, false);
+}
+
+/**
+A monomorphic instance of libcrux_ml_kem.ind_cpa.build_unpacked_public_key
+with types libcrux_ml_kem_vector_portable_vector_type_PortableVector,
+libcrux_ml_kem_hash_functions_portable_PortableHash[[$3size_t]] with const
+generics
+- K= 3
+- T_AS_NTT_ENCODED_SIZE= 1152
+*/
+static KRML_MUSTINLINE
+ libcrux_ml_kem_ind_cpa_unpacked_IndCpaPublicKeyUnpacked_a0
+ libcrux_ml_kem_ind_cpa_build_unpacked_public_key_3f(
+ Eurydice_slice public_key) {
+ libcrux_ml_kem_ind_cpa_unpacked_IndCpaPublicKeyUnpacked_a0
+ unpacked_public_key = libcrux_ml_kem_ind_cpa_unpacked_default_8b_1b();
+ libcrux_ml_kem_ind_cpa_build_unpacked_public_key_mut_3f(public_key,
+ &unpacked_public_key);
+ return unpacked_public_key;
}
/**
A monomorphic instance of K.
with types libcrux_ml_kem_polynomial_PolynomialRingElement
-libcrux_ml_kem_vector_portable_vector_type_PortableVector[3size_t], uint8_t
+libcrux_ml_kem_vector_portable_vector_type_PortableVector[3size_t],
+libcrux_ml_kem_polynomial_PolynomialRingElement
+libcrux_ml_kem_vector_portable_vector_type_PortableVector
*/
-typedef struct tuple_b0_s {
- libcrux_ml_kem_polynomial_PolynomialRingElement_f0 fst[3U];
- uint8_t snd;
-} tuple_b0;
+typedef struct tuple_ed_s {
+ libcrux_ml_kem_polynomial_PolynomialRingElement_1d fst[3U];
+ libcrux_ml_kem_polynomial_PolynomialRingElement_1d snd;
+} tuple_ed;
/**
-A monomorphic instance of
-libcrux_ml_kem.ind_cpa.sample_vector_cbd_then_ntt.closure with types
-libcrux_ml_kem_vector_portable_vector_type_PortableVector,
+This function found in impl {core::ops::function::FnMut<(usize),
+libcrux_ml_kem::polynomial::PolynomialRingElement<Vector>[TraitClause@0,
+TraitClause@2]> for libcrux_ml_kem::ind_cpa::encrypt_c1::closure<Vector, Hasher,
+K, C1_LEN, U_COMPRESSION_FACTOR, BLOCK_LEN, ETA1, ETA1_RANDOMNESS_SIZE, ETA2,
+ETA2_RANDOMNESS_SIZE>[TraitClause@0, TraitClause@1, TraitClause@2,
+TraitClause@3]}
+*/
+/**
+A monomorphic instance of libcrux_ml_kem.ind_cpa.encrypt_c1.call_mut_f1
+with types libcrux_ml_kem_vector_portable_vector_type_PortableVector,
libcrux_ml_kem_hash_functions_portable_PortableHash[[$3size_t]] with const
generics
- K= 3
-- ETA= 2
-- ETA_RANDOMNESS_SIZE= 128
+- C1_LEN= 960
+- U_COMPRESSION_FACTOR= 10
+- BLOCK_LEN= 320
+- ETA1= 2
+- ETA1_RANDOMNESS_SIZE= 128
+- ETA2= 2
+- ETA2_RANDOMNESS_SIZE= 128
*/
-static inline libcrux_ml_kem_polynomial_PolynomialRingElement_f0
-libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_closure_f7(size_t _i) {
- return libcrux_ml_kem_polynomial_ZERO_89_ea();
+static inline libcrux_ml_kem_polynomial_PolynomialRingElement_1d
+libcrux_ml_kem_ind_cpa_encrypt_c1_call_mut_f1_85(void **_, size_t tupled_args) {
+ return libcrux_ml_kem_polynomial_ZERO_d6_ea();
}
/**
@@ -9912,7 +8718,7 @@ with const generics
- K= 3
- LEN= 128
*/
-static KRML_MUSTINLINE void libcrux_ml_kem_hash_functions_portable_PRFxN_c5(
+static inline void libcrux_ml_kem_hash_functions_portable_PRFxN_41(
uint8_t (*input)[33U], uint8_t ret[3U][128U]) {
uint8_t out[3U][128U] = {{0U}};
for (size_t i = (size_t)0U; i < (size_t)3U; i++) {
@@ -9925,18 +8731,18 @@ static KRML_MUSTINLINE void libcrux_ml_kem_hash_functions_portable_PRFxN_c5(
}
/**
-This function found in impl {(libcrux_ml_kem::hash_functions::Hash<K> for
-libcrux_ml_kem::hash_functions::portable::PortableHash<K>)}
+This function found in impl {libcrux_ml_kem::hash_functions::Hash<K> for
+libcrux_ml_kem::hash_functions::portable::PortableHash<K>}
*/
/**
-A monomorphic instance of libcrux_ml_kem.hash_functions.portable.PRFxN_f1
+A monomorphic instance of libcrux_ml_kem.hash_functions.portable.PRFxN_4a
with const generics
- K= 3
- LEN= 128
*/
-static KRML_MUSTINLINE void libcrux_ml_kem_hash_functions_portable_PRFxN_f1_93(
+static inline void libcrux_ml_kem_hash_functions_portable_PRFxN_4a_41(
uint8_t (*input)[33U], uint8_t ret[3U][128U]) {
- libcrux_ml_kem_hash_functions_portable_PRFxN_c5(input, ret);
+ libcrux_ml_kem_hash_functions_portable_PRFxN_41(input, ret);
}
/**
@@ -9994,16 +8800,16 @@ libcrux_ml_kem.sampling.sample_from_binomial_distribution_2 with types
libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics
*/
-static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0
-libcrux_ml_kem_sampling_sample_from_binomial_distribution_2_85(
+static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_1d
+libcrux_ml_kem_sampling_sample_from_binomial_distribution_2_ea(
Eurydice_slice randomness) {
int16_t sampled_i16s[256U] = {0U};
for (size_t i0 = (size_t)0U;
i0 < Eurydice_slice_len(randomness, uint8_t) / (size_t)4U; i0++) {
size_t chunk_number = i0;
- Eurydice_slice byte_chunk = Eurydice_slice_subslice2(
+ Eurydice_slice byte_chunk = Eurydice_slice_subslice3(
randomness, chunk_number * (size_t)4U,
- chunk_number * (size_t)4U + (size_t)4U, uint8_t);
+ chunk_number * (size_t)4U + (size_t)4U, uint8_t *);
uint32_t random_bits_as_u32 =
(((uint32_t)Eurydice_slice_index(byte_chunk, (size_t)0U, uint8_t,
uint8_t *) |
@@ -10019,7 +8825,7 @@ libcrux_ml_kem_sampling_sample_from_binomial_distribution_2_85(
uint32_t even_bits = random_bits_as_u32 & 1431655765U;
uint32_t odd_bits = random_bits_as_u32 >> 1U & 1431655765U;
uint32_t coin_toss_outcomes = even_bits + odd_bits;
- for (uint32_t i = 0U; i < CORE_NUM__U32_8__BITS / 4U; i++) {
+ for (uint32_t i = 0U; i < 32U / 4U; i++) {
uint32_t outcome_set = i;
uint32_t outcome_set0 = outcome_set * 4U;
int16_t outcome_1 =
@@ -10030,52 +8836,7 @@ libcrux_ml_kem_sampling_sample_from_binomial_distribution_2_85(
sampled_i16s[(size_t)8U * chunk_number + offset] = outcome_1 - outcome_2;
}
}
- return libcrux_ml_kem_polynomial_from_i16_array_89_c1(
- Eurydice_array_to_slice((size_t)256U, sampled_i16s, int16_t));
-}
-
-/**
-A monomorphic instance of
-libcrux_ml_kem.sampling.sample_from_binomial_distribution_3 with types
-libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics
-
-*/
-static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0
-libcrux_ml_kem_sampling_sample_from_binomial_distribution_3_eb(
- Eurydice_slice randomness) {
- int16_t sampled_i16s[256U] = {0U};
- for (size_t i0 = (size_t)0U;
- i0 < Eurydice_slice_len(randomness, uint8_t) / (size_t)3U; i0++) {
- size_t chunk_number = i0;
- Eurydice_slice byte_chunk = Eurydice_slice_subslice2(
- randomness, chunk_number * (size_t)3U,
- chunk_number * (size_t)3U + (size_t)3U, uint8_t);
- uint32_t random_bits_as_u24 =
- ((uint32_t)Eurydice_slice_index(byte_chunk, (size_t)0U, uint8_t,
- uint8_t *) |
- (uint32_t)Eurydice_slice_index(byte_chunk, (size_t)1U, uint8_t,
- uint8_t *)
- << 8U) |
- (uint32_t)Eurydice_slice_index(byte_chunk, (size_t)2U, uint8_t,
- uint8_t *)
- << 16U;
- uint32_t first_bits = random_bits_as_u24 & 2396745U;
- uint32_t second_bits = random_bits_as_u24 >> 1U & 2396745U;
- uint32_t third_bits = random_bits_as_u24 >> 2U & 2396745U;
- uint32_t coin_toss_outcomes = first_bits + second_bits + third_bits;
- for (int32_t i = (int32_t)0; i < (int32_t)24 / (int32_t)6; i++) {
- int32_t outcome_set = i;
- int32_t outcome_set0 = outcome_set * (int32_t)6;
- int16_t outcome_1 =
- (int16_t)(coin_toss_outcomes >> (uint32_t)outcome_set0 & 7U);
- int16_t outcome_2 = (int16_t)(coin_toss_outcomes >>
- (uint32_t)(outcome_set0 + (int32_t)3) &
- 7U);
- size_t offset = (size_t)(outcome_set0 / (int32_t)6);
- sampled_i16s[(size_t)4U * chunk_number + offset] = outcome_1 - outcome_2;
- }
- }
- return libcrux_ml_kem_polynomial_from_i16_array_89_c1(
+ return libcrux_ml_kem_polynomial_from_i16_array_d6_ea(
Eurydice_array_to_slice((size_t)256U, sampled_i16s, int16_t));
}
@@ -10085,10 +8846,10 @@ libcrux_ml_kem.sampling.sample_from_binomial_distribution with types
libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics
- ETA= 2
*/
-static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0
-libcrux_ml_kem_sampling_sample_from_binomial_distribution_c6(
+static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_1d
+libcrux_ml_kem_sampling_sample_from_binomial_distribution_a0(
Eurydice_slice randomness) {
- return libcrux_ml_kem_sampling_sample_from_binomial_distribution_2_85(
+ return libcrux_ml_kem_sampling_sample_from_binomial_distribution_2_ea(
randomness);
}
@@ -10098,18 +8859,18 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector
with const generics
*/
-static KRML_MUSTINLINE void libcrux_ml_kem_ntt_ntt_at_layer_7_f4(
- libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re) {
+static KRML_MUSTINLINE void libcrux_ml_kem_ntt_ntt_at_layer_7_ea(
+ libcrux_ml_kem_polynomial_PolynomialRingElement_1d *re) {
size_t step = LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT / (size_t)2U;
for (size_t i = (size_t)0U; i < step; i++) {
size_t j = i;
libcrux_ml_kem_vector_portable_vector_type_PortableVector t =
- libcrux_ml_kem_vector_portable_multiply_by_constant_0d(
+ libcrux_ml_kem_vector_portable_multiply_by_constant_b8(
re->coefficients[j + step], (int16_t)-1600);
re->coefficients[j + step] =
- libcrux_ml_kem_vector_portable_sub_0d(re->coefficients[j], &t);
+ libcrux_ml_kem_vector_portable_sub_b8(re->coefficients[j], &t);
libcrux_ml_kem_vector_portable_vector_type_PortableVector uu____1 =
- libcrux_ml_kem_vector_portable_add_0d(re->coefficients[j], &t);
+ libcrux_ml_kem_vector_portable_add_b8(re->coefficients[j], &t);
re->coefficients[j] = uu____1;
}
}
@@ -10121,20 +8882,23 @@ with const generics
*/
static KRML_MUSTINLINE void
-libcrux_ml_kem_ntt_ntt_binomially_sampled_ring_element_0f(
- libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re) {
- libcrux_ml_kem_ntt_ntt_at_layer_7_f4(re);
+libcrux_ml_kem_ntt_ntt_binomially_sampled_ring_element_ea(
+ libcrux_ml_kem_polynomial_PolynomialRingElement_1d *re) {
+ libcrux_ml_kem_ntt_ntt_at_layer_7_ea(re);
size_t zeta_i = (size_t)1U;
- libcrux_ml_kem_ntt_ntt_at_layer_4_plus_51(&zeta_i, re, (size_t)6U,
- (size_t)3U);
- libcrux_ml_kem_ntt_ntt_at_layer_4_plus_51(&zeta_i, re, (size_t)5U,
- (size_t)3U);
- libcrux_ml_kem_ntt_ntt_at_layer_4_plus_51(&zeta_i, re, (size_t)4U,
- (size_t)3U);
- libcrux_ml_kem_ntt_ntt_at_layer_3_fd(&zeta_i, re, (size_t)3U, (size_t)3U);
- libcrux_ml_kem_ntt_ntt_at_layer_2_ad(&zeta_i, re, (size_t)2U, (size_t)3U);
- libcrux_ml_kem_ntt_ntt_at_layer_1_a2(&zeta_i, re, (size_t)1U, (size_t)3U);
- libcrux_ml_kem_polynomial_poly_barrett_reduce_89_8b(re);
+ libcrux_ml_kem_ntt_ntt_at_layer_4_plus_ea(&zeta_i, re, (size_t)6U,
+ (size_t)11207U);
+ libcrux_ml_kem_ntt_ntt_at_layer_4_plus_ea(&zeta_i, re, (size_t)5U,
+ (size_t)11207U + (size_t)3328U);
+ libcrux_ml_kem_ntt_ntt_at_layer_4_plus_ea(
+ &zeta_i, re, (size_t)4U, (size_t)11207U + (size_t)2U * (size_t)3328U);
+ libcrux_ml_kem_ntt_ntt_at_layer_3_ea(
+ &zeta_i, re, (size_t)11207U + (size_t)3U * (size_t)3328U);
+ libcrux_ml_kem_ntt_ntt_at_layer_2_ea(
+ &zeta_i, re, (size_t)11207U + (size_t)4U * (size_t)3328U);
+ libcrux_ml_kem_ntt_ntt_at_layer_1_ea(
+ &zeta_i, re, (size_t)11207U + (size_t)5U * (size_t)3328U);
+ libcrux_ml_kem_polynomial_poly_barrett_reduce_d6_ea(re);
}
/**
@@ -10150,59 +8914,54 @@ generics
- ETA= 2
- ETA_RANDOMNESS_SIZE= 128
*/
-static KRML_MUSTINLINE tuple_b0
-libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_fc(uint8_t prf_input[33U],
- uint8_t domain_separator) {
- libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re_as_ntt[3U];
- for (size_t i = (size_t)0U; i < (size_t)3U; i++) {
- re_as_ntt[i] = libcrux_ml_kem_polynomial_ZERO_89_ea();
- }
- /* Passing arrays by value in Rust generates a copy in C */
- uint8_t copy_of_prf_input[33U];
- memcpy(copy_of_prf_input, prf_input, (size_t)33U * sizeof(uint8_t));
+static KRML_MUSTINLINE uint8_t
+libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_3b(
+ libcrux_ml_kem_polynomial_PolynomialRingElement_1d *re_as_ntt,
+ uint8_t *prf_input, uint8_t domain_separator) {
uint8_t prf_inputs[3U][33U];
for (size_t i = (size_t)0U; i < (size_t)3U; i++) {
- memcpy(prf_inputs[i], copy_of_prf_input, (size_t)33U * sizeof(uint8_t));
- }
- for (size_t i = (size_t)0U; i < (size_t)3U; i++) {
- size_t i0 = i;
- prf_inputs[i0][32U] = domain_separator;
- domain_separator = (uint32_t)domain_separator + 1U;
+ core_array__core__clone__Clone_for__Array_T__N___clone(
+ (size_t)33U, prf_input, prf_inputs[i], uint8_t, void *);
}
+ domain_separator =
+ libcrux_ml_kem_utils_prf_input_inc_e0(prf_inputs, domain_separator);
uint8_t prf_outputs[3U][128U];
- libcrux_ml_kem_hash_functions_portable_PRFxN_f1_93(prf_inputs, prf_outputs);
+ libcrux_ml_kem_hash_functions_portable_PRFxN_4a_41(prf_inputs, prf_outputs);
for (size_t i = (size_t)0U; i < (size_t)3U; i++) {
size_t i0 = i;
re_as_ntt[i0] =
- libcrux_ml_kem_sampling_sample_from_binomial_distribution_c6(
+ libcrux_ml_kem_sampling_sample_from_binomial_distribution_a0(
Eurydice_array_to_slice((size_t)128U, prf_outputs[i0], uint8_t));
- libcrux_ml_kem_ntt_ntt_binomially_sampled_ring_element_0f(&re_as_ntt[i0]);
+ libcrux_ml_kem_ntt_ntt_binomially_sampled_ring_element_ea(&re_as_ntt[i0]);
}
- /* Passing arrays by value in Rust generates a copy in C */
- libcrux_ml_kem_polynomial_PolynomialRingElement_f0 copy_of_re_as_ntt[3U];
- memcpy(
- copy_of_re_as_ntt, re_as_ntt,
- (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0));
- tuple_b0 lit;
- memcpy(
- lit.fst, copy_of_re_as_ntt,
- (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0));
- lit.snd = domain_separator;
- return lit;
+ return domain_separator;
}
/**
-A monomorphic instance of libcrux_ml_kem.ind_cpa.sample_ring_element_cbd.closure
+This function found in impl {core::ops::function::FnMut<(usize),
+libcrux_ml_kem::polynomial::PolynomialRingElement<Vector>[TraitClause@0,
+TraitClause@2]> for libcrux_ml_kem::ind_cpa::encrypt_c1::closure#1<Vector,
+Hasher, K, C1_LEN, U_COMPRESSION_FACTOR, BLOCK_LEN, ETA1, ETA1_RANDOMNESS_SIZE,
+ETA2, ETA2_RANDOMNESS_SIZE>[TraitClause@0, TraitClause@1, TraitClause@2,
+TraitClause@3]}
+*/
+/**
+A monomorphic instance of libcrux_ml_kem.ind_cpa.encrypt_c1.call_mut_dd
with types libcrux_ml_kem_vector_portable_vector_type_PortableVector,
libcrux_ml_kem_hash_functions_portable_PortableHash[[$3size_t]] with const
generics
- K= 3
-- ETA2_RANDOMNESS_SIZE= 128
+- C1_LEN= 960
+- U_COMPRESSION_FACTOR= 10
+- BLOCK_LEN= 320
+- ETA1= 2
+- ETA1_RANDOMNESS_SIZE= 128
- ETA2= 2
+- ETA2_RANDOMNESS_SIZE= 128
*/
-static inline libcrux_ml_kem_polynomial_PolynomialRingElement_f0
-libcrux_ml_kem_ind_cpa_sample_ring_element_cbd_closure_77(size_t _i) {
- return libcrux_ml_kem_polynomial_ZERO_89_ea();
+static inline libcrux_ml_kem_polynomial_PolynomialRingElement_1d
+libcrux_ml_kem_ind_cpa_encrypt_c1_call_mut_dd_85(void **_, size_t tupled_args) {
+ return libcrux_ml_kem_polynomial_ZERO_d6_ea();
}
/**
@@ -10217,45 +8976,27 @@ generics
- ETA2_RANDOMNESS_SIZE= 128
- ETA2= 2
*/
-static KRML_MUSTINLINE tuple_b0
-libcrux_ml_kem_ind_cpa_sample_ring_element_cbd_ac(uint8_t prf_input[33U],
- uint8_t domain_separator) {
- libcrux_ml_kem_polynomial_PolynomialRingElement_f0 error_1[3U];
- for (size_t i = (size_t)0U; i < (size_t)3U; i++) {
- error_1[i] = libcrux_ml_kem_polynomial_ZERO_89_ea();
- }
- /* Passing arrays by value in Rust generates a copy in C */
- uint8_t copy_of_prf_input[33U];
- memcpy(copy_of_prf_input, prf_input, (size_t)33U * sizeof(uint8_t));
+static KRML_MUSTINLINE uint8_t
+libcrux_ml_kem_ind_cpa_sample_ring_element_cbd_3b(
+ uint8_t *prf_input, uint8_t domain_separator,
+ libcrux_ml_kem_polynomial_PolynomialRingElement_1d *error_1) {
uint8_t prf_inputs[3U][33U];
for (size_t i = (size_t)0U; i < (size_t)3U; i++) {
- memcpy(prf_inputs[i], copy_of_prf_input, (size_t)33U * sizeof(uint8_t));
- }
- for (size_t i = (size_t)0U; i < (size_t)3U; i++) {
- size_t i0 = i;
- prf_inputs[i0][32U] = domain_separator;
- domain_separator = (uint32_t)domain_separator + 1U;
+ core_array__core__clone__Clone_for__Array_T__N___clone(
+ (size_t)33U, prf_input, prf_inputs[i], uint8_t, void *);
}
+ domain_separator =
+ libcrux_ml_kem_utils_prf_input_inc_e0(prf_inputs, domain_separator);
uint8_t prf_outputs[3U][128U];
- libcrux_ml_kem_hash_functions_portable_PRFxN_f1_93(prf_inputs, prf_outputs);
+ libcrux_ml_kem_hash_functions_portable_PRFxN_4a_41(prf_inputs, prf_outputs);
for (size_t i = (size_t)0U; i < (size_t)3U; i++) {
size_t i0 = i;
- libcrux_ml_kem_polynomial_PolynomialRingElement_f0 uu____1 =
- libcrux_ml_kem_sampling_sample_from_binomial_distribution_c6(
+ libcrux_ml_kem_polynomial_PolynomialRingElement_1d uu____0 =
+ libcrux_ml_kem_sampling_sample_from_binomial_distribution_a0(
Eurydice_array_to_slice((size_t)128U, prf_outputs[i0], uint8_t));
- error_1[i0] = uu____1;
+ error_1[i0] = uu____0;
}
- /* Passing arrays by value in Rust generates a copy in C */
- libcrux_ml_kem_polynomial_PolynomialRingElement_f0 copy_of_error_1[3U];
- memcpy(
- copy_of_error_1, error_1,
- (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0));
- tuple_b0 lit;
- memcpy(
- lit.fst, copy_of_error_1,
- (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0));
- lit.snd = domain_separator;
- return lit;
+ return domain_separator;
}
/**
@@ -10263,7 +9004,7 @@ A monomorphic instance of libcrux_ml_kem.hash_functions.portable.PRF
with const generics
- LEN= 128
*/
-static KRML_MUSTINLINE void libcrux_ml_kem_hash_functions_portable_PRF_2b0(
+static inline void libcrux_ml_kem_hash_functions_portable_PRF_a6(
Eurydice_slice input, uint8_t ret[128U]) {
uint8_t digest[128U] = {0U};
libcrux_sha3_portable_shake256(
@@ -10272,59 +9013,80 @@ static KRML_MUSTINLINE void libcrux_ml_kem_hash_functions_portable_PRF_2b0(
}
/**
-This function found in impl {(libcrux_ml_kem::hash_functions::Hash<K> for
-libcrux_ml_kem::hash_functions::portable::PortableHash<K>)}
+This function found in impl {libcrux_ml_kem::hash_functions::Hash<K> for
+libcrux_ml_kem::hash_functions::portable::PortableHash<K>}
*/
/**
-A monomorphic instance of libcrux_ml_kem.hash_functions.portable.PRF_f1
+A monomorphic instance of libcrux_ml_kem.hash_functions.portable.PRF_4a
with const generics
- K= 3
- LEN= 128
*/
-static KRML_MUSTINLINE void libcrux_ml_kem_hash_functions_portable_PRF_f1_ee0(
+static inline void libcrux_ml_kem_hash_functions_portable_PRF_4a_410(
Eurydice_slice input, uint8_t ret[128U]) {
- libcrux_ml_kem_hash_functions_portable_PRF_2b0(input, ret);
+ libcrux_ml_kem_hash_functions_portable_PRF_a6(input, ret);
}
/**
-A monomorphic instance of libcrux_ml_kem.matrix.compute_vector_u.closure
+This function found in impl {core::ops::function::FnMut<(usize),
+libcrux_ml_kem::polynomial::PolynomialRingElement<Vector>[TraitClause@0,
+TraitClause@1]> for libcrux_ml_kem::matrix::compute_vector_u::closure<Vector,
+K>[TraitClause@0, TraitClause@1]}
+*/
+/**
+A monomorphic instance of libcrux_ml_kem.matrix.compute_vector_u.call_mut_a8
with types libcrux_ml_kem_vector_portable_vector_type_PortableVector
with const generics
- K= 3
*/
-static inline libcrux_ml_kem_polynomial_PolynomialRingElement_f0
-libcrux_ml_kem_matrix_compute_vector_u_closure_d6(size_t _i) {
- return libcrux_ml_kem_polynomial_ZERO_89_ea();
+static inline libcrux_ml_kem_polynomial_PolynomialRingElement_1d
+libcrux_ml_kem_matrix_compute_vector_u_call_mut_a8_1b(void **_,
+ size_t tupled_args) {
+ return libcrux_ml_kem_polynomial_ZERO_d6_ea();
}
/**
-This function found in impl
-{libcrux_ml_kem::polynomial::PolynomialRingElement<Vector>[TraitClause@0]}
-*/
-/**
-A monomorphic instance of libcrux_ml_kem.polynomial.add_error_reduce_89
+A monomorphic instance of libcrux_ml_kem.polynomial.add_error_reduce
with types libcrux_ml_kem_vector_portable_vector_type_PortableVector
with const generics
*/
-static KRML_MUSTINLINE void libcrux_ml_kem_polynomial_add_error_reduce_89_38(
- libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *self,
- libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *error) {
+static KRML_MUSTINLINE void libcrux_ml_kem_polynomial_add_error_reduce_ea(
+ libcrux_ml_kem_polynomial_PolynomialRingElement_1d *myself,
+ libcrux_ml_kem_polynomial_PolynomialRingElement_1d *error) {
for (size_t i = (size_t)0U;
i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) {
size_t j = i;
libcrux_ml_kem_vector_portable_vector_type_PortableVector
coefficient_normal_form =
- libcrux_ml_kem_vector_portable_montgomery_multiply_by_constant_0d(
- self->coefficients[j], (int16_t)1441);
- libcrux_ml_kem_vector_portable_vector_type_PortableVector uu____0 =
- libcrux_ml_kem_vector_portable_barrett_reduce_0d(
- libcrux_ml_kem_vector_portable_add_0d(coefficient_normal_form,
- &error->coefficients[j]));
- self->coefficients[j] = uu____0;
+ libcrux_ml_kem_vector_portable_montgomery_multiply_by_constant_b8(
+ myself->coefficients[j], (int16_t)1441);
+ libcrux_ml_kem_vector_portable_vector_type_PortableVector sum =
+ libcrux_ml_kem_vector_portable_add_b8(coefficient_normal_form,
+ &error->coefficients[j]);
+ libcrux_ml_kem_vector_portable_vector_type_PortableVector red =
+ libcrux_ml_kem_vector_portable_barrett_reduce_b8(sum);
+ myself->coefficients[j] = red;
}
}
+/**
+This function found in impl
+{libcrux_ml_kem::polynomial::PolynomialRingElement<Vector>[TraitClause@0,
+TraitClause@1]}
+*/
+/**
+A monomorphic instance of libcrux_ml_kem.polynomial.add_error_reduce_d6
+with types libcrux_ml_kem_vector_portable_vector_type_PortableVector
+with const generics
+
+*/
+static KRML_MUSTINLINE void libcrux_ml_kem_polynomial_add_error_reduce_d6_ea(
+ libcrux_ml_kem_polynomial_PolynomialRingElement_1d *self,
+ libcrux_ml_kem_polynomial_PolynomialRingElement_1d *error) {
+ libcrux_ml_kem_polynomial_add_error_reduce_ea(self, error);
+}
+
/**
Compute u := InvertNTT(Aᵀ ◦ r̂) + e₁
*/
@@ -10334,149 +9096,47 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector
with const generics
- K= 3
*/
-static KRML_MUSTINLINE void libcrux_ml_kem_matrix_compute_vector_u_59(
- libcrux_ml_kem_polynomial_PolynomialRingElement_f0 (*a_as_ntt)[3U],
- libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *r_as_ntt,
- libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *error_1,
- libcrux_ml_kem_polynomial_PolynomialRingElement_f0 ret[3U]) {
- libcrux_ml_kem_polynomial_PolynomialRingElement_f0 result[3U];
+static KRML_MUSTINLINE void libcrux_ml_kem_matrix_compute_vector_u_1b(
+ libcrux_ml_kem_polynomial_PolynomialRingElement_1d (*a_as_ntt)[3U],
+ libcrux_ml_kem_polynomial_PolynomialRingElement_1d *r_as_ntt,
+ libcrux_ml_kem_polynomial_PolynomialRingElement_1d *error_1,
+ libcrux_ml_kem_polynomial_PolynomialRingElement_1d ret[3U]) {
+ libcrux_ml_kem_polynomial_PolynomialRingElement_1d result[3U];
for (size_t i = (size_t)0U; i < (size_t)3U; i++) {
- result[i] = libcrux_ml_kem_polynomial_ZERO_89_ea();
+ /* original Rust expression is not an lvalue in C */
+ void *lvalue = (void *)0U;
+ result[i] =
+ libcrux_ml_kem_matrix_compute_vector_u_call_mut_a8_1b(&lvalue, i);
}
for (size_t i0 = (size_t)0U;
i0 < Eurydice_slice_len(
Eurydice_array_to_slice(
(size_t)3U, a_as_ntt,
- libcrux_ml_kem_polynomial_PolynomialRingElement_f0[3U]),
- libcrux_ml_kem_polynomial_PolynomialRingElement_f0[3U]);
+ libcrux_ml_kem_polynomial_PolynomialRingElement_1d[3U]),
+ libcrux_ml_kem_polynomial_PolynomialRingElement_1d[3U]);
i0++) {
size_t i1 = i0;
- libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *row = a_as_ntt[i1];
+ libcrux_ml_kem_polynomial_PolynomialRingElement_1d *row = a_as_ntt[i1];
for (size_t i = (size_t)0U;
i < Eurydice_slice_len(
Eurydice_array_to_slice(
(size_t)3U, row,
- libcrux_ml_kem_polynomial_PolynomialRingElement_f0),
- libcrux_ml_kem_polynomial_PolynomialRingElement_f0);
+ libcrux_ml_kem_polynomial_PolynomialRingElement_1d),
+ libcrux_ml_kem_polynomial_PolynomialRingElement_1d);
i++) {
size_t j = i;
- libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *a_element = &row[j];
- libcrux_ml_kem_polynomial_PolynomialRingElement_f0 product =
- libcrux_ml_kem_polynomial_ntt_multiply_89_2a(a_element, &r_as_ntt[j]);
- libcrux_ml_kem_polynomial_add_to_ring_element_89_84(&result[i1],
+ libcrux_ml_kem_polynomial_PolynomialRingElement_1d *a_element = &row[j];
+ libcrux_ml_kem_polynomial_PolynomialRingElement_1d product =
+ libcrux_ml_kem_polynomial_ntt_multiply_d6_ea(a_element, &r_as_ntt[j]);
+ libcrux_ml_kem_polynomial_add_to_ring_element_d6_1b(&result[i1],
&product);
}
- libcrux_ml_kem_invert_ntt_invert_ntt_montgomery_f6(&result[i1]);
- libcrux_ml_kem_polynomial_add_error_reduce_89_38(&result[i1], &error_1[i1]);
+ libcrux_ml_kem_invert_ntt_invert_ntt_montgomery_1b(&result[i1]);
+ libcrux_ml_kem_polynomial_add_error_reduce_d6_ea(&result[i1], &error_1[i1]);
}
memcpy(
ret, result,
- (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0));
-}
-
-/**
-A monomorphic instance of libcrux_ml_kem.vector.traits.decompress_1
-with types libcrux_ml_kem_vector_portable_vector_type_PortableVector
-with const generics
-
-*/
-static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector
-libcrux_ml_kem_vector_traits_decompress_1_63(
- libcrux_ml_kem_vector_portable_vector_type_PortableVector v) {
- libcrux_ml_kem_vector_portable_vector_type_PortableVector uu____0 =
- libcrux_ml_kem_vector_portable_ZERO_0d();
- return libcrux_ml_kem_vector_portable_bitwise_and_with_constant_0d(
- libcrux_ml_kem_vector_portable_sub_0d(uu____0, &v), (int16_t)1665);
-}
-
-/**
-A monomorphic instance of
-libcrux_ml_kem.serialize.deserialize_then_decompress_message with types
-libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics
-
-*/
-static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0
-libcrux_ml_kem_serialize_deserialize_then_decompress_message_0d(
- uint8_t serialized[32U]) {
- libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re =
- libcrux_ml_kem_polynomial_ZERO_89_ea();
- for (size_t i = (size_t)0U; i < (size_t)16U; i++) {
- size_t i0 = i;
- libcrux_ml_kem_vector_portable_vector_type_PortableVector
- coefficient_compressed =
- libcrux_ml_kem_vector_portable_deserialize_1_0d(
- Eurydice_array_to_subslice2(serialized, (size_t)2U * i0,
- (size_t)2U * i0 + (size_t)2U,
- uint8_t));
- libcrux_ml_kem_vector_portable_vector_type_PortableVector uu____0 =
- libcrux_ml_kem_vector_traits_decompress_1_63(coefficient_compressed);
- re.coefficients[i0] = uu____0;
- }
- return re;
-}
-
-/**
-This function found in impl
-{libcrux_ml_kem::polynomial::PolynomialRingElement<Vector>[TraitClause@0]}
-*/
-/**
-A monomorphic instance of libcrux_ml_kem.polynomial.add_message_error_reduce_89
-with types libcrux_ml_kem_vector_portable_vector_type_PortableVector
-with const generics
-
-*/
-static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0
-libcrux_ml_kem_polynomial_add_message_error_reduce_89_ea(
- libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *self,
- libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *message,
- libcrux_ml_kem_polynomial_PolynomialRingElement_f0 result) {
- for (size_t i = (size_t)0U;
- i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) {
- size_t i0 = i;
- libcrux_ml_kem_vector_portable_vector_type_PortableVector
- coefficient_normal_form =
- libcrux_ml_kem_vector_portable_montgomery_multiply_by_constant_0d(
- result.coefficients[i0], (int16_t)1441);
- libcrux_ml_kem_vector_portable_vector_type_PortableVector tmp =
- libcrux_ml_kem_vector_portable_add_0d(self->coefficients[i0],
- &message->coefficients[i0]);
- libcrux_ml_kem_vector_portable_vector_type_PortableVector tmp0 =
- libcrux_ml_kem_vector_portable_add_0d(coefficient_normal_form, &tmp);
- libcrux_ml_kem_vector_portable_vector_type_PortableVector uu____0 =
- libcrux_ml_kem_vector_portable_barrett_reduce_0d(tmp0);
- result.coefficients[i0] = uu____0;
- }
- return result;
-}
-
-/**
- Compute InverseNTT(tᵀ ◦ r̂) + e₂ + message
-*/
-/**
-A monomorphic instance of libcrux_ml_kem.matrix.compute_ring_element_v
-with types libcrux_ml_kem_vector_portable_vector_type_PortableVector
-with const generics
-- K= 3
-*/
-static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_f0
-libcrux_ml_kem_matrix_compute_ring_element_v_54(
- libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *t_as_ntt,
- libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *r_as_ntt,
- libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *error_2,
- libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *message) {
- libcrux_ml_kem_polynomial_PolynomialRingElement_f0 result =
- libcrux_ml_kem_polynomial_ZERO_89_ea();
- for (size_t i = (size_t)0U; i < (size_t)3U; i++) {
- size_t i0 = i;
- libcrux_ml_kem_polynomial_PolynomialRingElement_f0 product =
- libcrux_ml_kem_polynomial_ntt_multiply_89_2a(&t_as_ntt[i0],
- &r_as_ntt[i0]);
- libcrux_ml_kem_polynomial_add_to_ring_element_89_84(&result, &product);
- }
- libcrux_ml_kem_invert_ntt_invert_ntt_montgomery_f6(&result);
- result = libcrux_ml_kem_polynomial_add_message_error_reduce_89_ea(
- error_2, message, result);
- return result;
+ (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_1d));
}
/**
@@ -10485,32 +9145,33 @@ with const generics
- COEFFICIENT_BITS= 10
*/
static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector
-libcrux_ml_kem_vector_portable_compress_compress_02(
- libcrux_ml_kem_vector_portable_vector_type_PortableVector v) {
+libcrux_ml_kem_vector_portable_compress_compress_ef(
+ libcrux_ml_kem_vector_portable_vector_type_PortableVector a) {
for (size_t i = (size_t)0U;
i < LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_ELEMENTS_IN_VECTOR; i++) {
size_t i0 = i;
- int16_t uu____0 =
+ int16_t uu____0 = libcrux_secrets_int_as_i16_f5(
libcrux_ml_kem_vector_portable_compress_compress_ciphertext_coefficient(
- (uint8_t)(int32_t)10, (uint16_t)v.elements[i0]);
- v.elements[i0] = uu____0;
+ (uint8_t)(int32_t)10,
+ libcrux_secrets_int_as_u16_f5(a.elements[i0])));
+ a.elements[i0] = uu____0;
}
- return v;
+ return a;
}
/**
-This function found in impl {(libcrux_ml_kem::vector::traits::Operations for
-libcrux_ml_kem::vector::portable::vector_type::PortableVector)}
+This function found in impl {libcrux_ml_kem::vector::traits::Operations for
+libcrux_ml_kem::vector::portable::vector_type::PortableVector}
*/
/**
-A monomorphic instance of libcrux_ml_kem.vector.portable.compress_0d
+A monomorphic instance of libcrux_ml_kem.vector.portable.compress_b8
with const generics
- COEFFICIENT_BITS= 10
*/
static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector
-libcrux_ml_kem_vector_portable_compress_0d_28(
- libcrux_ml_kem_vector_portable_vector_type_PortableVector v) {
- return libcrux_ml_kem_vector_portable_compress_compress_02(v);
+libcrux_ml_kem_vector_portable_compress_b8_ef(
+ libcrux_ml_kem_vector_portable_vector_type_PortableVector a) {
+ return libcrux_ml_kem_vector_portable_compress_compress_ef(a);
}
/**
@@ -10520,83 +9181,22 @@ with const generics
- OUT_LEN= 320
*/
static KRML_MUSTINLINE void
-libcrux_ml_kem_serialize_compress_then_serialize_10_fc(
- libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re, uint8_t ret[320U]) {
+libcrux_ml_kem_serialize_compress_then_serialize_10_ff(
+ libcrux_ml_kem_polynomial_PolynomialRingElement_1d *re, uint8_t ret[320U]) {
uint8_t serialized[320U] = {0U};
for (size_t i = (size_t)0U;
i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) {
size_t i0 = i;
libcrux_ml_kem_vector_portable_vector_type_PortableVector coefficient =
- libcrux_ml_kem_vector_portable_compress_0d_28(
- libcrux_ml_kem_vector_traits_to_unsigned_representative_db(
+ libcrux_ml_kem_vector_portable_compress_b8_ef(
+ libcrux_ml_kem_serialize_to_unsigned_field_modulus_ea(
re->coefficients[i0]));
uint8_t bytes[20U];
- libcrux_ml_kem_vector_portable_serialize_10_0d(coefficient, bytes);
- Eurydice_slice uu____0 = Eurydice_array_to_subslice2(
- serialized, (size_t)20U * i0, (size_t)20U * i0 + (size_t)20U, uint8_t);
+ libcrux_ml_kem_vector_portable_serialize_10_b8(coefficient, bytes);
Eurydice_slice_copy(
- uu____0, Eurydice_array_to_slice((size_t)20U, bytes, uint8_t), uint8_t);
- }
- memcpy(ret, serialized, (size_t)320U * sizeof(uint8_t));
-}
-
-/**
-A monomorphic instance of libcrux_ml_kem.vector.portable.compress.compress
-with const generics
-- COEFFICIENT_BITS= 11
-*/
-static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector
-libcrux_ml_kem_vector_portable_compress_compress_020(
- libcrux_ml_kem_vector_portable_vector_type_PortableVector v) {
- for (size_t i = (size_t)0U;
- i < LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_ELEMENTS_IN_VECTOR; i++) {
- size_t i0 = i;
- int16_t uu____0 =
- libcrux_ml_kem_vector_portable_compress_compress_ciphertext_coefficient(
- (uint8_t)(int32_t)11, (uint16_t)v.elements[i0]);
- v.elements[i0] = uu____0;
- }
- return v;
-}
-
-/**
-This function found in impl {(libcrux_ml_kem::vector::traits::Operations for
-libcrux_ml_kem::vector::portable::vector_type::PortableVector)}
-*/
-/**
-A monomorphic instance of libcrux_ml_kem.vector.portable.compress_0d
-with const generics
-- COEFFICIENT_BITS= 11
-*/
-static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector
-libcrux_ml_kem_vector_portable_compress_0d_280(
- libcrux_ml_kem_vector_portable_vector_type_PortableVector v) {
- return libcrux_ml_kem_vector_portable_compress_compress_020(v);
-}
-
-/**
-A monomorphic instance of libcrux_ml_kem.serialize.compress_then_serialize_11
-with types libcrux_ml_kem_vector_portable_vector_type_PortableVector
-with const generics
-- OUT_LEN= 320
-*/
-static KRML_MUSTINLINE void
-libcrux_ml_kem_serialize_compress_then_serialize_11_e1(
- libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re, uint8_t ret[320U]) {
- uint8_t serialized[320U] = {0U};
- for (size_t i = (size_t)0U;
- i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) {
- size_t i0 = i;
- libcrux_ml_kem_vector_portable_vector_type_PortableVector coefficient =
- libcrux_ml_kem_vector_portable_compress_0d_280(
- libcrux_ml_kem_vector_traits_to_unsigned_representative_db(
- re->coefficients[i0]));
- uint8_t bytes[22U];
- libcrux_ml_kem_vector_portable_serialize_11_0d(coefficient, bytes);
- Eurydice_slice uu____0 = Eurydice_array_to_subslice2(
- serialized, (size_t)22U * i0, (size_t)22U * i0 + (size_t)22U, uint8_t);
- Eurydice_slice_copy(
- uu____0, Eurydice_array_to_slice((size_t)22U, bytes, uint8_t), uint8_t);
+ Eurydice_array_to_subslice3(serialized, (size_t)20U * i0,
+ (size_t)20U * i0 + (size_t)20U, uint8_t *),
+ Eurydice_array_to_slice((size_t)20U, bytes, uint8_t), uint8_t);
}
memcpy(ret, serialized, (size_t)320U * sizeof(uint8_t));
}
@@ -10609,10 +9209,10 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics
- OUT_LEN= 320
*/
static KRML_MUSTINLINE void
-libcrux_ml_kem_serialize_compress_then_serialize_ring_element_u_5f(
- libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re, uint8_t ret[320U]) {
+libcrux_ml_kem_serialize_compress_then_serialize_ring_element_u_fe(
+ libcrux_ml_kem_polynomial_PolynomialRingElement_1d *re, uint8_t ret[320U]) {
uint8_t uu____0[320U];
- libcrux_ml_kem_serialize_compress_then_serialize_10_fc(re, uu____0);
+ libcrux_ml_kem_serialize_compress_then_serialize_10_ff(re, uu____0);
memcpy(ret, uu____0, (size_t)320U * sizeof(uint8_t));
}
@@ -10628,61 +9228,231 @@ with const generics
- COMPRESSION_FACTOR= 10
- BLOCK_LEN= 320
*/
-static inline void libcrux_ml_kem_ind_cpa_compress_then_serialize_u_a7(
- libcrux_ml_kem_polynomial_PolynomialRingElement_f0 input[3U],
+static KRML_MUSTINLINE void libcrux_ml_kem_ind_cpa_compress_then_serialize_u_43(
+ libcrux_ml_kem_polynomial_PolynomialRingElement_1d input[3U],
Eurydice_slice out) {
for (size_t i = (size_t)0U;
i < Eurydice_slice_len(
Eurydice_array_to_slice(
(size_t)3U, input,
- libcrux_ml_kem_polynomial_PolynomialRingElement_f0),
- libcrux_ml_kem_polynomial_PolynomialRingElement_f0);
+ libcrux_ml_kem_polynomial_PolynomialRingElement_1d),
+ libcrux_ml_kem_polynomial_PolynomialRingElement_1d);
i++) {
size_t i0 = i;
- libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re = input[i0];
- Eurydice_slice uu____0 = Eurydice_slice_subslice2(
+ libcrux_ml_kem_polynomial_PolynomialRingElement_1d re = input[i0];
+ Eurydice_slice uu____0 = Eurydice_slice_subslice3(
out, i0 * ((size_t)960U / (size_t)3U),
- (i0 + (size_t)1U) * ((size_t)960U / (size_t)3U), uint8_t);
+ (i0 + (size_t)1U) * ((size_t)960U / (size_t)3U), uint8_t *);
uint8_t ret[320U];
- libcrux_ml_kem_serialize_compress_then_serialize_ring_element_u_5f(&re,
+ libcrux_ml_kem_serialize_compress_then_serialize_ring_element_u_fe(&re,
ret);
Eurydice_slice_copy(
uu____0, Eurydice_array_to_slice((size_t)320U, ret, uint8_t), uint8_t);
}
}
+/**
+A monomorphic instance of libcrux_ml_kem.ind_cpa.encrypt_c1
+with types libcrux_ml_kem_vector_portable_vector_type_PortableVector,
+libcrux_ml_kem_hash_functions_portable_PortableHash[[$3size_t]] with const
+generics
+- K= 3
+- C1_LEN= 960
+- U_COMPRESSION_FACTOR= 10
+- BLOCK_LEN= 320
+- ETA1= 2
+- ETA1_RANDOMNESS_SIZE= 128
+- ETA2= 2
+- ETA2_RANDOMNESS_SIZE= 128
+*/
+static KRML_MUSTINLINE tuple_ed libcrux_ml_kem_ind_cpa_encrypt_c1_85(
+ Eurydice_slice randomness,
+ libcrux_ml_kem_polynomial_PolynomialRingElement_1d (*matrix)[3U],
+ Eurydice_slice ciphertext) {
+ uint8_t prf_input[33U];
+ libcrux_ml_kem_utils_into_padded_array_c8(randomness, prf_input);
+ libcrux_ml_kem_polynomial_PolynomialRingElement_1d r_as_ntt[3U];
+ for (size_t i = (size_t)0U; i < (size_t)3U; i++) {
+ /* original Rust expression is not an lvalue in C */
+ void *lvalue = (void *)0U;
+ r_as_ntt[i] = libcrux_ml_kem_ind_cpa_encrypt_c1_call_mut_f1_85(&lvalue, i);
+ }
+ uint8_t domain_separator0 =
+ libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_3b(r_as_ntt, prf_input,
+ 0U);
+ libcrux_ml_kem_polynomial_PolynomialRingElement_1d error_1[3U];
+ for (size_t i = (size_t)0U; i < (size_t)3U; i++) {
+ /* original Rust expression is not an lvalue in C */
+ void *lvalue = (void *)0U;
+ error_1[i] = libcrux_ml_kem_ind_cpa_encrypt_c1_call_mut_dd_85(&lvalue, i);
+ }
+ uint8_t domain_separator = libcrux_ml_kem_ind_cpa_sample_ring_element_cbd_3b(
+ prf_input, domain_separator0, error_1);
+ prf_input[32U] = domain_separator;
+ uint8_t prf_output[128U];
+ libcrux_ml_kem_hash_functions_portable_PRF_4a_410(
+ Eurydice_array_to_slice((size_t)33U, prf_input, uint8_t), prf_output);
+ libcrux_ml_kem_polynomial_PolynomialRingElement_1d error_2 =
+ libcrux_ml_kem_sampling_sample_from_binomial_distribution_a0(
+ Eurydice_array_to_slice((size_t)128U, prf_output, uint8_t));
+ libcrux_ml_kem_polynomial_PolynomialRingElement_1d u[3U];
+ libcrux_ml_kem_matrix_compute_vector_u_1b(matrix, r_as_ntt, error_1, u);
+ libcrux_ml_kem_polynomial_PolynomialRingElement_1d uu____0[3U];
+ memcpy(
+ uu____0, u,
+ (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_1d));
+ libcrux_ml_kem_ind_cpa_compress_then_serialize_u_43(uu____0, ciphertext);
+ /* Passing arrays by value in Rust generates a copy in C */
+ libcrux_ml_kem_polynomial_PolynomialRingElement_1d copy_of_r_as_ntt[3U];
+ memcpy(
+ copy_of_r_as_ntt, r_as_ntt,
+ (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_1d));
+ tuple_ed lit;
+ memcpy(
+ lit.fst, copy_of_r_as_ntt,
+ (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_1d));
+ lit.snd = error_2;
+ return lit;
+}
+
+/**
+A monomorphic instance of
+libcrux_ml_kem.serialize.deserialize_then_decompress_message with types
+libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics
+
+*/
+static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_1d
+libcrux_ml_kem_serialize_deserialize_then_decompress_message_ea(
+ uint8_t *serialized) {
+ libcrux_ml_kem_polynomial_PolynomialRingElement_1d re =
+ libcrux_ml_kem_polynomial_ZERO_d6_ea();
+ for (size_t i = (size_t)0U; i < (size_t)16U; i++) {
+ size_t i0 = i;
+ libcrux_ml_kem_vector_portable_vector_type_PortableVector
+ coefficient_compressed =
+ libcrux_ml_kem_vector_portable_deserialize_1_b8(
+ Eurydice_array_to_subslice3(serialized, (size_t)2U * i0,
+ (size_t)2U * i0 + (size_t)2U,
+ uint8_t *));
+ libcrux_ml_kem_vector_portable_vector_type_PortableVector uu____0 =
+ libcrux_ml_kem_vector_portable_decompress_1_b8(coefficient_compressed);
+ re.coefficients[i0] = uu____0;
+ }
+ return re;
+}
+
+/**
+A monomorphic instance of libcrux_ml_kem.polynomial.add_message_error_reduce
+with types libcrux_ml_kem_vector_portable_vector_type_PortableVector
+with const generics
+
+*/
+static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_1d
+libcrux_ml_kem_polynomial_add_message_error_reduce_ea(
+ libcrux_ml_kem_polynomial_PolynomialRingElement_1d *myself,
+ libcrux_ml_kem_polynomial_PolynomialRingElement_1d *message,
+ libcrux_ml_kem_polynomial_PolynomialRingElement_1d result) {
+ for (size_t i = (size_t)0U;
+ i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) {
+ size_t i0 = i;
+ libcrux_ml_kem_vector_portable_vector_type_PortableVector
+ coefficient_normal_form =
+ libcrux_ml_kem_vector_portable_montgomery_multiply_by_constant_b8(
+ result.coefficients[i0], (int16_t)1441);
+ libcrux_ml_kem_vector_portable_vector_type_PortableVector sum1 =
+ libcrux_ml_kem_vector_portable_add_b8(myself->coefficients[i0],
+ &message->coefficients[i0]);
+ libcrux_ml_kem_vector_portable_vector_type_PortableVector sum2 =
+ libcrux_ml_kem_vector_portable_add_b8(coefficient_normal_form, &sum1);
+ libcrux_ml_kem_vector_portable_vector_type_PortableVector red =
+ libcrux_ml_kem_vector_portable_barrett_reduce_b8(sum2);
+ result.coefficients[i0] = red;
+ }
+ return result;
+}
+
+/**
+This function found in impl
+{libcrux_ml_kem::polynomial::PolynomialRingElement<Vector>[TraitClause@0,
+TraitClause@1]}
+*/
+/**
+A monomorphic instance of libcrux_ml_kem.polynomial.add_message_error_reduce_d6
+with types libcrux_ml_kem_vector_portable_vector_type_PortableVector
+with const generics
+
+*/
+static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_1d
+libcrux_ml_kem_polynomial_add_message_error_reduce_d6_ea(
+ libcrux_ml_kem_polynomial_PolynomialRingElement_1d *self,
+ libcrux_ml_kem_polynomial_PolynomialRingElement_1d *message,
+ libcrux_ml_kem_polynomial_PolynomialRingElement_1d result) {
+ return libcrux_ml_kem_polynomial_add_message_error_reduce_ea(self, message,
+ result);
+}
+
+/**
+ Compute InverseNTT(tᵀ ◦ r̂) + e₂ + message
+*/
+/**
+A monomorphic instance of libcrux_ml_kem.matrix.compute_ring_element_v
+with types libcrux_ml_kem_vector_portable_vector_type_PortableVector
+with const generics
+- K= 3
+*/
+static KRML_MUSTINLINE libcrux_ml_kem_polynomial_PolynomialRingElement_1d
+libcrux_ml_kem_matrix_compute_ring_element_v_1b(
+ libcrux_ml_kem_polynomial_PolynomialRingElement_1d *t_as_ntt,
+ libcrux_ml_kem_polynomial_PolynomialRingElement_1d *r_as_ntt,
+ libcrux_ml_kem_polynomial_PolynomialRingElement_1d *error_2,
+ libcrux_ml_kem_polynomial_PolynomialRingElement_1d *message) {
+ libcrux_ml_kem_polynomial_PolynomialRingElement_1d result =
+ libcrux_ml_kem_polynomial_ZERO_d6_ea();
+ for (size_t i = (size_t)0U; i < (size_t)3U; i++) {
+ size_t i0 = i;
+ libcrux_ml_kem_polynomial_PolynomialRingElement_1d product =
+ libcrux_ml_kem_polynomial_ntt_multiply_d6_ea(&t_as_ntt[i0],
+ &r_as_ntt[i0]);
+ libcrux_ml_kem_polynomial_add_to_ring_element_d6_1b(&result, &product);
+ }
+ libcrux_ml_kem_invert_ntt_invert_ntt_montgomery_1b(&result);
+ return libcrux_ml_kem_polynomial_add_message_error_reduce_d6_ea(
+ error_2, message, result);
+}
+
/**
A monomorphic instance of libcrux_ml_kem.vector.portable.compress.compress
with const generics
- COEFFICIENT_BITS= 4
*/
static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector
-libcrux_ml_kem_vector_portable_compress_compress_021(
- libcrux_ml_kem_vector_portable_vector_type_PortableVector v) {
+libcrux_ml_kem_vector_portable_compress_compress_d1(
+ libcrux_ml_kem_vector_portable_vector_type_PortableVector a) {
for (size_t i = (size_t)0U;
i < LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_ELEMENTS_IN_VECTOR; i++) {
size_t i0 = i;
- int16_t uu____0 =
+ int16_t uu____0 = libcrux_secrets_int_as_i16_f5(
libcrux_ml_kem_vector_portable_compress_compress_ciphertext_coefficient(
- (uint8_t)(int32_t)4, (uint16_t)v.elements[i0]);
- v.elements[i0] = uu____0;
+ (uint8_t)(int32_t)4,
+ libcrux_secrets_int_as_u16_f5(a.elements[i0])));
+ a.elements[i0] = uu____0;
}
- return v;
+ return a;
}
/**
-This function found in impl {(libcrux_ml_kem::vector::traits::Operations for
-libcrux_ml_kem::vector::portable::vector_type::PortableVector)}
+This function found in impl {libcrux_ml_kem::vector::traits::Operations for
+libcrux_ml_kem::vector::portable::vector_type::PortableVector}
*/
/**
-A monomorphic instance of libcrux_ml_kem.vector.portable.compress_0d
+A monomorphic instance of libcrux_ml_kem.vector.portable.compress_b8
with const generics
- COEFFICIENT_BITS= 4
*/
static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector
-libcrux_ml_kem_vector_portable_compress_0d_281(
- libcrux_ml_kem_vector_portable_vector_type_PortableVector v) {
- return libcrux_ml_kem_vector_portable_compress_compress_021(v);
+libcrux_ml_kem_vector_portable_compress_b8_d1(
+ libcrux_ml_kem_vector_portable_vector_type_PortableVector a) {
+ return libcrux_ml_kem_vector_portable_compress_compress_d1(a);
}
/**
@@ -10692,100 +9462,104 @@ with const generics
*/
static KRML_MUSTINLINE void
-libcrux_ml_kem_serialize_compress_then_serialize_4_9a(
- libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re,
+libcrux_ml_kem_serialize_compress_then_serialize_4_ea(
+ libcrux_ml_kem_polynomial_PolynomialRingElement_1d re,
Eurydice_slice serialized) {
for (size_t i = (size_t)0U;
i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) {
size_t i0 = i;
libcrux_ml_kem_vector_portable_vector_type_PortableVector coefficient =
- libcrux_ml_kem_vector_portable_compress_0d_281(
- libcrux_ml_kem_vector_traits_to_unsigned_representative_db(
+ libcrux_ml_kem_vector_portable_compress_b8_d1(
+ libcrux_ml_kem_serialize_to_unsigned_field_modulus_ea(
re.coefficients[i0]));
uint8_t bytes[8U];
- libcrux_ml_kem_vector_portable_serialize_4_0d(coefficient, bytes);
+ libcrux_ml_kem_vector_portable_serialize_4_b8(coefficient, bytes);
Eurydice_slice_copy(
- Eurydice_slice_subslice2(serialized, (size_t)8U * i0,
- (size_t)8U * i0 + (size_t)8U, uint8_t),
+ Eurydice_slice_subslice3(serialized, (size_t)8U * i0,
+ (size_t)8U * i0 + (size_t)8U, uint8_t *),
Eurydice_array_to_slice((size_t)8U, bytes, uint8_t), uint8_t);
}
}
-/**
-A monomorphic instance of libcrux_ml_kem.vector.portable.compress.compress
-with const generics
-- COEFFICIENT_BITS= 5
-*/
-static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector
-libcrux_ml_kem_vector_portable_compress_compress_022(
- libcrux_ml_kem_vector_portable_vector_type_PortableVector v) {
- for (size_t i = (size_t)0U;
- i < LIBCRUX_ML_KEM_VECTOR_TRAITS_FIELD_ELEMENTS_IN_VECTOR; i++) {
- size_t i0 = i;
- int16_t uu____0 =
- libcrux_ml_kem_vector_portable_compress_compress_ciphertext_coefficient(
- (uint8_t)(int32_t)5, (uint16_t)v.elements[i0]);
- v.elements[i0] = uu____0;
- }
- return v;
-}
-
-/**
-This function found in impl {(libcrux_ml_kem::vector::traits::Operations for
-libcrux_ml_kem::vector::portable::vector_type::PortableVector)}
-*/
-/**
-A monomorphic instance of libcrux_ml_kem.vector.portable.compress_0d
-with const generics
-- COEFFICIENT_BITS= 5
-*/
-static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector
-libcrux_ml_kem_vector_portable_compress_0d_282(
- libcrux_ml_kem_vector_portable_vector_type_PortableVector v) {
- return libcrux_ml_kem_vector_portable_compress_compress_022(v);
-}
-
-/**
-A monomorphic instance of libcrux_ml_kem.serialize.compress_then_serialize_5
-with types libcrux_ml_kem_vector_portable_vector_type_PortableVector
-with const generics
-
-*/
-static KRML_MUSTINLINE void
-libcrux_ml_kem_serialize_compress_then_serialize_5_1f(
- libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re,
- Eurydice_slice serialized) {
- for (size_t i = (size_t)0U;
- i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) {
- size_t i0 = i;
- libcrux_ml_kem_vector_portable_vector_type_PortableVector coefficients =
- libcrux_ml_kem_vector_portable_compress_0d_282(
- libcrux_ml_kem_vector_traits_to_unsigned_representative_db(
- re.coefficients[i0]));
- uint8_t bytes[10U];
- libcrux_ml_kem_vector_portable_serialize_5_0d(coefficients, bytes);
- Eurydice_slice_copy(
- Eurydice_slice_subslice2(serialized, (size_t)10U * i0,
- (size_t)10U * i0 + (size_t)10U, uint8_t),
- Eurydice_array_to_slice((size_t)10U, bytes, uint8_t), uint8_t);
- }
-}
-
/**
A monomorphic instance of
libcrux_ml_kem.serialize.compress_then_serialize_ring_element_v with types
libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics
+- K= 3
- COMPRESSION_FACTOR= 4
- OUT_LEN= 128
*/
static KRML_MUSTINLINE void
-libcrux_ml_kem_serialize_compress_then_serialize_ring_element_v_4e(
- libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re, Eurydice_slice out) {
- libcrux_ml_kem_serialize_compress_then_serialize_4_9a(re, out);
+libcrux_ml_kem_serialize_compress_then_serialize_ring_element_v_6c(
+ libcrux_ml_kem_polynomial_PolynomialRingElement_1d re, Eurydice_slice out) {
+ libcrux_ml_kem_serialize_compress_then_serialize_4_ea(re, out);
}
/**
-A monomorphic instance of libcrux_ml_kem.ind_cpa.encrypt
+A monomorphic instance of libcrux_ml_kem.ind_cpa.encrypt_c2
+with types libcrux_ml_kem_vector_portable_vector_type_PortableVector
+with const generics
+- K= 3
+- V_COMPRESSION_FACTOR= 4
+- C2_LEN= 128
+*/
+static KRML_MUSTINLINE void libcrux_ml_kem_ind_cpa_encrypt_c2_6c(
+ libcrux_ml_kem_polynomial_PolynomialRingElement_1d *t_as_ntt,
+ libcrux_ml_kem_polynomial_PolynomialRingElement_1d *r_as_ntt,
+ libcrux_ml_kem_polynomial_PolynomialRingElement_1d *error_2,
+ uint8_t *message, Eurydice_slice ciphertext) {
+ libcrux_ml_kem_polynomial_PolynomialRingElement_1d message_as_ring_element =
+ libcrux_ml_kem_serialize_deserialize_then_decompress_message_ea(message);
+ libcrux_ml_kem_polynomial_PolynomialRingElement_1d v =
+ libcrux_ml_kem_matrix_compute_ring_element_v_1b(
+ t_as_ntt, r_as_ntt, error_2, &message_as_ring_element);
+ libcrux_ml_kem_serialize_compress_then_serialize_ring_element_v_6c(
+ v, ciphertext);
+}
+
+/**
+ This function implements <strong>Algorithm 13</strong> of the
+ NIST FIPS 203 specification; this is the Kyber CPA-PKE encryption algorithm.
+
+ Algorithm 13 is reproduced below:
+
+ ```plaintext
+ Input: encryption key ekₚₖₑ ∈ 𝔹^{384k+32}.
+ Input: message m ∈ 𝔹^{32}.
+ Input: encryption randomness r ∈ 𝔹^{32}.
+ Output: ciphertext c ∈ 𝔹^{32(dᵤk + dᵥ)}.
+
+ N ← 0
+ t̂ ← ByteDecode₁₂(ekₚₖₑ[0:384k])
+ ρ ← ekₚₖₑ[384k: 384k + 32]
+ for (i ← 0; i < k; i++)
+ for(j ← 0; j < k; j++)
+ Â[i,j] ← SampleNTT(XOF(ρ, i, j))
+ end for
+ end for
+ for(i ← 0; i < k; i++)
+ r[i] ← SamplePolyCBD_{η₁}(PRF_{η₁}(r,N))
+ N ← N + 1
+ end for
+ for(i ← 0; i < k; i++)
+ e₁[i] ← SamplePolyCBD_{η₂}(PRF_{η₂}(r,N))
+ N ← N + 1
+ end for
+ e₂ ← SamplePolyCBD_{η₂}(PRF_{η₂}(r,N))
+ r̂ ← NTT(r)
+ u ← NTT-¹(Âᵀ ◦ r̂) + e₁
+ μ ← Decompress₁(ByteDecode₁(m)))
+ v ← NTT-¹(t̂ᵀ ◦ rˆ) + e₂ + μ
+ c₁ ← ByteEncode_{dᵤ}(Compress_{dᵤ}(u))
+ c₂ ← ByteEncode_{dᵥ}(Compress_{dᵥ}(v))
+ return c ← (c₁ ‖ c₂)
+ ```
+
+ The NIST FIPS 203 standard can be found at
+ <https://csrc.nist.gov/pubs/fips/203/ipd>.
+*/
+/**
+A monomorphic instance of libcrux_ml_kem.ind_cpa.encrypt_unpacked
with types libcrux_ml_kem_vector_portable_vector_type_PortableVector,
libcrux_ml_kem_hash_functions_portable_PortableHash[[$3size_t]] with const
generics
@@ -10802,95 +9576,83 @@ generics
- ETA2= 2
- ETA2_RANDOMNESS_SIZE= 128
*/
-static inline void libcrux_ml_kem_ind_cpa_encrypt_60(Eurydice_slice public_key,
- uint8_t message[32U],
- Eurydice_slice randomness,
- uint8_t ret[1088U]) {
- libcrux_ml_kem_polynomial_PolynomialRingElement_f0 t_as_ntt[3U];
- libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_33(
- Eurydice_slice_subslice_to(public_key, (size_t)1152U, uint8_t, size_t),
- t_as_ntt);
- Eurydice_slice seed =
- Eurydice_slice_subslice_from(public_key, (size_t)1152U, uint8_t, size_t);
- libcrux_ml_kem_polynomial_PolynomialRingElement_f0 A[3U][3U];
- uint8_t ret0[34U];
- libcrux_ml_kem_utils_into_padded_array_ea1(seed, ret0);
- libcrux_ml_kem_matrix_sample_matrix_A_38(ret0, false, A);
- uint8_t prf_input[33U];
- libcrux_ml_kem_utils_into_padded_array_ea2(randomness, prf_input);
- /* Passing arrays by value in Rust generates a copy in C */
- uint8_t copy_of_prf_input0[33U];
- memcpy(copy_of_prf_input0, prf_input, (size_t)33U * sizeof(uint8_t));
- tuple_b0 uu____1 = libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_fc(
- copy_of_prf_input0, 0U);
- libcrux_ml_kem_polynomial_PolynomialRingElement_f0 r_as_ntt[3U];
- memcpy(
- r_as_ntt, uu____1.fst,
- (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0));
- uint8_t domain_separator0 = uu____1.snd;
- /* Passing arrays by value in Rust generates a copy in C */
- uint8_t copy_of_prf_input[33U];
- memcpy(copy_of_prf_input, prf_input, (size_t)33U * sizeof(uint8_t));
- tuple_b0 uu____3 = libcrux_ml_kem_ind_cpa_sample_ring_element_cbd_ac(
- copy_of_prf_input, domain_separator0);
- libcrux_ml_kem_polynomial_PolynomialRingElement_f0 error_1[3U];
- memcpy(
- error_1, uu____3.fst,
- (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0));
- uint8_t domain_separator = uu____3.snd;
- prf_input[32U] = domain_separator;
- uint8_t prf_output[128U];
- libcrux_ml_kem_hash_functions_portable_PRF_f1_ee0(
- Eurydice_array_to_slice((size_t)33U, prf_input, uint8_t), prf_output);
- libcrux_ml_kem_polynomial_PolynomialRingElement_f0 error_2 =
- libcrux_ml_kem_sampling_sample_from_binomial_distribution_c6(
- Eurydice_array_to_slice((size_t)128U, prf_output, uint8_t));
- libcrux_ml_kem_polynomial_PolynomialRingElement_f0 u[3U];
- libcrux_ml_kem_matrix_compute_vector_u_59(A, r_as_ntt, error_1, u);
- /* Passing arrays by value in Rust generates a copy in C */
- uint8_t copy_of_message[32U];
- memcpy(copy_of_message, message, (size_t)32U * sizeof(uint8_t));
- libcrux_ml_kem_polynomial_PolynomialRingElement_f0 message_as_ring_element =
- libcrux_ml_kem_serialize_deserialize_then_decompress_message_0d(
- copy_of_message);
- libcrux_ml_kem_polynomial_PolynomialRingElement_f0 v =
- libcrux_ml_kem_matrix_compute_ring_element_v_54(
- t_as_ntt, r_as_ntt, &error_2, &message_as_ring_element);
+static KRML_MUSTINLINE void libcrux_ml_kem_ind_cpa_encrypt_unpacked_2a(
+ libcrux_ml_kem_ind_cpa_unpacked_IndCpaPublicKeyUnpacked_a0 *public_key,
+ uint8_t *message, Eurydice_slice randomness, uint8_t ret[1088U]) {
uint8_t ciphertext[1088U] = {0U};
- libcrux_ml_kem_polynomial_PolynomialRingElement_f0 uu____5[3U];
+ tuple_ed uu____0 = libcrux_ml_kem_ind_cpa_encrypt_c1_85(
+ randomness, public_key->A,
+ Eurydice_array_to_subslice3(ciphertext, (size_t)0U, (size_t)960U,
+ uint8_t *));
+ libcrux_ml_kem_polynomial_PolynomialRingElement_1d r_as_ntt[3U];
memcpy(
- uu____5, u,
- (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0));
- libcrux_ml_kem_ind_cpa_compress_then_serialize_u_a7(
- uu____5, Eurydice_array_to_subslice2(ciphertext, (size_t)0U, (size_t)960U,
- uint8_t));
- libcrux_ml_kem_polynomial_PolynomialRingElement_f0 uu____6 = v;
- libcrux_ml_kem_serialize_compress_then_serialize_ring_element_v_4e(
- uu____6, Eurydice_array_to_subslice_from((size_t)1088U, ciphertext,
- (size_t)960U, uint8_t, size_t));
+ r_as_ntt, uu____0.fst,
+ (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_1d));
+ libcrux_ml_kem_polynomial_PolynomialRingElement_1d error_2 = uu____0.snd;
+ libcrux_ml_kem_polynomial_PolynomialRingElement_1d *uu____1 =
+ public_key->t_as_ntt;
+ libcrux_ml_kem_polynomial_PolynomialRingElement_1d *uu____2 = r_as_ntt;
+ libcrux_ml_kem_polynomial_PolynomialRingElement_1d *uu____3 = &error_2;
+ uint8_t *uu____4 = message;
+ libcrux_ml_kem_ind_cpa_encrypt_c2_6c(
+ uu____1, uu____2, uu____3, uu____4,
+ Eurydice_array_to_subslice_from((size_t)1088U, ciphertext, (size_t)960U,
+ uint8_t, size_t, uint8_t[]));
memcpy(ret, ciphertext, (size_t)1088U * sizeof(uint8_t));
}
/**
-This function found in impl {(libcrux_ml_kem::variant::Variant for
-libcrux_ml_kem::variant::MlKem)#1}
+A monomorphic instance of libcrux_ml_kem.ind_cpa.encrypt
+with types libcrux_ml_kem_vector_portable_vector_type_PortableVector,
+libcrux_ml_kem_hash_functions_portable_PortableHash[[$3size_t]] with const
+generics
+- K= 3
+- CIPHERTEXT_SIZE= 1088
+- T_AS_NTT_ENCODED_SIZE= 1152
+- C1_LEN= 960
+- C2_LEN= 128
+- U_COMPRESSION_FACTOR= 10
+- V_COMPRESSION_FACTOR= 4
+- BLOCK_LEN= 320
+- ETA1= 2
+- ETA1_RANDOMNESS_SIZE= 128
+- ETA2= 2
+- ETA2_RANDOMNESS_SIZE= 128
*/
+static KRML_MUSTINLINE void libcrux_ml_kem_ind_cpa_encrypt_2a(
+ Eurydice_slice public_key, uint8_t *message, Eurydice_slice randomness,
+ uint8_t ret[1088U]) {
+ libcrux_ml_kem_ind_cpa_unpacked_IndCpaPublicKeyUnpacked_a0
+ unpacked_public_key =
+ libcrux_ml_kem_ind_cpa_build_unpacked_public_key_3f(public_key);
+ uint8_t ret0[1088U];
+ libcrux_ml_kem_ind_cpa_encrypt_unpacked_2a(&unpacked_public_key, message,
+ randomness, ret0);
+ memcpy(ret, ret0, (size_t)1088U * sizeof(uint8_t));
+}
+
/**
-A monomorphic instance of libcrux_ml_kem.variant.kdf_d8
+This function found in impl {libcrux_ml_kem::variant::Variant for
+libcrux_ml_kem::variant::MlKem}
+*/
+/**
+A monomorphic instance of libcrux_ml_kem.variant.kdf_39
with types libcrux_ml_kem_hash_functions_portable_PortableHash[[$3size_t]]
with const generics
- K= 3
- CIPHERTEXT_SIZE= 1088
*/
-static KRML_MUSTINLINE void libcrux_ml_kem_variant_kdf_d8_41(
- Eurydice_slice shared_secret, libcrux_ml_kem_mlkem768_MlKem768Ciphertext *_,
- uint8_t ret[32U]) {
+static KRML_MUSTINLINE void libcrux_ml_kem_variant_kdf_39_d6(
+ Eurydice_slice shared_secret, uint8_t *_, uint8_t ret[32U]) {
uint8_t out[32U] = {0U};
Eurydice_slice_copy(Eurydice_array_to_slice((size_t)32U, out, uint8_t),
shared_secret, uint8_t);
memcpy(ret, out, (size_t)32U * sizeof(uint8_t));
}
+/**
+ This code verifies on some machines, runs out of memory on others
+*/
/**
A monomorphic instance of libcrux_ml_kem.ind_cca.decapsulate
with types libcrux_ml_kem_vector_portable_vector_type_PortableVector,
@@ -10913,71 +9675,63 @@ libcrux_ml_kem_variant_MlKem with const generics
- ETA2_RANDOMNESS_SIZE= 128
- IMPLICIT_REJECTION_HASH_INPUT_SIZE= 1120
*/
-static inline void libcrux_ml_kem_ind_cca_decapsulate_70(
- libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key,
+static KRML_MUSTINLINE void libcrux_ml_kem_ind_cca_decapsulate_62(
+ libcrux_ml_kem_types_MlKemPrivateKey_d9 *private_key,
libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext, uint8_t ret[32U]) {
- Eurydice_slice_uint8_t_x2 uu____0 = Eurydice_slice_split_at(
- Eurydice_array_to_slice((size_t)2400U, private_key->value, uint8_t),
- (size_t)1152U, uint8_t, Eurydice_slice_uint8_t_x2);
+ Eurydice_slice_uint8_t_x4 uu____0 =
+ libcrux_ml_kem_types_unpack_private_key_b4(
+ Eurydice_array_to_slice((size_t)2400U, private_key->value, uint8_t));
Eurydice_slice ind_cpa_secret_key = uu____0.fst;
- Eurydice_slice secret_key0 = uu____0.snd;
- Eurydice_slice_uint8_t_x2 uu____1 = Eurydice_slice_split_at(
- secret_key0, (size_t)1184U, uint8_t, Eurydice_slice_uint8_t_x2);
- Eurydice_slice ind_cpa_public_key = uu____1.fst;
- Eurydice_slice secret_key = uu____1.snd;
- Eurydice_slice_uint8_t_x2 uu____2 = Eurydice_slice_split_at(
- secret_key, LIBCRUX_ML_KEM_CONSTANTS_H_DIGEST_SIZE, uint8_t,
- Eurydice_slice_uint8_t_x2);
- Eurydice_slice ind_cpa_public_key_hash = uu____2.fst;
- Eurydice_slice implicit_rejection_value = uu____2.snd;
+ Eurydice_slice ind_cpa_public_key = uu____0.snd;
+ Eurydice_slice ind_cpa_public_key_hash = uu____0.thd;
+ Eurydice_slice implicit_rejection_value = uu____0.f3;
uint8_t decrypted[32U];
- libcrux_ml_kem_ind_cpa_decrypt_43(ind_cpa_secret_key, ciphertext->value,
+ libcrux_ml_kem_ind_cpa_decrypt_42(ind_cpa_secret_key, ciphertext->value,
decrypted);
uint8_t to_hash0[64U];
- libcrux_ml_kem_utils_into_padded_array_ea(
+ libcrux_ml_kem_utils_into_padded_array_24(
Eurydice_array_to_slice((size_t)32U, decrypted, uint8_t), to_hash0);
Eurydice_slice_copy(
Eurydice_array_to_subslice_from(
(size_t)64U, to_hash0, LIBCRUX_ML_KEM_CONSTANTS_SHARED_SECRET_SIZE,
- uint8_t, size_t),
+ uint8_t, size_t, uint8_t[]),
ind_cpa_public_key_hash, uint8_t);
uint8_t hashed[64U];
- libcrux_ml_kem_hash_functions_portable_G_f1_e4(
+ libcrux_ml_kem_hash_functions_portable_G_4a_e0(
Eurydice_array_to_slice((size_t)64U, to_hash0, uint8_t), hashed);
- Eurydice_slice_uint8_t_x2 uu____3 = Eurydice_slice_split_at(
+ Eurydice_slice_uint8_t_x2 uu____1 = Eurydice_slice_split_at(
Eurydice_array_to_slice((size_t)64U, hashed, uint8_t),
LIBCRUX_ML_KEM_CONSTANTS_SHARED_SECRET_SIZE, uint8_t,
Eurydice_slice_uint8_t_x2);
- Eurydice_slice shared_secret0 = uu____3.fst;
- Eurydice_slice pseudorandomness = uu____3.snd;
+ Eurydice_slice shared_secret0 = uu____1.fst;
+ Eurydice_slice pseudorandomness = uu____1.snd;
uint8_t to_hash[1120U];
- libcrux_ml_kem_utils_into_padded_array_ea0(implicit_rejection_value, to_hash);
- Eurydice_slice uu____4 = Eurydice_array_to_subslice_from(
+ libcrux_ml_kem_utils_into_padded_array_15(implicit_rejection_value, to_hash);
+ Eurydice_slice uu____2 = Eurydice_array_to_subslice_from(
(size_t)1120U, to_hash, LIBCRUX_ML_KEM_CONSTANTS_SHARED_SECRET_SIZE,
- uint8_t, size_t);
- Eurydice_slice_copy(uu____4, libcrux_ml_kem_types_as_ref_00_24(ciphertext),
+ uint8_t, size_t, uint8_t[]);
+ Eurydice_slice_copy(uu____2, libcrux_ml_kem_types_as_ref_d3_80(ciphertext),
uint8_t);
uint8_t implicit_rejection_shared_secret0[32U];
- libcrux_ml_kem_hash_functions_portable_PRF_f1_ee(
+ libcrux_ml_kem_hash_functions_portable_PRF_4a_41(
Eurydice_array_to_slice((size_t)1120U, to_hash, uint8_t),
implicit_rejection_shared_secret0);
- Eurydice_slice uu____5 = ind_cpa_public_key;
- /* Passing arrays by value in Rust generates a copy in C */
- uint8_t copy_of_decrypted[32U];
- memcpy(copy_of_decrypted, decrypted, (size_t)32U * sizeof(uint8_t));
uint8_t expected_ciphertext[1088U];
- libcrux_ml_kem_ind_cpa_encrypt_60(uu____5, copy_of_decrypted,
+ libcrux_ml_kem_ind_cpa_encrypt_2a(ind_cpa_public_key, decrypted,
pseudorandomness, expected_ciphertext);
uint8_t implicit_rejection_shared_secret[32U];
- libcrux_ml_kem_variant_kdf_d8_41(
+ libcrux_ml_kem_variant_kdf_39_d6(
Eurydice_array_to_slice((size_t)32U, implicit_rejection_shared_secret0,
uint8_t),
- ciphertext, implicit_rejection_shared_secret);
+ libcrux_ml_kem_types_as_slice_a9_80(ciphertext),
+ implicit_rejection_shared_secret);
uint8_t shared_secret[32U];
- libcrux_ml_kem_variant_kdf_d8_41(shared_secret0, ciphertext, shared_secret);
+ libcrux_ml_kem_variant_kdf_39_d6(
+ shared_secret0, libcrux_ml_kem_types_as_slice_a9_80(ciphertext),
+ shared_secret);
uint8_t ret0[32U];
libcrux_ml_kem_constant_time_ops_compare_ciphertexts_select_shared_secret_in_constant_time(
- libcrux_ml_kem_types_as_ref_00_24(ciphertext),
+ libcrux_ml_kem_types_as_ref_d3_80(ciphertext),
Eurydice_array_to_slice((size_t)1088U, expected_ciphertext, uint8_t),
Eurydice_array_to_slice((size_t)32U, shared_secret, uint8_t),
Eurydice_array_to_slice((size_t)32U, implicit_rejection_shared_secret,
@@ -11010,10 +9764,10 @@ libcrux_ml_kem.ind_cca.instantiations.portable.decapsulate with const generics
- IMPLICIT_REJECTION_HASH_INPUT_SIZE= 1120
*/
static inline void
-libcrux_ml_kem_ind_cca_instantiations_portable_decapsulate_2e(
- libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key,
+libcrux_ml_kem_ind_cca_instantiations_portable_decapsulate_35(
+ libcrux_ml_kem_types_MlKemPrivateKey_d9 *private_key,
libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext, uint8_t ret[32U]) {
- libcrux_ml_kem_ind_cca_decapsulate_70(private_key, ciphertext, ret);
+ libcrux_ml_kem_ind_cca_decapsulate_62(private_key, ciphertext, ret);
}
/**
@@ -11024,23 +9778,23 @@ libcrux_ml_kem_ind_cca_instantiations_portable_decapsulate_2e(
[`MlKem768Ciphertext`].
*/
static inline void libcrux_ml_kem_mlkem768_portable_decapsulate(
- libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key,
+ libcrux_ml_kem_types_MlKemPrivateKey_d9 *private_key,
libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext, uint8_t ret[32U]) {
- libcrux_ml_kem_ind_cca_instantiations_portable_decapsulate_2e(
+ libcrux_ml_kem_ind_cca_instantiations_portable_decapsulate_35(
private_key, ciphertext, ret);
}
/**
-This function found in impl {(libcrux_ml_kem::variant::Variant for
-libcrux_ml_kem::variant::MlKem)#1}
+This function found in impl {libcrux_ml_kem::variant::Variant for
+libcrux_ml_kem::variant::MlKem}
*/
/**
-A monomorphic instance of libcrux_ml_kem.variant.entropy_preprocess_d8
+A monomorphic instance of libcrux_ml_kem.variant.entropy_preprocess_39
with types libcrux_ml_kem_hash_functions_portable_PortableHash[[$3size_t]]
with const generics
- K= 3
*/
-static KRML_MUSTINLINE void libcrux_ml_kem_variant_entropy_preprocess_d8_63(
+static KRML_MUSTINLINE void libcrux_ml_kem_variant_entropy_preprocess_39_9c(
Eurydice_slice randomness, uint8_t ret[32U]) {
uint8_t out[32U] = {0U};
Eurydice_slice_copy(Eurydice_array_to_slice((size_t)32U, out, uint8_t),
@@ -11049,15 +9803,15 @@ static KRML_MUSTINLINE void libcrux_ml_kem_variant_entropy_preprocess_d8_63(
}
/**
-This function found in impl {(libcrux_ml_kem::hash_functions::Hash<K> for
-libcrux_ml_kem::hash_functions::portable::PortableHash<K>)}
+This function found in impl {libcrux_ml_kem::hash_functions::Hash<K> for
+libcrux_ml_kem::hash_functions::portable::PortableHash<K>}
*/
/**
-A monomorphic instance of libcrux_ml_kem.hash_functions.portable.H_f1
+A monomorphic instance of libcrux_ml_kem.hash_functions.portable.H_4a
with const generics
- K= 3
*/
-static KRML_MUSTINLINE void libcrux_ml_kem_hash_functions_portable_H_f1_1a(
+static inline void libcrux_ml_kem_hash_functions_portable_H_4a_e0(
Eurydice_slice input, uint8_t ret[32U]) {
libcrux_ml_kem_hash_functions_portable_H(input, ret);
}
@@ -11075,34 +9829,33 @@ libcrux_ml_kem_variant_MlKem with const generics
- C2_SIZE= 128
- VECTOR_U_COMPRESSION_FACTOR= 10
- VECTOR_V_COMPRESSION_FACTOR= 4
-- VECTOR_U_BLOCK_LEN= 320
+- C1_BLOCK_SIZE= 320
- ETA1= 2
- ETA1_RANDOMNESS_SIZE= 128
- ETA2= 2
- ETA2_RANDOMNESS_SIZE= 128
*/
-static inline tuple_3c libcrux_ml_kem_ind_cca_encapsulate_cd(
- libcrux_ml_kem_types_MlKemPublicKey_15 *public_key,
- uint8_t randomness[32U]) {
+static KRML_MUSTINLINE tuple_c2 libcrux_ml_kem_ind_cca_encapsulate_ca(
+ libcrux_ml_kem_types_MlKemPublicKey_30 *public_key, uint8_t *randomness) {
uint8_t randomness0[32U];
- libcrux_ml_kem_variant_entropy_preprocess_d8_63(
+ libcrux_ml_kem_variant_entropy_preprocess_39_9c(
Eurydice_array_to_slice((size_t)32U, randomness, uint8_t), randomness0);
uint8_t to_hash[64U];
- libcrux_ml_kem_utils_into_padded_array_ea(
+ libcrux_ml_kem_utils_into_padded_array_24(
Eurydice_array_to_slice((size_t)32U, randomness0, uint8_t), to_hash);
Eurydice_slice uu____0 = Eurydice_array_to_subslice_from(
(size_t)64U, to_hash, LIBCRUX_ML_KEM_CONSTANTS_H_DIGEST_SIZE, uint8_t,
- size_t);
- uint8_t ret[32U];
- libcrux_ml_kem_hash_functions_portable_H_f1_1a(
+ size_t, uint8_t[]);
+ uint8_t ret0[32U];
+ libcrux_ml_kem_hash_functions_portable_H_4a_e0(
Eurydice_array_to_slice((size_t)1184U,
- libcrux_ml_kem_types_as_slice_cb_50(public_key),
+ libcrux_ml_kem_types_as_slice_e6_d0(public_key),
uint8_t),
- ret);
+ ret0);
Eurydice_slice_copy(
- uu____0, Eurydice_array_to_slice((size_t)32U, ret, uint8_t), uint8_t);
+ uu____0, Eurydice_array_to_slice((size_t)32U, ret0, uint8_t), uint8_t);
uint8_t hashed[64U];
- libcrux_ml_kem_hash_functions_portable_G_f1_e4(
+ libcrux_ml_kem_hash_functions_portable_G_4a_e0(
Eurydice_array_to_slice((size_t)64U, to_hash, uint8_t), hashed);
Eurydice_slice_uint8_t_x2 uu____1 = Eurydice_slice_split_at(
Eurydice_array_to_slice((size_t)64U, hashed, uint8_t),
@@ -11110,30 +9863,20 @@ static inline tuple_3c libcrux_ml_kem_ind_cca_encapsulate_cd(
Eurydice_slice_uint8_t_x2);
Eurydice_slice shared_secret = uu____1.fst;
Eurydice_slice pseudorandomness = uu____1.snd;
- Eurydice_slice uu____2 = Eurydice_array_to_slice(
- (size_t)1184U, libcrux_ml_kem_types_as_slice_cb_50(public_key), uint8_t);
- /* Passing arrays by value in Rust generates a copy in C */
- uint8_t copy_of_randomness[32U];
- memcpy(copy_of_randomness, randomness0, (size_t)32U * sizeof(uint8_t));
uint8_t ciphertext[1088U];
- libcrux_ml_kem_ind_cpa_encrypt_60(uu____2, copy_of_randomness,
- pseudorandomness, ciphertext);
+ libcrux_ml_kem_ind_cpa_encrypt_2a(
+ Eurydice_array_to_slice((size_t)1184U,
+ libcrux_ml_kem_types_as_slice_e6_d0(public_key),
+ uint8_t),
+ randomness0, pseudorandomness, ciphertext);
/* Passing arrays by value in Rust generates a copy in C */
uint8_t copy_of_ciphertext[1088U];
memcpy(copy_of_ciphertext, ciphertext, (size_t)1088U * sizeof(uint8_t));
- libcrux_ml_kem_mlkem768_MlKem768Ciphertext ciphertext0 =
- libcrux_ml_kem_types_from_01_9f(copy_of_ciphertext);
- uint8_t shared_secret_array[32U];
- libcrux_ml_kem_variant_kdf_d8_41(shared_secret, &ciphertext0,
- shared_secret_array);
- libcrux_ml_kem_mlkem768_MlKem768Ciphertext uu____5 = ciphertext0;
- /* Passing arrays by value in Rust generates a copy in C */
- uint8_t copy_of_shared_secret_array[32U];
- memcpy(copy_of_shared_secret_array, shared_secret_array,
- (size_t)32U * sizeof(uint8_t));
- tuple_3c lit;
- lit.fst = uu____5;
- memcpy(lit.snd, copy_of_shared_secret_array, (size_t)32U * sizeof(uint8_t));
+ tuple_c2 lit;
+ lit.fst = libcrux_ml_kem_types_from_e0_80(copy_of_ciphertext);
+ uint8_t ret[32U];
+ libcrux_ml_kem_variant_kdf_39_d6(shared_secret, ciphertext, ret);
+ memcpy(lit.snd, ret, (size_t)32U * sizeof(uint8_t));
return lit;
}
@@ -11148,21 +9891,16 @@ libcrux_ml_kem.ind_cca.instantiations.portable.encapsulate with const generics
- C2_SIZE= 128
- VECTOR_U_COMPRESSION_FACTOR= 10
- VECTOR_V_COMPRESSION_FACTOR= 4
-- VECTOR_U_BLOCK_LEN= 320
+- C1_BLOCK_SIZE= 320
- ETA1= 2
- ETA1_RANDOMNESS_SIZE= 128
- ETA2= 2
- ETA2_RANDOMNESS_SIZE= 128
*/
-static inline tuple_3c
-libcrux_ml_kem_ind_cca_instantiations_portable_encapsulate_c6(
- libcrux_ml_kem_types_MlKemPublicKey_15 *public_key,
- uint8_t randomness[32U]) {
- libcrux_ml_kem_types_MlKemPublicKey_15 *uu____0 = public_key;
- /* Passing arrays by value in Rust generates a copy in C */
- uint8_t copy_of_randomness[32U];
- memcpy(copy_of_randomness, randomness, (size_t)32U * sizeof(uint8_t));
- return libcrux_ml_kem_ind_cca_encapsulate_cd(uu____0, copy_of_randomness);
+static inline tuple_c2
+libcrux_ml_kem_ind_cca_instantiations_portable_encapsulate_cd(
+ libcrux_ml_kem_types_MlKemPublicKey_30 *public_key, uint8_t *randomness) {
+ return libcrux_ml_kem_ind_cca_encapsulate_ca(public_key, randomness);
}
/**
@@ -11172,96 +9910,145 @@ libcrux_ml_kem_ind_cca_instantiations_portable_encapsulate_c6(
The input is a reference to an [`MlKem768PublicKey`] and [`SHARED_SECRET_SIZE`]
bytes of `randomness`.
*/
-static inline tuple_3c libcrux_ml_kem_mlkem768_portable_encapsulate(
- libcrux_ml_kem_types_MlKemPublicKey_15 *public_key,
+static inline tuple_c2 libcrux_ml_kem_mlkem768_portable_encapsulate(
+ libcrux_ml_kem_types_MlKemPublicKey_30 *public_key,
uint8_t randomness[32U]) {
- libcrux_ml_kem_types_MlKemPublicKey_15 *uu____0 = public_key;
- /* Passing arrays by value in Rust generates a copy in C */
- uint8_t copy_of_randomness[32U];
- memcpy(copy_of_randomness, randomness, (size_t)32U * sizeof(uint8_t));
- return libcrux_ml_kem_ind_cca_instantiations_portable_encapsulate_c6(
- uu____0, copy_of_randomness);
+ return libcrux_ml_kem_ind_cca_instantiations_portable_encapsulate_cd(
+ public_key, randomness);
}
/**
-This function found in impl {(libcrux_ml_kem::variant::Variant for
-libcrux_ml_kem::variant::MlKem)#1}
+This function found in impl {core::default::Default for
+libcrux_ml_kem::ind_cpa::unpacked::IndCpaPrivateKeyUnpacked<Vector,
+K>[TraitClause@0, TraitClause@1]}
*/
/**
-A monomorphic instance of libcrux_ml_kem.variant.cpa_keygen_seed_d8
+A monomorphic instance of libcrux_ml_kem.ind_cpa.unpacked.default_70
+with types libcrux_ml_kem_vector_portable_vector_type_PortableVector
+with const generics
+- K= 3
+*/
+static inline libcrux_ml_kem_ind_cpa_unpacked_IndCpaPrivateKeyUnpacked_a0
+libcrux_ml_kem_ind_cpa_unpacked_default_70_1b(void) {
+ libcrux_ml_kem_ind_cpa_unpacked_IndCpaPrivateKeyUnpacked_a0 lit;
+ libcrux_ml_kem_polynomial_PolynomialRingElement_1d repeat_expression[3U];
+ for (size_t i = (size_t)0U; i < (size_t)3U; i++) {
+ repeat_expression[i] = libcrux_ml_kem_polynomial_ZERO_d6_ea();
+ }
+ memcpy(
+ lit.secret_as_ntt, repeat_expression,
+ (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_1d));
+ return lit;
+}
+
+/**
+This function found in impl {libcrux_ml_kem::variant::Variant for
+libcrux_ml_kem::variant::MlKem}
+*/
+/**
+A monomorphic instance of libcrux_ml_kem.variant.cpa_keygen_seed_39
with types libcrux_ml_kem_hash_functions_portable_PortableHash[[$3size_t]]
with const generics
- K= 3
*/
-static KRML_MUSTINLINE void libcrux_ml_kem_variant_cpa_keygen_seed_d8_0e(
+static KRML_MUSTINLINE void libcrux_ml_kem_variant_cpa_keygen_seed_39_9c(
Eurydice_slice key_generation_seed, uint8_t ret[64U]) {
uint8_t seed[33U] = {0U};
Eurydice_slice_copy(
- Eurydice_array_to_subslice2(
+ Eurydice_array_to_subslice3(
seed, (size_t)0U,
- LIBCRUX_ML_KEM_CONSTANTS_CPA_PKE_KEY_GENERATION_SEED_SIZE, uint8_t),
+ LIBCRUX_ML_KEM_CONSTANTS_CPA_PKE_KEY_GENERATION_SEED_SIZE, uint8_t *),
key_generation_seed, uint8_t);
seed[LIBCRUX_ML_KEM_CONSTANTS_CPA_PKE_KEY_GENERATION_SEED_SIZE] =
(uint8_t)(size_t)3U;
uint8_t ret0[64U];
- libcrux_ml_kem_hash_functions_portable_G_f1_e4(
+ libcrux_ml_kem_hash_functions_portable_G_4a_e0(
Eurydice_array_to_slice((size_t)33U, seed, uint8_t), ret0);
memcpy(ret, ret0, (size_t)64U * sizeof(uint8_t));
}
/**
-A monomorphic instance of libcrux_ml_kem.matrix.compute_As_plus_e.closure
-with types libcrux_ml_kem_vector_portable_vector_type_PortableVector
-with const generics
+This function found in impl {core::ops::function::FnMut<(usize),
+libcrux_ml_kem::polynomial::PolynomialRingElement<Vector>[TraitClause@0,
+TraitClause@3]> for
+libcrux_ml_kem::ind_cpa::generate_keypair_unpacked::closure<Vector, Hasher,
+Scheme, K, ETA1, ETA1_RANDOMNESS_SIZE>[TraitClause@0, TraitClause@1,
+TraitClause@2, TraitClause@3, TraitClause@4, TraitClause@5]}
+*/
+/**
+A monomorphic instance of
+libcrux_ml_kem.ind_cpa.generate_keypair_unpacked.call_mut_73 with types
+libcrux_ml_kem_vector_portable_vector_type_PortableVector,
+libcrux_ml_kem_hash_functions_portable_PortableHash[[$3size_t]],
+libcrux_ml_kem_variant_MlKem with const generics
- K= 3
+- ETA1= 2
+- ETA1_RANDOMNESS_SIZE= 128
*/
-static inline libcrux_ml_kem_polynomial_PolynomialRingElement_f0
-libcrux_ml_kem_matrix_compute_As_plus_e_closure_87(size_t _i) {
- return libcrux_ml_kem_polynomial_ZERO_89_ea();
+static inline libcrux_ml_kem_polynomial_PolynomialRingElement_1d
+libcrux_ml_kem_ind_cpa_generate_keypair_unpacked_call_mut_73_1c(
+ void **_, size_t tupled_args) {
+ return libcrux_ml_kem_polynomial_ZERO_d6_ea();
}
/**
-A monomorphic instance of libcrux_ml_kem.vector.traits.to_standard_domain
+A monomorphic instance of libcrux_ml_kem.polynomial.to_standard_domain
with types libcrux_ml_kem_vector_portable_vector_type_PortableVector
with const generics
*/
-static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector
-libcrux_ml_kem_vector_traits_to_standard_domain_59(
- libcrux_ml_kem_vector_portable_vector_type_PortableVector v) {
- return libcrux_ml_kem_vector_portable_montgomery_multiply_by_constant_0d(
- v, LIBCRUX_ML_KEM_VECTOR_TRAITS_MONTGOMERY_R_SQUARED_MOD_FIELD_MODULUS);
+static KRML_MUSTINLINE libcrux_ml_kem_vector_portable_vector_type_PortableVector
+libcrux_ml_kem_polynomial_to_standard_domain_ea(
+ libcrux_ml_kem_vector_portable_vector_type_PortableVector vector) {
+ return libcrux_ml_kem_vector_portable_montgomery_multiply_by_constant_b8(
+ vector,
+ LIBCRUX_ML_KEM_VECTOR_TRAITS_MONTGOMERY_R_SQUARED_MOD_FIELD_MODULUS);
}
/**
-This function found in impl
-{libcrux_ml_kem::polynomial::PolynomialRingElement<Vector>[TraitClause@0]}
-*/
-/**
-A monomorphic instance of libcrux_ml_kem.polynomial.add_standard_error_reduce_89
+A monomorphic instance of libcrux_ml_kem.polynomial.add_standard_error_reduce
with types libcrux_ml_kem_vector_portable_vector_type_PortableVector
with const generics
*/
static KRML_MUSTINLINE void
-libcrux_ml_kem_polynomial_add_standard_error_reduce_89_03(
- libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *self,
- libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *error) {
+libcrux_ml_kem_polynomial_add_standard_error_reduce_ea(
+ libcrux_ml_kem_polynomial_PolynomialRingElement_1d *myself,
+ libcrux_ml_kem_polynomial_PolynomialRingElement_1d *error) {
for (size_t i = (size_t)0U;
i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) {
size_t j = i;
libcrux_ml_kem_vector_portable_vector_type_PortableVector
coefficient_normal_form =
- libcrux_ml_kem_vector_traits_to_standard_domain_59(
- self->coefficients[j]);
- libcrux_ml_kem_vector_portable_vector_type_PortableVector uu____0 =
- libcrux_ml_kem_vector_portable_barrett_reduce_0d(
- libcrux_ml_kem_vector_portable_add_0d(coefficient_normal_form,
- &error->coefficients[j]));
- self->coefficients[j] = uu____0;
+ libcrux_ml_kem_polynomial_to_standard_domain_ea(
+ myself->coefficients[j]);
+ libcrux_ml_kem_vector_portable_vector_type_PortableVector sum =
+ libcrux_ml_kem_vector_portable_add_b8(coefficient_normal_form,
+ &error->coefficients[j]);
+ libcrux_ml_kem_vector_portable_vector_type_PortableVector red =
+ libcrux_ml_kem_vector_portable_barrett_reduce_b8(sum);
+ myself->coefficients[j] = red;
}
}
+/**
+This function found in impl
+{libcrux_ml_kem::polynomial::PolynomialRingElement<Vector>[TraitClause@0,
+TraitClause@1]}
+*/
+/**
+A monomorphic instance of libcrux_ml_kem.polynomial.add_standard_error_reduce_d6
+with types libcrux_ml_kem_vector_portable_vector_type_PortableVector
+with const generics
+
+*/
+static KRML_MUSTINLINE void
+libcrux_ml_kem_polynomial_add_standard_error_reduce_d6_ea(
+ libcrux_ml_kem_polynomial_PolynomialRingElement_1d *self,
+ libcrux_ml_kem_polynomial_PolynomialRingElement_1d *error) {
+ libcrux_ml_kem_polynomial_add_standard_error_reduce_ea(self, error);
+}
+
/**
Compute  ◦ ŝ + ê
*/
@@ -11271,46 +10058,135 @@ with types libcrux_ml_kem_vector_portable_vector_type_PortableVector
with const generics
- K= 3
*/
-static KRML_MUSTINLINE void libcrux_ml_kem_matrix_compute_As_plus_e_60(
- libcrux_ml_kem_polynomial_PolynomialRingElement_f0 (*matrix_A)[3U],
- libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *s_as_ntt,
- libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *error_as_ntt,
- libcrux_ml_kem_polynomial_PolynomialRingElement_f0 ret[3U]) {
- libcrux_ml_kem_polynomial_PolynomialRingElement_f0 result[3U];
- for (size_t i = (size_t)0U; i < (size_t)3U; i++) {
- result[i] = libcrux_ml_kem_polynomial_ZERO_89_ea();
- }
- for (size_t i0 = (size_t)0U;
- i0 < Eurydice_slice_len(
- Eurydice_array_to_slice(
- (size_t)3U, matrix_A,
- libcrux_ml_kem_polynomial_PolynomialRingElement_f0[3U]),
- libcrux_ml_kem_polynomial_PolynomialRingElement_f0[3U]);
- i0++) {
- size_t i1 = i0;
- libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *row = matrix_A[i1];
- for (size_t i = (size_t)0U;
- i < Eurydice_slice_len(
- Eurydice_array_to_slice(
- (size_t)3U, row,
- libcrux_ml_kem_polynomial_PolynomialRingElement_f0),
- libcrux_ml_kem_polynomial_PolynomialRingElement_f0);
- i++) {
- size_t j = i;
- libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *matrix_element =
+static KRML_MUSTINLINE void libcrux_ml_kem_matrix_compute_As_plus_e_1b(
+ libcrux_ml_kem_polynomial_PolynomialRingElement_1d *t_as_ntt,
+ libcrux_ml_kem_polynomial_PolynomialRingElement_1d (*matrix_A)[3U],
+ libcrux_ml_kem_polynomial_PolynomialRingElement_1d *s_as_ntt,
+ libcrux_ml_kem_polynomial_PolynomialRingElement_1d *error_as_ntt) {
+ for (size_t i = (size_t)0U;
+ i < Eurydice_slice_len(
+ Eurydice_array_to_slice(
+ (size_t)3U, matrix_A,
+ libcrux_ml_kem_polynomial_PolynomialRingElement_1d[3U]),
+ libcrux_ml_kem_polynomial_PolynomialRingElement_1d[3U]);
+ i++) {
+ size_t i0 = i;
+ libcrux_ml_kem_polynomial_PolynomialRingElement_1d *row = matrix_A[i0];
+ libcrux_ml_kem_polynomial_PolynomialRingElement_1d uu____0 =
+ libcrux_ml_kem_polynomial_ZERO_d6_ea();
+ t_as_ntt[i0] = uu____0;
+ for (size_t i1 = (size_t)0U;
+ i1 < Eurydice_slice_len(
+ Eurydice_array_to_slice(
+ (size_t)3U, row,
+ libcrux_ml_kem_polynomial_PolynomialRingElement_1d),
+ libcrux_ml_kem_polynomial_PolynomialRingElement_1d);
+ i1++) {
+ size_t j = i1;
+ libcrux_ml_kem_polynomial_PolynomialRingElement_1d *matrix_element =
&row[j];
- libcrux_ml_kem_polynomial_PolynomialRingElement_f0 product =
- libcrux_ml_kem_polynomial_ntt_multiply_89_2a(matrix_element,
+ libcrux_ml_kem_polynomial_PolynomialRingElement_1d product =
+ libcrux_ml_kem_polynomial_ntt_multiply_d6_ea(matrix_element,
&s_as_ntt[j]);
- libcrux_ml_kem_polynomial_add_to_ring_element_89_84(&result[i1],
+ libcrux_ml_kem_polynomial_add_to_ring_element_d6_1b(&t_as_ntt[i0],
&product);
}
- libcrux_ml_kem_polynomial_add_standard_error_reduce_89_03(
- &result[i1], &error_as_ntt[i1]);
+ libcrux_ml_kem_polynomial_add_standard_error_reduce_d6_ea(
+ &t_as_ntt[i0], &error_as_ntt[i0]);
}
- memcpy(
- ret, result,
- (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0));
+}
+
+/**
+ This function implements most of <strong>Algorithm 12</strong> of the
+ NIST FIPS 203 specification; this is the Kyber CPA-PKE key generation
+ algorithm.
+
+ We say "most of" since Algorithm 12 samples the required randomness within
+ the function itself, whereas this implementation expects it to be provided
+ through the `key_generation_seed` parameter.
+
+ Algorithm 12 is reproduced below:
+
+ ```plaintext
+ Output: encryption key ekₚₖₑ ∈ 𝔹^{384k+32}.
+ Output: decryption key dkₚₖₑ ∈ 𝔹^{384k}.
+
+ d ←$ B
+ (ρ,σ) ← G(d)
+ N ← 0
+ for (i ← 0; i < k; i++)
+ for(j ← 0; j < k; j++)
+ Â[i,j] ← SampleNTT(XOF(ρ, i, j))
+ end for
+ end for
+ for(i ← 0; i < k; i++)
+ s[i] ← SamplePolyCBD_{η₁}(PRF_{η₁}(σ,N))
+ N ← N + 1
+ end for
+ for(i ← 0; i < k; i++)
+ e[i] ← SamplePolyCBD_{η₂}(PRF_{η₂}(σ,N))
+ N ← N + 1
+ end for
+ ŝ ← NTT(s)
+ ê ← NTT(e)
+ t̂ ← Â◦ŝ + ê
+ ekₚₖₑ ← ByteEncode₁₂(t̂) ‖ ρ
+ dkₚₖₑ ← ByteEncode₁₂(ŝ)
+ ```
+
+ The NIST FIPS 203 standard can be found at
+ <https://csrc.nist.gov/pubs/fips/203/ipd>.
+*/
+/**
+A monomorphic instance of libcrux_ml_kem.ind_cpa.generate_keypair_unpacked
+with types libcrux_ml_kem_vector_portable_vector_type_PortableVector,
+libcrux_ml_kem_hash_functions_portable_PortableHash[[$3size_t]],
+libcrux_ml_kem_variant_MlKem with const generics
+- K= 3
+- ETA1= 2
+- ETA1_RANDOMNESS_SIZE= 128
+*/
+static KRML_MUSTINLINE void libcrux_ml_kem_ind_cpa_generate_keypair_unpacked_1c(
+ Eurydice_slice key_generation_seed,
+ libcrux_ml_kem_ind_cpa_unpacked_IndCpaPrivateKeyUnpacked_a0 *private_key,
+ libcrux_ml_kem_ind_cpa_unpacked_IndCpaPublicKeyUnpacked_a0 *public_key) {
+ uint8_t hashed[64U];
+ libcrux_ml_kem_variant_cpa_keygen_seed_39_9c(key_generation_seed, hashed);
+ Eurydice_slice_uint8_t_x2 uu____0 = Eurydice_slice_split_at(
+ Eurydice_array_to_slice((size_t)64U, hashed, uint8_t), (size_t)32U,
+ uint8_t, Eurydice_slice_uint8_t_x2);
+ Eurydice_slice seed_for_A = uu____0.fst;
+ Eurydice_slice seed_for_secret_and_error = uu____0.snd;
+ libcrux_ml_kem_polynomial_PolynomialRingElement_1d(*uu____1)[3U] =
+ public_key->A;
+ uint8_t ret[34U];
+ libcrux_ml_kem_utils_into_padded_array_b6(seed_for_A, ret);
+ libcrux_ml_kem_matrix_sample_matrix_A_2b(uu____1, ret, true);
+ uint8_t prf_input[33U];
+ libcrux_ml_kem_utils_into_padded_array_c8(seed_for_secret_and_error,
+ prf_input);
+ uint8_t domain_separator =
+ libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_3b(
+ private_key->secret_as_ntt, prf_input, 0U);
+ libcrux_ml_kem_polynomial_PolynomialRingElement_1d error_as_ntt[3U];
+ for (size_t i = (size_t)0U; i < (size_t)3U; i++) {
+ /* original Rust expression is not an lvalue in C */
+ void *lvalue = (void *)0U;
+ error_as_ntt[i] =
+ libcrux_ml_kem_ind_cpa_generate_keypair_unpacked_call_mut_73_1c(&lvalue,
+ i);
+ }
+ libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_3b(error_as_ntt, prf_input,
+ domain_separator);
+ libcrux_ml_kem_matrix_compute_As_plus_e_1b(
+ public_key->t_as_ntt, public_key->A, private_key->secret_as_ntt,
+ error_as_ntt);
+ uint8_t uu____2[32U];
+ Result_fb dst;
+ Eurydice_slice_to_array2(&dst, seed_for_A, Eurydice_slice, uint8_t[32U],
+ TryFromSliceError);
+ unwrap_26_b3(dst, uu____2);
+ memcpy(public_key->seed_for_A, uu____2, (size_t)32U * sizeof(uint8_t));
}
/**
@@ -11320,21 +10196,21 @@ libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics
*/
static KRML_MUSTINLINE void
-libcrux_ml_kem_serialize_serialize_uncompressed_ring_element_5b(
- libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *re, uint8_t ret[384U]) {
+libcrux_ml_kem_serialize_serialize_uncompressed_ring_element_ea(
+ libcrux_ml_kem_polynomial_PolynomialRingElement_1d *re, uint8_t ret[384U]) {
uint8_t serialized[384U] = {0U};
for (size_t i = (size_t)0U;
i < LIBCRUX_ML_KEM_POLYNOMIAL_VECTORS_IN_RING_ELEMENT; i++) {
size_t i0 = i;
libcrux_ml_kem_vector_portable_vector_type_PortableVector coefficient =
- libcrux_ml_kem_vector_traits_to_unsigned_representative_db(
+ libcrux_ml_kem_serialize_to_unsigned_field_modulus_ea(
re->coefficients[i0]);
uint8_t bytes[24U];
- libcrux_ml_kem_vector_portable_serialize_12_0d(coefficient, bytes);
- Eurydice_slice uu____0 = Eurydice_array_to_subslice2(
- serialized, (size_t)24U * i0, (size_t)24U * i0 + (size_t)24U, uint8_t);
+ libcrux_ml_kem_vector_portable_serialize_12_b8(coefficient, bytes);
Eurydice_slice_copy(
- uu____0, Eurydice_array_to_slice((size_t)24U, bytes, uint8_t), uint8_t);
+ Eurydice_array_to_subslice3(serialized, (size_t)24U * i0,
+ (size_t)24U * i0 + (size_t)24U, uint8_t *),
+ Eurydice_array_to_slice((size_t)24U, bytes, uint8_t), uint8_t);
}
memcpy(ret, serialized, (size_t)384U * sizeof(uint8_t));
}
@@ -11343,35 +10219,59 @@ libcrux_ml_kem_serialize_serialize_uncompressed_ring_element_5b(
Call [`serialize_uncompressed_ring_element`] for each ring element.
*/
/**
-A monomorphic instance of libcrux_ml_kem.ind_cpa.serialize_secret_key
+A monomorphic instance of libcrux_ml_kem.ind_cpa.serialize_vector
with types libcrux_ml_kem_vector_portable_vector_type_PortableVector
with const generics
- K= 3
-- OUT_LEN= 1152
*/
-static KRML_MUSTINLINE void libcrux_ml_kem_ind_cpa_serialize_secret_key_b5(
- libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *key,
- uint8_t ret[1152U]) {
- uint8_t out[1152U] = {0U};
+static KRML_MUSTINLINE void libcrux_ml_kem_ind_cpa_serialize_vector_1b(
+ libcrux_ml_kem_polynomial_PolynomialRingElement_1d *key,
+ Eurydice_slice out) {
for (size_t i = (size_t)0U;
i < Eurydice_slice_len(
Eurydice_array_to_slice(
(size_t)3U, key,
- libcrux_ml_kem_polynomial_PolynomialRingElement_f0),
- libcrux_ml_kem_polynomial_PolynomialRingElement_f0);
+ libcrux_ml_kem_polynomial_PolynomialRingElement_1d),
+ libcrux_ml_kem_polynomial_PolynomialRingElement_1d);
i++) {
size_t i0 = i;
- libcrux_ml_kem_polynomial_PolynomialRingElement_f0 re = key[i0];
- Eurydice_slice uu____0 = Eurydice_array_to_subslice2(
+ libcrux_ml_kem_polynomial_PolynomialRingElement_1d re = key[i0];
+ Eurydice_slice uu____0 = Eurydice_slice_subslice3(
out, i0 * LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT,
(i0 + (size_t)1U) * LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT,
- uint8_t);
- uint8_t ret0[384U];
- libcrux_ml_kem_serialize_serialize_uncompressed_ring_element_5b(&re, ret0);
+ uint8_t *);
+ uint8_t ret[384U];
+ libcrux_ml_kem_serialize_serialize_uncompressed_ring_element_ea(&re, ret);
Eurydice_slice_copy(
- uu____0, Eurydice_array_to_slice((size_t)384U, ret0, uint8_t), uint8_t);
+ uu____0, Eurydice_array_to_slice((size_t)384U, ret, uint8_t), uint8_t);
}
- memcpy(ret, out, (size_t)1152U * sizeof(uint8_t));
+}
+
+/**
+ Concatenate `t` and `ρ` into the public key.
+*/
+/**
+A monomorphic instance of libcrux_ml_kem.ind_cpa.serialize_public_key_mut
+with types libcrux_ml_kem_vector_portable_vector_type_PortableVector
+with const generics
+- K= 3
+- PUBLIC_KEY_SIZE= 1184
+*/
+static KRML_MUSTINLINE void libcrux_ml_kem_ind_cpa_serialize_public_key_mut_89(
+ libcrux_ml_kem_polynomial_PolynomialRingElement_1d *t_as_ntt,
+ Eurydice_slice seed_for_a, uint8_t *serialized) {
+ libcrux_ml_kem_ind_cpa_serialize_vector_1b(
+ t_as_ntt,
+ Eurydice_array_to_subslice3(
+ serialized, (size_t)0U,
+ libcrux_ml_kem_constants_ranked_bytes_per_ring_element((size_t)3U),
+ uint8_t *));
+ Eurydice_slice_copy(
+ Eurydice_array_to_subslice_from(
+ (size_t)1184U, serialized,
+ libcrux_ml_kem_constants_ranked_bytes_per_ring_element((size_t)3U),
+ uint8_t, size_t, uint8_t[]),
+ seed_for_a, uint8_t);
}
/**
@@ -11382,88 +10282,41 @@ A monomorphic instance of libcrux_ml_kem.ind_cpa.serialize_public_key
with types libcrux_ml_kem_vector_portable_vector_type_PortableVector
with const generics
- K= 3
-- RANKED_BYTES_PER_RING_ELEMENT= 1152
- PUBLIC_KEY_SIZE= 1184
*/
-static KRML_MUSTINLINE void libcrux_ml_kem_ind_cpa_serialize_public_key_79(
- libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *t_as_ntt,
+static KRML_MUSTINLINE void libcrux_ml_kem_ind_cpa_serialize_public_key_89(
+ libcrux_ml_kem_polynomial_PolynomialRingElement_1d *t_as_ntt,
Eurydice_slice seed_for_a, uint8_t ret[1184U]) {
uint8_t public_key_serialized[1184U] = {0U};
- Eurydice_slice uu____0 = Eurydice_array_to_subslice2(
- public_key_serialized, (size_t)0U, (size_t)1152U, uint8_t);
- uint8_t ret0[1152U];
- libcrux_ml_kem_ind_cpa_serialize_secret_key_b5(t_as_ntt, ret0);
- Eurydice_slice_copy(
- uu____0, Eurydice_array_to_slice((size_t)1152U, ret0, uint8_t), uint8_t);
- Eurydice_slice_copy(
- Eurydice_array_to_subslice_from((size_t)1184U, public_key_serialized,
- (size_t)1152U, uint8_t, size_t),
- seed_for_a, uint8_t);
+ libcrux_ml_kem_ind_cpa_serialize_public_key_mut_89(t_as_ntt, seed_for_a,
+ public_key_serialized);
memcpy(ret, public_key_serialized, (size_t)1184U * sizeof(uint8_t));
}
/**
-A monomorphic instance of libcrux_ml_kem.ind_cpa.generate_keypair
-with types libcrux_ml_kem_vector_portable_vector_type_PortableVector,
-libcrux_ml_kem_hash_functions_portable_PortableHash[[$3size_t]],
-libcrux_ml_kem_variant_MlKem with const generics
+ Serialize the secret key from the unpacked key pair generation.
+*/
+/**
+A monomorphic instance of libcrux_ml_kem.ind_cpa.serialize_unpacked_secret_key
+with types libcrux_ml_kem_vector_portable_vector_type_PortableVector
+with const generics
- K= 3
- PRIVATE_KEY_SIZE= 1152
- PUBLIC_KEY_SIZE= 1184
-- RANKED_BYTES_PER_RING_ELEMENT= 1152
-- ETA1= 2
-- ETA1_RANDOMNESS_SIZE= 128
*/
static inline libcrux_ml_kem_utils_extraction_helper_Keypair768
-libcrux_ml_kem_ind_cpa_generate_keypair_fc(Eurydice_slice key_generation_seed) {
- uint8_t hashed[64U];
- libcrux_ml_kem_variant_cpa_keygen_seed_d8_0e(key_generation_seed, hashed);
- Eurydice_slice_uint8_t_x2 uu____0 = Eurydice_slice_split_at(
- Eurydice_array_to_slice((size_t)64U, hashed, uint8_t), (size_t)32U,
- uint8_t, Eurydice_slice_uint8_t_x2);
- Eurydice_slice seed_for_A0 = uu____0.fst;
- Eurydice_slice seed_for_secret_and_error = uu____0.snd;
- libcrux_ml_kem_polynomial_PolynomialRingElement_f0 A_transpose[3U][3U];
- uint8_t ret[34U];
- libcrux_ml_kem_utils_into_padded_array_ea1(seed_for_A0, ret);
- libcrux_ml_kem_matrix_sample_matrix_A_38(ret, true, A_transpose);
- uint8_t prf_input[33U];
- libcrux_ml_kem_utils_into_padded_array_ea2(seed_for_secret_and_error,
- prf_input);
- /* Passing arrays by value in Rust generates a copy in C */
- uint8_t copy_of_prf_input0[33U];
- memcpy(copy_of_prf_input0, prf_input, (size_t)33U * sizeof(uint8_t));
- tuple_b0 uu____2 = libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_fc(
- copy_of_prf_input0, 0U);
- libcrux_ml_kem_polynomial_PolynomialRingElement_f0 secret_as_ntt[3U];
- memcpy(
- secret_as_ntt, uu____2.fst,
- (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0));
- uint8_t domain_separator = uu____2.snd;
- /* Passing arrays by value in Rust generates a copy in C */
- uint8_t copy_of_prf_input[33U];
- memcpy(copy_of_prf_input, prf_input, (size_t)33U * sizeof(uint8_t));
- libcrux_ml_kem_polynomial_PolynomialRingElement_f0 error_as_ntt[3U];
- memcpy(
- error_as_ntt,
- libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_fc(copy_of_prf_input,
- domain_separator)
- .fst,
- (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0));
- libcrux_ml_kem_polynomial_PolynomialRingElement_f0 t_as_ntt[3U];
- libcrux_ml_kem_matrix_compute_As_plus_e_60(A_transpose, secret_as_ntt,
- error_as_ntt, t_as_ntt);
- uint8_t seed_for_A[32U];
- Result_00 dst;
- Eurydice_slice_to_array2(&dst, seed_for_A0, Eurydice_slice, uint8_t[32U]);
- unwrap_41_83(dst, seed_for_A);
+libcrux_ml_kem_ind_cpa_serialize_unpacked_secret_key_6c(
+ libcrux_ml_kem_ind_cpa_unpacked_IndCpaPublicKeyUnpacked_a0 *public_key,
+ libcrux_ml_kem_ind_cpa_unpacked_IndCpaPrivateKeyUnpacked_a0 *private_key) {
uint8_t public_key_serialized[1184U];
- libcrux_ml_kem_ind_cpa_serialize_public_key_79(
- t_as_ntt, Eurydice_array_to_slice((size_t)32U, seed_for_A, uint8_t),
+ libcrux_ml_kem_ind_cpa_serialize_public_key_89(
+ public_key->t_as_ntt,
+ Eurydice_array_to_slice((size_t)32U, public_key->seed_for_A, uint8_t),
public_key_serialized);
- uint8_t secret_key_serialized[1152U];
- libcrux_ml_kem_ind_cpa_serialize_secret_key_b5(secret_as_ntt,
- secret_key_serialized);
+ uint8_t secret_key_serialized[1152U] = {0U};
+ libcrux_ml_kem_ind_cpa_serialize_vector_1b(
+ private_key->secret_as_ntt,
+ Eurydice_array_to_slice((size_t)1152U, secret_key_serialized, uint8_t));
/* Passing arrays by value in Rust generates a copy in C */
uint8_t copy_of_secret_key_serialized[1152U];
memcpy(copy_of_secret_key_serialized, secret_key_serialized,
@@ -11480,55 +10333,94 @@ libcrux_ml_kem_ind_cpa_generate_keypair_fc(Eurydice_slice key_generation_seed) {
return lit;
}
+/**
+A monomorphic instance of libcrux_ml_kem.ind_cpa.generate_keypair
+with types libcrux_ml_kem_vector_portable_vector_type_PortableVector,
+libcrux_ml_kem_hash_functions_portable_PortableHash[[$3size_t]],
+libcrux_ml_kem_variant_MlKem with const generics
+- K= 3
+- PRIVATE_KEY_SIZE= 1152
+- PUBLIC_KEY_SIZE= 1184
+- ETA1= 2
+- ETA1_RANDOMNESS_SIZE= 128
+*/
+static KRML_MUSTINLINE libcrux_ml_kem_utils_extraction_helper_Keypair768
+libcrux_ml_kem_ind_cpa_generate_keypair_ea(Eurydice_slice key_generation_seed) {
+ libcrux_ml_kem_ind_cpa_unpacked_IndCpaPrivateKeyUnpacked_a0 private_key =
+ libcrux_ml_kem_ind_cpa_unpacked_default_70_1b();
+ libcrux_ml_kem_ind_cpa_unpacked_IndCpaPublicKeyUnpacked_a0 public_key =
+ libcrux_ml_kem_ind_cpa_unpacked_default_8b_1b();
+ libcrux_ml_kem_ind_cpa_generate_keypair_unpacked_1c(
+ key_generation_seed, &private_key, &public_key);
+ return libcrux_ml_kem_ind_cpa_serialize_unpacked_secret_key_6c(&public_key,
+ &private_key);
+}
+
/**
Serialize the secret key.
*/
/**
-A monomorphic instance of libcrux_ml_kem.ind_cca.serialize_kem_secret_key
+A monomorphic instance of libcrux_ml_kem.ind_cca.serialize_kem_secret_key_mut
with types libcrux_ml_kem_hash_functions_portable_PortableHash[[$3size_t]]
with const generics
- K= 3
- SERIALIZED_KEY_LEN= 2400
*/
-static KRML_MUSTINLINE void libcrux_ml_kem_ind_cca_serialize_kem_secret_key_48(
+static KRML_MUSTINLINE void
+libcrux_ml_kem_ind_cca_serialize_kem_secret_key_mut_d6(
Eurydice_slice private_key, Eurydice_slice public_key,
- Eurydice_slice implicit_rejection_value, uint8_t ret[2400U]) {
- uint8_t out[2400U] = {0U};
+ Eurydice_slice implicit_rejection_value, uint8_t *serialized) {
size_t pointer = (size_t)0U;
- uint8_t *uu____0 = out;
+ uint8_t *uu____0 = serialized;
size_t uu____1 = pointer;
size_t uu____2 = pointer;
Eurydice_slice_copy(
- Eurydice_array_to_subslice2(
+ Eurydice_array_to_subslice3(
uu____0, uu____1, uu____2 + Eurydice_slice_len(private_key, uint8_t),
- uint8_t),
+ uint8_t *),
private_key, uint8_t);
pointer = pointer + Eurydice_slice_len(private_key, uint8_t);
- uint8_t *uu____3 = out;
+ uint8_t *uu____3 = serialized;
size_t uu____4 = pointer;
size_t uu____5 = pointer;
Eurydice_slice_copy(
- Eurydice_array_to_subslice2(
+ Eurydice_array_to_subslice3(
uu____3, uu____4, uu____5 + Eurydice_slice_len(public_key, uint8_t),
- uint8_t),
+ uint8_t *),
public_key, uint8_t);
pointer = pointer + Eurydice_slice_len(public_key, uint8_t);
- Eurydice_slice uu____6 = Eurydice_array_to_subslice2(
- out, pointer, pointer + LIBCRUX_ML_KEM_CONSTANTS_H_DIGEST_SIZE, uint8_t);
- uint8_t ret0[32U];
- libcrux_ml_kem_hash_functions_portable_H_f1_1a(public_key, ret0);
+ Eurydice_slice uu____6 = Eurydice_array_to_subslice3(
+ serialized, pointer, pointer + LIBCRUX_ML_KEM_CONSTANTS_H_DIGEST_SIZE,
+ uint8_t *);
+ uint8_t ret[32U];
+ libcrux_ml_kem_hash_functions_portable_H_4a_e0(public_key, ret);
Eurydice_slice_copy(
- uu____6, Eurydice_array_to_slice((size_t)32U, ret0, uint8_t), uint8_t);
+ uu____6, Eurydice_array_to_slice((size_t)32U, ret, uint8_t), uint8_t);
pointer = pointer + LIBCRUX_ML_KEM_CONSTANTS_H_DIGEST_SIZE;
- uint8_t *uu____7 = out;
+ uint8_t *uu____7 = serialized;
size_t uu____8 = pointer;
size_t uu____9 = pointer;
Eurydice_slice_copy(
- Eurydice_array_to_subslice2(
+ Eurydice_array_to_subslice3(
uu____7, uu____8,
uu____9 + Eurydice_slice_len(implicit_rejection_value, uint8_t),
- uint8_t),
+ uint8_t *),
implicit_rejection_value, uint8_t);
+}
+
+/**
+A monomorphic instance of libcrux_ml_kem.ind_cca.serialize_kem_secret_key
+with types libcrux_ml_kem_hash_functions_portable_PortableHash[[$3size_t]]
+with const generics
+- K= 3
+- SERIALIZED_KEY_LEN= 2400
+*/
+static KRML_MUSTINLINE void libcrux_ml_kem_ind_cca_serialize_kem_secret_key_d6(
+ Eurydice_slice private_key, Eurydice_slice public_key,
+ Eurydice_slice implicit_rejection_value, uint8_t ret[2400U]) {
+ uint8_t out[2400U] = {0U};
+ libcrux_ml_kem_ind_cca_serialize_kem_secret_key_mut_d6(
+ private_key, public_key, implicit_rejection_value, out);
memcpy(ret, out, (size_t)2400U * sizeof(uint8_t));
}
@@ -11549,27 +10441,26 @@ libcrux_ml_kem_variant_MlKem with const generics
- CPA_PRIVATE_KEY_SIZE= 1152
- PRIVATE_KEY_SIZE= 2400
- PUBLIC_KEY_SIZE= 1184
-- BYTES_PER_RING_ELEMENT= 1152
- ETA1= 2
- ETA1_RANDOMNESS_SIZE= 128
*/
-static inline libcrux_ml_kem_mlkem768_MlKem768KeyPair
-libcrux_ml_kem_ind_cca_generate_keypair_8c(uint8_t randomness[64U]) {
- Eurydice_slice ind_cpa_keypair_randomness = Eurydice_array_to_subslice2(
+static KRML_MUSTINLINE libcrux_ml_kem_mlkem768_MlKem768KeyPair
+libcrux_ml_kem_ind_cca_generate_keypair_15(uint8_t *randomness) {
+ Eurydice_slice ind_cpa_keypair_randomness = Eurydice_array_to_subslice3(
randomness, (size_t)0U,
- LIBCRUX_ML_KEM_CONSTANTS_CPA_PKE_KEY_GENERATION_SEED_SIZE, uint8_t);
+ LIBCRUX_ML_KEM_CONSTANTS_CPA_PKE_KEY_GENERATION_SEED_SIZE, uint8_t *);
Eurydice_slice implicit_rejection_value = Eurydice_array_to_subslice_from(
(size_t)64U, randomness,
LIBCRUX_ML_KEM_CONSTANTS_CPA_PKE_KEY_GENERATION_SEED_SIZE, uint8_t,
- size_t);
+ size_t, uint8_t[]);
libcrux_ml_kem_utils_extraction_helper_Keypair768 uu____0 =
- libcrux_ml_kem_ind_cpa_generate_keypair_fc(ind_cpa_keypair_randomness);
+ libcrux_ml_kem_ind_cpa_generate_keypair_ea(ind_cpa_keypair_randomness);
uint8_t ind_cpa_private_key[1152U];
memcpy(ind_cpa_private_key, uu____0.fst, (size_t)1152U * sizeof(uint8_t));
uint8_t public_key[1184U];
memcpy(public_key, uu____0.snd, (size_t)1184U * sizeof(uint8_t));
uint8_t secret_key_serialized[2400U];
- libcrux_ml_kem_ind_cca_serialize_kem_secret_key_48(
+ libcrux_ml_kem_ind_cca_serialize_kem_secret_key_d6(
Eurydice_array_to_slice((size_t)1152U, ind_cpa_private_key, uint8_t),
Eurydice_array_to_slice((size_t)1184U, public_key, uint8_t),
implicit_rejection_value, secret_key_serialized);
@@ -11577,14 +10468,14 @@ libcrux_ml_kem_ind_cca_generate_keypair_8c(uint8_t randomness[64U]) {
uint8_t copy_of_secret_key_serialized[2400U];
memcpy(copy_of_secret_key_serialized, secret_key_serialized,
(size_t)2400U * sizeof(uint8_t));
- libcrux_ml_kem_types_MlKemPrivateKey_55 private_key =
- libcrux_ml_kem_types_from_05_f2(copy_of_secret_key_serialized);
- libcrux_ml_kem_types_MlKemPrivateKey_55 uu____2 = private_key;
+ libcrux_ml_kem_types_MlKemPrivateKey_d9 private_key =
+ libcrux_ml_kem_types_from_77_28(copy_of_secret_key_serialized);
+ libcrux_ml_kem_types_MlKemPrivateKey_d9 uu____2 = private_key;
/* Passing arrays by value in Rust generates a copy in C */
uint8_t copy_of_public_key[1184U];
memcpy(copy_of_public_key, public_key, (size_t)1184U * sizeof(uint8_t));
- return libcrux_ml_kem_types_from_17_35(
- uu____2, libcrux_ml_kem_types_from_b6_da(copy_of_public_key));
+ return libcrux_ml_kem_types_from_17_74(
+ uu____2, libcrux_ml_kem_types_from_fd_d0(copy_of_public_key));
}
/**
@@ -11598,17 +10489,13 @@ generics
- CPA_PRIVATE_KEY_SIZE= 1152
- PRIVATE_KEY_SIZE= 2400
- PUBLIC_KEY_SIZE= 1184
-- BYTES_PER_RING_ELEMENT= 1152
- ETA1= 2
- ETA1_RANDOMNESS_SIZE= 128
*/
static inline libcrux_ml_kem_mlkem768_MlKem768KeyPair
-libcrux_ml_kem_ind_cca_instantiations_portable_generate_keypair_d5(
- uint8_t randomness[64U]) {
- /* Passing arrays by value in Rust generates a copy in C */
- uint8_t copy_of_randomness[64U];
- memcpy(copy_of_randomness, randomness, (size_t)64U * sizeof(uint8_t));
- return libcrux_ml_kem_ind_cca_generate_keypair_8c(copy_of_randomness);
+libcrux_ml_kem_ind_cca_instantiations_portable_generate_keypair_ce(
+ uint8_t *randomness) {
+ return libcrux_ml_kem_ind_cca_generate_keypair_15(randomness);
}
/**
@@ -11616,542 +10503,59 @@ libcrux_ml_kem_ind_cca_instantiations_portable_generate_keypair_d5(
*/
static inline libcrux_ml_kem_mlkem768_MlKem768KeyPair
libcrux_ml_kem_mlkem768_portable_generate_key_pair(uint8_t randomness[64U]) {
- /* Passing arrays by value in Rust generates a copy in C */
- uint8_t copy_of_randomness[64U];
- memcpy(copy_of_randomness, randomness, (size_t)64U * sizeof(uint8_t));
- return libcrux_ml_kem_ind_cca_instantiations_portable_generate_keypair_d5(
- copy_of_randomness);
-}
-
-/**
-This function found in impl {(libcrux_ml_kem::variant::Variant for
-libcrux_ml_kem::variant::Kyber)}
-*/
-/**
-A monomorphic instance of libcrux_ml_kem.variant.kdf_33
-with types libcrux_ml_kem_hash_functions_portable_PortableHash[[$3size_t]]
-with const generics
-- K= 3
-- CIPHERTEXT_SIZE= 1088
-*/
-static KRML_MUSTINLINE void libcrux_ml_kem_variant_kdf_33_f0(
- Eurydice_slice shared_secret,
- libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext, uint8_t ret[32U]) {
- uint8_t kdf_input[64U];
- libcrux_ml_kem_utils_into_padded_array_ea(shared_secret, kdf_input);
- Eurydice_slice uu____0 = Eurydice_array_to_subslice_from(
- (size_t)64U, kdf_input, LIBCRUX_ML_KEM_CONSTANTS_H_DIGEST_SIZE, uint8_t,
- size_t);
- uint8_t ret0[32U];
- libcrux_ml_kem_hash_functions_portable_H_f1_1a(
- Eurydice_array_to_slice((size_t)1088U,
- libcrux_ml_kem_types_as_slice_d4_1d(ciphertext),
- uint8_t),
- ret0);
- Eurydice_slice_copy(
- uu____0, Eurydice_array_to_slice((size_t)32U, ret0, uint8_t), uint8_t);
- uint8_t ret1[32U];
- libcrux_ml_kem_hash_functions_portable_PRF_f1_ee(
- Eurydice_array_to_slice((size_t)64U, kdf_input, uint8_t), ret1);
- memcpy(ret, ret1, (size_t)32U * sizeof(uint8_t));
-}
-
-/**
-A monomorphic instance of libcrux_ml_kem.ind_cca.decapsulate
-with types libcrux_ml_kem_vector_portable_vector_type_PortableVector,
-libcrux_ml_kem_hash_functions_portable_PortableHash[[$3size_t]],
-libcrux_ml_kem_variant_Kyber with const generics
-- K= 3
-- SECRET_KEY_SIZE= 2400
-- CPA_SECRET_KEY_SIZE= 1152
-- PUBLIC_KEY_SIZE= 1184
-- CIPHERTEXT_SIZE= 1088
-- T_AS_NTT_ENCODED_SIZE= 1152
-- C1_SIZE= 960
-- C2_SIZE= 128
-- VECTOR_U_COMPRESSION_FACTOR= 10
-- VECTOR_V_COMPRESSION_FACTOR= 4
-- C1_BLOCK_SIZE= 320
-- ETA1= 2
-- ETA1_RANDOMNESS_SIZE= 128
-- ETA2= 2
-- ETA2_RANDOMNESS_SIZE= 128
-- IMPLICIT_REJECTION_HASH_INPUT_SIZE= 1120
-*/
-static inline void libcrux_ml_kem_ind_cca_decapsulate_700(
- libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key,
- libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext, uint8_t ret[32U]) {
- Eurydice_slice_uint8_t_x2 uu____0 = Eurydice_slice_split_at(
- Eurydice_array_to_slice((size_t)2400U, private_key->value, uint8_t),
- (size_t)1152U, uint8_t, Eurydice_slice_uint8_t_x2);
- Eurydice_slice ind_cpa_secret_key = uu____0.fst;
- Eurydice_slice secret_key0 = uu____0.snd;
- Eurydice_slice_uint8_t_x2 uu____1 = Eurydice_slice_split_at(
- secret_key0, (size_t)1184U, uint8_t, Eurydice_slice_uint8_t_x2);
- Eurydice_slice ind_cpa_public_key = uu____1.fst;
- Eurydice_slice secret_key = uu____1.snd;
- Eurydice_slice_uint8_t_x2 uu____2 = Eurydice_slice_split_at(
- secret_key, LIBCRUX_ML_KEM_CONSTANTS_H_DIGEST_SIZE, uint8_t,
- Eurydice_slice_uint8_t_x2);
- Eurydice_slice ind_cpa_public_key_hash = uu____2.fst;
- Eurydice_slice implicit_rejection_value = uu____2.snd;
- uint8_t decrypted[32U];
- libcrux_ml_kem_ind_cpa_decrypt_43(ind_cpa_secret_key, ciphertext->value,
- decrypted);
- uint8_t to_hash0[64U];
- libcrux_ml_kem_utils_into_padded_array_ea(
- Eurydice_array_to_slice((size_t)32U, decrypted, uint8_t), to_hash0);
- Eurydice_slice_copy(
- Eurydice_array_to_subslice_from(
- (size_t)64U, to_hash0, LIBCRUX_ML_KEM_CONSTANTS_SHARED_SECRET_SIZE,
- uint8_t, size_t),
- ind_cpa_public_key_hash, uint8_t);
- uint8_t hashed[64U];
- libcrux_ml_kem_hash_functions_portable_G_f1_e4(
- Eurydice_array_to_slice((size_t)64U, to_hash0, uint8_t), hashed);
- Eurydice_slice_uint8_t_x2 uu____3 = Eurydice_slice_split_at(
- Eurydice_array_to_slice((size_t)64U, hashed, uint8_t),
- LIBCRUX_ML_KEM_CONSTANTS_SHARED_SECRET_SIZE, uint8_t,
- Eurydice_slice_uint8_t_x2);
- Eurydice_slice shared_secret0 = uu____3.fst;
- Eurydice_slice pseudorandomness = uu____3.snd;
- uint8_t to_hash[1120U];
- libcrux_ml_kem_utils_into_padded_array_ea0(implicit_rejection_value, to_hash);
- Eurydice_slice uu____4 = Eurydice_array_to_subslice_from(
- (size_t)1120U, to_hash, LIBCRUX_ML_KEM_CONSTANTS_SHARED_SECRET_SIZE,
- uint8_t, size_t);
- Eurydice_slice_copy(uu____4, libcrux_ml_kem_types_as_ref_00_24(ciphertext),
- uint8_t);
- uint8_t implicit_rejection_shared_secret0[32U];
- libcrux_ml_kem_hash_functions_portable_PRF_f1_ee(
- Eurydice_array_to_slice((size_t)1120U, to_hash, uint8_t),
- implicit_rejection_shared_secret0);
- Eurydice_slice uu____5 = ind_cpa_public_key;
- /* Passing arrays by value in Rust generates a copy in C */
- uint8_t copy_of_decrypted[32U];
- memcpy(copy_of_decrypted, decrypted, (size_t)32U * sizeof(uint8_t));
- uint8_t expected_ciphertext[1088U];
- libcrux_ml_kem_ind_cpa_encrypt_60(uu____5, copy_of_decrypted,
- pseudorandomness, expected_ciphertext);
- uint8_t implicit_rejection_shared_secret[32U];
- libcrux_ml_kem_variant_kdf_33_f0(
- Eurydice_array_to_slice((size_t)32U, implicit_rejection_shared_secret0,
- uint8_t),
- ciphertext, implicit_rejection_shared_secret);
- uint8_t shared_secret[32U];
- libcrux_ml_kem_variant_kdf_33_f0(shared_secret0, ciphertext, shared_secret);
- uint8_t ret0[32U];
- libcrux_ml_kem_constant_time_ops_compare_ciphertexts_select_shared_secret_in_constant_time(
- libcrux_ml_kem_types_as_ref_00_24(ciphertext),
- Eurydice_array_to_slice((size_t)1088U, expected_ciphertext, uint8_t),
- Eurydice_array_to_slice((size_t)32U, shared_secret, uint8_t),
- Eurydice_array_to_slice((size_t)32U, implicit_rejection_shared_secret,
- uint8_t),
- ret0);
- memcpy(ret, ret0, (size_t)32U * sizeof(uint8_t));
-}
-
-/**
- Portable decapsulate
-*/
-/**
-A monomorphic instance of
-libcrux_ml_kem.ind_cca.instantiations.portable.kyber_decapsulate with const
-generics
-- K= 3
-- SECRET_KEY_SIZE= 2400
-- CPA_SECRET_KEY_SIZE= 1152
-- PUBLIC_KEY_SIZE= 1184
-- CIPHERTEXT_SIZE= 1088
-- T_AS_NTT_ENCODED_SIZE= 1152
-- C1_SIZE= 960
-- C2_SIZE= 128
-- VECTOR_U_COMPRESSION_FACTOR= 10
-- VECTOR_V_COMPRESSION_FACTOR= 4
-- C1_BLOCK_SIZE= 320
-- ETA1= 2
-- ETA1_RANDOMNESS_SIZE= 128
-- ETA2= 2
-- ETA2_RANDOMNESS_SIZE= 128
-- IMPLICIT_REJECTION_HASH_INPUT_SIZE= 1120
-*/
-static inline void
-libcrux_ml_kem_ind_cca_instantiations_portable_kyber_decapsulate_fc(
- libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key,
- libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext, uint8_t ret[32U]) {
- libcrux_ml_kem_ind_cca_decapsulate_700(private_key, ciphertext, ret);
-}
-
-/**
- Decapsulate Kyber 768
-
- Generates an [`MlKemSharedSecret`].
- The input is a reference to an [`MlKem768PrivateKey`] and an
- [`MlKem768Ciphertext`].
-*/
-static inline void libcrux_ml_kem_mlkem768_portable_kyber_decapsulate(
- libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key,
- libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext, uint8_t ret[32U]) {
- libcrux_ml_kem_ind_cca_instantiations_portable_kyber_decapsulate_fc(
- private_key, ciphertext, ret);
-}
-
-/**
-This function found in impl {(libcrux_ml_kem::variant::Variant for
-libcrux_ml_kem::variant::Kyber)}
-*/
-/**
-A monomorphic instance of libcrux_ml_kem.variant.entropy_preprocess_33
-with types libcrux_ml_kem_hash_functions_portable_PortableHash[[$3size_t]]
-with const generics
-- K= 3
-*/
-static KRML_MUSTINLINE void libcrux_ml_kem_variant_entropy_preprocess_33_8a(
- Eurydice_slice randomness, uint8_t ret[32U]) {
- libcrux_ml_kem_hash_functions_portable_H_f1_1a(randomness, ret);
-}
-
-/**
-A monomorphic instance of libcrux_ml_kem.ind_cca.encapsulate
-with types libcrux_ml_kem_vector_portable_vector_type_PortableVector,
-libcrux_ml_kem_hash_functions_portable_PortableHash[[$3size_t]],
-libcrux_ml_kem_variant_Kyber with const generics
-- K= 3
-- CIPHERTEXT_SIZE= 1088
-- PUBLIC_KEY_SIZE= 1184
-- T_AS_NTT_ENCODED_SIZE= 1152
-- C1_SIZE= 960
-- C2_SIZE= 128
-- VECTOR_U_COMPRESSION_FACTOR= 10
-- VECTOR_V_COMPRESSION_FACTOR= 4
-- VECTOR_U_BLOCK_LEN= 320
-- ETA1= 2
-- ETA1_RANDOMNESS_SIZE= 128
-- ETA2= 2
-- ETA2_RANDOMNESS_SIZE= 128
-*/
-static inline tuple_3c libcrux_ml_kem_ind_cca_encapsulate_cd0(
- libcrux_ml_kem_types_MlKemPublicKey_15 *public_key,
- uint8_t randomness[32U]) {
- uint8_t randomness0[32U];
- libcrux_ml_kem_variant_entropy_preprocess_33_8a(
- Eurydice_array_to_slice((size_t)32U, randomness, uint8_t), randomness0);
- uint8_t to_hash[64U];
- libcrux_ml_kem_utils_into_padded_array_ea(
- Eurydice_array_to_slice((size_t)32U, randomness0, uint8_t), to_hash);
- Eurydice_slice uu____0 = Eurydice_array_to_subslice_from(
- (size_t)64U, to_hash, LIBCRUX_ML_KEM_CONSTANTS_H_DIGEST_SIZE, uint8_t,
- size_t);
- uint8_t ret[32U];
- libcrux_ml_kem_hash_functions_portable_H_f1_1a(
- Eurydice_array_to_slice((size_t)1184U,
- libcrux_ml_kem_types_as_slice_cb_50(public_key),
- uint8_t),
- ret);
- Eurydice_slice_copy(
- uu____0, Eurydice_array_to_slice((size_t)32U, ret, uint8_t), uint8_t);
- uint8_t hashed[64U];
- libcrux_ml_kem_hash_functions_portable_G_f1_e4(
- Eurydice_array_to_slice((size_t)64U, to_hash, uint8_t), hashed);
- Eurydice_slice_uint8_t_x2 uu____1 = Eurydice_slice_split_at(
- Eurydice_array_to_slice((size_t)64U, hashed, uint8_t),
- LIBCRUX_ML_KEM_CONSTANTS_SHARED_SECRET_SIZE, uint8_t,
- Eurydice_slice_uint8_t_x2);
- Eurydice_slice shared_secret = uu____1.fst;
- Eurydice_slice pseudorandomness = uu____1.snd;
- Eurydice_slice uu____2 = Eurydice_array_to_slice(
- (size_t)1184U, libcrux_ml_kem_types_as_slice_cb_50(public_key), uint8_t);
- /* Passing arrays by value in Rust generates a copy in C */
- uint8_t copy_of_randomness[32U];
- memcpy(copy_of_randomness, randomness0, (size_t)32U * sizeof(uint8_t));
- uint8_t ciphertext[1088U];
- libcrux_ml_kem_ind_cpa_encrypt_60(uu____2, copy_of_randomness,
- pseudorandomness, ciphertext);
- /* Passing arrays by value in Rust generates a copy in C */
- uint8_t copy_of_ciphertext[1088U];
- memcpy(copy_of_ciphertext, ciphertext, (size_t)1088U * sizeof(uint8_t));
- libcrux_ml_kem_mlkem768_MlKem768Ciphertext ciphertext0 =
- libcrux_ml_kem_types_from_01_9f(copy_of_ciphertext);
- uint8_t shared_secret_array[32U];
- libcrux_ml_kem_variant_kdf_33_f0(shared_secret, &ciphertext0,
- shared_secret_array);
- libcrux_ml_kem_mlkem768_MlKem768Ciphertext uu____5 = ciphertext0;
- /* Passing arrays by value in Rust generates a copy in C */
- uint8_t copy_of_shared_secret_array[32U];
- memcpy(copy_of_shared_secret_array, shared_secret_array,
- (size_t)32U * sizeof(uint8_t));
- tuple_3c lit;
- lit.fst = uu____5;
- memcpy(lit.snd, copy_of_shared_secret_array, (size_t)32U * sizeof(uint8_t));
- return lit;
-}
-
-/**
- Portable encapsulate
-*/
-/**
-A monomorphic instance of
-libcrux_ml_kem.ind_cca.instantiations.portable.kyber_encapsulate with const
-generics
-- K= 3
-- CIPHERTEXT_SIZE= 1088
-- PUBLIC_KEY_SIZE= 1184
-- T_AS_NTT_ENCODED_SIZE= 1152
-- C1_SIZE= 960
-- C2_SIZE= 128
-- VECTOR_U_COMPRESSION_FACTOR= 10
-- VECTOR_V_COMPRESSION_FACTOR= 4
-- VECTOR_U_BLOCK_LEN= 320
-- ETA1= 2
-- ETA1_RANDOMNESS_SIZE= 128
-- ETA2= 2
-- ETA2_RANDOMNESS_SIZE= 128
-*/
-static inline tuple_3c
-libcrux_ml_kem_ind_cca_instantiations_portable_kyber_encapsulate_7a(
- libcrux_ml_kem_types_MlKemPublicKey_15 *public_key,
- uint8_t randomness[32U]) {
- libcrux_ml_kem_types_MlKemPublicKey_15 *uu____0 = public_key;
- /* Passing arrays by value in Rust generates a copy in C */
- uint8_t copy_of_randomness[32U];
- memcpy(copy_of_randomness, randomness, (size_t)32U * sizeof(uint8_t));
- return libcrux_ml_kem_ind_cca_encapsulate_cd0(uu____0, copy_of_randomness);
-}
-
-/**
- Encapsulate Kyber 768
-
- Generates an ([`MlKem768Ciphertext`], [`MlKemSharedSecret`]) tuple.
- The input is a reference to an [`MlKem768PublicKey`] and [`SHARED_SECRET_SIZE`]
- bytes of `randomness`.
-*/
-static inline tuple_3c libcrux_ml_kem_mlkem768_portable_kyber_encapsulate(
- libcrux_ml_kem_types_MlKemPublicKey_15 *public_key,
- uint8_t randomness[32U]) {
- libcrux_ml_kem_types_MlKemPublicKey_15 *uu____0 = public_key;
- /* Passing arrays by value in Rust generates a copy in C */
- uint8_t copy_of_randomness[32U];
- memcpy(copy_of_randomness, randomness, (size_t)32U * sizeof(uint8_t));
- return libcrux_ml_kem_ind_cca_instantiations_portable_kyber_encapsulate_7a(
- uu____0, copy_of_randomness);
-}
-
-/**
-This function found in impl {(libcrux_ml_kem::variant::Variant for
-libcrux_ml_kem::variant::Kyber)}
-*/
-/**
-A monomorphic instance of libcrux_ml_kem.variant.cpa_keygen_seed_33
-with types libcrux_ml_kem_hash_functions_portable_PortableHash[[$3size_t]]
-with const generics
-- K= 3
-*/
-static KRML_MUSTINLINE void libcrux_ml_kem_variant_cpa_keygen_seed_33_b6(
- Eurydice_slice key_generation_seed, uint8_t ret[64U]) {
- libcrux_ml_kem_hash_functions_portable_G_f1_e4(key_generation_seed, ret);
-}
-
-/**
-A monomorphic instance of libcrux_ml_kem.ind_cpa.generate_keypair
-with types libcrux_ml_kem_vector_portable_vector_type_PortableVector,
-libcrux_ml_kem_hash_functions_portable_PortableHash[[$3size_t]],
-libcrux_ml_kem_variant_Kyber with const generics
-- K= 3
-- PRIVATE_KEY_SIZE= 1152
-- PUBLIC_KEY_SIZE= 1184
-- RANKED_BYTES_PER_RING_ELEMENT= 1152
-- ETA1= 2
-- ETA1_RANDOMNESS_SIZE= 128
-*/
-static inline libcrux_ml_kem_utils_extraction_helper_Keypair768
-libcrux_ml_kem_ind_cpa_generate_keypair_fc0(
- Eurydice_slice key_generation_seed) {
- uint8_t hashed[64U];
- libcrux_ml_kem_variant_cpa_keygen_seed_33_b6(key_generation_seed, hashed);
- Eurydice_slice_uint8_t_x2 uu____0 = Eurydice_slice_split_at(
- Eurydice_array_to_slice((size_t)64U, hashed, uint8_t), (size_t)32U,
- uint8_t, Eurydice_slice_uint8_t_x2);
- Eurydice_slice seed_for_A0 = uu____0.fst;
- Eurydice_slice seed_for_secret_and_error = uu____0.snd;
- libcrux_ml_kem_polynomial_PolynomialRingElement_f0 A_transpose[3U][3U];
- uint8_t ret[34U];
- libcrux_ml_kem_utils_into_padded_array_ea1(seed_for_A0, ret);
- libcrux_ml_kem_matrix_sample_matrix_A_38(ret, true, A_transpose);
- uint8_t prf_input[33U];
- libcrux_ml_kem_utils_into_padded_array_ea2(seed_for_secret_and_error,
- prf_input);
- /* Passing arrays by value in Rust generates a copy in C */
- uint8_t copy_of_prf_input0[33U];
- memcpy(copy_of_prf_input0, prf_input, (size_t)33U * sizeof(uint8_t));
- tuple_b0 uu____2 = libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_fc(
- copy_of_prf_input0, 0U);
- libcrux_ml_kem_polynomial_PolynomialRingElement_f0 secret_as_ntt[3U];
- memcpy(
- secret_as_ntt, uu____2.fst,
- (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0));
- uint8_t domain_separator = uu____2.snd;
- /* Passing arrays by value in Rust generates a copy in C */
- uint8_t copy_of_prf_input[33U];
- memcpy(copy_of_prf_input, prf_input, (size_t)33U * sizeof(uint8_t));
- libcrux_ml_kem_polynomial_PolynomialRingElement_f0 error_as_ntt[3U];
- memcpy(
- error_as_ntt,
- libcrux_ml_kem_ind_cpa_sample_vector_cbd_then_ntt_fc(copy_of_prf_input,
- domain_separator)
- .fst,
- (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0));
- libcrux_ml_kem_polynomial_PolynomialRingElement_f0 t_as_ntt[3U];
- libcrux_ml_kem_matrix_compute_As_plus_e_60(A_transpose, secret_as_ntt,
- error_as_ntt, t_as_ntt);
- uint8_t seed_for_A[32U];
- Result_00 dst;
- Eurydice_slice_to_array2(&dst, seed_for_A0, Eurydice_slice, uint8_t[32U]);
- unwrap_41_83(dst, seed_for_A);
- uint8_t public_key_serialized[1184U];
- libcrux_ml_kem_ind_cpa_serialize_public_key_79(
- t_as_ntt, Eurydice_array_to_slice((size_t)32U, seed_for_A, uint8_t),
- public_key_serialized);
- uint8_t secret_key_serialized[1152U];
- libcrux_ml_kem_ind_cpa_serialize_secret_key_b5(secret_as_ntt,
- secret_key_serialized);
- /* Passing arrays by value in Rust generates a copy in C */
- uint8_t copy_of_secret_key_serialized[1152U];
- memcpy(copy_of_secret_key_serialized, secret_key_serialized,
- (size_t)1152U * sizeof(uint8_t));
- /* Passing arrays by value in Rust generates a copy in C */
- uint8_t copy_of_public_key_serialized[1184U];
- memcpy(copy_of_public_key_serialized, public_key_serialized,
- (size_t)1184U * sizeof(uint8_t));
- libcrux_ml_kem_utils_extraction_helper_Keypair768 lit;
- memcpy(lit.fst, copy_of_secret_key_serialized,
- (size_t)1152U * sizeof(uint8_t));
- memcpy(lit.snd, copy_of_public_key_serialized,
- (size_t)1184U * sizeof(uint8_t));
- return lit;
-}
-
-/**
- Packed API
-
- Generate a key pair.
-
- Depending on the `Vector` and `Hasher` used, this requires different hardware
- features
-*/
-/**
-A monomorphic instance of libcrux_ml_kem.ind_cca.generate_keypair
-with types libcrux_ml_kem_vector_portable_vector_type_PortableVector,
-libcrux_ml_kem_hash_functions_portable_PortableHash[[$3size_t]],
-libcrux_ml_kem_variant_Kyber with const generics
-- K= 3
-- CPA_PRIVATE_KEY_SIZE= 1152
-- PRIVATE_KEY_SIZE= 2400
-- PUBLIC_KEY_SIZE= 1184
-- BYTES_PER_RING_ELEMENT= 1152
-- ETA1= 2
-- ETA1_RANDOMNESS_SIZE= 128
-*/
-static inline libcrux_ml_kem_mlkem768_MlKem768KeyPair
-libcrux_ml_kem_ind_cca_generate_keypair_8c0(uint8_t randomness[64U]) {
- Eurydice_slice ind_cpa_keypair_randomness = Eurydice_array_to_subslice2(
- randomness, (size_t)0U,
- LIBCRUX_ML_KEM_CONSTANTS_CPA_PKE_KEY_GENERATION_SEED_SIZE, uint8_t);
- Eurydice_slice implicit_rejection_value = Eurydice_array_to_subslice_from(
- (size_t)64U, randomness,
- LIBCRUX_ML_KEM_CONSTANTS_CPA_PKE_KEY_GENERATION_SEED_SIZE, uint8_t,
- size_t);
- libcrux_ml_kem_utils_extraction_helper_Keypair768 uu____0 =
- libcrux_ml_kem_ind_cpa_generate_keypair_fc0(ind_cpa_keypair_randomness);
- uint8_t ind_cpa_private_key[1152U];
- memcpy(ind_cpa_private_key, uu____0.fst, (size_t)1152U * sizeof(uint8_t));
- uint8_t public_key[1184U];
- memcpy(public_key, uu____0.snd, (size_t)1184U * sizeof(uint8_t));
- uint8_t secret_key_serialized[2400U];
- libcrux_ml_kem_ind_cca_serialize_kem_secret_key_48(
- Eurydice_array_to_slice((size_t)1152U, ind_cpa_private_key, uint8_t),
- Eurydice_array_to_slice((size_t)1184U, public_key, uint8_t),
- implicit_rejection_value, secret_key_serialized);
- /* Passing arrays by value in Rust generates a copy in C */
- uint8_t copy_of_secret_key_serialized[2400U];
- memcpy(copy_of_secret_key_serialized, secret_key_serialized,
- (size_t)2400U * sizeof(uint8_t));
- libcrux_ml_kem_types_MlKemPrivateKey_55 private_key =
- libcrux_ml_kem_types_from_05_f2(copy_of_secret_key_serialized);
- libcrux_ml_kem_types_MlKemPrivateKey_55 uu____2 = private_key;
- /* Passing arrays by value in Rust generates a copy in C */
- uint8_t copy_of_public_key[1184U];
- memcpy(copy_of_public_key, public_key, (size_t)1184U * sizeof(uint8_t));
- return libcrux_ml_kem_types_from_17_35(
- uu____2, libcrux_ml_kem_types_from_b6_da(copy_of_public_key));
-}
-
-/**
-A monomorphic instance of
-libcrux_ml_kem.ind_cca.instantiations.portable.kyber_generate_keypair with const
-generics
-- K= 3
-- CPA_PRIVATE_KEY_SIZE= 1152
-- PRIVATE_KEY_SIZE= 2400
-- PUBLIC_KEY_SIZE= 1184
-- BYTES_PER_RING_ELEMENT= 1152
-- ETA1= 2
-- ETA1_RANDOMNESS_SIZE= 128
-*/
-static inline libcrux_ml_kem_mlkem768_MlKem768KeyPair
-libcrux_ml_kem_ind_cca_instantiations_portable_kyber_generate_keypair_9b(
- uint8_t randomness[64U]) {
- /* Passing arrays by value in Rust generates a copy in C */
- uint8_t copy_of_randomness[64U];
- memcpy(copy_of_randomness, randomness, (size_t)64U * sizeof(uint8_t));
- return libcrux_ml_kem_ind_cca_generate_keypair_8c0(copy_of_randomness);
-}
-
-/**
- Generate Kyber 768 Key Pair
-*/
-static inline libcrux_ml_kem_mlkem768_MlKem768KeyPair
-libcrux_ml_kem_mlkem768_portable_kyber_generate_key_pair(
- uint8_t randomness[64U]) {
- /* Passing arrays by value in Rust generates a copy in C */
- uint8_t copy_of_randomness[64U];
- memcpy(copy_of_randomness, randomness, (size_t)64U * sizeof(uint8_t));
- return libcrux_ml_kem_ind_cca_instantiations_portable_kyber_generate_keypair_9b(
- copy_of_randomness);
+ return libcrux_ml_kem_ind_cca_instantiations_portable_generate_keypair_ce(
+ randomness);
}
/**
Validate an ML-KEM private key.
This implements the Hash check in 7.3 3.
- Note that the size checks in 7.2 1 and 2 are covered by the `SECRET_KEY_SIZE`
- and `CIPHERTEXT_SIZE` in the `private_key` and `ciphertext` types.
*/
/**
-A monomorphic instance of libcrux_ml_kem.ind_cca.validate_private_key
+A monomorphic instance of libcrux_ml_kem.ind_cca.validate_private_key_only
with types libcrux_ml_kem_hash_functions_portable_PortableHash[[$3size_t]]
with const generics
- K= 3
- SECRET_KEY_SIZE= 2400
-- CIPHERTEXT_SIZE= 1088
*/
-static KRML_MUSTINLINE bool libcrux_ml_kem_ind_cca_validate_private_key_e7(
- libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key,
- libcrux_ml_kem_mlkem768_MlKem768Ciphertext *_ciphertext) {
+static KRML_MUSTINLINE bool libcrux_ml_kem_ind_cca_validate_private_key_only_d6(
+ libcrux_ml_kem_types_MlKemPrivateKey_d9 *private_key) {
uint8_t t[32U];
- libcrux_ml_kem_hash_functions_portable_H_f1_1a(
- Eurydice_array_to_subslice2(private_key->value, (size_t)384U * (size_t)3U,
+ libcrux_ml_kem_hash_functions_portable_H_4a_e0(
+ Eurydice_array_to_subslice3(private_key->value, (size_t)384U * (size_t)3U,
(size_t)768U * (size_t)3U + (size_t)32U,
- uint8_t),
+ uint8_t *),
t);
- Eurydice_slice expected = Eurydice_array_to_subslice2(
+ Eurydice_slice expected = Eurydice_array_to_subslice3(
private_key->value, (size_t)768U * (size_t)3U + (size_t)32U,
- (size_t)768U * (size_t)3U + (size_t)64U, uint8_t);
- return core_array_equality___core__cmp__PartialEq__0___Slice_U____for__Array_T__N___3__eq(
- (size_t)32U, t, &expected, uint8_t, uint8_t, bool);
+ (size_t)768U * (size_t)3U + (size_t)64U, uint8_t *);
+ return Eurydice_array_eq_slice((size_t)32U, t, &expected, uint8_t, bool);
}
/**
- Portable private key validation
+ Validate an ML-KEM private key.
+
+ This implements the Hash check in 7.3 3.
+ Note that the size checks in 7.2 1 and 2 are covered by the `SECRET_KEY_SIZE`
+ and `CIPHERTEXT_SIZE` in the `private_key` and `ciphertext` types.
+*/
+/**
+A monomorphic instance of libcrux_ml_kem.ind_cca.validate_private_key
+with types libcrux_ml_kem_hash_functions_portable_PortableHash[[$3size_t]]
+with const generics
+- K= 3
+- SECRET_KEY_SIZE= 2400
+- CIPHERTEXT_SIZE= 1088
+*/
+static KRML_MUSTINLINE bool libcrux_ml_kem_ind_cca_validate_private_key_37(
+ libcrux_ml_kem_types_MlKemPrivateKey_d9 *private_key,
+ libcrux_ml_kem_mlkem768_MlKem768Ciphertext *_ciphertext) {
+ return libcrux_ml_kem_ind_cca_validate_private_key_only_d6(private_key);
+}
+
+/**
+ Private key validation
*/
/**
A monomorphic instance of
@@ -12162,10 +10566,10 @@ generics
- CIPHERTEXT_SIZE= 1088
*/
static KRML_MUSTINLINE bool
-libcrux_ml_kem_ind_cca_instantiations_portable_validate_private_key_9c(
- libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key,
+libcrux_ml_kem_ind_cca_instantiations_portable_validate_private_key_31(
+ libcrux_ml_kem_types_MlKemPrivateKey_d9 *private_key,
libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext) {
- return libcrux_ml_kem_ind_cca_validate_private_key_e7(private_key,
+ return libcrux_ml_kem_ind_cca_validate_private_key_37(private_key,
ciphertext);
}
@@ -12175,23 +10579,57 @@ libcrux_ml_kem_ind_cca_instantiations_portable_validate_private_key_9c(
Returns `true` if valid, and `false` otherwise.
*/
static inline bool libcrux_ml_kem_mlkem768_portable_validate_private_key(
- libcrux_ml_kem_types_MlKemPrivateKey_55 *private_key,
+ libcrux_ml_kem_types_MlKemPrivateKey_d9 *private_key,
libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext) {
- return libcrux_ml_kem_ind_cca_instantiations_portable_validate_private_key_9c(
+ return libcrux_ml_kem_ind_cca_instantiations_portable_validate_private_key_31(
private_key, ciphertext);
}
+/**
+ Private key validation
+*/
+/**
+A monomorphic instance of
+libcrux_ml_kem.ind_cca.instantiations.portable.validate_private_key_only with
+const generics
+- K= 3
+- SECRET_KEY_SIZE= 2400
+*/
+static KRML_MUSTINLINE bool
+libcrux_ml_kem_ind_cca_instantiations_portable_validate_private_key_only_41(
+ libcrux_ml_kem_types_MlKemPrivateKey_d9 *private_key) {
+ return libcrux_ml_kem_ind_cca_validate_private_key_only_d6(private_key);
+}
+
+/**
+ Validate the private key only.
+
+ Returns `true` if valid, and `false` otherwise.
+*/
+static inline bool libcrux_ml_kem_mlkem768_portable_validate_private_key_only(
+ libcrux_ml_kem_types_MlKemPrivateKey_d9 *private_key) {
+ return libcrux_ml_kem_ind_cca_instantiations_portable_validate_private_key_only_41(
+ private_key);
+}
+
+/**
+This function found in impl {core::ops::function::FnMut<(usize),
+libcrux_ml_kem::polynomial::PolynomialRingElement<Vector>[TraitClause@0,
+TraitClause@1]> for
+libcrux_ml_kem::serialize::deserialize_ring_elements_reduced_out::closure<Vector,
+K>[TraitClause@0, TraitClause@1]}
+*/
/**
A monomorphic instance of
-libcrux_ml_kem.serialize.deserialize_ring_elements_reduced.closure with types
-libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics
-- PUBLIC_KEY_SIZE= 1184
+libcrux_ml_kem.serialize.deserialize_ring_elements_reduced_out.call_mut_0b with
+types libcrux_ml_kem_vector_portable_vector_type_PortableVector with const
+generics
- K= 3
*/
-static inline libcrux_ml_kem_polynomial_PolynomialRingElement_f0
-libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_closure_cd0(
- size_t _i) {
- return libcrux_ml_kem_polynomial_ZERO_89_ea();
+static inline libcrux_ml_kem_polynomial_PolynomialRingElement_1d
+libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_out_call_mut_0b_1b(
+ void **_, size_t tupled_args) {
+ return libcrux_ml_kem_polynomial_ZERO_d6_ea();
}
/**
@@ -12202,37 +10640,27 @@ libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_closure_cd0(
*/
/**
A monomorphic instance of
-libcrux_ml_kem.serialize.deserialize_ring_elements_reduced with types
+libcrux_ml_kem.serialize.deserialize_ring_elements_reduced_out with types
libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics
-- PUBLIC_KEY_SIZE= 1184
- K= 3
*/
static KRML_MUSTINLINE void
-libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_330(
+libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_out_1b(
Eurydice_slice public_key,
- libcrux_ml_kem_polynomial_PolynomialRingElement_f0 ret[3U]) {
- libcrux_ml_kem_polynomial_PolynomialRingElement_f0 deserialized_pk[3U];
+ libcrux_ml_kem_polynomial_PolynomialRingElement_1d ret[3U]) {
+ libcrux_ml_kem_polynomial_PolynomialRingElement_1d deserialized_pk[3U];
for (size_t i = (size_t)0U; i < (size_t)3U; i++) {
- deserialized_pk[i] = libcrux_ml_kem_polynomial_ZERO_89_ea();
- }
- for (size_t i = (size_t)0U;
- i < Eurydice_slice_len(public_key, uint8_t) /
- LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT;
- i++) {
- size_t i0 = i;
- Eurydice_slice ring_element = Eurydice_slice_subslice2(
- public_key, i0 * LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT,
- i0 * LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT +
- LIBCRUX_ML_KEM_CONSTANTS_BYTES_PER_RING_ELEMENT,
- uint8_t);
- libcrux_ml_kem_polynomial_PolynomialRingElement_f0 uu____0 =
- libcrux_ml_kem_serialize_deserialize_to_reduced_ring_element_4c(
- ring_element);
- deserialized_pk[i0] = uu____0;
+ /* original Rust expression is not an lvalue in C */
+ void *lvalue = (void *)0U;
+ deserialized_pk[i] =
+ libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_out_call_mut_0b_1b(
+ &lvalue, i);
}
+ libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_1b(
+ public_key, deserialized_pk);
memcpy(
ret, deserialized_pk,
- (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_f0));
+ (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_1d));
}
/**
@@ -12247,42 +10675,44 @@ A monomorphic instance of libcrux_ml_kem.ind_cca.validate_public_key
with types libcrux_ml_kem_vector_portable_vector_type_PortableVector
with const generics
- K= 3
-- RANKED_BYTES_PER_RING_ELEMENT= 1152
- PUBLIC_KEY_SIZE= 1184
*/
-static KRML_MUSTINLINE bool libcrux_ml_kem_ind_cca_validate_public_key_19(
+static KRML_MUSTINLINE bool libcrux_ml_kem_ind_cca_validate_public_key_89(
uint8_t *public_key) {
- libcrux_ml_kem_polynomial_PolynomialRingElement_f0 deserialized_pk[3U];
- libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_330(
- Eurydice_array_to_subslice_to((size_t)1184U, public_key, (size_t)1152U,
- uint8_t, size_t),
+ libcrux_ml_kem_polynomial_PolynomialRingElement_1d deserialized_pk[3U];
+ libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_out_1b(
+ Eurydice_array_to_subslice_to(
+ (size_t)1184U, public_key,
+ libcrux_ml_kem_constants_ranked_bytes_per_ring_element((size_t)3U),
+ uint8_t, size_t, uint8_t[]),
deserialized_pk);
- libcrux_ml_kem_polynomial_PolynomialRingElement_f0 *uu____0 = deserialized_pk;
+ libcrux_ml_kem_polynomial_PolynomialRingElement_1d *uu____0 = deserialized_pk;
uint8_t public_key_serialized[1184U];
- libcrux_ml_kem_ind_cpa_serialize_public_key_79(
+ libcrux_ml_kem_ind_cpa_serialize_public_key_89(
uu____0,
- Eurydice_array_to_subslice_from((size_t)1184U, public_key, (size_t)1152U,
- uint8_t, size_t),
+ Eurydice_array_to_subslice_from(
+ (size_t)1184U, public_key,
+ libcrux_ml_kem_constants_ranked_bytes_per_ring_element((size_t)3U),
+ uint8_t, size_t, uint8_t[]),
public_key_serialized);
- return core_array_equality___core__cmp__PartialEq__Array_U__N___for__Array_T__N____eq(
- (size_t)1184U, public_key, public_key_serialized, uint8_t, uint8_t, bool);
+ return Eurydice_array_eq((size_t)1184U, public_key, public_key_serialized,
+ uint8_t);
}
/**
- Portable public key validation
+ Public key validation
*/
/**
A monomorphic instance of
libcrux_ml_kem.ind_cca.instantiations.portable.validate_public_key with const
generics
- K= 3
-- RANKED_BYTES_PER_RING_ELEMENT= 1152
- PUBLIC_KEY_SIZE= 1184
*/
static KRML_MUSTINLINE bool
-libcrux_ml_kem_ind_cca_instantiations_portable_validate_public_key_4b(
+libcrux_ml_kem_ind_cca_instantiations_portable_validate_public_key_41(
uint8_t *public_key) {
- return libcrux_ml_kem_ind_cca_validate_public_key_19(public_key);
+ return libcrux_ml_kem_ind_cca_validate_public_key_89(public_key);
}
/**
@@ -12291,44 +10721,1022 @@ libcrux_ml_kem_ind_cca_instantiations_portable_validate_public_key_4b(
Returns `true` if valid, and `false` otherwise.
*/
static inline bool libcrux_ml_kem_mlkem768_portable_validate_public_key(
- libcrux_ml_kem_types_MlKemPublicKey_15 *public_key) {
- return libcrux_ml_kem_ind_cca_instantiations_portable_validate_public_key_4b(
+ libcrux_ml_kem_types_MlKemPublicKey_30 *public_key) {
+ return libcrux_ml_kem_ind_cca_instantiations_portable_validate_public_key_41(
public_key->value);
}
/**
-This function found in impl {(core::clone::Clone for
-libcrux_ml_kem::vector::portable::vector_type::PortableVector)}
+A monomorphic instance of libcrux_ml_kem.ind_cca.unpacked.MlKemPublicKeyUnpacked
+with types libcrux_ml_kem_vector_portable_vector_type_PortableVector
+with const generics
+- $3size_t
*/
-static inline libcrux_ml_kem_vector_portable_vector_type_PortableVector
-libcrux_ml_kem_vector_portable_vector_type_clone_3b(
- libcrux_ml_kem_vector_portable_vector_type_PortableVector *self) {
- return self[0U];
+typedef struct libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_a0_s {
+ libcrux_ml_kem_ind_cpa_unpacked_IndCpaPublicKeyUnpacked_a0 ind_cpa_public_key;
+ uint8_t public_key_hash[32U];
+} libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_a0;
+
+typedef libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_a0
+ libcrux_ml_kem_mlkem768_portable_unpacked_MlKem768PublicKeyUnpacked;
+
+/**
+A monomorphic instance of
+libcrux_ml_kem.ind_cca.unpacked.MlKemPrivateKeyUnpacked with types
+libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics
+- $3size_t
+*/
+typedef struct libcrux_ml_kem_ind_cca_unpacked_MlKemPrivateKeyUnpacked_a0_s {
+ libcrux_ml_kem_ind_cpa_unpacked_IndCpaPrivateKeyUnpacked_a0
+ ind_cpa_private_key;
+ uint8_t implicit_rejection_value[32U];
+} libcrux_ml_kem_ind_cca_unpacked_MlKemPrivateKeyUnpacked_a0;
+
+typedef struct
+ libcrux_ml_kem_mlkem768_portable_unpacked_MlKem768KeyPairUnpacked_s {
+ libcrux_ml_kem_ind_cca_unpacked_MlKemPrivateKeyUnpacked_a0 private_key;
+ libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_a0 public_key;
+} libcrux_ml_kem_mlkem768_portable_unpacked_MlKem768KeyPairUnpacked;
+
+/**
+A monomorphic instance of libcrux_ml_kem.ind_cca.unpacked.decapsulate
+with types libcrux_ml_kem_vector_portable_vector_type_PortableVector,
+libcrux_ml_kem_hash_functions_portable_PortableHash[[$3size_t]] with const
+generics
+- K= 3
+- SECRET_KEY_SIZE= 2400
+- CPA_SECRET_KEY_SIZE= 1152
+- PUBLIC_KEY_SIZE= 1184
+- CIPHERTEXT_SIZE= 1088
+- T_AS_NTT_ENCODED_SIZE= 1152
+- C1_SIZE= 960
+- C2_SIZE= 128
+- VECTOR_U_COMPRESSION_FACTOR= 10
+- VECTOR_V_COMPRESSION_FACTOR= 4
+- C1_BLOCK_SIZE= 320
+- ETA1= 2
+- ETA1_RANDOMNESS_SIZE= 128
+- ETA2= 2
+- ETA2_RANDOMNESS_SIZE= 128
+- IMPLICIT_REJECTION_HASH_INPUT_SIZE= 1120
+*/
+static KRML_MUSTINLINE void libcrux_ml_kem_ind_cca_unpacked_decapsulate_51(
+ libcrux_ml_kem_mlkem768_portable_unpacked_MlKem768KeyPairUnpacked *key_pair,
+ libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext, uint8_t ret[32U]) {
+ uint8_t decrypted[32U];
+ libcrux_ml_kem_ind_cpa_decrypt_unpacked_42(
+ &key_pair->private_key.ind_cpa_private_key, ciphertext->value, decrypted);
+ uint8_t to_hash0[64U];
+ libcrux_ml_kem_utils_into_padded_array_24(
+ Eurydice_array_to_slice((size_t)32U, decrypted, uint8_t), to_hash0);
+ Eurydice_slice uu____0 = Eurydice_array_to_subslice_from(
+ (size_t)64U, to_hash0, LIBCRUX_ML_KEM_CONSTANTS_SHARED_SECRET_SIZE,
+ uint8_t, size_t, uint8_t[]);
+ Eurydice_slice_copy(
+ uu____0,
+ Eurydice_array_to_slice((size_t)32U, key_pair->public_key.public_key_hash,
+ uint8_t),
+ uint8_t);
+ uint8_t hashed[64U];
+ libcrux_ml_kem_hash_functions_portable_G_4a_e0(
+ Eurydice_array_to_slice((size_t)64U, to_hash0, uint8_t), hashed);
+ Eurydice_slice_uint8_t_x2 uu____1 = Eurydice_slice_split_at(
+ Eurydice_array_to_slice((size_t)64U, hashed, uint8_t),
+ LIBCRUX_ML_KEM_CONSTANTS_SHARED_SECRET_SIZE, uint8_t,
+ Eurydice_slice_uint8_t_x2);
+ Eurydice_slice shared_secret = uu____1.fst;
+ Eurydice_slice pseudorandomness = uu____1.snd;
+ uint8_t to_hash[1120U];
+ libcrux_ml_kem_utils_into_padded_array_15(
+ Eurydice_array_to_slice(
+ (size_t)32U, key_pair->private_key.implicit_rejection_value, uint8_t),
+ to_hash);
+ Eurydice_slice uu____2 = Eurydice_array_to_subslice_from(
+ (size_t)1120U, to_hash, LIBCRUX_ML_KEM_CONSTANTS_SHARED_SECRET_SIZE,
+ uint8_t, size_t, uint8_t[]);
+ Eurydice_slice_copy(uu____2, libcrux_ml_kem_types_as_ref_d3_80(ciphertext),
+ uint8_t);
+ uint8_t implicit_rejection_shared_secret[32U];
+ libcrux_ml_kem_hash_functions_portable_PRF_4a_41(
+ Eurydice_array_to_slice((size_t)1120U, to_hash, uint8_t),
+ implicit_rejection_shared_secret);
+ uint8_t expected_ciphertext[1088U];
+ libcrux_ml_kem_ind_cpa_encrypt_unpacked_2a(
+ &key_pair->public_key.ind_cpa_public_key, decrypted, pseudorandomness,
+ expected_ciphertext);
+ uint8_t selector =
+ libcrux_ml_kem_constant_time_ops_compare_ciphertexts_in_constant_time(
+ libcrux_ml_kem_types_as_ref_d3_80(ciphertext),
+ Eurydice_array_to_slice((size_t)1088U, expected_ciphertext, uint8_t));
+ uint8_t ret0[32U];
+ libcrux_ml_kem_constant_time_ops_select_shared_secret_in_constant_time(
+ shared_secret,
+ Eurydice_array_to_slice((size_t)32U, implicit_rejection_shared_secret,
+ uint8_t),
+ selector, ret0);
+ memcpy(ret, ret0, (size_t)32U * sizeof(uint8_t));
}
-typedef int16_t libcrux_ml_kem_vector_portable_vector_type_FieldElement;
+/**
+ Unpacked decapsulate
+*/
+/**
+A monomorphic instance of
+libcrux_ml_kem.ind_cca.instantiations.portable.unpacked.decapsulate with const
+generics
+- K= 3
+- SECRET_KEY_SIZE= 2400
+- CPA_SECRET_KEY_SIZE= 1152
+- PUBLIC_KEY_SIZE= 1184
+- CIPHERTEXT_SIZE= 1088
+- T_AS_NTT_ENCODED_SIZE= 1152
+- C1_SIZE= 960
+- C2_SIZE= 128
+- VECTOR_U_COMPRESSION_FACTOR= 10
+- VECTOR_V_COMPRESSION_FACTOR= 4
+- C1_BLOCK_SIZE= 320
+- ETA1= 2
+- ETA1_RANDOMNESS_SIZE= 128
+- ETA2= 2
+- ETA2_RANDOMNESS_SIZE= 128
+- IMPLICIT_REJECTION_HASH_INPUT_SIZE= 1120
+*/
+static KRML_MUSTINLINE void
+libcrux_ml_kem_ind_cca_instantiations_portable_unpacked_decapsulate_35(
+ libcrux_ml_kem_mlkem768_portable_unpacked_MlKem768KeyPairUnpacked *key_pair,
+ libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext, uint8_t ret[32U]) {
+ libcrux_ml_kem_ind_cca_unpacked_decapsulate_51(key_pair, ciphertext, ret);
+}
-typedef int16_t
- libcrux_ml_kem_vector_portable_arithmetic_MontgomeryFieldElement;
+/**
+ Decapsulate ML-KEM 768 (unpacked)
-typedef int16_t
- libcrux_ml_kem_vector_portable_arithmetic_FieldElementTimesMontgomeryR;
+ Generates an [`MlKemSharedSecret`].
+ The input is a reference to an unpacked key pair of type
+ [`MlKem768KeyPairUnpacked`] and an [`MlKem768Ciphertext`].
+*/
+static inline void libcrux_ml_kem_mlkem768_portable_unpacked_decapsulate(
+ libcrux_ml_kem_mlkem768_portable_unpacked_MlKem768KeyPairUnpacked
+ *private_key,
+ libcrux_ml_kem_mlkem768_MlKem768Ciphertext *ciphertext, uint8_t ret[32U]) {
+ libcrux_ml_kem_ind_cca_instantiations_portable_unpacked_decapsulate_35(
+ private_key, ciphertext, ret);
+}
+
+/**
+A monomorphic instance of libcrux_ml_kem.ind_cca.unpacked.encaps_prepare
+with types libcrux_ml_kem_hash_functions_portable_PortableHash[[$3size_t]]
+with const generics
+- K= 3
+*/
+static inline void libcrux_ml_kem_ind_cca_unpacked_encaps_prepare_9c(
+ Eurydice_slice randomness, Eurydice_slice pk_hash, uint8_t ret[64U]) {
+ uint8_t to_hash[64U];
+ libcrux_ml_kem_utils_into_padded_array_24(randomness, to_hash);
+ Eurydice_slice_copy(
+ Eurydice_array_to_subslice_from((size_t)64U, to_hash,
+ LIBCRUX_ML_KEM_CONSTANTS_H_DIGEST_SIZE,
+ uint8_t, size_t, uint8_t[]),
+ pk_hash, uint8_t);
+ uint8_t ret0[64U];
+ libcrux_ml_kem_hash_functions_portable_G_4a_e0(
+ Eurydice_array_to_slice((size_t)64U, to_hash, uint8_t), ret0);
+ memcpy(ret, ret0, (size_t)64U * sizeof(uint8_t));
+}
+
+/**
+A monomorphic instance of libcrux_ml_kem.ind_cca.unpacked.encapsulate
+with types libcrux_ml_kem_vector_portable_vector_type_PortableVector,
+libcrux_ml_kem_hash_functions_portable_PortableHash[[$3size_t]] with const
+generics
+- K= 3
+- CIPHERTEXT_SIZE= 1088
+- PUBLIC_KEY_SIZE= 1184
+- T_AS_NTT_ENCODED_SIZE= 1152
+- C1_SIZE= 960
+- C2_SIZE= 128
+- VECTOR_U_COMPRESSION_FACTOR= 10
+- VECTOR_V_COMPRESSION_FACTOR= 4
+- VECTOR_U_BLOCK_LEN= 320
+- ETA1= 2
+- ETA1_RANDOMNESS_SIZE= 128
+- ETA2= 2
+- ETA2_RANDOMNESS_SIZE= 128
+*/
+static KRML_MUSTINLINE tuple_c2 libcrux_ml_kem_ind_cca_unpacked_encapsulate_0c(
+ libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_a0 *public_key,
+ uint8_t *randomness) {
+ uint8_t hashed[64U];
+ libcrux_ml_kem_ind_cca_unpacked_encaps_prepare_9c(
+ Eurydice_array_to_slice((size_t)32U, randomness, uint8_t),
+ Eurydice_array_to_slice((size_t)32U, public_key->public_key_hash,
+ uint8_t),
+ hashed);
+ Eurydice_slice_uint8_t_x2 uu____0 = Eurydice_slice_split_at(
+ Eurydice_array_to_slice((size_t)64U, hashed, uint8_t),
+ LIBCRUX_ML_KEM_CONSTANTS_SHARED_SECRET_SIZE, uint8_t,
+ Eurydice_slice_uint8_t_x2);
+ Eurydice_slice shared_secret = uu____0.fst;
+ Eurydice_slice pseudorandomness = uu____0.snd;
+ uint8_t ciphertext[1088U];
+ libcrux_ml_kem_ind_cpa_encrypt_unpacked_2a(&public_key->ind_cpa_public_key,
+ randomness, pseudorandomness,
+ ciphertext);
+ uint8_t shared_secret_array[32U] = {0U};
+ Eurydice_slice_copy(
+ Eurydice_array_to_slice((size_t)32U, shared_secret_array, uint8_t),
+ shared_secret, uint8_t);
+ /* Passing arrays by value in Rust generates a copy in C */
+ uint8_t copy_of_ciphertext[1088U];
+ memcpy(copy_of_ciphertext, ciphertext, (size_t)1088U * sizeof(uint8_t));
+ libcrux_ml_kem_mlkem768_MlKem768Ciphertext uu____2 =
+ libcrux_ml_kem_types_from_e0_80(copy_of_ciphertext);
+ /* Passing arrays by value in Rust generates a copy in C */
+ uint8_t copy_of_shared_secret_array[32U];
+ memcpy(copy_of_shared_secret_array, shared_secret_array,
+ (size_t)32U * sizeof(uint8_t));
+ tuple_c2 lit;
+ lit.fst = uu____2;
+ memcpy(lit.snd, copy_of_shared_secret_array, (size_t)32U * sizeof(uint8_t));
+ return lit;
+}
+
+/**
+ Unpacked encapsulate
+*/
+/**
+A monomorphic instance of
+libcrux_ml_kem.ind_cca.instantiations.portable.unpacked.encapsulate with const
+generics
+- K= 3
+- CIPHERTEXT_SIZE= 1088
+- PUBLIC_KEY_SIZE= 1184
+- T_AS_NTT_ENCODED_SIZE= 1152
+- C1_SIZE= 960
+- C2_SIZE= 128
+- VECTOR_U_COMPRESSION_FACTOR= 10
+- VECTOR_V_COMPRESSION_FACTOR= 4
+- VECTOR_U_BLOCK_LEN= 320
+- ETA1= 2
+- ETA1_RANDOMNESS_SIZE= 128
+- ETA2= 2
+- ETA2_RANDOMNESS_SIZE= 128
+*/
+static KRML_MUSTINLINE tuple_c2
+libcrux_ml_kem_ind_cca_instantiations_portable_unpacked_encapsulate_cd(
+ libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_a0 *public_key,
+ uint8_t *randomness) {
+ return libcrux_ml_kem_ind_cca_unpacked_encapsulate_0c(public_key, randomness);
+}
+
+/**
+ Encapsulate ML-KEM 768 (unpacked)
+
+ Generates an ([`MlKem768Ciphertext`], [`MlKemSharedSecret`]) tuple.
+ The input is a reference to an unpacked public key of type
+ [`MlKem768PublicKeyUnpacked`], the SHA3-256 hash of this public key, and
+ [`SHARED_SECRET_SIZE`] bytes of `randomness`.
+*/
+static inline tuple_c2 libcrux_ml_kem_mlkem768_portable_unpacked_encapsulate(
+ libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_a0 *public_key,
+ uint8_t randomness[32U]) {
+ return libcrux_ml_kem_ind_cca_instantiations_portable_unpacked_encapsulate_cd(
+ public_key, randomness);
+}
+
+/**
+This function found in impl {core::ops::function::FnMut<(usize),
+libcrux_ml_kem::polynomial::PolynomialRingElement<Vector>[TraitClause@0,
+TraitClause@1]> for
+libcrux_ml_kem::ind_cca::unpacked::transpose_a::closure::closure<Vector,
+K>[TraitClause@0, TraitClause@1]}
+*/
+/**
+A monomorphic instance of
+libcrux_ml_kem.ind_cca.unpacked.transpose_a.closure.call_mut_b4 with types
+libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics
+- K= 3
+*/
+static inline libcrux_ml_kem_polynomial_PolynomialRingElement_1d
+libcrux_ml_kem_ind_cca_unpacked_transpose_a_closure_call_mut_b4_1b(
+ void **_, size_t tupled_args) {
+ return libcrux_ml_kem_polynomial_ZERO_d6_ea();
+}
+
+/**
+This function found in impl {core::ops::function::FnMut<(usize),
+@Array<libcrux_ml_kem::polynomial::PolynomialRingElement<Vector>[TraitClause@0,
+TraitClause@1], K>> for
+libcrux_ml_kem::ind_cca::unpacked::transpose_a::closure<Vector,
+K>[TraitClause@0, TraitClause@1]}
+*/
+/**
+A monomorphic instance of
+libcrux_ml_kem.ind_cca.unpacked.transpose_a.call_mut_7b with types
+libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics
+- K= 3
+*/
+static inline void libcrux_ml_kem_ind_cca_unpacked_transpose_a_call_mut_7b_1b(
+ void **_, size_t tupled_args,
+ libcrux_ml_kem_polynomial_PolynomialRingElement_1d ret[3U]) {
+ for (size_t i = (size_t)0U; i < (size_t)3U; i++) {
+ /* original Rust expression is not an lvalue in C */
+ void *lvalue = (void *)0U;
+ ret[i] = libcrux_ml_kem_ind_cca_unpacked_transpose_a_closure_call_mut_b4_1b(
+ &lvalue, i);
+ }
+}
+
+/**
+This function found in impl {core::clone::Clone for
+libcrux_ml_kem::polynomial::PolynomialRingElement<Vector>[TraitClause@0,
+TraitClause@2]}
+*/
+/**
+A monomorphic instance of libcrux_ml_kem.polynomial.clone_c1
+with types libcrux_ml_kem_vector_portable_vector_type_PortableVector
+with const generics
+
+*/
+static inline libcrux_ml_kem_polynomial_PolynomialRingElement_1d
+libcrux_ml_kem_polynomial_clone_c1_ea(
+ libcrux_ml_kem_polynomial_PolynomialRingElement_1d *self) {
+ libcrux_ml_kem_polynomial_PolynomialRingElement_1d lit;
+ libcrux_ml_kem_vector_portable_vector_type_PortableVector ret[16U];
+ core_array__core__clone__Clone_for__Array_T__N___clone(
+ (size_t)16U, self->coefficients, ret,
+ libcrux_ml_kem_vector_portable_vector_type_PortableVector, void *);
+ memcpy(lit.coefficients, ret,
+ (size_t)16U *
+ sizeof(libcrux_ml_kem_vector_portable_vector_type_PortableVector));
+ return lit;
+}
+
+/**
+A monomorphic instance of libcrux_ml_kem.ind_cca.unpacked.transpose_a
+with types libcrux_ml_kem_vector_portable_vector_type_PortableVector
+with const generics
+- K= 3
+*/
+static inline void libcrux_ml_kem_ind_cca_unpacked_transpose_a_1b(
+ libcrux_ml_kem_polynomial_PolynomialRingElement_1d ind_cpa_a[3U][3U],
+ libcrux_ml_kem_polynomial_PolynomialRingElement_1d ret[3U][3U]) {
+ libcrux_ml_kem_polynomial_PolynomialRingElement_1d A[3U][3U];
+ for (size_t i = (size_t)0U; i < (size_t)3U; i++) {
+ /* original Rust expression is not an lvalue in C */
+ void *lvalue = (void *)0U;
+ libcrux_ml_kem_ind_cca_unpacked_transpose_a_call_mut_7b_1b(&lvalue, i,
+ A[i]);
+ }
+ for (size_t i = (size_t)0U; i < (size_t)3U; i++) {
+ size_t i0 = i;
+ libcrux_ml_kem_polynomial_PolynomialRingElement_1d _a_i[3U][3U];
+ memcpy(_a_i, A,
+ (size_t)3U *
+ sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_1d[3U]));
+ for (size_t i1 = (size_t)0U; i1 < (size_t)3U; i1++) {
+ size_t j = i1;
+ libcrux_ml_kem_polynomial_PolynomialRingElement_1d uu____0 =
+ libcrux_ml_kem_polynomial_clone_c1_ea(&ind_cpa_a[j][i0]);
+ A[i0][j] = uu____0;
+ }
+ }
+ memcpy(ret, A,
+ (size_t)3U *
+ sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_1d[3U]));
+}
+
+/**
+ Generate Unpacked Keys
+*/
+/**
+A monomorphic instance of libcrux_ml_kem.ind_cca.unpacked.generate_keypair
+with types libcrux_ml_kem_vector_portable_vector_type_PortableVector,
+libcrux_ml_kem_hash_functions_portable_PortableHash[[$3size_t]],
+libcrux_ml_kem_variant_MlKem with const generics
+- K= 3
+- CPA_PRIVATE_KEY_SIZE= 1152
+- PRIVATE_KEY_SIZE= 2400
+- PUBLIC_KEY_SIZE= 1184
+- ETA1= 2
+- ETA1_RANDOMNESS_SIZE= 128
+*/
+static KRML_MUSTINLINE void libcrux_ml_kem_ind_cca_unpacked_generate_keypair_15(
+ uint8_t randomness[64U],
+ libcrux_ml_kem_mlkem768_portable_unpacked_MlKem768KeyPairUnpacked *out) {
+ Eurydice_slice ind_cpa_keypair_randomness = Eurydice_array_to_subslice3(
+ randomness, (size_t)0U,
+ LIBCRUX_ML_KEM_CONSTANTS_CPA_PKE_KEY_GENERATION_SEED_SIZE, uint8_t *);
+ Eurydice_slice implicit_rejection_value = Eurydice_array_to_subslice_from(
+ (size_t)64U, randomness,
+ LIBCRUX_ML_KEM_CONSTANTS_CPA_PKE_KEY_GENERATION_SEED_SIZE, uint8_t,
+ size_t, uint8_t[]);
+ libcrux_ml_kem_ind_cpa_generate_keypair_unpacked_1c(
+ ind_cpa_keypair_randomness, &out->private_key.ind_cpa_private_key,
+ &out->public_key.ind_cpa_public_key);
+ libcrux_ml_kem_polynomial_PolynomialRingElement_1d uu____0[3U][3U];
+ memcpy(uu____0, out->public_key.ind_cpa_public_key.A,
+ (size_t)3U *
+ sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_1d[3U]));
+ libcrux_ml_kem_polynomial_PolynomialRingElement_1d A[3U][3U];
+ libcrux_ml_kem_ind_cca_unpacked_transpose_a_1b(uu____0, A);
+ libcrux_ml_kem_polynomial_PolynomialRingElement_1d uu____1[3U][3U];
+ memcpy(uu____1, A,
+ (size_t)3U *
+ sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_1d[3U]));
+ memcpy(out->public_key.ind_cpa_public_key.A, uu____1,
+ (size_t)3U *
+ sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_1d[3U]));
+ uint8_t pk_serialized[1184U];
+ libcrux_ml_kem_ind_cpa_serialize_public_key_89(
+ out->public_key.ind_cpa_public_key.t_as_ntt,
+ Eurydice_array_to_slice(
+ (size_t)32U, out->public_key.ind_cpa_public_key.seed_for_A, uint8_t),
+ pk_serialized);
+ uint8_t uu____2[32U];
+ libcrux_ml_kem_hash_functions_portable_H_4a_e0(
+ Eurydice_array_to_slice((size_t)1184U, pk_serialized, uint8_t), uu____2);
+ memcpy(out->public_key.public_key_hash, uu____2,
+ (size_t)32U * sizeof(uint8_t));
+ uint8_t uu____3[32U];
+ Result_fb dst;
+ Eurydice_slice_to_array2(&dst, implicit_rejection_value, Eurydice_slice,
+ uint8_t[32U], TryFromSliceError);
+ unwrap_26_b3(dst, uu____3);
+ memcpy(out->private_key.implicit_rejection_value, uu____3,
+ (size_t)32U * sizeof(uint8_t));
+}
+
+/**
+ Generate a key pair
+*/
+/**
+A monomorphic instance of
+libcrux_ml_kem.ind_cca.instantiations.portable.unpacked.generate_keypair with
+const generics
+- K= 3
+- CPA_PRIVATE_KEY_SIZE= 1152
+- PRIVATE_KEY_SIZE= 2400
+- PUBLIC_KEY_SIZE= 1184
+- ETA1= 2
+- ETA1_RANDOMNESS_SIZE= 128
+*/
+static KRML_MUSTINLINE void
+libcrux_ml_kem_ind_cca_instantiations_portable_unpacked_generate_keypair_ce(
+ uint8_t randomness[64U],
+ libcrux_ml_kem_mlkem768_portable_unpacked_MlKem768KeyPairUnpacked *out) {
+ /* Passing arrays by value in Rust generates a copy in C */
+ uint8_t copy_of_randomness[64U];
+ memcpy(copy_of_randomness, randomness, (size_t)64U * sizeof(uint8_t));
+ libcrux_ml_kem_ind_cca_unpacked_generate_keypair_15(copy_of_randomness, out);
+}
+
+/**
+ Generate ML-KEM 768 Key Pair in "unpacked" form.
+*/
+static inline void
+libcrux_ml_kem_mlkem768_portable_unpacked_generate_key_pair_mut(
+ uint8_t randomness[64U],
+ libcrux_ml_kem_mlkem768_portable_unpacked_MlKem768KeyPairUnpacked
+ *key_pair) {
+ /* Passing arrays by value in Rust generates a copy in C */
+ uint8_t copy_of_randomness[64U];
+ memcpy(copy_of_randomness, randomness, (size_t)64U * sizeof(uint8_t));
+ libcrux_ml_kem_ind_cca_instantiations_portable_unpacked_generate_keypair_ce(
+ copy_of_randomness, key_pair);
+}
+
+/**
+This function found in impl {core::default::Default for
+libcrux_ml_kem::ind_cca::unpacked::MlKemPublicKeyUnpacked<Vector,
+K>[TraitClause@0, TraitClause@1]}
+*/
+/**
+A monomorphic instance of libcrux_ml_kem.ind_cca.unpacked.default_30
+with types libcrux_ml_kem_vector_portable_vector_type_PortableVector
+with const generics
+- K= 3
+*/
+static KRML_MUSTINLINE libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_a0
+libcrux_ml_kem_ind_cca_unpacked_default_30_1b(void) {
+ return (
+ KRML_CLITERAL(libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_a0){
+ .ind_cpa_public_key = libcrux_ml_kem_ind_cpa_unpacked_default_8b_1b(),
+ .public_key_hash = {0U}});
+}
+
+/**
+This function found in impl {core::default::Default for
+libcrux_ml_kem::ind_cca::unpacked::MlKemKeyPairUnpacked<Vector,
+K>[TraitClause@0, TraitClause@1]}
+*/
+/**
+A monomorphic instance of libcrux_ml_kem.ind_cca.unpacked.default_7b
+with types libcrux_ml_kem_vector_portable_vector_type_PortableVector
+with const generics
+- K= 3
+*/
+static KRML_MUSTINLINE
+ libcrux_ml_kem_mlkem768_portable_unpacked_MlKem768KeyPairUnpacked
+ libcrux_ml_kem_ind_cca_unpacked_default_7b_1b(void) {
+ libcrux_ml_kem_ind_cca_unpacked_MlKemPrivateKeyUnpacked_a0 uu____0 = {
+ .ind_cpa_private_key = libcrux_ml_kem_ind_cpa_unpacked_default_70_1b(),
+ .implicit_rejection_value = {0U}};
+ return (KRML_CLITERAL(
+ libcrux_ml_kem_mlkem768_portable_unpacked_MlKem768KeyPairUnpacked){
+ .private_key = uu____0,
+ .public_key = libcrux_ml_kem_ind_cca_unpacked_default_30_1b()});
+}
+
+/**
+ Generate ML-KEM 768 Key Pair in "unpacked" form.
+*/
+static inline libcrux_ml_kem_mlkem768_portable_unpacked_MlKem768KeyPairUnpacked
+libcrux_ml_kem_mlkem768_portable_unpacked_generate_key_pair(
+ uint8_t randomness[64U]) {
+ libcrux_ml_kem_mlkem768_portable_unpacked_MlKem768KeyPairUnpacked key_pair =
+ libcrux_ml_kem_ind_cca_unpacked_default_7b_1b();
+ uint8_t uu____0[64U];
+ memcpy(uu____0, randomness, (size_t)64U * sizeof(uint8_t));
+ libcrux_ml_kem_mlkem768_portable_unpacked_generate_key_pair_mut(uu____0,
+ &key_pair);
+ return key_pair;
+}
+
+/**
+ Create a new, empty unpacked key.
+*/
+static inline libcrux_ml_kem_mlkem768_portable_unpacked_MlKem768KeyPairUnpacked
+libcrux_ml_kem_mlkem768_portable_unpacked_init_key_pair(void) {
+ return libcrux_ml_kem_ind_cca_unpacked_default_7b_1b();
+}
+
+/**
+ Create a new, empty unpacked public key.
+*/
+static inline libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_a0
+libcrux_ml_kem_mlkem768_portable_unpacked_init_public_key(void) {
+ return libcrux_ml_kem_ind_cca_unpacked_default_30_1b();
+}
+
+/**
+ Take a serialized private key and generate an unpacked key pair from it.
+*/
+/**
+A monomorphic instance of libcrux_ml_kem.ind_cca.unpacked.keys_from_private_key
+with types libcrux_ml_kem_vector_portable_vector_type_PortableVector
+with const generics
+- K= 3
+- SECRET_KEY_SIZE= 2400
+- CPA_SECRET_KEY_SIZE= 1152
+- PUBLIC_KEY_SIZE= 1184
+- T_AS_NTT_ENCODED_SIZE= 1152
+*/
+static KRML_MUSTINLINE void
+libcrux_ml_kem_ind_cca_unpacked_keys_from_private_key_42(
+ libcrux_ml_kem_types_MlKemPrivateKey_d9 *private_key,
+ libcrux_ml_kem_mlkem768_portable_unpacked_MlKem768KeyPairUnpacked
+ *key_pair) {
+ Eurydice_slice_uint8_t_x4 uu____0 =
+ libcrux_ml_kem_types_unpack_private_key_b4(
+ Eurydice_array_to_slice((size_t)2400U, private_key->value, uint8_t));
+ Eurydice_slice ind_cpa_secret_key = uu____0.fst;
+ Eurydice_slice ind_cpa_public_key = uu____0.snd;
+ Eurydice_slice ind_cpa_public_key_hash = uu____0.thd;
+ Eurydice_slice implicit_rejection_value = uu____0.f3;
+ libcrux_ml_kem_ind_cpa_deserialize_vector_1b(
+ ind_cpa_secret_key,
+ key_pair->private_key.ind_cpa_private_key.secret_as_ntt);
+ libcrux_ml_kem_ind_cpa_build_unpacked_public_key_mut_3f(
+ ind_cpa_public_key, &key_pair->public_key.ind_cpa_public_key);
+ Eurydice_slice_copy(
+ Eurydice_array_to_slice((size_t)32U, key_pair->public_key.public_key_hash,
+ uint8_t),
+ ind_cpa_public_key_hash, uint8_t);
+ Eurydice_slice_copy(
+ Eurydice_array_to_slice(
+ (size_t)32U, key_pair->private_key.implicit_rejection_value, uint8_t),
+ implicit_rejection_value, uint8_t);
+ Eurydice_slice_copy(
+ Eurydice_array_to_slice(
+ (size_t)32U, key_pair->public_key.ind_cpa_public_key.seed_for_A,
+ uint8_t),
+ Eurydice_slice_subslice_from(ind_cpa_public_key, (size_t)1152U, uint8_t,
+ size_t, uint8_t[]),
+ uint8_t);
+}
+
+/**
+ Take a serialized private key and generate an unpacked key pair from it.
+*/
+/**
+A monomorphic instance of
+libcrux_ml_kem.ind_cca.instantiations.portable.unpacked.keypair_from_private_key
+with const generics
+- K= 3
+- SECRET_KEY_SIZE= 2400
+- CPA_SECRET_KEY_SIZE= 1152
+- PUBLIC_KEY_SIZE= 1184
+- T_AS_NTT_ENCODED_SIZE= 1152
+*/
+static KRML_MUSTINLINE void
+libcrux_ml_kem_ind_cca_instantiations_portable_unpacked_keypair_from_private_key_fd(
+ libcrux_ml_kem_types_MlKemPrivateKey_d9 *private_key,
+ libcrux_ml_kem_mlkem768_portable_unpacked_MlKem768KeyPairUnpacked
+ *key_pair) {
+ libcrux_ml_kem_ind_cca_unpacked_keys_from_private_key_42(private_key,
+ key_pair);
+}
+
+/**
+ Get an unpacked key from a private key.
+*/
+static inline void
+libcrux_ml_kem_mlkem768_portable_unpacked_key_pair_from_private_mut(
+ libcrux_ml_kem_types_MlKemPrivateKey_d9 *private_key,
+ libcrux_ml_kem_mlkem768_portable_unpacked_MlKem768KeyPairUnpacked
+ *key_pair) {
+ libcrux_ml_kem_ind_cca_instantiations_portable_unpacked_keypair_from_private_key_fd(
+ private_key, key_pair);
+}
+
+/**
+This function found in impl
+{libcrux_ml_kem::ind_cca::unpacked::MlKemKeyPairUnpacked<Vector,
+K>[TraitClause@0, TraitClause@1]}
+*/
+/**
+A monomorphic instance of
+libcrux_ml_kem.ind_cca.unpacked.serialized_private_key_mut_11 with types
+libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics
+- K= 3
+- CPA_PRIVATE_KEY_SIZE= 1152
+- PRIVATE_KEY_SIZE= 2400
+- PUBLIC_KEY_SIZE= 1184
+*/
+static KRML_MUSTINLINE void
+libcrux_ml_kem_ind_cca_unpacked_serialized_private_key_mut_11_43(
+ libcrux_ml_kem_mlkem768_portable_unpacked_MlKem768KeyPairUnpacked *self,
+ libcrux_ml_kem_types_MlKemPrivateKey_d9 *serialized) {
+ libcrux_ml_kem_utils_extraction_helper_Keypair768 uu____0 =
+ libcrux_ml_kem_ind_cpa_serialize_unpacked_secret_key_6c(
+ &self->public_key.ind_cpa_public_key,
+ &self->private_key.ind_cpa_private_key);
+ uint8_t ind_cpa_private_key[1152U];
+ memcpy(ind_cpa_private_key, uu____0.fst, (size_t)1152U * sizeof(uint8_t));
+ uint8_t ind_cpa_public_key[1184U];
+ memcpy(ind_cpa_public_key, uu____0.snd, (size_t)1184U * sizeof(uint8_t));
+ libcrux_ml_kem_ind_cca_serialize_kem_secret_key_mut_d6(
+ Eurydice_array_to_slice((size_t)1152U, ind_cpa_private_key, uint8_t),
+ Eurydice_array_to_slice((size_t)1184U, ind_cpa_public_key, uint8_t),
+ Eurydice_array_to_slice(
+ (size_t)32U, self->private_key.implicit_rejection_value, uint8_t),
+ serialized->value);
+}
+
+/**
+This function found in impl
+{libcrux_ml_kem::ind_cca::unpacked::MlKemKeyPairUnpacked<Vector,
+K>[TraitClause@0, TraitClause@1]}
+*/
+/**
+A monomorphic instance of
+libcrux_ml_kem.ind_cca.unpacked.serialized_private_key_11 with types
+libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics
+- K= 3
+- CPA_PRIVATE_KEY_SIZE= 1152
+- PRIVATE_KEY_SIZE= 2400
+- PUBLIC_KEY_SIZE= 1184
+*/
+static KRML_MUSTINLINE libcrux_ml_kem_types_MlKemPrivateKey_d9
+libcrux_ml_kem_ind_cca_unpacked_serialized_private_key_11_43(
+ libcrux_ml_kem_mlkem768_portable_unpacked_MlKem768KeyPairUnpacked *self) {
+ libcrux_ml_kem_types_MlKemPrivateKey_d9 sk =
+ libcrux_ml_kem_types_default_d3_28();
+ libcrux_ml_kem_ind_cca_unpacked_serialized_private_key_mut_11_43(self, &sk);
+ return sk;
+}
+
+/**
+ Get the serialized private key.
+*/
+static inline libcrux_ml_kem_types_MlKemPrivateKey_d9
+libcrux_ml_kem_mlkem768_portable_unpacked_key_pair_serialized_private_key(
+ libcrux_ml_kem_mlkem768_portable_unpacked_MlKem768KeyPairUnpacked
+ *key_pair) {
+ return libcrux_ml_kem_ind_cca_unpacked_serialized_private_key_11_43(key_pair);
+}
+
+/**
+ Get the serialized private key.
+*/
+static inline void
+libcrux_ml_kem_mlkem768_portable_unpacked_key_pair_serialized_private_key_mut(
+ libcrux_ml_kem_mlkem768_portable_unpacked_MlKem768KeyPairUnpacked *key_pair,
+ libcrux_ml_kem_types_MlKemPrivateKey_d9 *serialized) {
+ libcrux_ml_kem_ind_cca_unpacked_serialized_private_key_mut_11_43(key_pair,
+ serialized);
+}
+
+/**
+This function found in impl
+{libcrux_ml_kem::ind_cca::unpacked::MlKemPublicKeyUnpacked<Vector,
+K>[TraitClause@0, TraitClause@1]}
+*/
+/**
+A monomorphic instance of libcrux_ml_kem.ind_cca.unpacked.serialized_dd
+with types libcrux_ml_kem_vector_portable_vector_type_PortableVector
+with const generics
+- K= 3
+- PUBLIC_KEY_SIZE= 1184
+*/
+static KRML_MUSTINLINE libcrux_ml_kem_types_MlKemPublicKey_30
+libcrux_ml_kem_ind_cca_unpacked_serialized_dd_89(
+ libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_a0 *self) {
+ uint8_t ret[1184U];
+ libcrux_ml_kem_ind_cpa_serialize_public_key_89(
+ self->ind_cpa_public_key.t_as_ntt,
+ Eurydice_array_to_slice((size_t)32U, self->ind_cpa_public_key.seed_for_A,
+ uint8_t),
+ ret);
+ return libcrux_ml_kem_types_from_fd_d0(ret);
+}
+
+/**
+This function found in impl
+{libcrux_ml_kem::ind_cca::unpacked::MlKemKeyPairUnpacked<Vector,
+K>[TraitClause@0, TraitClause@1]}
+*/
+/**
+A monomorphic instance of
+libcrux_ml_kem.ind_cca.unpacked.serialized_public_key_11 with types
+libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics
+- K= 3
+- PUBLIC_KEY_SIZE= 1184
+*/
+static KRML_MUSTINLINE libcrux_ml_kem_types_MlKemPublicKey_30
+libcrux_ml_kem_ind_cca_unpacked_serialized_public_key_11_89(
+ libcrux_ml_kem_mlkem768_portable_unpacked_MlKem768KeyPairUnpacked *self) {
+ return libcrux_ml_kem_ind_cca_unpacked_serialized_dd_89(&self->public_key);
+}
+
+/**
+ Get the serialized public key.
+*/
+static inline libcrux_ml_kem_types_MlKemPublicKey_30
+libcrux_ml_kem_mlkem768_portable_unpacked_key_pair_serialized_public_key(
+ libcrux_ml_kem_mlkem768_portable_unpacked_MlKem768KeyPairUnpacked
+ *key_pair) {
+ return libcrux_ml_kem_ind_cca_unpacked_serialized_public_key_11_89(key_pair);
+}
+
+/**
+This function found in impl
+{libcrux_ml_kem::ind_cca::unpacked::MlKemPublicKeyUnpacked<Vector,
+K>[TraitClause@0, TraitClause@1]}
+*/
+/**
+A monomorphic instance of libcrux_ml_kem.ind_cca.unpacked.serialized_mut_dd
+with types libcrux_ml_kem_vector_portable_vector_type_PortableVector
+with const generics
+- K= 3
+- PUBLIC_KEY_SIZE= 1184
+*/
+static KRML_MUSTINLINE void
+libcrux_ml_kem_ind_cca_unpacked_serialized_mut_dd_89(
+ libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_a0 *self,
+ libcrux_ml_kem_types_MlKemPublicKey_30 *serialized) {
+ libcrux_ml_kem_ind_cpa_serialize_public_key_mut_89(
+ self->ind_cpa_public_key.t_as_ntt,
+ Eurydice_array_to_slice((size_t)32U, self->ind_cpa_public_key.seed_for_A,
+ uint8_t),
+ serialized->value);
+}
+
+/**
+This function found in impl
+{libcrux_ml_kem::ind_cca::unpacked::MlKemKeyPairUnpacked<Vector,
+K>[TraitClause@0, TraitClause@1]}
+*/
+/**
+A monomorphic instance of
+libcrux_ml_kem.ind_cca.unpacked.serialized_public_key_mut_11 with types
+libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics
+- K= 3
+- PUBLIC_KEY_SIZE= 1184
+*/
+static KRML_MUSTINLINE void
+libcrux_ml_kem_ind_cca_unpacked_serialized_public_key_mut_11_89(
+ libcrux_ml_kem_mlkem768_portable_unpacked_MlKem768KeyPairUnpacked *self,
+ libcrux_ml_kem_types_MlKemPublicKey_30 *serialized) {
+ libcrux_ml_kem_ind_cca_unpacked_serialized_mut_dd_89(&self->public_key,
+ serialized);
+}
+
+/**
+ Get the serialized public key.
+*/
+static inline void
+libcrux_ml_kem_mlkem768_portable_unpacked_key_pair_serialized_public_key_mut(
+ libcrux_ml_kem_mlkem768_portable_unpacked_MlKem768KeyPairUnpacked *key_pair,
+ libcrux_ml_kem_types_MlKemPublicKey_30 *serialized) {
+ libcrux_ml_kem_ind_cca_unpacked_serialized_public_key_mut_11_89(key_pair,
+ serialized);
+}
+
+/**
+This function found in impl {core::clone::Clone for
+libcrux_ml_kem::ind_cpa::unpacked::IndCpaPublicKeyUnpacked<Vector,
+K>[TraitClause@0, TraitClause@2]}
+*/
+/**
+A monomorphic instance of libcrux_ml_kem.ind_cpa.unpacked.clone_91
+with types libcrux_ml_kem_vector_portable_vector_type_PortableVector
+with const generics
+- K= 3
+*/
+static inline libcrux_ml_kem_ind_cpa_unpacked_IndCpaPublicKeyUnpacked_a0
+libcrux_ml_kem_ind_cpa_unpacked_clone_91_1b(
+ libcrux_ml_kem_ind_cpa_unpacked_IndCpaPublicKeyUnpacked_a0 *self) {
+ libcrux_ml_kem_polynomial_PolynomialRingElement_1d uu____0[3U];
+ core_array__core__clone__Clone_for__Array_T__N___clone(
+ (size_t)3U, self->t_as_ntt, uu____0,
+ libcrux_ml_kem_polynomial_PolynomialRingElement_1d, void *);
+ uint8_t uu____1[32U];
+ core_array__core__clone__Clone_for__Array_T__N___clone(
+ (size_t)32U, self->seed_for_A, uu____1, uint8_t, void *);
+ libcrux_ml_kem_ind_cpa_unpacked_IndCpaPublicKeyUnpacked_a0 lit;
+ memcpy(
+ lit.t_as_ntt, uu____0,
+ (size_t)3U * sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_1d));
+ memcpy(lit.seed_for_A, uu____1, (size_t)32U * sizeof(uint8_t));
+ libcrux_ml_kem_polynomial_PolynomialRingElement_1d ret[3U][3U];
+ core_array__core__clone__Clone_for__Array_T__N___clone(
+ (size_t)3U, self->A, ret,
+ libcrux_ml_kem_polynomial_PolynomialRingElement_1d[3U], void *);
+ memcpy(lit.A, ret,
+ (size_t)3U *
+ sizeof(libcrux_ml_kem_polynomial_PolynomialRingElement_1d[3U]));
+ return lit;
+}
+
+/**
+This function found in impl {core::clone::Clone for
+libcrux_ml_kem::ind_cca::unpacked::MlKemPublicKeyUnpacked<Vector,
+K>[TraitClause@0, TraitClause@2]}
+*/
+/**
+A monomorphic instance of libcrux_ml_kem.ind_cca.unpacked.clone_d7
+with types libcrux_ml_kem_vector_portable_vector_type_PortableVector
+with const generics
+- K= 3
+*/
+static inline libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_a0
+libcrux_ml_kem_ind_cca_unpacked_clone_d7_1b(
+ libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_a0 *self) {
+ libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_a0 lit;
+ lit.ind_cpa_public_key =
+ libcrux_ml_kem_ind_cpa_unpacked_clone_91_1b(&self->ind_cpa_public_key);
+ uint8_t ret[32U];
+ core_array__core__clone__Clone_for__Array_T__N___clone(
+ (size_t)32U, self->public_key_hash, ret, uint8_t, void *);
+ memcpy(lit.public_key_hash, ret, (size_t)32U * sizeof(uint8_t));
+ return lit;
+}
+
+/**
+This function found in impl
+{libcrux_ml_kem::ind_cca::unpacked::MlKemKeyPairUnpacked<Vector,
+K>[TraitClause@0, TraitClause@1]}
+*/
+/**
+A monomorphic instance of libcrux_ml_kem.ind_cca.unpacked.public_key_11
+with types libcrux_ml_kem_vector_portable_vector_type_PortableVector
+with const generics
+- K= 3
+*/
+static KRML_MUSTINLINE libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_a0 *
+libcrux_ml_kem_ind_cca_unpacked_public_key_11_1b(
+ libcrux_ml_kem_mlkem768_portable_unpacked_MlKem768KeyPairUnpacked *self) {
+ return &self->public_key;
+}
+
+/**
+ Get the unpacked public key.
+*/
+static inline void libcrux_ml_kem_mlkem768_portable_unpacked_public_key(
+ libcrux_ml_kem_mlkem768_portable_unpacked_MlKem768KeyPairUnpacked *key_pair,
+ libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_a0 *pk) {
+ libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_a0 uu____0 =
+ libcrux_ml_kem_ind_cca_unpacked_clone_d7_1b(
+ libcrux_ml_kem_ind_cca_unpacked_public_key_11_1b(key_pair));
+ pk[0U] = uu____0;
+}
+
+/**
+ Get the serialized public key.
+*/
+static inline void
+libcrux_ml_kem_mlkem768_portable_unpacked_serialized_public_key(
+ libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_a0 *public_key,
+ libcrux_ml_kem_types_MlKemPublicKey_30 *serialized) {
+ libcrux_ml_kem_ind_cca_unpacked_serialized_mut_dd_89(public_key, serialized);
+}
+
+/**
+ Generate an unpacked key from a serialized key.
+*/
+/**
+A monomorphic instance of libcrux_ml_kem.ind_cca.unpacked.unpack_public_key
+with types libcrux_ml_kem_hash_functions_portable_PortableHash[[$3size_t]],
+libcrux_ml_kem_vector_portable_vector_type_PortableVector with const generics
+- K= 3
+- T_AS_NTT_ENCODED_SIZE= 1152
+- PUBLIC_KEY_SIZE= 1184
+*/
+static KRML_MUSTINLINE void
+libcrux_ml_kem_ind_cca_unpacked_unpack_public_key_0a(
+ libcrux_ml_kem_types_MlKemPublicKey_30 *public_key,
+ libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_a0
+ *unpacked_public_key) {
+ Eurydice_slice uu____0 =
+ Eurydice_array_to_subslice_to((size_t)1184U, public_key->value,
+ (size_t)1152U, uint8_t, size_t, uint8_t[]);
+ libcrux_ml_kem_serialize_deserialize_ring_elements_reduced_1b(
+ uu____0, unpacked_public_key->ind_cpa_public_key.t_as_ntt);
+ uint8_t uu____1[32U];
+ libcrux_ml_kem_utils_into_padded_array_9e(
+ Eurydice_array_to_subslice_from((size_t)1184U, public_key->value,
+ (size_t)1152U, uint8_t, size_t,
+ uint8_t[]),
+ uu____1);
+ memcpy(unpacked_public_key->ind_cpa_public_key.seed_for_A, uu____1,
+ (size_t)32U * sizeof(uint8_t));
+ libcrux_ml_kem_polynomial_PolynomialRingElement_1d(*uu____2)[3U] =
+ unpacked_public_key->ind_cpa_public_key.A;
+ uint8_t ret[34U];
+ libcrux_ml_kem_utils_into_padded_array_b6(
+ Eurydice_array_to_subslice_from((size_t)1184U, public_key->value,
+ (size_t)1152U, uint8_t, size_t,
+ uint8_t[]),
+ ret);
+ libcrux_ml_kem_matrix_sample_matrix_A_2b(uu____2, ret, false);
+ uint8_t uu____3[32U];
+ libcrux_ml_kem_hash_functions_portable_H_4a_e0(
+ Eurydice_array_to_slice((size_t)1184U,
+ libcrux_ml_kem_types_as_slice_e6_d0(public_key),
+ uint8_t),
+ uu____3);
+ memcpy(unpacked_public_key->public_key_hash, uu____3,
+ (size_t)32U * sizeof(uint8_t));
+}
+
+/**
+ Get the unpacked public key.
+*/
+/**
+A monomorphic instance of
+libcrux_ml_kem.ind_cca.instantiations.portable.unpacked.unpack_public_key with
+const generics
+- K= 3
+- T_AS_NTT_ENCODED_SIZE= 1152
+- PUBLIC_KEY_SIZE= 1184
+*/
+static KRML_MUSTINLINE void
+libcrux_ml_kem_ind_cca_instantiations_portable_unpacked_unpack_public_key_31(
+ libcrux_ml_kem_types_MlKemPublicKey_30 *public_key,
+ libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_a0
+ *unpacked_public_key) {
+ libcrux_ml_kem_ind_cca_unpacked_unpack_public_key_0a(public_key,
+ unpacked_public_key);
+}
+
+/**
+ Get the unpacked public key.
+*/
+static inline void
+libcrux_ml_kem_mlkem768_portable_unpacked_unpacked_public_key(
+ libcrux_ml_kem_types_MlKemPublicKey_30 *public_key,
+ libcrux_ml_kem_ind_cca_unpacked_MlKemPublicKeyUnpacked_a0
+ *unpacked_public_key) {
+ libcrux_ml_kem_ind_cca_instantiations_portable_unpacked_unpack_public_key_31(
+ public_key, unpacked_public_key);
+}
#if defined(__cplusplus)
}
#endif
-#define __libcrux_mlkem768_portable_H_DEFINED
-#endif
+#define libcrux_mlkem768_portable_H_DEFINED
+#endif /* libcrux_mlkem768_portable_H */
/* rename some types to be a bit more ergonomic */
#define libcrux_mlkem768_keypair libcrux_ml_kem_mlkem768_MlKem768KeyPair_s
-#define libcrux_mlkem768_pk_valid_result Option_92_s
-#define libcrux_mlkem768_pk libcrux_ml_kem_types_MlKemPublicKey_15_s
-#define libcrux_mlkem768_sk libcrux_ml_kem_types_MlKemPrivateKey_55_s
+#define libcrux_mlkem768_pk libcrux_ml_kem_types_MlKemPublicKey_30_s
+#define libcrux_mlkem768_sk libcrux_ml_kem_types_MlKemPrivateKey_d9_s
#define libcrux_mlkem768_ciphertext libcrux_ml_kem_mlkem768_MlKem768Ciphertext_s
-#define libcrux_mlkem768_enc_result tuple_3c_s
+#define libcrux_mlkem768_enc_result tuple_c2_s
/* defines for PRNG inputs */
-#define LIBCRUX_ML_KEM_KEY_PAIR_PRNG_LEN 64
+#define LIBCRUX_ML_KEM_KEY_PAIR_PRNG_LEN 64U
#define LIBCRUX_ML_KEM_ENC_PRNG_LEN 32
diff --git a/mlkem768.sh b/mlkem768.sh
index 3d12b2e..053808f 100755
--- a/mlkem768.sh
+++ b/mlkem768.sh
@@ -4,14 +4,15 @@
#
#WANT_LIBCRUX_REVISION="origin/main"
-WANT_LIBCRUX_REVISION="84c5d87b3092c59294345aa269ceefe0eb97cc35"
+WANT_LIBCRUX_REVISION="core-models-v0.0.4"
+BASE="libcrux/libcrux-ml-kem/extracts/c_header_only/generated"
FILES="
- libcrux/libcrux-ml-kem/cg/eurydice_glue.h
- libcrux/libcrux-ml-kem/cg/libcrux_core.h
- libcrux/libcrux-ml-kem/cg/libcrux_ct_ops.h
- libcrux/libcrux-ml-kem/cg/libcrux_sha3_portable.h
- libcrux/libcrux-ml-kem/cg/libcrux_mlkem768_portable.h
+ $BASE/eurydice_glue.h
+ $BASE/libcrux_mlkem_core.h
+ $BASE/libcrux_ct_ops.h
+ $BASE/libcrux_sha3_portable.h
+ $BASE/libcrux_mlkem768_portable.h
"
START="$PWD"
@@ -40,14 +41,70 @@ echo '/*'
cat libcrux/LICENSE-MIT | sed 's/^/ * /;s/ *$//'
echo ' */'
echo
-echo '#if !defined(__GNUC__) || (__GNUC__ < 2)'
-echo '# define __attribute__(x)'
-echo '#endif'
-echo '#define KRML_MUSTINLINE inline'
-echo '#define KRML_NOINLINE __attribute__((noinline, unused))'
-echo '#define KRML_HOST_EPRINTF(...)'
-echo '#define KRML_HOST_EXIT(x) fatal_f("internal error")'
-echo
+
+LSHIFT="<<"
+cat << _EOF
+#if !defined(__GNUC__) || (__GNUC__ < 2)
+# define __attribute__(x)
+#endif
+#define KRML_MUSTINLINE inline
+#define KRML_NOINLINE __attribute__((noinline, unused))
+#define KRML_HOST_EPRINTF(...)
+#define KRML_HOST_EXIT(x) fatal_f("internal error")
+
+static inline void
+store64_le(uint8_t dst[8], uint64_t src)
+{
+ dst[0] = src & 0xff;
+ dst[1] = (src >> 8) & 0xff;
+ dst[2] = (src >> 16) & 0xff;
+ dst[3] = (src >> 24) & 0xff;
+ dst[4] = (src >> 32) & 0xff;
+ dst[5] = (src >> 40) & 0xff;
+ dst[6] = (src >> 48) & 0xff;
+ dst[7] = (src >> 56) & 0xff;
+}
+
+static inline void
+store32_le(uint8_t dst[4], uint32_t src)
+{
+ dst[0] = src & 0xff;
+ dst[1] = (src >> 8) & 0xff;
+ dst[2] = (src >> 16) & 0xff;
+ dst[3] = (src >> 24) & 0xff;
+}
+
+static inline void
+store32_be(uint8_t dst[4], uint32_t src)
+{
+ dst[0] = (src >> 24) & 0xff;
+ dst[1] = (src >> 16) & 0xff;
+ dst[2] = (src >> 8) & 0xff;
+ dst[3] = src & 0xff;
+}
+
+static inline uint64_t
+load64_le(uint8_t src[8])
+{
+ return (uint64_t)(src[0]) |
+ ((uint64_t)(src[1]) $LSHIFT 8) |
+ ((uint64_t)(src[2]) $LSHIFT 16) |
+ ((uint64_t)(src[3]) $LSHIFT 24) |
+ ((uint64_t)(src[4]) $LSHIFT 32) |
+ ((uint64_t)(src[5]) $LSHIFT 40) |
+ ((uint64_t)(src[6]) $LSHIFT 48) |
+ ((uint64_t)(src[7]) $LSHIFT 56);
+}
+
+static inline uint32_t
+load32_le(uint8_t src[4])
+{
+ return (uint32_t)(src[0]) |
+ ((uint32_t)(src[1]) $LSHIFT 8) |
+ ((uint32_t)(src[2]) $LSHIFT 16) |
+ ((uint32_t)(src[3]) $LSHIFT 24);
+}
+_EOF
for i in $FILES; do
echo "/* from $i */"
@@ -58,11 +115,9 @@ for i in $FILES; do
-e 's/[ ]*$//' \
$i | \
case "$i" in
- */libcrux-ml-kem/cg/eurydice_glue.h)
- # Replace endian functions with versions that work.
- perl -0777 -pe 's/(static inline void core_num__u64_9__to_le_bytes.*\n)([^}]*\n)/\1 v = htole64(v);\n\2/' |
- perl -0777 -pe 's/(static inline uint64_t core_num__u64_9__from_le_bytes.*?)return v;/\1return le64toh(v);/s' |
- perl -0777 -pe 's/(static inline uint32_t core_num__u32_8__from_le_bytes.*?)return v;/\1return le32toh(v);/s'
+ */eurydice_glue.h)
+ # Replace endian function for consistency.
+ perl -0777 -pe 's/(static inline void core_num__u32__to_be_bytes.*\n)([^}]*\n)/\1 store32_be(dst, src);\n/'
;;
# Default: pass through.
*)
@@ -75,11 +130,10 @@ done
echo
echo '/* rename some types to be a bit more ergonomic */'
echo '#define libcrux_mlkem768_keypair libcrux_ml_kem_mlkem768_MlKem768KeyPair_s'
-echo '#define libcrux_mlkem768_pk_valid_result Option_92_s'
-echo '#define libcrux_mlkem768_pk libcrux_ml_kem_types_MlKemPublicKey_15_s'
-echo '#define libcrux_mlkem768_sk libcrux_ml_kem_types_MlKemPrivateKey_55_s'
+echo '#define libcrux_mlkem768_pk libcrux_ml_kem_types_MlKemPublicKey_30_s'
+echo '#define libcrux_mlkem768_sk libcrux_ml_kem_types_MlKemPrivateKey_d9_s'
echo '#define libcrux_mlkem768_ciphertext libcrux_ml_kem_mlkem768_MlKem768Ciphertext_s'
-echo '#define libcrux_mlkem768_enc_result tuple_3c_s'
+echo '#define libcrux_mlkem768_enc_result tuple_c2_s'
) > libcrux_mlkem768_sha3.h_new
# Do some checks on the resultant file
@@ -137,8 +191,8 @@ cc -Wall -Wextra -Wno-unused-parameter -o libcrux_mlkem768_sha3_check \
./libcrux_mlkem768_sha3_check
# Extract PRNG inputs; there's no nice #defines for these
-key_pair_rng_len=`sed -e '/^libcrux_ml_kem_mlkem768_portable_kyber_generate_key_pair[(]$/,/[)] {$/!d' < libcrux_mlkem768_sha3.h_new | grep 'uint8_t randomness\[[0-9]*U\][)]' | sed 's/.*randomness\[\([0-9]*\)U\].*/\1/'`
-enc_rng_len=`sed -e '/^static inline tuple_3c libcrux_ml_kem_mlkem768_portable_kyber_encapsulate[(]$/,/[)] {$/!d' < libcrux_mlkem768_sha3.h_new | grep 'uint8_t randomness\[[0-9]*U\][)]' | sed 's/.*randomness\[\([0-9]*\)U\].*/\1/'`
+key_pair_rng_len=`grep '^libcrux_ml_kem_mlkem768_portable_generate_key_pair.*randomness' libcrux_mlkem768_sha3.h_new | sed 's/.*randomness[[]//;s/\].*//'`
+enc_rng_len=`sed -e '/^static inline tuple_c2 libcrux_ml_kem_mlkem768_portable_encapsulate[(]$/,/[)] {$/!d' < libcrux_mlkem768_sha3.h_new | grep 'uint8_t randomness\[[0-9]*U\][)]' | sed 's/.*randomness\[\([0-9]*\)U\].*/\1/'`
test -z "$key_pair_rng_len" && die "couldn't find size of libcrux_ml_kem_mlkem768_portable_kyber_generate_key_pair randomness argument"
test -z "$enc_rng_len" && die "couldn't find size of libcrux_ml_kem_mlkem768_portable_kyber_encapsulate randomness argument"
Update libcrux ML-KEM used in OpenSSH