From 8b59bbd8e85593edaf87237b102cb488ed80ee4a Mon Sep 17 00:00:00 2001
From: Hanno Becker <beckphan@amazon.co.uk>
Date: Sun, 5 Jan 2025 08:04:48 +0000
Subject: [PATCH 1/2] Remove CRYPTO_ALGNAME from kem.h

Move it to `gen_NISTKAT.c`, which is the only place where it is used.

Signed-off-by: Hanno Becker <beckphan@amazon.co.uk>
---
 mlkem/kem.h        | 8 --------
 test/gen_NISTKAT.c | 8 ++++++++
 2 files changed, 8 insertions(+), 8 deletions(-)

diff --git a/mlkem/kem.h b/mlkem/kem.h
index 6d84a75d0..534e3783c 100644
--- a/mlkem/kem.h
+++ b/mlkem/kem.h
@@ -14,14 +14,6 @@
 #define CRYPTO_CIPHERTEXTBYTES MLKEM_CIPHERTEXTBYTES
 #define CRYPTO_BYTES MLKEM_SSBYTES
 
-#if (MLKEM_K == 2)
-#define CRYPTO_ALGNAME "Kyber512"
-#elif (MLKEM_K == 3)
-#define CRYPTO_ALGNAME "Kyber768"
-#elif (MLKEM_K == 4)
-#define CRYPTO_ALGNAME "Kyber1024"
-#endif
-
 #define crypto_kem_keypair_derand MLKEM_NAMESPACE(keypair_derand)
 /*************************************************
  * Name:        crypto_kem_keypair_derand
diff --git a/test/gen_NISTKAT.c b/test/gen_NISTKAT.c
index db7b571f6..91cfc0056 100644
--- a/test/gen_NISTKAT.c
+++ b/test/gen_NISTKAT.c
@@ -10,6 +10,14 @@
 #include "nistrng.h"
 #include "randombytes.h"
 
+#if (MLKEM_K == 2)
+#define CRYPTO_ALGNAME "Kyber512"
+#elif (MLKEM_K == 3)
+#define CRYPTO_ALGNAME "Kyber768"
+#elif (MLKEM_K == 4)
+#define CRYPTO_ALGNAME "Kyber1024"
+#endif
+
 static void fprintBstr(FILE *fp, const char *S, const uint8_t *A, size_t L)
 {
   size_t i;

From 95dcffe6dc49c1ef295f2ea9dfb1dd424476da5f Mon Sep 17 00:00:00 2001
From: Hanno Becker <beckphan@amazon.co.uk>
Date: Tue, 7 Jan 2025 06:02:56 +0000
Subject: [PATCH 2/2] Introduce publich header for mlkem-native API

Application sources using an mlkem-native build should not have to
add the source tree of mlkem-native to the include paths. Instead,
there should be a single standaloe header sufficient to include
all necessary declarations.

Previously, this was not true: Applications would need to include
`kem.h` from the source tree, which in turn would pull in, for example,
`config.h` and `cbmc.h`.

On the other hand, the header of mlkem-native is not static, but
depends on information from the build, namely the security level
and the namespacing: The security level determines the sizes of
key material which callers need to know about. The namespacing
determines the name of the function symbols, which callers need
to know about.
It is therefore not possible to completely detach the mlkem-native
API header from the source tree used to build mlkem-native.

One way to address this is to merely require the build configuration
header to be included in the public API header. This works well for
single-level builds, but is inconvenient if the consumer wants to use
multiple instances of mlkem-native for different security levels; in
this case, including the public header multiple times would pull in
multiple configuration files, which would lead to clashes of #define's
clauses.
On the other hand, requiring the consumer to duplicate the level and
namespacing information in the API header is inconvenient for simple
tests or single-level builds.

This introduces a public API header mlkem-native.h, which addresses
the above as follows:

mlkem-native.h requires the build level and build namespace. By default,
it is obtained by including the underlying build configuration
(assumed to be present in the include paths). Alternatively, the user
can set BUILD_INFO_LVL and BUILD_INFO_NAMESPACE explicitly in mlkem-native.h,
and thereby avoid any dependency between mlkem-native.h and config.h.
In this setting, mlkem-native.h leaves no other traces than static size
declarations and build-specific API declarations. In particular, it can
be included multiple times.

This commit adjusts all tests and examples to no longer include `kem.h`,
but only `mlkem-native.h`. In all cases but the monolithic build example,
no further change is required, with the API header pulling the underlying
configuration automatically.

The monolithic build test `examples/monolithic_build` is adjusted as follows:
Where previously it included two instances of mlkem-native, it now includes
three, one per security level. The previous `mlkem_native_all.c` is renamed
to `mlkem_native_monobuild.c`, and is the source file needed for a monolithic
build of a _single_ configuration. This is then included 3 times in `mlkem_native_all.c`.
To provide a header for this file, we include `mlkem-native.h` 3 times, using
manually set `BUILD_INFO_LVL` and `BUILD_INFO_NAMESPACE` to avoid nameclashes
from pulling in the full configuration.

Signed-off-by: Hanno Becker <beckphan@amazon.co.uk>
---
 .../custom_fips202/fips202x4.h                |    2 -
 examples/bring_your_own_fips202/main.c        |    2 +-
 examples/custom_backend/main.c                |    2 +-
 .../mlkem_native/custom_config.h              |   10 +
 .../mlkem_native/mlkem/mlkem_native.h         |    1 +
 .../mlkem_native/mlkem/namespace.h            |    1 -
 examples/mlkem_native_as_code_package/main.c  |    2 +-
 examples/monolithic_build/Makefile            |   17 +-
 .../{config_b.h => config_1024.h}             |    0
 examples/monolithic_build/config_512.h        |   97 +
 .../{config_a.h => config_768.h}              |    0
 examples/monolithic_build/main.c              |   75 +-
 examples/monolithic_build/mlkem_native_all.c  | 2767 +---------------
 examples/monolithic_build/mlkem_native_all.h  |   39 +
 .../monolithic_build/mlkem_native_monobuild.c | 2900 +++++++++++++++++
 mlkem/common.h                                |    1 -
 mlkem/config.h                                |   45 +
 mlkem/kem.c                                   |   67 +-
 mlkem/kem.h                                   |   99 +-
 mlkem/mlkem_native.h                          |  239 ++
 mlkem/namespace.h                             |   40 -
 mlkem/params.h                                |    9 +-
 scripts/autogenerate_files.py                 |    2 +-
 test/acvp_mlkem.c                             |   42 +-
 test/bench_mlkem.c                            |    2 +-
 test/gen_KAT.c                                |    5 +-
 test/gen_NISTKAT.c                            |    2 +-
 test/test_mlkem.c                             |    2 +-
 28 files changed, 3533 insertions(+), 2937 deletions(-)
 create mode 120000 examples/custom_backend/mlkem_native/mlkem/mlkem_native.h
 delete mode 120000 examples/custom_backend/mlkem_native/mlkem/namespace.h
 rename examples/monolithic_build/{config_b.h => config_1024.h} (100%)
 create mode 100644 examples/monolithic_build/config_512.h
 rename examples/monolithic_build/{config_a.h => config_768.h} (100%)
 create mode 100644 examples/monolithic_build/mlkem_native_all.h
 create mode 100644 examples/monolithic_build/mlkem_native_monobuild.c
 create mode 100644 mlkem/mlkem_native.h
 delete mode 100644 mlkem/namespace.h

diff --git a/examples/bring_your_own_fips202/custom_fips202/fips202x4.h b/examples/bring_your_own_fips202/custom_fips202/fips202x4.h
index 3e6afc92b..7b2051a2f 100644
--- a/examples/bring_your_own_fips202/custom_fips202/fips202x4.h
+++ b/examples/bring_your_own_fips202/custom_fips202/fips202x4.h
@@ -17,8 +17,6 @@
 #include <stdint.h>
 
 #include "cbmc.h"
-#include "namespace.h"
-
 #include "fips202.h"
 
 typedef shake128ctx shake128x4ctx[4];
diff --git a/examples/bring_your_own_fips202/main.c b/examples/bring_your_own_fips202/main.c
index 5dc1cc2a8..1ea54442c 100644
--- a/examples/bring_your_own_fips202/main.c
+++ b/examples/bring_your_own_fips202/main.c
@@ -6,7 +6,7 @@
 #include <stdio.h>
 #include <string.h>
 
-#include <kem.h>
+#include <mlkem_native.h>
 
 const uint8_t expected_key[] = {0xe9, 0x13, 0x77, 0x84, 0x0e, 0x6b, 0x66, 0x94,
                                 0xea, 0xa9, 0xf0, 0x1c, 0x97, 0xff, 0x68, 0x87,
diff --git a/examples/custom_backend/main.c b/examples/custom_backend/main.c
index 5dc1cc2a8..1ea54442c 100644
--- a/examples/custom_backend/main.c
+++ b/examples/custom_backend/main.c
@@ -6,7 +6,7 @@
 #include <stdio.h>
 #include <string.h>
 
-#include <kem.h>
+#include <mlkem_native.h>
 
 const uint8_t expected_key[] = {0xe9, 0x13, 0x77, 0x84, 0x0e, 0x6b, 0x66, 0x94,
                                 0xea, 0xa9, 0xf0, 0x1c, 0x97, 0xff, 0x68, 0x87,
diff --git a/examples/custom_backend/mlkem_native/custom_config.h b/examples/custom_backend/mlkem_native/custom_config.h
index 417cc9d8f..5a9c925d7 100644
--- a/examples/custom_backend/mlkem_native/custom_config.h
+++ b/examples/custom_backend/mlkem_native/custom_config.h
@@ -108,4 +108,14 @@
  *****************************************************************************/
 #define MLKEM_NATIVE_FIPS202_BACKEND "fips202/native/custom/custom.h"
 
+/******************************************************************************
+ * Name:        MLKEM_NATIVE_API_STANDARD
+ *
+ * Description: Define this to extend api.h to also export key sizes and public
+ *              API in the CRYPTO_xxx and crypto_kem_xxx format as used e.g. by
+ *              SUPERCOP.
+ *
+ *****************************************************************************/
+#define MLKEM_NATIVE_API_STANDARD
+
 #endif /* MLkEM_NATIVE_CONFIG_H */
diff --git a/examples/custom_backend/mlkem_native/mlkem/mlkem_native.h b/examples/custom_backend/mlkem_native/mlkem/mlkem_native.h
new file mode 120000
index 000000000..06ee803ec
--- /dev/null
+++ b/examples/custom_backend/mlkem_native/mlkem/mlkem_native.h
@@ -0,0 +1 @@
+../../../../mlkem/mlkem_native.h
\ No newline at end of file
diff --git a/examples/custom_backend/mlkem_native/mlkem/namespace.h b/examples/custom_backend/mlkem_native/mlkem/namespace.h
deleted file mode 120000
index c41101c01..000000000
--- a/examples/custom_backend/mlkem_native/mlkem/namespace.h
+++ /dev/null
@@ -1 +0,0 @@
-../../../../mlkem/namespace.h
\ No newline at end of file
diff --git a/examples/mlkem_native_as_code_package/main.c b/examples/mlkem_native_as_code_package/main.c
index d6bb92888..7f3237ca6 100644
--- a/examples/mlkem_native_as_code_package/main.c
+++ b/examples/mlkem_native_as_code_package/main.c
@@ -6,7 +6,7 @@
 #include <stdio.h>
 #include <string.h>
 
-#include <kem.h>
+#include <mlkem_native.h>
 
 int main(void)
 {
diff --git a/examples/monolithic_build/Makefile b/examples/monolithic_build/Makefile
index b14336c8a..8a33a75f2 100644
--- a/examples/monolithic_build/Makefile
+++ b/examples/monolithic_build/Makefile
@@ -31,14 +31,27 @@ RNG_SOURCE=$(wildcard test_only_rng/*.c)
 # Part C:
 #
 # Your application source code
-APP_SOURCE=main.c
+APP_SOURCE=main.c mlkem_native_all.c
 
 ALL_SOURCE=$(MLKEM_NATIVE_SOURCE) $(RNG_SOURCE) $(APP_SOURCE)
 
 BUILD_DIR=build
 BIN=test_binary
 
-CFLAGS=-std=c90
+CFLAGS := \
+	-Wall \
+	-Wextra \
+	-Wmissing-prototypes \
+	-Wshadow \
+	-Wpointer-arith \
+	-Wno-long-long \
+	-Wno-unknown-pragmas \
+	-Wno-unused-command-line-argument \
+	-O3 \
+	-fomit-frame-pointer \
+	-std=c90 \
+	-pedantic \
+	-MMD
 
 BINARY_NAME_FULL=$(BUILD_DIR)/$(BIN)
 
diff --git a/examples/monolithic_build/config_b.h b/examples/monolithic_build/config_1024.h
similarity index 100%
rename from examples/monolithic_build/config_b.h
rename to examples/monolithic_build/config_1024.h
diff --git a/examples/monolithic_build/config_512.h b/examples/monolithic_build/config_512.h
new file mode 100644
index 000000000..eb1206e17
--- /dev/null
+++ b/examples/monolithic_build/config_512.h
@@ -0,0 +1,97 @@
+/*
+ * Copyright (c) 2024 The mlkem-native project authors
+ * SPDX-License-Identifier: Apache-2.0
+ */
+
+#ifndef MLKEM_NATIVE_CONFIG_H
+#define MLKEM_NATIVE_CONFIG_H
+
+/******************************************************************************
+ * Name:        MLKEM_K
+ *
+ * Description: Determines the security level for ML-KEM
+ *              - MLKEM_K=2 corresponds to ML-KEM-512
+ *              - MLKEM_K=3 corresponds to ML-KEM-768
+ *              - MLKEM_K=4 corresponds to ML-KEM-1024
+ *
+ *              This can also be set using CFLAGS.
+ *
+ *****************************************************************************/
+#ifndef MLKEM_K
+#define MLKEM_K 2 /* Change this for different security strengths */
+#endif
+
+/******************************************************************************
+ * Name:        MLKEM_NATIVE_CONFIG_FILE
+ *
+ * Description: If defined, this is a header that will be included instead
+ *              of mlkem/config.h.
+ *
+ *              This _must_ be set on the command line using
+ *              `-DMLKEM_NATIVE_CONFIG_FILE="..."`.
+ *
+ *              When you need to build mlkem-native in multiple configurations,
+ *              using varying MLKEM_NATIE_CONFIG_FILE can be more convenient
+ *              then configuring everything through CFLAGS.
+ *
+ *****************************************************************************/
+/* #define MLKEM_NATIVE_CONFIG_FILE "config.h" */
+
+/******************************************************************************
+ * Name:        MLKEM_NAMESPACE
+ *
+ * Description: The macros to use to namespace global symbols
+ *              from mlkem/.
+ *****************************************************************************/
+#define CONCAT(a, b) a##b
+#define MLKEM_NAMESPACE(sym) CONCAT(mlkem512_, sym)
+
+/******************************************************************************
+ * Name:        FIPS202_NAMESPACE
+ *
+ * Description: The macros to use to namespace global symbols
+ *              from mlkem/fips202/.
+ *****************************************************************************/
+#define FIPS202_NAMESPACE(sym) CONCAT(mlkem512_, sym)
+
+/******************************************************************************
+ * Name:        MLKEM_USE_NATIVE
+ *
+ * Description: Determines whether a native backend should
+ *              be used, if available.
+ *
+ *              This can also be set using CFLAGS.
+ *
+ *****************************************************************************/
+/* #define MLKEM_USE_NATIVE */
+
+/******************************************************************************
+ * Name:        MLKEM_NATIVE_ARITH_BACKEND
+ *
+ * Description: The arithmetic backend to use.
+ *
+ *              This must be the filename of an arithmetic backend.
+ *              See the existing backends for examples.
+ *
+ *              This can be set using CFLAGS.
+ *
+ *****************************************************************************/
+#if defined(MLKEM_USE_NATIVE) && !defined(MLKEM_NATIVE_ARITH_BACKEND)
+#define MLKEM_NATIVE_ARITH_BACKEND "native/default.h"
+#endif /* MLKEM_NATIVE_ARITH_BACKEND */
+
+/******************************************************************************
+ * Name:        MLKEM_NATIVE_FIPS202_BACKEND
+ *
+ * Description: The FIPS-202 backend to use.
+ *
+ *              This must be the filename of an FIPS-202 backend.
+ *
+ *              This can be set using CFLAGS.
+ *
+ *****************************************************************************/
+#if defined(MLKEM_USE_NATIVE) && !defined(MLKEM_NATIVE_FIPS202_BACKEND)
+#define MLKEM_NATIVE_FIPS202_BACKEND "fips202/native/default.h"
+#endif /* MLKEM_NATIVE_FIPS202_BACKEND */
+
+#endif /* MLkEM_NATIVE_CONFIG_H */
diff --git a/examples/monolithic_build/config_a.h b/examples/monolithic_build/config_768.h
similarity index 100%
rename from examples/monolithic_build/config_a.h
rename to examples/monolithic_build/config_768.h
diff --git a/examples/monolithic_build/main.c b/examples/monolithic_build/main.c
index 6926eefe1..4e512b592 100644
--- a/examples/monolithic_build/main.c
+++ b/examples/monolithic_build/main.c
@@ -3,42 +3,38 @@
  * SPDX-License-Identifier: Apache-2.0
  */
 
-#define MLKEM_NATIVE_CONFIG_FILE "config_a.h"
-#include "mlkem_native_all.c"
-#undef MLKEM_NATIVE_CONFIG_FILE
-
-#define MLKEM_NATIVE_CONFIG_FILE "config_b.h"
-#include "mlkem_native_all.c"
-#undef MLKEM_NATIVE_CONFIG_FILE
-
-/* Some scheme parameters from META.json
- *
- * TODO: One should be able to get those more easily,
- * but after mlkem_native_all.c the MLKEM_XXX macros
- * have already been undefined.
- * This should be sorted by providing a new api.h
- * header that can be included and relies solely on
- * the config.h; the present kem.h does not yet have
- * this property. */
-#define MLKEM768_SECRETKEYBYTES 2400
-#define MLKEM768_PUBLICKEYBYTES 1184
-#define MLKEM768_CIPHERTEXTBYTES 1088
-#define MLKEM768_BYTES 32
-
-#define MLKEM1024_SECRETKEYBYTES 3168
-#define MLKEM1024_PUBLICKEYBYTES 1568
-#define MLKEM1024_CIPHERTEXTBYTES 1568
-#define MLKEM1024_BYTES 32
-
-/* Public API declaration -- those, too, should not be done
- * manually, but come from a config-dependent api.h. */
-int mlkem768_keypair(uint8_t *pk, uint8_t *sk);
-int mlkem768_dec(uint8_t *ss, const uint8_t *ct, const uint8_t *sk);
-int mlkem768_enc(uint8_t *ct, uint8_t *ss, const uint8_t *pk);
-
-int mlkem1024_keypair(uint8_t *pk, uint8_t *sk);
-int mlkem1024_dec(uint8_t *ss, const uint8_t *ct, const uint8_t *sk);
-int mlkem1024_enc(uint8_t *ct, uint8_t *ss, const uint8_t *pk);
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+
+#include "mlkem_native_all.h"
+
+static int test_keys_mlkem512(void)
+{
+  uint8_t pk[MLKEM512_PUBLICKEYBYTES];
+  uint8_t sk[MLKEM512_SECRETKEYBYTES];
+  uint8_t ct[MLKEM512_CIPHERTEXTBYTES];
+  uint8_t key_a[MLKEM512_BYTES];
+  uint8_t key_b[MLKEM512_BYTES];
+
+  /* Alice generates a public key */
+  mlkem512_keypair(pk, sk);
+
+  /* Bob derives a secret key and creates a response */
+  mlkem512_enc(ct, key_b, pk);
+
+  /* Alice uses Bobs response to get her shared key */
+  mlkem512_dec(key_a, ct, sk);
+
+  if (memcmp(key_a, key_b, MLKEM512_BYTES))
+  {
+    printf("[MLKEM-512] ERROR keys\n");
+    return 1;
+  }
+
+  printf("[MLKEM-512] OK\n");
+  return 0;
+}
 
 static int test_keys_mlkem768(void)
 {
@@ -63,6 +59,7 @@ static int test_keys_mlkem768(void)
     return 1;
   }
 
+  printf("[MLKEM-768] OK\n");
   return 0;
 }
 
@@ -89,11 +86,17 @@ static int test_keys_mlkem1024(void)
     return 1;
   }
 
+  printf("[MLKEM-1024] OK\n");
   return 0;
 }
 
 int main(void)
 {
+  if (test_keys_mlkem512() != 0)
+  {
+    return 1;
+  }
+
   if (test_keys_mlkem768() != 0)
   {
     return 1;
diff --git a/examples/monolithic_build/mlkem_native_all.c b/examples/monolithic_build/mlkem_native_all.c
index f02bd4068..3e19f0e3d 100644
--- a/examples/monolithic_build/mlkem_native_all.c
+++ b/examples/monolithic_build/mlkem_native_all.c
@@ -3,2763 +3,16 @@
  * SPDX-License-Identifier: Apache-2.0
  */
 
-/*
- * WARNING: This file is auto-generated from scripts/autogenerate_files.py
- *          Do not modify it directly.
- */
-
-/*
- * Monolithic compilation unit bundling all compilation units within
- * mlkem-native
- */
-
-#include "mlkem/cbd.c"
-#include "mlkem/debug/debug.c"
-#include "mlkem/fips202/fips202.c"
-#include "mlkem/fips202/fips202x4.c"
-#include "mlkem/fips202/keccakf1600.c"
-#include "mlkem/fips202/native/aarch64/src/keccakf1600_round_constants.c"
-#include "mlkem/fips202/native/x86_64/src/KeccakP-1600-times4-SIMD256.c"
-#include "mlkem/indcpa.c"
-#include "mlkem/kem.c"
-#include "mlkem/native/aarch64/src/aarch64_zetas.c"
-#include "mlkem/native/aarch64/src/rej_uniform_table.c"
-#include "mlkem/native/x86_64/src/basemul.c"
-#include "mlkem/native/x86_64/src/consts.c"
-#include "mlkem/native/x86_64/src/rej_uniform_avx2.c"
-#include "mlkem/native/x86_64/src/rej_uniform_table.c"
-#include "mlkem/ntt.c"
-#include "mlkem/poly.c"
-#include "mlkem/polyvec.c"
-#include "mlkem/rej_uniform.c"
-#include "mlkem/verify.c"
-#include "mlkem/zetas.c"
-
-/*
- * Undo all #define directives from *.c or *.h files
- */
-
-/* mlkem/arith_backend.h */
-#if defined(MLKEM_NATIVE_ARITH_IMPL_H)
-#undef MLKEM_NATIVE_ARITH_IMPL_H
-#endif
-
-/* mlkem/cbd.c */
-#if defined(load32_littleendian)
-#undef load32_littleendian
-#endif
-
-/* mlkem/cbd.c */
-#if defined(load24_littleendian)
-#undef load24_littleendian
-#endif
-
-/* mlkem/cbd.c */
-#if defined(cbd2)
-#undef cbd2
-#endif
-
-/* mlkem/cbd.c */
-#if defined(cbd3)
-#undef cbd3
-#endif
-
-/* mlkem/cbd.h */
-#if defined(CBD_H)
-#undef CBD_H
-#endif
-
-/* mlkem/cbd.h */
-#if defined(poly_cbd_eta1)
-#undef poly_cbd_eta1
-#endif
-
-/* mlkem/cbd.h */
-#if defined(poly_cbd_eta2)
-#undef poly_cbd_eta2
-#endif
-
-/* mlkem/cbmc.h */
-#if defined(__contract__)
-#undef __contract__
-#endif
-
-/* mlkem/cbmc.h */
-#if defined(__loop__)
-#undef __loop__
-#endif
-
-/* mlkem/cbmc.h */
-#if defined(cassert)
-#undef cassert
-#endif
-
-/* mlkem/cbmc.h */
-#if defined(__contract__)
-#undef __contract__
-#endif
-
-/* mlkem/cbmc.h */
-#if defined(__loop__)
-#undef __loop__
-#endif
-
-/* mlkem/cbmc.h */
-#if defined(assigns)
-#undef assigns
-#endif
-
-/* mlkem/cbmc.h */
-#if defined(requires)
-#undef requires
-#endif
-
-/* mlkem/cbmc.h */
-#if defined(ensures)
-#undef ensures
-#endif
-
-/* mlkem/cbmc.h */
-#if defined(invariant)
-#undef invariant
-#endif
-
-/* mlkem/cbmc.h */
-#if defined(decreases)
-#undef decreases
-#endif
-
-/* mlkem/cbmc.h */
-#if defined(cassert)
-#undef cassert
-#endif
-
-/* mlkem/cbmc.h */
-#if defined(assume)
-#undef assume
-#endif
-
-/* mlkem/cbmc.h */
-#if defined(return_value)
-#undef return_value
-#endif
-
-/* mlkem/cbmc.h */
-#if defined(object_whole)
-#undef object_whole
-#endif
-
-/* mlkem/cbmc.h */
-#if defined(memory_slice)
-#undef memory_slice
-#endif
-
-/* mlkem/cbmc.h */
-#if defined(same_object)
-#undef same_object
-#endif
-
-/* mlkem/cbmc.h */
-#if defined(memory_no_alias)
-#undef memory_no_alias
-#endif
-
-/* mlkem/cbmc.h */
-#if defined(readable)
-#undef readable
-#endif
-
-/* mlkem/cbmc.h */
-#if defined(writeable)
-#undef writeable
-#endif
-
-/* mlkem/cbmc.h */
-#if defined(old)
-#undef old
-#endif
-
-/* mlkem/cbmc.h */
-#if defined(loop_entry)
-#undef loop_entry
-#endif
-
-/* mlkem/cbmc.h */
-#if defined(forall)
-#undef forall
-#endif
-
-/* mlkem/cbmc.h */
-#if defined(EXISTS)
-#undef EXISTS
-#endif
-
-/* mlkem/cbmc.h */
-#if defined(CBMC_CONCAT_)
-#undef CBMC_CONCAT_
-#endif
-
-/* mlkem/cbmc.h */
-#if defined(CBMC_CONCAT)
-#undef CBMC_CONCAT
-#endif
-
-/* mlkem/cbmc.h */
-#if defined(array_bound_core)
-#undef array_bound_core
-#endif
-
-/* mlkem/cbmc.h */
-#if defined(array_bound)
-#undef array_bound
-#endif
-
-/* mlkem/cbmc.h */
-#if defined(array_abs_bound)
-#undef array_abs_bound
-#endif
-
-/* mlkem/common.h */
-#if defined(MLKEM_NATIVE_COMMON_H)
-#undef MLKEM_NATIVE_COMMON_H
-#endif
-
-/* mlkem/common.h */
-#if defined(MLKEM_NATIVE_ARITH_BACKEND_NAME)
-#undef MLKEM_NATIVE_ARITH_BACKEND_NAME
-#endif
-
-/* mlkem/common.h */
-#if defined(MLKEM_NATIVE_FIPS202_BACKEND_NAME)
-#undef MLKEM_NATIVE_FIPS202_BACKEND_NAME
-#endif
-
-/* mlkem/common.h */
-#if defined(MLKEM_ASM_NAMESPACE)
-#undef MLKEM_ASM_NAMESPACE
-#endif
-
-/* mlkem/common.h */
-#if defined(FIPS202_ASM_NAMESPACE)
-#undef FIPS202_ASM_NAMESPACE
-#endif
-
-/* mlkem/common.h */
-#if defined(_PREFIX_UNDERSCORE)
-#undef _PREFIX_UNDERSCORE
-#endif
-
-/* mlkem/common.h */
-#if defined(PREFIX_UNDERSCORE)
-#undef PREFIX_UNDERSCORE
-#endif
-
-/* mlkem/common.h */
-#if defined(MLKEM_ASM_NAMESPACE)
-#undef MLKEM_ASM_NAMESPACE
-#endif
-
-/* mlkem/common.h */
-#if defined(FIPS202_ASM_NAMESPACE)
-#undef FIPS202_ASM_NAMESPACE
-#endif
-
-/* mlkem/config.h */
-#if defined(MLKEM_NATIVE_CONFIG_H)
-#undef MLKEM_NATIVE_CONFIG_H
-#endif
-
-/* mlkem/config.h */
-#if defined(MLKEM_K)
-#undef MLKEM_K
-#endif
-
-/* mlkem/config.h */
-#if defined(MLKEM_NAMESPACE)
-#undef MLKEM_NAMESPACE
-#endif
-
-/* mlkem/config.h */
-#if defined(FIPS202_NAMESPACE)
-#undef FIPS202_NAMESPACE
-#endif
-
-/* mlkem/config.h */
-#if defined(MLKEM_NATIVE_ARITH_BACKEND)
-#undef MLKEM_NATIVE_ARITH_BACKEND
-#endif
-
-/* mlkem/config.h */
-#if defined(MLKEM_NATIVE_FIPS202_BACKEND)
-#undef MLKEM_NATIVE_FIPS202_BACKEND
-#endif
-
-/* mlkem/debug/debug.c */
-#if defined(_ISOC99_SOURCE)
-#undef _ISOC99_SOURCE
-#endif
-
-/* mlkem/debug/debug.c */
-#if defined(empty_cu_debug)
-#undef empty_cu_debug
-#endif
-
-/* mlkem/debug/debug.h */
-#if defined(MLKEM_DEBUG_H)
-#undef MLKEM_DEBUG_H
-#endif
-
-/* mlkem/debug/debug.h */
-#if defined(CASSERT)
-#undef CASSERT
-#endif
-
-/* mlkem/debug/debug.h */
-#if defined(SCALAR_BOUND)
-#undef SCALAR_BOUND
-#endif
-
-/* mlkem/debug/debug.h */
-#if defined(UBOUND)
-#undef UBOUND
-#endif
-
-/* mlkem/debug/debug.h */
-#if defined(BOUND)
-#undef BOUND
-#endif
-
-/* mlkem/debug/debug.h */
-#if defined(POLY_BOUND_MSG)
-#undef POLY_BOUND_MSG
-#endif
-
-/* mlkem/debug/debug.h */
-#if defined(POLY_UBOUND_MSG)
-#undef POLY_UBOUND_MSG
-#endif
-
-/* mlkem/debug/debug.h */
-#if defined(POLY_BOUND)
-#undef POLY_BOUND
-#endif
-
-/* mlkem/debug/debug.h */
-#if defined(POLY_UBOUND)
-#undef POLY_UBOUND
-#endif
-
-/* mlkem/debug/debug.h */
-#if defined(POLYVEC_BOUND)
-#undef POLYVEC_BOUND
-#endif
-
-/* mlkem/debug/debug.h */
-#if defined(POLYVEC_UBOUND)
-#undef POLYVEC_UBOUND
-#endif
-
-/* mlkem/debug/debug.h */
-#if defined(MLKEM_CONCAT_)
-#undef MLKEM_CONCAT_
-#endif
-
-/* mlkem/debug/debug.h */
-#if defined(MLKEM_CONCAT)
-#undef MLKEM_CONCAT
-#endif
-
-/* mlkem/debug/debug.h */
-#if defined(MLKEM_STATIC_ASSERT_DEFINE)
-#undef MLKEM_STATIC_ASSERT_DEFINE
-#endif
-
-/* mlkem/debug/debug.h */
-#if defined(MLKEM_STATIC_ASSERT_ADD_LINE0)
-#undef MLKEM_STATIC_ASSERT_ADD_LINE0
-#endif
-
-/* mlkem/debug/debug.h */
-#if defined(MLKEM_STATIC_ASSERT_ADD_LINE1)
-#undef MLKEM_STATIC_ASSERT_ADD_LINE1
-#endif
-
-/* mlkem/debug/debug.h */
-#if defined(MLKEM_STATIC_ASSERT_ADD_LINE2)
-#undef MLKEM_STATIC_ASSERT_ADD_LINE2
-#endif
-
-/* mlkem/debug/debug.h */
-#if defined(MLKEM_STATIC_ASSERT_ADD_ERROR)
-#undef MLKEM_STATIC_ASSERT_ADD_ERROR
-#endif
-
-/* mlkem/debug/debug.h */
-#if defined(STATIC_ASSERT)
-#undef STATIC_ASSERT
-#endif
-
-/* mlkem/debug/debug.h */
-#if defined(CASSERT)
-#undef CASSERT
-#endif
-
-/* mlkem/debug/debug.h */
-#if defined(SCALAR_BOUND)
-#undef SCALAR_BOUND
-#endif
-
-/* mlkem/debug/debug.h */
-#if defined(BOUND)
-#undef BOUND
-#endif
-
-/* mlkem/debug/debug.h */
-#if defined(POLY_BOUND)
-#undef POLY_BOUND
-#endif
-
-/* mlkem/debug/debug.h */
-#if defined(POLYVEC_BOUND)
-#undef POLYVEC_BOUND
-#endif
-
-/* mlkem/debug/debug.h */
-#if defined(POLY_BOUND_MSG)
-#undef POLY_BOUND_MSG
-#endif
-
-/* mlkem/debug/debug.h */
-#if defined(UBOUND)
-#undef UBOUND
-#endif
-
-/* mlkem/debug/debug.h */
-#if defined(POLY_UBOUND)
-#undef POLY_UBOUND
-#endif
-
-/* mlkem/debug/debug.h */
-#if defined(POLYVEC_UBOUND)
-#undef POLYVEC_UBOUND
-#endif
-
-/* mlkem/debug/debug.h */
-#if defined(POLY_UBOUND_MSG)
-#undef POLY_UBOUND_MSG
-#endif
-
-/* mlkem/debug/debug.h */
-#if defined(STATIC_ASSERT)
-#undef STATIC_ASSERT
-#endif
-
-/* mlkem/fips202/fips202.c */
-#if defined(keccak_absorb_once)
-#undef keccak_absorb_once
-#endif
-
-/* mlkem/fips202/fips202.c */
-#if defined(keccak_squeeze_once)
-#undef keccak_squeeze_once
-#endif
-
-/* mlkem/fips202/fips202.c */
-#if defined(keccak_squeezeblocks)
-#undef keccak_squeezeblocks
-#endif
-
-/* mlkem/fips202/fips202.c */
-#if defined(shake256ctx)
-#undef shake256ctx
-#endif
-
-/* mlkem/fips202/fips202.h */
-#if defined(FIPS202_H)
-#undef FIPS202_H
-#endif
-
-/* mlkem/fips202/fips202.h */
-#if defined(SHAKE128_RATE)
-#undef SHAKE128_RATE
-#endif
-
-/* mlkem/fips202/fips202.h */
-#if defined(SHAKE256_RATE)
-#undef SHAKE256_RATE
-#endif
-
-/* mlkem/fips202/fips202.h */
-#if defined(SHA3_256_RATE)
-#undef SHA3_256_RATE
-#endif
-
-/* mlkem/fips202/fips202.h */
-#if defined(SHA3_384_RATE)
-#undef SHA3_384_RATE
-#endif
-
-/* mlkem/fips202/fips202.h */
-#if defined(SHA3_512_RATE)
-#undef SHA3_512_RATE
-#endif
-
-/* mlkem/fips202/fips202.h */
-#if defined(shake128ctx)
-#undef shake128ctx
-#endif
-
-/* mlkem/fips202/fips202.h */
-#if defined(shake128_absorb_once)
-#undef shake128_absorb_once
-#endif
-
-/* mlkem/fips202/fips202.h */
-#if defined(shake128_squeezeblocks)
-#undef shake128_squeezeblocks
-#endif
-
-/* mlkem/fips202/fips202.h */
-#if defined(shake128_release)
-#undef shake128_release
-#endif
-
-/* mlkem/fips202/fips202.h */
-#if defined(shake256)
-#undef shake256
-#endif
-
-/* mlkem/fips202/fips202.h */
-#if defined(SHA3_256_HASHBYTES)
-#undef SHA3_256_HASHBYTES
-#endif
-
-/* mlkem/fips202/fips202.h */
-#if defined(sha3_256)
-#undef sha3_256
-#endif
-
-/* mlkem/fips202/fips202.h */
-#if defined(SHA3_512_HASHBYTES)
-#undef SHA3_512_HASHBYTES
-#endif
-
-/* mlkem/fips202/fips202.h */
-#if defined(sha3_512)
-#undef sha3_512
-#endif
-
-/* mlkem/fips202/fips202_backend.h */
-#if defined(MLKEM_NATIVE_FIPS202_IMPL_H)
-#undef MLKEM_NATIVE_FIPS202_IMPL_H
-#endif
-
-/* mlkem/fips202/fips202x4.c */
-#if defined(shake256x4_ctx)
-#undef shake256x4_ctx
-#endif
-
-/* mlkem/fips202/fips202x4.c */
-#if defined(keccak_absorb_once_x4)
-#undef keccak_absorb_once_x4
-#endif
-
-/* mlkem/fips202/fips202x4.c */
-#if defined(keccak_squeezeblocks_x4)
-#undef keccak_squeezeblocks_x4
-#endif
-
-/* mlkem/fips202/fips202x4.c */
-#if defined(shake256x4_absorb_once)
-#undef shake256x4_absorb_once
-#endif
-
-/* mlkem/fips202/fips202x4.c */
-#if defined(shake256x4_squeezeblocks)
-#undef shake256x4_squeezeblocks
-#endif
-
-/* mlkem/fips202/fips202x4.h */
-#if defined(FIPS_202X4_H)
-#undef FIPS_202X4_H
-#endif
-
-/* mlkem/fips202/fips202x4.h */
-#if defined(shake128x4ctx)
-#undef shake128x4ctx
-#endif
-
-/* mlkem/fips202/fips202x4.h */
-#if defined(shake128x4_absorb_once)
-#undef shake128x4_absorb_once
-#endif
-
-/* mlkem/fips202/fips202x4.h */
-#if defined(shake128x4_squeezeblocks)
-#undef shake128x4_squeezeblocks
-#endif
-
-/* mlkem/fips202/fips202x4.h */
-#if defined(shake128x4_release)
-#undef shake128x4_release
-#endif
-
-/* mlkem/fips202/fips202x4.h */
-#if defined(shake256x4)
-#undef shake256x4
-#endif
-
-/* mlkem/fips202/keccakf1600.c */
-#if defined(NROUNDS)
-#undef NROUNDS
-#endif
-
-/* mlkem/fips202/keccakf1600.c */
-#if defined(ROL)
-#undef ROL
-#endif
-
-/* mlkem/fips202/keccakf1600.c */
-#if defined(KeccakF_RoundConstants)
-#undef KeccakF_RoundConstants
-#endif
-
-/* mlkem/fips202/keccakf1600.h */
-#if defined(KECCAKF1600_H)
-#undef KECCAKF1600_H
-#endif
-
-/* mlkem/fips202/keccakf1600.h */
-#if defined(KECCAK_LANES)
-#undef KECCAK_LANES
-#endif
-
-/* mlkem/fips202/keccakf1600.h */
-#if defined(KeccakF1600_StateExtractBytes)
-#undef KeccakF1600_StateExtractBytes
-#endif
-
-/* mlkem/fips202/keccakf1600.h */
-#if defined(KeccakF1600_StateXORBytes)
-#undef KeccakF1600_StateXORBytes
-#endif
-
-/* mlkem/fips202/keccakf1600.h */
-#if defined(KeccakF1600x4_StateExtractBytes)
-#undef KeccakF1600x4_StateExtractBytes
-#endif
-
-/* mlkem/fips202/keccakf1600.h */
-#if defined(KeccakF1600x4_StateXORBytes)
-#undef KeccakF1600x4_StateXORBytes
-#endif
-
-/* mlkem/fips202/keccakf1600.h */
-#if defined(KeccakF1600x4_StatePermute)
-#undef KeccakF1600x4_StatePermute
-#endif
-
-/* mlkem/fips202/keccakf1600.h */
-#if defined(KeccakF1600_StatePermute)
-#undef KeccakF1600_StatePermute
-#endif
-
-/* mlkem/fips202/keccakf1600.h */
-#if defined(KeccakF1600_StatePermute)
-#undef KeccakF1600_StatePermute
-#endif
-
-/* mlkem/fips202/native/aarch64/cortex_a55.h */
-#if defined(FIPS202_NATIVE_PROFILE_H)
-#undef FIPS202_NATIVE_PROFILE_H
-#endif
-
-/* mlkem/fips202/native/aarch64/cortex_a55.h */
-#if defined(MLKEM_NATIVE_FIPS202_BACKEND_AARCH64_A55)
-#undef MLKEM_NATIVE_FIPS202_BACKEND_AARCH64_A55
-#endif
-
-/* mlkem/fips202/native/aarch64/cortex_a55.h */
-#if defined(MLKEM_NATIVE_FIPS202_BACKEND_NAME)
-#undef MLKEM_NATIVE_FIPS202_BACKEND_NAME
-#endif
-
-/* mlkem/fips202/native/aarch64/cortex_a55.h */
-#if defined(MLKEM_NATIVE_FIPS202_BACKEND_IMPL)
-#undef MLKEM_NATIVE_FIPS202_BACKEND_IMPL
-#endif
-
-/* mlkem/fips202/native/aarch64/default.h */
-#if defined(FIPS202_NATIVE_PROFILE_H)
-#undef FIPS202_NATIVE_PROFILE_H
-#endif
-
-/* mlkem/fips202/native/aarch64/default.h */
-#if defined(MLKEM_NATIVE_FIPS202_BACKEND_AARCH64_DEFAULT)
-#undef MLKEM_NATIVE_FIPS202_BACKEND_AARCH64_DEFAULT
-#endif
-
-/* mlkem/fips202/native/aarch64/default.h */
-#if defined(MLKEM_NATIVE_FIPS202_BACKEND_NAME)
-#undef MLKEM_NATIVE_FIPS202_BACKEND_NAME
-#endif
-
-/* mlkem/fips202/native/aarch64/default.h */
-#if defined(MLKEM_NATIVE_FIPS202_BACKEND_IMPL)
-#undef MLKEM_NATIVE_FIPS202_BACKEND_IMPL
-#endif
-
-/* mlkem/fips202/native/aarch64/src/cortex_a55_impl.h */
-#if defined(FIPS202_NATIVE_PROFILE_IMPL_H)
-#undef FIPS202_NATIVE_PROFILE_IMPL_H
-#endif
-
-/* mlkem/fips202/native/aarch64/src/cortex_a55_impl.h */
-#if defined(MLKEM_USE_FIPS202_X1_NATIVE)
-#undef MLKEM_USE_FIPS202_X1_NATIVE
-#endif
-
-/* mlkem/fips202/native/aarch64/src/default_impl.h */
-#if defined(FIPS202_NATIVE_PROFILE_IMPL_H)
-#undef FIPS202_NATIVE_PROFILE_IMPL_H
-#endif
-
-/* mlkem/fips202/native/aarch64/src/default_impl.h */
-#if defined(MLKEM_USE_FIPS202_X1_NATIVE)
-#undef MLKEM_USE_FIPS202_X1_NATIVE
-#endif
-
-/* mlkem/fips202/native/aarch64/src/default_impl.h */
-#if defined(MLKEM_USE_FIPS202_X1_NATIVE)
-#undef MLKEM_USE_FIPS202_X1_NATIVE
-#endif
-
-/* mlkem/fips202/native/aarch64/src/default_impl.h */
-#if defined(MLKEM_USE_FIPS202_X2_NATIVE)
-#undef MLKEM_USE_FIPS202_X2_NATIVE
-#endif
-
-/* mlkem/fips202/native/aarch64/src/default_impl.h */
-#if defined(MLKEM_USE_FIPS202_X4_NATIVE)
-#undef MLKEM_USE_FIPS202_X4_NATIVE
-#endif
-
-/* mlkem/fips202/native/aarch64/src/default_impl.h */
-#if defined(MLKEM_USE_FIPS202_X4_NATIVE)
-#undef MLKEM_USE_FIPS202_X4_NATIVE
-#endif
-
-/* mlkem/fips202/native/aarch64/src/fips202_native_aarch64.h */
-#if defined(FIPS202_AARCH64_NATIVE_H)
-#undef FIPS202_AARCH64_NATIVE_H
-#endif
-
-/* mlkem/fips202/native/aarch64/src/fips202_native_aarch64.h */
-#if defined(keccak_f1600_x1_scalar_asm_opt)
-#undef keccak_f1600_x1_scalar_asm_opt
-#endif
-
-/* mlkem/fips202/native/aarch64/src/fips202_native_aarch64.h */
-#if defined(keccak_f1600_x1_v84a_asm_clean)
-#undef keccak_f1600_x1_v84a_asm_clean
-#endif
-
-/* mlkem/fips202/native/aarch64/src/fips202_native_aarch64.h */
-#if defined(keccak_f1600_x2_v84a_asm_clean)
-#undef keccak_f1600_x2_v84a_asm_clean
-#endif
-
-/* mlkem/fips202/native/aarch64/src/fips202_native_aarch64.h */
-#if defined(keccak_f1600_x2_v8a_v84a_asm_hybrid)
-#undef keccak_f1600_x2_v8a_v84a_asm_hybrid
-#endif
-
-/* mlkem/fips202/native/aarch64/src/fips202_native_aarch64.h */
-#if defined(keccak_f1600_x4_scalar_v8a_asm_hybrid_opt)
-#undef keccak_f1600_x4_scalar_v8a_asm_hybrid_opt
-#endif
-
-/* mlkem/fips202/native/aarch64/src/fips202_native_aarch64.h */
-#if defined(keccak_f1600_x4_scalar_v84a_asm_hybrid_opt)
-#undef keccak_f1600_x4_scalar_v84a_asm_hybrid_opt
-#endif
-
-/* mlkem/fips202/native/aarch64/src/fips202_native_aarch64.h */
-#if defined(keccak_f1600_x4_scalar_v8a_v84a_hybrid_asm_opt)
-#undef keccak_f1600_x4_scalar_v8a_v84a_hybrid_asm_opt
-#endif
-
-/* mlkem/fips202/native/aarch64/src/fips202_native_aarch64.h */
-#if defined(keccakf1600_round_constants)
-#undef keccakf1600_round_constants
-#endif
-
-/* mlkem/fips202/native/aarch64/src/keccakf1600_round_constants.c */
-#if defined(empty_cu_keccakf1600_round_constants)
-#undef empty_cu_keccakf1600_round_constants
-#endif
-
-/* mlkem/fips202/native/api.h */
-#if defined(MLKEM_NATIVE_FIPS202_NATIVE_API_H)
-#undef MLKEM_NATIVE_FIPS202_NATIVE_API_H
-#endif
-
-/* mlkem/fips202/native/default.h */
-#if defined(MLKEM_NATIVE_FIPS202_BACKEND_DEFAULT_H)
-#undef MLKEM_NATIVE_FIPS202_BACKEND_DEFAULT_H
-#endif
-
-/* mlkem/fips202/native/x86_64/src/KeccakP-1600-times4-SIMD256.c */
-#if defined(ANDnu256)
-#undef ANDnu256
-#endif
-
-/* mlkem/fips202/native/x86_64/src/KeccakP-1600-times4-SIMD256.c */
-#if defined(CONST256)
-#undef CONST256
-#endif
-
-/* mlkem/fips202/native/x86_64/src/KeccakP-1600-times4-SIMD256.c */
-#if defined(CONST256_64)
-#undef CONST256_64
-#endif
-
-/* mlkem/fips202/native/x86_64/src/KeccakP-1600-times4-SIMD256.c */
-#if defined(ROL64in256)
-#undef ROL64in256
-#endif
-
-/* mlkem/fips202/native/x86_64/src/KeccakP-1600-times4-SIMD256.c */
-#if defined(ROL64in256_8)
-#undef ROL64in256_8
-#endif
-
-/* mlkem/fips202/native/x86_64/src/KeccakP-1600-times4-SIMD256.c */
-#if defined(ROL64in256_56)
-#undef ROL64in256_56
-#endif
-
-/* mlkem/fips202/native/x86_64/src/KeccakP-1600-times4-SIMD256.c */
-#if defined(STORE256)
-#undef STORE256
-#endif
-
-/* mlkem/fips202/native/x86_64/src/KeccakP-1600-times4-SIMD256.c */
-#if defined(XOR256)
-#undef XOR256
-#endif
-
-/* mlkem/fips202/native/x86_64/src/KeccakP-1600-times4-SIMD256.c */
-#if defined(XOReq256)
-#undef XOReq256
-#endif
-
-/* mlkem/fips202/native/x86_64/src/KeccakP-1600-times4-SIMD256.c */
-#if defined(SnP_laneLengthInBytes)
-#undef SnP_laneLengthInBytes
-#endif
-
-/* mlkem/fips202/native/x86_64/src/KeccakP-1600-times4-SIMD256.c */
-#if defined(declareABCDE)
-#undef declareABCDE
-#endif
-
-/* mlkem/fips202/native/x86_64/src/KeccakP-1600-times4-SIMD256.c */
-#if defined(prepareTheta)
-#undef prepareTheta
-#endif
-
-/* mlkem/fips202/native/x86_64/src/KeccakP-1600-times4-SIMD256.c */
-#if defined(thetaRhoPiChiIotaPrepareTheta)
-#undef thetaRhoPiChiIotaPrepareTheta
-#endif
-
-/* mlkem/fips202/native/x86_64/src/KeccakP-1600-times4-SIMD256.c */
-#if defined(thetaRhoPiChiIota)
-#undef thetaRhoPiChiIota
-#endif
-
-/* mlkem/fips202/native/x86_64/src/KeccakP-1600-times4-SIMD256.c */
-#if defined(copyFromState)
-#undef copyFromState
-#endif
-
-/* mlkem/fips202/native/x86_64/src/KeccakP-1600-times4-SIMD256.c */
-#if defined(SCATTER_STORE256)
-#undef SCATTER_STORE256
-#endif
-
-/* mlkem/fips202/native/x86_64/src/KeccakP-1600-times4-SIMD256.c */
-#if defined(copyToState)
-#undef copyToState
-#endif
-
-/* mlkem/fips202/native/x86_64/src/KeccakP-1600-times4-SIMD256.c */
-#if defined(copyStateVariables)
-#undef copyStateVariables
-#endif
-
-/* mlkem/fips202/native/x86_64/src/KeccakP-1600-times4-SIMD256.c */
-#if defined(FullUnrolling)
-#undef FullUnrolling
-#endif
-
-/* mlkem/fips202/native/x86_64/src/KeccakP-1600-times4-SIMD256.c */
-#if defined(Unrolling)
-#undef Unrolling
-#endif
-
-/* mlkem/fips202/native/x86_64/src/KeccakP-1600-times4-SIMD256.c */
-#if defined(empty_cu_avx2_keccakx4)
-#undef empty_cu_avx2_keccakx4
-#endif
-
-/* mlkem/fips202/native/x86_64/src/KeccakP-1600-times4-SnP.h */
-#if defined(_KeccakP_1600_times4_SnP_h_)
-#undef _KeccakP_1600_times4_SnP_h_
-#endif
-
-/* mlkem/fips202/native/x86_64/src/KeccakP-1600-times4-SnP.h */
-#if defined(KeccakP1600times4_statesAlignment)
-#undef KeccakP1600times4_statesAlignment
-#endif
-
-/* mlkem/fips202/native/x86_64/src/KeccakP-1600-times4-SnP.h */
-#if defined(KeccakP1600times4_PermuteAll_24rounds)
-#undef KeccakP1600times4_PermuteAll_24rounds
-#endif
-
-/* mlkem/fips202/native/x86_64/src/KeccakP-SIMD256-config.h */
-#if defined(KeccakP1600times4_implementation_config)
-#undef KeccakP1600times4_implementation_config
-#endif
-
-/* mlkem/fips202/native/x86_64/src/KeccakP-SIMD256-config.h */
-#if defined(KeccakP1600times4_fullUnrolling)
-#undef KeccakP1600times4_fullUnrolling
-#endif
-
-/* mlkem/fips202/native/x86_64/src/KeccakP-SIMD256-config.h */
-#if defined(KeccakP1600times4_useAVX2)
-#undef KeccakP1600times4_useAVX2
-#endif
-
-/* mlkem/fips202/native/x86_64/src/KeccakP-align.h */
-#if defined(_keccakp_align_h_)
-#undef _keccakp_align_h_
-#endif
-
-/* mlkem/fips202/native/x86_64/src/KeccakP-align.h */
-#if defined(ALIGN)
-#undef ALIGN
-#endif
-
-/* mlkem/fips202/native/x86_64/src/KeccakP-align.h */
-#if defined(ALIGN)
-#undef ALIGN
-#endif
-
-/* mlkem/fips202/native/x86_64/src/KeccakP-align.h */
-#if defined(ALIGN)
-#undef ALIGN
-#endif
-
-/* mlkem/fips202/native/x86_64/src/KeccakP-align.h */
-#if defined(ALIGN)
-#undef ALIGN
-#endif
-
-/* mlkem/fips202/native/x86_64/src/KeccakP-brg_endian.h */
-#if defined(_KECCAKP_BRG_ENDIAN_H)
-#undef _KECCAKP_BRG_ENDIAN_H
-#endif
-
-/* mlkem/fips202/native/x86_64/src/KeccakP-brg_endian.h */
-#if defined(IS_BIG_ENDIAN)
-#undef IS_BIG_ENDIAN
-#endif
-
-/* mlkem/fips202/native/x86_64/src/KeccakP-brg_endian.h */
-#if defined(IS_LITTLE_ENDIAN)
-#undef IS_LITTLE_ENDIAN
-#endif
-
-/* mlkem/fips202/native/x86_64/src/KeccakP-brg_endian.h */
-#if defined(PLATFORM_BYTE_ORDER)
-#undef PLATFORM_BYTE_ORDER
-#endif
-
-/* mlkem/fips202/native/x86_64/src/KeccakP-brg_endian.h */
-#if defined(PLATFORM_BYTE_ORDER)
-#undef PLATFORM_BYTE_ORDER
-#endif
-
-/* mlkem/fips202/native/x86_64/src/KeccakP-brg_endian.h */
-#if defined(PLATFORM_BYTE_ORDER)
-#undef PLATFORM_BYTE_ORDER
-#endif
-
-/* mlkem/fips202/native/x86_64/src/KeccakP-brg_endian.h */
-#if defined(PLATFORM_BYTE_ORDER)
-#undef PLATFORM_BYTE_ORDER
-#endif
-
-/* mlkem/fips202/native/x86_64/src/KeccakP-brg_endian.h */
-#if defined(PLATFORM_BYTE_ORDER)
-#undef PLATFORM_BYTE_ORDER
-#endif
-
-/* mlkem/fips202/native/x86_64/src/KeccakP-brg_endian.h */
-#if defined(PLATFORM_BYTE_ORDER)
-#undef PLATFORM_BYTE_ORDER
-#endif
-
-/* mlkem/fips202/native/x86_64/src/KeccakP-brg_endian.h */
-#if defined(PLATFORM_BYTE_ORDER)
-#undef PLATFORM_BYTE_ORDER
-#endif
-
-/* mlkem/fips202/native/x86_64/src/KeccakP-brg_endian.h */
-#if defined(PLATFORM_BYTE_ORDER)
-#undef PLATFORM_BYTE_ORDER
-#endif
-
-/* mlkem/fips202/native/x86_64/src/KeccakP-brg_endian.h */
-#if defined(PLATFORM_BYTE_ORDER)
-#undef PLATFORM_BYTE_ORDER
-#endif
-
-/* mlkem/fips202/native/x86_64/src/KeccakP-brg_endian.h */
-#if defined(PLATFORM_BYTE_ORDER)
-#undef PLATFORM_BYTE_ORDER
-#endif
-
-/* mlkem/fips202/native/x86_64/src/KeccakP-brg_endian.h */
-#if defined(PLATFORM_BYTE_ORDER)
-#undef PLATFORM_BYTE_ORDER
-#endif
-
-/* mlkem/fips202/native/x86_64/src/KeccakP-brg_endian.h */
-#if defined(PLATFORM_BYTE_ORDER)
-#undef PLATFORM_BYTE_ORDER
-#endif
-
-/* mlkem/fips202/native/x86_64/src/KeccakP-brg_endian.h */
-#if defined(PLATFORM_BYTE_ORDER)
-#undef PLATFORM_BYTE_ORDER
-#endif
-
-/* mlkem/fips202/native/x86_64/src/KeccakP-brg_endian.h */
-#if defined(PLATFORM_BYTE_ORDER)
-#undef PLATFORM_BYTE_ORDER
-#endif
-
-/* mlkem/fips202/native/x86_64/src/KeccakP-brg_endian.h */
-#if defined(PLATFORM_BYTE_ORDER)
-#undef PLATFORM_BYTE_ORDER
-#endif
-
-/* mlkem/fips202/native/x86_64/src/KeccakP-brg_endian.h */
-#if defined(PLATFORM_BYTE_ORDER)
-#undef PLATFORM_BYTE_ORDER
-#endif
-
-/* mlkem/fips202/native/x86_64/src/KeccakP-brg_endian.h */
-#if defined(PLATFORM_BYTE_ORDER)
-#undef PLATFORM_BYTE_ORDER
-#endif
-
-/* mlkem/fips202/native/x86_64/src/KeccakP-brg_endian.h */
-#if defined(PLATFORM_BYTE_ORDER)
-#undef PLATFORM_BYTE_ORDER
-#endif
-
-/* mlkem/fips202/native/x86_64/src/KeccakP-brg_endian.h */
-#if defined(PLATFORM_BYTE_ORDER)
-#undef PLATFORM_BYTE_ORDER
-#endif
-
-/* mlkem/fips202/native/x86_64/src/KeccakP-brg_endian.h */
-#if defined(PLATFORM_BYTE_ORDER)
-#undef PLATFORM_BYTE_ORDER
-#endif
-
-/* mlkem/fips202/native/x86_64/src/KeccakP-brg_endian.h */
-#if defined(PLATFORM_BYTE_ORDER)
-#undef PLATFORM_BYTE_ORDER
-#endif
-
-/* mlkem/fips202/native/x86_64/src/KeccakP-brg_endian.h */
-#if defined(PLATFORM_BYTE_ORDER)
-#undef PLATFORM_BYTE_ORDER
-#endif
-
-/* mlkem/fips202/native/x86_64/src/xkcp_impl.h */
-#if defined(MLKEM_NATIVE_FIPS202_PROFILE_IMPL_H)
-#undef MLKEM_NATIVE_FIPS202_PROFILE_IMPL_H
-#endif
-
-/* mlkem/fips202/native/x86_64/src/xkcp_impl.h */
-#if defined(MLKEM_USE_FIPS202_X4_NATIVE)
-#undef MLKEM_USE_FIPS202_X4_NATIVE
-#endif
-
-/* mlkem/fips202/native/x86_64/xkcp.h */
-#if defined(MLKEM_NATIVE_FIPS202_PROFILE_H)
-#undef MLKEM_NATIVE_FIPS202_PROFILE_H
-#endif
-
-/* mlkem/fips202/native/x86_64/xkcp.h */
-#if defined(MLKEM_NATIVE_FIPS202_BACKEND_X86_64_XKCP)
-#undef MLKEM_NATIVE_FIPS202_BACKEND_X86_64_XKCP
-#endif
-
-/* mlkem/fips202/native/x86_64/xkcp.h */
-#if defined(MLKEM_NATIVE_FIPS202_BACKEND_NAME)
-#undef MLKEM_NATIVE_FIPS202_BACKEND_NAME
-#endif
-
-/* mlkem/fips202/native/x86_64/xkcp.h */
-#if defined(MLKEM_NATIVE_FIPS202_BACKEND_IMPL)
-#undef MLKEM_NATIVE_FIPS202_BACKEND_IMPL
-#endif
-
-/* mlkem/indcpa.c */
-#if defined(pack_pk)
-#undef pack_pk
-#endif
-
-/* mlkem/indcpa.c */
-#if defined(unpack_pk)
-#undef unpack_pk
-#endif
-
-/* mlkem/indcpa.c */
-#if defined(pack_sk)
-#undef pack_sk
-#endif
-
-/* mlkem/indcpa.c */
-#if defined(unpack_sk)
-#undef unpack_sk
-#endif
-
-/* mlkem/indcpa.c */
-#if defined(pack_ciphertext)
-#undef pack_ciphertext
-#endif
-
-/* mlkem/indcpa.c */
-#if defined(unpack_ciphertext)
-#undef unpack_ciphertext
-#endif
-
-/* mlkem/indcpa.c */
-#if defined(gen_matrix_entry_x4)
-#undef gen_matrix_entry_x4
-#endif
-
-/* mlkem/indcpa.c */
-#if defined(gen_matrix_entry)
-#undef gen_matrix_entry
-#endif
-
-/* mlkem/indcpa.c */
-#if defined(matvec_mul)
-#undef matvec_mul
-#endif
-
-/* mlkem/indcpa.c */
-#if defined(MLKEM_GEN_MATRIX_NBLOCKS)
-#undef MLKEM_GEN_MATRIX_NBLOCKS
-#endif
-
-/* mlkem/indcpa.c */
-#if defined(poly_permute_bitrev_to_custom)
-#undef poly_permute_bitrev_to_custom
-#endif
-
-/* mlkem/indcpa.h */
-#if defined(INDCPA_H)
-#undef INDCPA_H
-#endif
-
-/* mlkem/indcpa.h */
-#if defined(gen_matrix)
-#undef gen_matrix
-#endif
-
-/* mlkem/indcpa.h */
-#if defined(indcpa_keypair_derand)
-#undef indcpa_keypair_derand
-#endif
-
-/* mlkem/indcpa.h */
-#if defined(indcpa_enc)
-#undef indcpa_enc
-#endif
-
-/* mlkem/indcpa.h */
-#if defined(indcpa_dec)
-#undef indcpa_dec
-#endif
-
-/* mlkem/kem.c */
-#if defined(check_pk)
-#undef check_pk
-#endif
-
-/* mlkem/kem.c */
-#if defined(check_sk)
-#undef check_sk
-#endif
-
-/* mlkem/kem.h */
-#if defined(KEM_H)
-#undef KEM_H
-#endif
-
-/* mlkem/kem.h */
-#if defined(CRYPTO_SECRETKEYBYTES)
-#undef CRYPTO_SECRETKEYBYTES
-#endif
-
-/* mlkem/kem.h */
-#if defined(CRYPTO_PUBLICKEYBYTES)
-#undef CRYPTO_PUBLICKEYBYTES
-#endif
-
-/* mlkem/kem.h */
-#if defined(CRYPTO_CIPHERTEXTBYTES)
-#undef CRYPTO_CIPHERTEXTBYTES
-#endif
-
-/* mlkem/kem.h */
-#if defined(CRYPTO_BYTES)
-#undef CRYPTO_BYTES
-#endif
-
-/* mlkem/kem.h */
-#if defined(CRYPTO_ALGNAME)
-#undef CRYPTO_ALGNAME
-#endif
-
-/* mlkem/kem.h */
-#if defined(CRYPTO_ALGNAME)
-#undef CRYPTO_ALGNAME
-#endif
-
-/* mlkem/kem.h */
-#if defined(CRYPTO_ALGNAME)
-#undef CRYPTO_ALGNAME
-#endif
-
-/* mlkem/kem.h */
-#if defined(crypto_kem_keypair_derand)
-#undef crypto_kem_keypair_derand
-#endif
-
-/* mlkem/kem.h */
-#if defined(crypto_kem_keypair)
-#undef crypto_kem_keypair
-#endif
-
-/* mlkem/kem.h */
-#if defined(crypto_kem_enc_derand)
-#undef crypto_kem_enc_derand
-#endif
-
-/* mlkem/kem.h */
-#if defined(crypto_kem_enc)
-#undef crypto_kem_enc
-#endif
-
-/* mlkem/kem.h */
-#if defined(crypto_kem_dec)
-#undef crypto_kem_dec
-#endif
-
-/* mlkem/namespace.h */
-#if defined(MLKEM_NATIVE_NAMESPACE_H)
-#undef MLKEM_NATIVE_NAMESPACE_H
-#endif
-
-/* mlkem/namespace.h */
-#if defined(MLKEM_PARAM_NAME)
-#undef MLKEM_PARAM_NAME
-#endif
-
-/* mlkem/namespace.h */
-#if defined(MLKEM_PARAM_NAME)
-#undef MLKEM_PARAM_NAME
-#endif
-
-/* mlkem/namespace.h */
-#if defined(MLKEM_PARAM_NAME)
-#undef MLKEM_PARAM_NAME
-#endif
-
-/* mlkem/namespace.h */
-#if defined(___MLKEM_DEFAULT_NAMESPACE)
-#undef ___MLKEM_DEFAULT_NAMESPACE
-#endif
-
-/* mlkem/namespace.h */
-#if defined(__MLKEM_DEFAULT_NAMESPACE)
-#undef __MLKEM_DEFAULT_NAMESPACE
-#endif
-
-/* mlkem/namespace.h */
-#if defined(MLKEM_DEFAULT_NAMESPACE)
-#undef MLKEM_DEFAULT_NAMESPACE
-#endif
-
-/* mlkem/namespace.h */
-#if defined(___FIPS202_DEFAULT_NAMESPACE)
-#undef ___FIPS202_DEFAULT_NAMESPACE
-#endif
-
-/* mlkem/namespace.h */
-#if defined(__FIPS202_DEFAULT_NAMESPACE)
-#undef __FIPS202_DEFAULT_NAMESPACE
-#endif
-
-/* mlkem/namespace.h */
-#if defined(FIPS202_DEFAULT_NAMESPACE)
-#undef FIPS202_DEFAULT_NAMESPACE
-#endif
-
-/* mlkem/native/aarch64/clean.h */
-#if defined(MLKEM_NATIVE_ARITH_PROFILE_H)
-#undef MLKEM_NATIVE_ARITH_PROFILE_H
-#endif
-
-/* mlkem/native/aarch64/clean.h */
-#if defined(MLKEM_NATIVE_ARITH_BACKEND_AARCH64_CLEAN)
-#undef MLKEM_NATIVE_ARITH_BACKEND_AARCH64_CLEAN
-#endif
-
-/* mlkem/native/aarch64/clean.h */
-#if defined(MLKEM_NATIVE_ARITH_BACKEND_NAME)
-#undef MLKEM_NATIVE_ARITH_BACKEND_NAME
-#endif
-
-/* mlkem/native/aarch64/clean.h */
-#if defined(MLKEM_NATIVE_ARITH_BACKEND_IMPL)
-#undef MLKEM_NATIVE_ARITH_BACKEND_IMPL
-#endif
-
-/* mlkem/native/aarch64/opt.h */
-#if defined(MLKEM_NATIVE_ARITH_PROFILE_H)
-#undef MLKEM_NATIVE_ARITH_PROFILE_H
-#endif
-
-/* mlkem/native/aarch64/opt.h */
-#if defined(MLKEM_NATIVE_ARITH_BACKEND_AARCH64_OPT)
-#undef MLKEM_NATIVE_ARITH_BACKEND_AARCH64_OPT
-#endif
-
-/* mlkem/native/aarch64/opt.h */
-#if defined(MLKEM_NATIVE_ARITH_BACKEND_NAME)
-#undef MLKEM_NATIVE_ARITH_BACKEND_NAME
-#endif
-
-/* mlkem/native/aarch64/opt.h */
-#if defined(MLKEM_NATIVE_ARITH_BACKEND_IMPL)
-#undef MLKEM_NATIVE_ARITH_BACKEND_IMPL
-#endif
-
-/* mlkem/native/aarch64/src/aarch64_zetas.c */
-#if defined(empty_cu_aarch64_zetas)
-#undef empty_cu_aarch64_zetas
-#endif
-
-/* mlkem/native/aarch64/src/arith_native_aarch64.h */
-#if defined(MLKEM_AARCH64_NATIVE_H)
-#undef MLKEM_AARCH64_NATIVE_H
-#endif
-
-/* mlkem/native/aarch64/src/arith_native_aarch64.h */
-#if defined(aarch64_ntt_zetas_layer01234)
-#undef aarch64_ntt_zetas_layer01234
-#endif
-
-/* mlkem/native/aarch64/src/arith_native_aarch64.h */
-#if defined(aarch64_ntt_zetas_layer56)
-#undef aarch64_ntt_zetas_layer56
-#endif
-
-/* mlkem/native/aarch64/src/arith_native_aarch64.h */
-#if defined(aarch64_invntt_zetas_layer01234)
-#undef aarch64_invntt_zetas_layer01234
-#endif
-
-/* mlkem/native/aarch64/src/arith_native_aarch64.h */
-#if defined(aarch64_invntt_zetas_layer56)
-#undef aarch64_invntt_zetas_layer56
-#endif
-
-/* mlkem/native/aarch64/src/arith_native_aarch64.h */
-#if defined(aarch64_zetas_mulcache_native)
-#undef aarch64_zetas_mulcache_native
-#endif
-
-/* mlkem/native/aarch64/src/arith_native_aarch64.h */
-#if defined(aarch64_zetas_mulcache_twisted_native)
-#undef aarch64_zetas_mulcache_twisted_native
-#endif
-
-/* mlkem/native/aarch64/src/arith_native_aarch64.h */
-#if defined(rej_uniform_table)
-#undef rej_uniform_table
-#endif
-
-/* mlkem/native/aarch64/src/arith_native_aarch64.h */
-#if defined(ntt_asm_clean)
-#undef ntt_asm_clean
-#endif
-
-/* mlkem/native/aarch64/src/arith_native_aarch64.h */
-#if defined(ntt_asm_opt)
-#undef ntt_asm_opt
-#endif
-
-/* mlkem/native/aarch64/src/arith_native_aarch64.h */
-#if defined(intt_asm_clean)
-#undef intt_asm_clean
-#endif
-
-/* mlkem/native/aarch64/src/arith_native_aarch64.h */
-#if defined(intt_asm_opt)
-#undef intt_asm_opt
-#endif
-
-/* mlkem/native/aarch64/src/arith_native_aarch64.h */
-#if defined(rej_uniform_asm_clean)
-#undef rej_uniform_asm_clean
-#endif
-
-/* mlkem/native/aarch64/src/arith_native_aarch64.h */
-#if defined(poly_reduce_asm_clean)
-#undef poly_reduce_asm_clean
-#endif
-
-/* mlkem/native/aarch64/src/arith_native_aarch64.h */
-#if defined(poly_reduce_asm_opt)
-#undef poly_reduce_asm_opt
-#endif
-
-/* mlkem/native/aarch64/src/arith_native_aarch64.h */
-#if defined(poly_tomont_asm_clean)
-#undef poly_tomont_asm_clean
-#endif
-
-/* mlkem/native/aarch64/src/arith_native_aarch64.h */
-#if defined(poly_tomont_asm_opt)
-#undef poly_tomont_asm_opt
-#endif
-
-/* mlkem/native/aarch64/src/arith_native_aarch64.h */
-#if defined(poly_mulcache_compute_asm_clean)
-#undef poly_mulcache_compute_asm_clean
-#endif
-
-/* mlkem/native/aarch64/src/arith_native_aarch64.h */
-#if defined(poly_mulcache_compute_asm_opt)
-#undef poly_mulcache_compute_asm_opt
-#endif
-
-/* mlkem/native/aarch64/src/arith_native_aarch64.h */
-#if defined(poly_tobytes_asm_clean)
-#undef poly_tobytes_asm_clean
-#endif
-
-/* mlkem/native/aarch64/src/arith_native_aarch64.h */
-#if defined(poly_tobytes_asm_opt)
-#undef poly_tobytes_asm_opt
-#endif
-
-/* mlkem/native/aarch64/src/arith_native_aarch64.h */
-#if defined(polyvec_basemul_acc_montgomery_cached_asm_clean)
-#undef polyvec_basemul_acc_montgomery_cached_asm_clean
-#endif
-
-/* mlkem/native/aarch64/src/arith_native_aarch64.h */
-#if defined(polyvec_basemul_acc_montgomery_cached_asm_opt)
-#undef polyvec_basemul_acc_montgomery_cached_asm_opt
-#endif
-
-/* mlkem/native/aarch64/src/clean_impl.h */
-#if defined(MLKEM_NATIVE_ARITH_PROFILE_IMPL_H)
-#undef MLKEM_NATIVE_ARITH_PROFILE_IMPL_H
-#endif
-
-/* mlkem/native/aarch64/src/clean_impl.h */
-#if defined(MLKEM_USE_NATIVE_NTT)
-#undef MLKEM_USE_NATIVE_NTT
-#endif
-
-/* mlkem/native/aarch64/src/clean_impl.h */
-#if defined(MLKEM_USE_NATIVE_INTT)
-#undef MLKEM_USE_NATIVE_INTT
-#endif
-
-/* mlkem/native/aarch64/src/clean_impl.h */
-#if defined(MLKEM_USE_NATIVE_POLY_REDUCE)
-#undef MLKEM_USE_NATIVE_POLY_REDUCE
-#endif
-
-/* mlkem/native/aarch64/src/clean_impl.h */
-#if defined(MLKEM_USE_NATIVE_POLY_TOMONT)
-#undef MLKEM_USE_NATIVE_POLY_TOMONT
-#endif
-
-/* mlkem/native/aarch64/src/clean_impl.h */
-#if defined(MLKEM_USE_NATIVE_POLY_MULCACHE_COMPUTE)
-#undef MLKEM_USE_NATIVE_POLY_MULCACHE_COMPUTE
-#endif
-
-/* mlkem/native/aarch64/src/clean_impl.h */
-#if defined(MLKEM_USE_NATIVE_POLYVEC_BASEMUL_ACC_MONTGOMERY_CACHED)
-#undef MLKEM_USE_NATIVE_POLYVEC_BASEMUL_ACC_MONTGOMERY_CACHED
-#endif
-
-/* mlkem/native/aarch64/src/clean_impl.h */
-#if defined(MLKEM_USE_NATIVE_POLY_TOBYTES)
-#undef MLKEM_USE_NATIVE_POLY_TOBYTES
-#endif
-
-/* mlkem/native/aarch64/src/clean_impl.h */
-#if defined(MLKEM_USE_NATIVE_REJ_UNIFORM)
-#undef MLKEM_USE_NATIVE_REJ_UNIFORM
-#endif
-
-/* mlkem/native/aarch64/src/clean_impl.h */
-#if defined(INVNTT_BOUND_NATIVE)
-#undef INVNTT_BOUND_NATIVE
-#endif
-
-/* mlkem/native/aarch64/src/consts.h */
-#if defined(MLKEM_NATIVE_AARCH64_CONSTS)
-#undef MLKEM_NATIVE_AARCH64_CONSTS
-#endif
-
-/* mlkem/native/aarch64/src/consts.h */
-#if defined(zetas_mulcache_native)
-#undef zetas_mulcache_native
-#endif
-
-/* mlkem/native/aarch64/src/consts.h */
-#if defined(zetas_mulcache_twisted_native)
-#undef zetas_mulcache_twisted_native
-#endif
-
-/* mlkem/native/aarch64/src/opt_impl.h */
-#if defined(MLKEM_NATIVE_ARITH_PROFILE_IMPL_H)
-#undef MLKEM_NATIVE_ARITH_PROFILE_IMPL_H
-#endif
-
-/* mlkem/native/aarch64/src/opt_impl.h */
-#if defined(MLKEM_USE_NATIVE_NTT)
-#undef MLKEM_USE_NATIVE_NTT
-#endif
-
-/* mlkem/native/aarch64/src/opt_impl.h */
-#if defined(MLKEM_USE_NATIVE_INTT)
-#undef MLKEM_USE_NATIVE_INTT
-#endif
-
-/* mlkem/native/aarch64/src/opt_impl.h */
-#if defined(MLKEM_USE_NATIVE_POLY_REDUCE)
-#undef MLKEM_USE_NATIVE_POLY_REDUCE
-#endif
-
-/* mlkem/native/aarch64/src/opt_impl.h */
-#if defined(MLKEM_USE_NATIVE_POLY_TOMONT)
-#undef MLKEM_USE_NATIVE_POLY_TOMONT
-#endif
-
-/* mlkem/native/aarch64/src/opt_impl.h */
-#if defined(MLKEM_USE_NATIVE_POLY_MULCACHE_COMPUTE)
-#undef MLKEM_USE_NATIVE_POLY_MULCACHE_COMPUTE
-#endif
-
-/* mlkem/native/aarch64/src/opt_impl.h */
-#if defined(MLKEM_USE_NATIVE_POLYVEC_BASEMUL_ACC_MONTGOMERY_CACHED)
-#undef MLKEM_USE_NATIVE_POLYVEC_BASEMUL_ACC_MONTGOMERY_CACHED
-#endif
-
-/* mlkem/native/aarch64/src/opt_impl.h */
-#if defined(MLKEM_USE_NATIVE_POLY_TOBYTES)
-#undef MLKEM_USE_NATIVE_POLY_TOBYTES
-#endif
-
-/* mlkem/native/aarch64/src/opt_impl.h */
-#if defined(MLKEM_USE_NATIVE_REJ_UNIFORM)
-#undef MLKEM_USE_NATIVE_REJ_UNIFORM
-#endif
-
-/* mlkem/native/aarch64/src/opt_impl.h */
-#if defined(NTT_BOUND_NATIVE)
-#undef NTT_BOUND_NATIVE
-#endif
-
-/* mlkem/native/aarch64/src/opt_impl.h */
-#if defined(INVNTT_BOUND_NATIVE)
-#undef INVNTT_BOUND_NATIVE
-#endif
-
-/* mlkem/native/aarch64/src/rej_uniform_table.c */
-#if defined(empty_cu_aarch64_rej_uniform_table)
-#undef empty_cu_aarch64_rej_uniform_table
-#endif
-
-/* mlkem/native/api.h */
-#if defined(MLKEM_NATIVE_ARITH_NATIVE_API_H)
-#undef MLKEM_NATIVE_ARITH_NATIVE_API_H
-#endif
-
-/* mlkem/native/default.h */
-#if defined(MLKEM_NATIVE_ARITH_BACKEND_DEFAULT_H)
-#undef MLKEM_NATIVE_ARITH_BACKEND_DEFAULT_H
-#endif
-
-/* mlkem/native/x86_64/default.h */
-#if defined(MLKEM_NATIVE_ARITH_PROFILE_H)
-#undef MLKEM_NATIVE_ARITH_PROFILE_H
-#endif
-
-/* mlkem/native/x86_64/default.h */
-#if defined(MLKEM_NATIVE_ARITH_BACKEND_X86_64_DEFAULT)
-#undef MLKEM_NATIVE_ARITH_BACKEND_X86_64_DEFAULT
-#endif
-
-/* mlkem/native/x86_64/default.h */
-#if defined(MLKEM_NATIVE_ARITH_BACKEND_NAME)
-#undef MLKEM_NATIVE_ARITH_BACKEND_NAME
-#endif
-
-/* mlkem/native/x86_64/default.h */
-#if defined(MLKEM_NATIVE_ARITH_BACKEND_IMPL)
-#undef MLKEM_NATIVE_ARITH_BACKEND_IMPL
-#endif
-
-/* mlkem/native/x86_64/src/align.h */
-#if defined(ALIGN_H)
-#undef ALIGN_H
-#endif
-
-/* mlkem/native/x86_64/src/align.h */
-#if defined(ALIGNED_UINT8)
-#undef ALIGNED_UINT8
-#endif
-
-/* mlkem/native/x86_64/src/align.h */
-#if defined(ALIGNED_INT16)
-#undef ALIGNED_INT16
-#endif
-
-/* mlkem/native/x86_64/src/arith_native_x86_64.h */
-#if defined(MLKEM_X86_64_NATIVE_H)
-#undef MLKEM_X86_64_NATIVE_H
-#endif
-
-/* mlkem/native/x86_64/src/arith_native_x86_64.h */
-#if defined(REJ_UNIFORM_AVX_NBLOCKS)
-#undef REJ_UNIFORM_AVX_NBLOCKS
-#endif
-
-/* mlkem/native/x86_64/src/arith_native_x86_64.h */
-#if defined(REJ_UNIFORM_AVX_BUFLEN)
-#undef REJ_UNIFORM_AVX_BUFLEN
-#endif
-
-/* mlkem/native/x86_64/src/arith_native_x86_64.h */
-#if defined(rej_uniform_avx2)
-#undef rej_uniform_avx2
-#endif
-
-/* mlkem/native/x86_64/src/arith_native_x86_64.h */
-#if defined(rej_uniform_table)
-#undef rej_uniform_table
-#endif
-
-/* mlkem/native/x86_64/src/arith_native_x86_64.h */
-#if defined(ntt_avx2)
-#undef ntt_avx2
-#endif
-
-/* mlkem/native/x86_64/src/arith_native_x86_64.h */
-#if defined(invntt_avx2)
-#undef invntt_avx2
-#endif
-
-/* mlkem/native/x86_64/src/arith_native_x86_64.h */
-#if defined(nttpack_avx2)
-#undef nttpack_avx2
-#endif
-
-/* mlkem/native/x86_64/src/arith_native_x86_64.h */
-#if defined(nttunpack_avx2)
-#undef nttunpack_avx2
-#endif
-
-/* mlkem/native/x86_64/src/arith_native_x86_64.h */
-#if defined(reduce_avx2)
-#undef reduce_avx2
-#endif
-
-/* mlkem/native/x86_64/src/arith_native_x86_64.h */
-#if defined(basemul_avx2)
-#undef basemul_avx2
-#endif
-
-/* mlkem/native/x86_64/src/arith_native_x86_64.h */
-#if defined(polyvec_basemul_acc_montgomery_cached_avx2)
-#undef polyvec_basemul_acc_montgomery_cached_avx2
-#endif
-
-/* mlkem/native/x86_64/src/arith_native_x86_64.h */
-#if defined(ntttobytes_avx2)
-#undef ntttobytes_avx2
-#endif
-
-/* mlkem/native/x86_64/src/arith_native_x86_64.h */
-#if defined(nttfrombytes_avx2)
-#undef nttfrombytes_avx2
-#endif
-
-/* mlkem/native/x86_64/src/arith_native_x86_64.h */
-#if defined(tomont_avx2)
-#undef tomont_avx2
-#endif
-
-/* mlkem/native/x86_64/src/basemul.c */
-#if defined(empty_cu_avx2_basemul)
-#undef empty_cu_avx2_basemul
-#endif
-
-/* mlkem/native/x86_64/src/consts.c */
-#if defined(Q)
-#undef Q
-#endif
-
-/* mlkem/native/x86_64/src/consts.c */
-#if defined(MONT)
-#undef MONT
-#endif
-
-/* mlkem/native/x86_64/src/consts.c */
-#if defined(QINV)
-#undef QINV
-#endif
-
-/* mlkem/native/x86_64/src/consts.c */
-#if defined(V)
-#undef V
-#endif
-
-/* mlkem/native/x86_64/src/consts.c */
-#if defined(FHI)
-#undef FHI
-#endif
-
-/* mlkem/native/x86_64/src/consts.c */
-#if defined(FLO)
-#undef FLO
-#endif
-
-/* mlkem/native/x86_64/src/consts.c */
-#if defined(MONTSQHI)
-#undef MONTSQHI
-#endif
-
-/* mlkem/native/x86_64/src/consts.c */
-#if defined(MONTSQLO)
-#undef MONTSQLO
-#endif
-
-/* mlkem/native/x86_64/src/consts.c */
-#if defined(MASK)
-#undef MASK
-#endif
-
-/* mlkem/native/x86_64/src/consts.c */
-#if defined(SHIFT)
-#undef SHIFT
-#endif
-
-/* mlkem/native/x86_64/src/consts.c */
-#if defined(_16XQ)
-#undef _16XQ
-#endif
-
-/* mlkem/native/x86_64/src/consts.c */
-#if defined(_16XQINV)
-#undef _16XQINV
-#endif
-
-/* mlkem/native/x86_64/src/consts.c */
-#if defined(_16XV)
-#undef _16XV
-#endif
-
-/* mlkem/native/x86_64/src/consts.c */
-#if defined(_16XFLO)
-#undef _16XFLO
-#endif
-
-/* mlkem/native/x86_64/src/consts.c */
-#if defined(_16XFHI)
-#undef _16XFHI
-#endif
-
-/* mlkem/native/x86_64/src/consts.c */
-#if defined(_16XMONTSQLO)
-#undef _16XMONTSQLO
-#endif
-
-/* mlkem/native/x86_64/src/consts.c */
-#if defined(_16XMONTSQHI)
-#undef _16XMONTSQHI
-#endif
-
-/* mlkem/native/x86_64/src/consts.c */
-#if defined(_16XMASK)
-#undef _16XMASK
-#endif
-
-/* mlkem/native/x86_64/src/consts.c */
-#if defined(_REVIDXB)
-#undef _REVIDXB
-#endif
-
-/* mlkem/native/x86_64/src/consts.c */
-#if defined(_REVIDXD)
-#undef _REVIDXD
-#endif
-
-/* mlkem/native/x86_64/src/consts.c */
-#if defined(_ZETAS_EXP)
-#undef _ZETAS_EXP
-#endif
-
-/* mlkem/native/x86_64/src/consts.c */
-#if defined(_16XSHIFT)
-#undef _16XSHIFT
-#endif
-
-/* mlkem/native/x86_64/src/consts.c */
-#if defined(empty_cu_consts)
-#undef empty_cu_consts
-#endif
-
-/* mlkem/native/x86_64/src/consts.h */
-#if defined(CONSTS_H)
-#undef CONSTS_H
-#endif
-
-/* mlkem/native/x86_64/src/consts.h */
-#if defined(_16XQ)
-#undef _16XQ
-#endif
-
-/* mlkem/native/x86_64/src/consts.h */
-#if defined(_16XQINV)
-#undef _16XQINV
-#endif
-
-/* mlkem/native/x86_64/src/consts.h */
-#if defined(_16XV)
-#undef _16XV
-#endif
-
-/* mlkem/native/x86_64/src/consts.h */
-#if defined(_16XFLO)
-#undef _16XFLO
-#endif
-
-/* mlkem/native/x86_64/src/consts.h */
-#if defined(_16XFHI)
-#undef _16XFHI
-#endif
-
-/* mlkem/native/x86_64/src/consts.h */
-#if defined(_16XMONTSQLO)
-#undef _16XMONTSQLO
-#endif
-
-/* mlkem/native/x86_64/src/consts.h */
-#if defined(_16XMONTSQHI)
-#undef _16XMONTSQHI
-#endif
-
-/* mlkem/native/x86_64/src/consts.h */
-#if defined(_16XMASK)
-#undef _16XMASK
-#endif
-
-/* mlkem/native/x86_64/src/consts.h */
-#if defined(_REVIDXB)
-#undef _REVIDXB
-#endif
-
-/* mlkem/native/x86_64/src/consts.h */
-#if defined(_REVIDXD)
-#undef _REVIDXD
-#endif
-
-/* mlkem/native/x86_64/src/consts.h */
-#if defined(_ZETAS_EXP)
-#undef _ZETAS_EXP
-#endif
-
-/* mlkem/native/x86_64/src/consts.h */
-#if defined(_16XSHIFT)
-#undef _16XSHIFT
-#endif
-
-/* mlkem/native/x86_64/src/consts.h */
-#if defined(qdata)
-#undef qdata
-#endif
-
-/* mlkem/native/x86_64/src/default_impl.h */
-#if defined(MLKEM_NATIVE_ARITH_PROFILE_IMPL_H)
-#undef MLKEM_NATIVE_ARITH_PROFILE_IMPL_H
-#endif
-
-/* mlkem/native/x86_64/src/default_impl.h */
-#if defined(MLKEM_USE_NATIVE_NTT_CUSTOM_ORDER)
-#undef MLKEM_USE_NATIVE_NTT_CUSTOM_ORDER
-#endif
-
-/* mlkem/native/x86_64/src/default_impl.h */
-#if defined(MLKEM_USE_NATIVE_REJ_UNIFORM)
-#undef MLKEM_USE_NATIVE_REJ_UNIFORM
-#endif
-
-/* mlkem/native/x86_64/src/default_impl.h */
-#if defined(MLKEM_USE_NATIVE_NTT)
-#undef MLKEM_USE_NATIVE_NTT
-#endif
-
-/* mlkem/native/x86_64/src/default_impl.h */
-#if defined(MLKEM_USE_NATIVE_INTT)
-#undef MLKEM_USE_NATIVE_INTT
-#endif
-
-/* mlkem/native/x86_64/src/default_impl.h */
-#if defined(MLKEM_USE_NATIVE_POLY_REDUCE)
-#undef MLKEM_USE_NATIVE_POLY_REDUCE
-#endif
-
-/* mlkem/native/x86_64/src/default_impl.h */
-#if defined(MLKEM_USE_NATIVE_POLY_TOMONT)
-#undef MLKEM_USE_NATIVE_POLY_TOMONT
-#endif
-
-/* mlkem/native/x86_64/src/default_impl.h */
-#if defined(MLKEM_USE_NATIVE_POLYVEC_BASEMUL_ACC_MONTGOMERY_CACHED)
-#undef MLKEM_USE_NATIVE_POLYVEC_BASEMUL_ACC_MONTGOMERY_CACHED
-#endif
-
-/* mlkem/native/x86_64/src/default_impl.h */
-#if defined(MLKEM_USE_NATIVE_POLY_MULCACHE_COMPUTE)
-#undef MLKEM_USE_NATIVE_POLY_MULCACHE_COMPUTE
-#endif
-
-/* mlkem/native/x86_64/src/default_impl.h */
-#if defined(MLKEM_USE_NATIVE_POLY_TOBYTES)
-#undef MLKEM_USE_NATIVE_POLY_TOBYTES
-#endif
-
-/* mlkem/native/x86_64/src/default_impl.h */
-#if defined(MLKEM_USE_NATIVE_POLY_FROMBYTES)
-#undef MLKEM_USE_NATIVE_POLY_FROMBYTES
-#endif
-
-/* mlkem/native/x86_64/src/default_impl.h */
-#if defined(INVNTT_BOUND_NATIVE)
-#undef INVNTT_BOUND_NATIVE
-#endif
-
-/* mlkem/native/x86_64/src/default_impl.h */
-#if defined(NTT_BOUND_NATIVE)
-#undef NTT_BOUND_NATIVE
-#endif
-
-/* mlkem/native/x86_64/src/rej_uniform_avx2.c */
-#if defined(_mm256_cmpge_epu16)
-#undef _mm256_cmpge_epu16
-#endif
-
-/* mlkem/native/x86_64/src/rej_uniform_avx2.c */
-#if defined(_mm_cmpge_epu16)
-#undef _mm_cmpge_epu16
-#endif
-
-/* mlkem/native/x86_64/src/rej_uniform_avx2.c */
-#if defined(empty_cu_rej_uniform_avx2)
-#undef empty_cu_rej_uniform_avx2
-#endif
-
-/* mlkem/native/x86_64/src/rej_uniform_table.c */
-#if defined(empty_cu_avx2_rej_uniform_table)
-#undef empty_cu_avx2_rej_uniform_table
-#endif
-
-/* mlkem/ntt.c */
-#if defined(ntt_butterfly_block)
-#undef ntt_butterfly_block
-#endif
-
-/* mlkem/ntt.c */
-#if defined(ntt_layer)
-#undef ntt_layer
-#endif
-
-/* mlkem/ntt.c */
-#if defined(invntt_layer)
-#undef invntt_layer
-#endif
-
-/* mlkem/ntt.c */
-#if defined(INVNTT_BOUND_REF)
-#undef INVNTT_BOUND_REF
-#endif
-
-/* mlkem/ntt.h */
-#if defined(NTT_H)
-#undef NTT_H
-#endif
-
-/* mlkem/ntt.h */
-#if defined(zetas)
-#undef zetas
-#endif
-
-/* mlkem/ntt.h */
-#if defined(poly_ntt)
-#undef poly_ntt
-#endif
-
-/* mlkem/ntt.h */
-#if defined(poly_invntt_tomont)
-#undef poly_invntt_tomont
-#endif
-
-/* mlkem/ntt.h */
-#if defined(basemul_cached)
-#undef basemul_cached
-#endif
-
-/* mlkem/params.h */
-#if defined(PARAMS_H)
-#undef PARAMS_H
-#endif
-
-/* mlkem/params.h */
-#if defined(MLKEM_N)
-#undef MLKEM_N
-#endif
-
-/* mlkem/params.h */
-#if defined(MLKEM_Q)
-#undef MLKEM_Q
-#endif
-
-/* mlkem/params.h */
-#if defined(UINT12_MAX)
-#undef UINT12_MAX
-#endif
-
-/* mlkem/params.h */
-#if defined(MLKEM_SYMBYTES)
-#undef MLKEM_SYMBYTES
-#endif
-
-/* mlkem/params.h */
-#if defined(MLKEM_SSBYTES)
-#undef MLKEM_SSBYTES
-#endif
-
-/* mlkem/params.h */
-#if defined(MLKEM_POLYBYTES)
-#undef MLKEM_POLYBYTES
-#endif
-
-/* mlkem/params.h */
-#if defined(MLKEM_POLYVECBYTES)
-#undef MLKEM_POLYVECBYTES
-#endif
-
-/* mlkem/params.h */
-#if defined(MLKEM_ETA1)
-#undef MLKEM_ETA1
-#endif
-
-/* mlkem/params.h */
-#if defined(MLKEM_POLYCOMPRESSEDBYTES_DV)
-#undef MLKEM_POLYCOMPRESSEDBYTES_DV
-#endif
-
-/* mlkem/params.h */
-#if defined(MLKEM_POLYCOMPRESSEDBYTES_DU)
-#undef MLKEM_POLYCOMPRESSEDBYTES_DU
-#endif
-
-/* mlkem/params.h */
-#if defined(MLKEM_POLYVECCOMPRESSEDBYTES_DU)
-#undef MLKEM_POLYVECCOMPRESSEDBYTES_DU
-#endif
-
-/* mlkem/params.h */
-#if defined(MLKEM_ETA1)
-#undef MLKEM_ETA1
-#endif
-
-/* mlkem/params.h */
-#if defined(MLKEM_POLYCOMPRESSEDBYTES_DV)
-#undef MLKEM_POLYCOMPRESSEDBYTES_DV
-#endif
-
-/* mlkem/params.h */
-#if defined(MLKEM_POLYCOMPRESSEDBYTES_DU)
-#undef MLKEM_POLYCOMPRESSEDBYTES_DU
-#endif
-
-/* mlkem/params.h */
-#if defined(MLKEM_POLYVECCOMPRESSEDBYTES_DU)
-#undef MLKEM_POLYVECCOMPRESSEDBYTES_DU
-#endif
-
-/* mlkem/params.h */
-#if defined(MLKEM_ETA1)
-#undef MLKEM_ETA1
-#endif
-
-/* mlkem/params.h */
-#if defined(MLKEM_POLYCOMPRESSEDBYTES_DV)
-#undef MLKEM_POLYCOMPRESSEDBYTES_DV
-#endif
-
-/* mlkem/params.h */
-#if defined(MLKEM_POLYCOMPRESSEDBYTES_DU)
-#undef MLKEM_POLYCOMPRESSEDBYTES_DU
-#endif
-
-/* mlkem/params.h */
-#if defined(MLKEM_POLYVECCOMPRESSEDBYTES_DU)
-#undef MLKEM_POLYVECCOMPRESSEDBYTES_DU
-#endif
-
-/* mlkem/params.h */
-#if defined(MLKEM_ETA2)
-#undef MLKEM_ETA2
-#endif
-
-/* mlkem/params.h */
-#if defined(MLKEM_INDCPA_MSGBYTES)
-#undef MLKEM_INDCPA_MSGBYTES
-#endif
-
-/* mlkem/params.h */
-#if defined(MLKEM_INDCPA_PUBLICKEYBYTES)
-#undef MLKEM_INDCPA_PUBLICKEYBYTES
-#endif
-
-/* mlkem/params.h */
-#if defined(MLKEM_INDCPA_SECRETKEYBYTES)
-#undef MLKEM_INDCPA_SECRETKEYBYTES
-#endif
-
-/* mlkem/params.h */
-#if defined(MLKEM_INDCPA_BYTES)
-#undef MLKEM_INDCPA_BYTES
-#endif
-
-/* mlkem/params.h */
-#if defined(MLKEM_PUBLICKEYBYTES)
-#undef MLKEM_PUBLICKEYBYTES
-#endif
-
-/* mlkem/params.h */
-#if defined(MLKEM_SECRETKEYBYTES)
-#undef MLKEM_SECRETKEYBYTES
-#endif
-
-/* mlkem/params.h */
-#if defined(MLKEM_CIPHERTEXTBYTES)
-#undef MLKEM_CIPHERTEXTBYTES
-#endif
-
-/* mlkem/params.h */
-#if defined(KECCAK_WAY)
-#undef KECCAK_WAY
-#endif
-
-/* mlkem/poly.h */
-#if defined(POLY_H)
-#undef POLY_H
-#endif
-
-/* mlkem/poly.h */
-#if defined(INVNTT_BOUND)
-#undef INVNTT_BOUND
-#endif
-
-/* mlkem/poly.h */
-#if defined(NTT_BOUND)
-#undef NTT_BOUND
-#endif
-
-/* mlkem/poly.h */
-#if defined(poly)
-#undef poly
-#endif
-
-/* mlkem/poly.h */
-#if defined(poly_mulcache)
-#undef poly_mulcache
-#endif
-
-/* mlkem/poly.h */
-#if defined(scalar_compress_d1)
-#undef scalar_compress_d1
-#endif
-
-/* mlkem/poly.h */
-#if defined(scalar_compress_d4)
-#undef scalar_compress_d4
-#endif
-
-/* mlkem/poly.h */
-#if defined(scalar_compress_d5)
-#undef scalar_compress_d5
-#endif
-
-/* mlkem/poly.h */
-#if defined(scalar_compress_d10)
-#undef scalar_compress_d10
-#endif
-
-/* mlkem/poly.h */
-#if defined(scalar_compress_d11)
-#undef scalar_compress_d11
-#endif
-
-/* mlkem/poly.h */
-#if defined(scalar_decompress_d4)
-#undef scalar_decompress_d4
-#endif
-
-/* mlkem/poly.h */
-#if defined(scalar_decompress_d5)
-#undef scalar_decompress_d5
-#endif
-
-/* mlkem/poly.h */
-#if defined(scalar_decompress_d10)
-#undef scalar_decompress_d10
-#endif
-
-/* mlkem/poly.h */
-#if defined(scalar_decompress_d11)
-#undef scalar_decompress_d11
-#endif
-
-/* mlkem/poly.h */
-#if defined(scalar_signed_to_unsigned_q)
-#undef scalar_signed_to_unsigned_q
-#endif
-
-/* mlkem/poly.h */
-#if defined(poly_compress_du)
-#undef poly_compress_du
-#endif
-
-/* mlkem/poly.h */
-#if defined(poly_decompress_du)
-#undef poly_decompress_du
-#endif
-
-/* mlkem/poly.h */
-#if defined(poly_compress_dv)
-#undef poly_compress_dv
-#endif
-
-/* mlkem/poly.h */
-#if defined(poly_decompress_dv)
-#undef poly_decompress_dv
-#endif
-
-/* mlkem/poly.h */
-#if defined(poly_tobytes)
-#undef poly_tobytes
-#endif
-
-/* mlkem/poly.h */
-#if defined(poly_frombytes)
-#undef poly_frombytes
-#endif
-
-/* mlkem/poly.h */
-#if defined(poly_frommsg)
-#undef poly_frommsg
-#endif
-
-/* mlkem/poly.h */
-#if defined(poly_tomsg)
-#undef poly_tomsg
-#endif
-
-/* mlkem/poly.h */
-#if defined(poly_getnoise_eta1_4x)
-#undef poly_getnoise_eta1_4x
-#endif
-
-/* mlkem/poly.h */
-#if defined(poly_getnoise_eta2_4x)
-#undef poly_getnoise_eta2_4x
-#endif
-
-/* mlkem/poly.h */
-#if defined(poly_getnoise_eta2)
-#undef poly_getnoise_eta2
-#endif
-
-/* mlkem/poly.h */
-#if defined(poly_getnoise_eta1122_4x)
-#undef poly_getnoise_eta1122_4x
-#endif
-
-/* mlkem/poly.h */
-#if defined(poly_basemul_montgomery_cached)
-#undef poly_basemul_montgomery_cached
-#endif
-
-/* mlkem/poly.h */
-#if defined(poly_tomont)
-#undef poly_tomont
-#endif
-
-/* mlkem/poly.h */
-#if defined(poly_mulcache_compute)
-#undef poly_mulcache_compute
-#endif
-
-/* mlkem/poly.h */
-#if defined(poly_reduce)
-#undef poly_reduce
-#endif
-
-/* mlkem/poly.h */
-#if defined(poly_add)
-#undef poly_add
-#endif
-
-/* mlkem/poly.h */
-#if defined(poly_sub)
-#undef poly_sub
-#endif
-
-/* mlkem/polyvec.h */
-#if defined(POLYVEC_H)
-#undef POLYVEC_H
-#endif
-
-/* mlkem/polyvec.h */
-#if defined(polyvec)
-#undef polyvec
-#endif
-
-/* mlkem/polyvec.h */
-#if defined(polyvec_mulcache)
-#undef polyvec_mulcache
-#endif
-
-/* mlkem/polyvec.h */
-#if defined(polyvec_compress_du)
-#undef polyvec_compress_du
-#endif
-
-/* mlkem/polyvec.h */
-#if defined(polyvec_decompress_du)
-#undef polyvec_decompress_du
-#endif
-
-/* mlkem/polyvec.h */
-#if defined(polyvec_tobytes)
-#undef polyvec_tobytes
-#endif
-
-/* mlkem/polyvec.h */
-#if defined(polyvec_frombytes)
-#undef polyvec_frombytes
-#endif
-
-/* mlkem/polyvec.h */
-#if defined(polyvec_ntt)
-#undef polyvec_ntt
-#endif
-
-/* mlkem/polyvec.h */
-#if defined(polyvec_invntt_tomont)
-#undef polyvec_invntt_tomont
-#endif
-
-/* mlkem/polyvec.h */
-#if defined(polyvec_basemul_acc_montgomery)
-#undef polyvec_basemul_acc_montgomery
-#endif
-
-/* mlkem/polyvec.h */
-#if defined(polyvec_basemul_acc_montgomery_cached)
-#undef polyvec_basemul_acc_montgomery_cached
-#endif
-
-/* mlkem/polyvec.h */
-#if defined(polyvec_mulcache_compute)
-#undef polyvec_mulcache_compute
-#endif
-
-/* mlkem/polyvec.h */
-#if defined(polyvec_reduce)
-#undef polyvec_reduce
-#endif
-
-/* mlkem/polyvec.h */
-#if defined(polyvec_add)
-#undef polyvec_add
-#endif
-
-/* mlkem/polyvec.h */
-#if defined(polyvec_tomont)
-#undef polyvec_tomont
-#endif
-
-/* mlkem/randombytes.h */
-#if defined(RANDOMBYTES_H)
-#undef RANDOMBYTES_H
-#endif
-
-/* mlkem/reduce.h */
-#if defined(REDUCE_H)
-#undef REDUCE_H
-#endif
-
-/* mlkem/reduce.h */
-#if defined(cast_uint16_to_int16)
-#undef cast_uint16_to_int16
-#endif
-
-/* mlkem/reduce.h */
-#if defined(montgomery_reduce_generic)
-#undef montgomery_reduce_generic
-#endif
-
-/* mlkem/reduce.h */
-#if defined(montgomery_reduce)
-#undef montgomery_reduce
-#endif
-
-/* mlkem/reduce.h */
-#if defined(fqmul)
-#undef fqmul
-#endif
-
-/* mlkem/reduce.h */
-#if defined(barrett_reduce)
-#undef barrett_reduce
-#endif
-
-/* mlkem/reduce.h */
-#if defined(HALF_Q)
-#undef HALF_Q
-#endif
-
-/* mlkem/rej_uniform.c */
-#if defined(rej_uniform_scalar)
-#undef rej_uniform_scalar
-#endif
-
-/* mlkem/rej_uniform.h */
-#if defined(REJ_UNIFORM_H)
-#undef REJ_UNIFORM_H
-#endif
-
-/* mlkem/rej_uniform.h */
-#if defined(rej_uniform)
-#undef rej_uniform
-#endif
-
-/* mlkem/symmetric.h */
-#if defined(SYMMETRIC_H)
-#undef SYMMETRIC_H
-#endif
-
-/* mlkem/symmetric.h */
-#if defined(hash_h)
-#undef hash_h
-#endif
-
-/* mlkem/symmetric.h */
-#if defined(hash_g)
-#undef hash_g
-#endif
-
-/* mlkem/symmetric.h */
-#if defined(hash_j)
-#undef hash_j
-#endif
-
-/* mlkem/symmetric.h */
-#if defined(prf_eta)
-#undef prf_eta
-#endif
-
-/* mlkem/symmetric.h */
-#if defined(prf_eta1)
-#undef prf_eta1
-#endif
-
-/* mlkem/symmetric.h */
-#if defined(prf_eta2)
-#undef prf_eta2
-#endif
-
-/* mlkem/symmetric.h */
-#if defined(prf_eta1_x4)
-#undef prf_eta1_x4
-#endif
-
-/* mlkem/symmetric.h */
-#if defined(xof_ctx)
-#undef xof_ctx
-#endif
-
-/* mlkem/symmetric.h */
-#if defined(xof_x4_ctx)
-#undef xof_x4_ctx
-#endif
-
-/* mlkem/symmetric.h */
-#if defined(xof_absorb)
-#undef xof_absorb
-#endif
-
-/* mlkem/symmetric.h */
-#if defined(xof_squeezeblocks)
-#undef xof_squeezeblocks
-#endif
-
-/* mlkem/symmetric.h */
-#if defined(xof_release)
-#undef xof_release
-#endif
-
-/* mlkem/symmetric.h */
-#if defined(xof_x4_absorb)
-#undef xof_x4_absorb
-#endif
-
-/* mlkem/symmetric.h */
-#if defined(xof_x4_squeezeblocks)
-#undef xof_x4_squeezeblocks
-#endif
-
-/* mlkem/symmetric.h */
-#if defined(xof_x4_release)
-#undef xof_x4_release
-#endif
-
-/* mlkem/symmetric.h */
-#if defined(XOF_RATE)
-#undef XOF_RATE
-#endif
-
-/* mlkem/sys.h */
-#if defined(MLKEM_NATIVE_SYS_H)
-#undef MLKEM_NATIVE_SYS_H
-#endif
-
-/* mlkem/sys.h */
-#if defined(SYS_AARCH64)
-#undef SYS_AARCH64
-#endif
-
-/* mlkem/sys.h */
-#if defined(SYS_AARCH64_EB)
-#undef SYS_AARCH64_EB
-#endif
-
-/* mlkem/sys.h */
-#if defined(SYS_X86_64)
-#undef SYS_X86_64
-#endif
-
-/* mlkem/sys.h */
-#if defined(SYS_X86_64_AVX2)
-#undef SYS_X86_64_AVX2
-#endif
-
-/* mlkem/sys.h */
-#if defined(SYS_LITTLE_ENDIAN)
-#undef SYS_LITTLE_ENDIAN
-#endif
-
-/* mlkem/sys.h */
-#if defined(SYS_BIG_ENDIAN)
-#undef SYS_BIG_ENDIAN
-#endif
-
-/* mlkem/sys.h */
-#if defined(INLINE)
-#undef INLINE
-#endif
-
-/* mlkem/sys.h */
-#if defined(ALWAYS_INLINE)
-#undef ALWAYS_INLINE
-#endif
-
-/* mlkem/sys.h */
-#if defined(INLINE)
-#undef INLINE
-#endif
-
-/* mlkem/sys.h */
-#if defined(ALWAYS_INLINE)
-#undef ALWAYS_INLINE
-#endif
-
-/* mlkem/sys.h */
-#if defined(INLINE)
-#undef INLINE
-#endif
-
-/* mlkem/sys.h */
-#if defined(ALWAYS_INLINE)
-#undef ALWAYS_INLINE
-#endif
-
-/* mlkem/sys.h */
-#if defined(INLINE)
-#undef INLINE
-#endif
-
-/* mlkem/sys.h */
-#if defined(ALWAYS_INLINE)
-#undef ALWAYS_INLINE
-#endif
-
-/* mlkem/sys.h */
-#if defined(RESTRICT)
-#undef RESTRICT
-#endif
-
-/* mlkem/sys.h */
-#if defined(RESTRICT)
-#undef RESTRICT
-#endif
-
-/* mlkem/sys.h */
-#if defined(RESTRICT)
-#undef RESTRICT
-#endif
-
-/* mlkem/sys.h */
-#if defined(DEFAULT_ALIGN)
-#undef DEFAULT_ALIGN
-#endif
-
-/* mlkem/sys.h */
-#if defined(ALIGN)
-#undef ALIGN
-#endif
-
-/* mlkem/sys.h */
-#if defined(asm)
-#undef asm
-#endif
-
-/* mlkem/sys.h */
-#if defined(asm)
-#undef asm
-#endif
-
-/* mlkem/sys.h */
-#if defined(ALIGN)
-#undef ALIGN
-#endif
-
-/* mlkem/verify.c */
-#if defined(empty_cu_verify)
-#undef empty_cu_verify
-#endif
-
-/* mlkem/verify.h */
-#if defined(VERIFY_H)
-#undef VERIFY_H
-#endif
-
-/* mlkem/verify.h */
-#if defined(value_barrier_u8)
-#undef value_barrier_u8
-#endif
-
-/* mlkem/verify.h */
-#if defined(value_barrier_u32)
-#undef value_barrier_u32
-#endif
-
-/* mlkem/verify.h */
-#if defined(value_barrier_i32)
-#undef value_barrier_i32
-#endif
-
-/* mlkem/verify.h */
-#if defined(ct_cmask_neg_i16)
-#undef ct_cmask_neg_i16
-#endif
-
-/* mlkem/verify.h */
-#if defined(ct_cmask_nonzero_u8)
-#undef ct_cmask_nonzero_u8
-#endif
-
-/* mlkem/verify.h */
-#if defined(ct_cmask_nonzero_u16)
-#undef ct_cmask_nonzero_u16
-#endif
-
-/* mlkem/verify.h */
-#if defined(ct_sel_uint8)
-#undef ct_sel_uint8
-#endif
-
-/* mlkem/verify.h */
-#if defined(ct_sel_int16)
-#undef ct_sel_int16
-#endif
-
-/* mlkem/verify.h */
-#if defined(ct_memcmp)
-#undef ct_memcmp
-#endif
+/* Two instances of mlkem-native for two security levels */
 
-/* mlkem/verify.h */
-#if defined(ct_cmov_zero)
-#undef ct_cmov_zero
-#endif
+#define MLKEM_NATIVE_CONFIG_FILE "config_512.h"
+#include "mlkem_native_monobuild.c"
+#undef MLKEM_NATIVE_CONFIG_FILE
 
-/* mlkem/verify.h */
-#if defined(MLKEM_USE_ASM_VALUE_BARRIER)
-#undef MLKEM_USE_ASM_VALUE_BARRIER
-#endif
+#define MLKEM_NATIVE_CONFIG_FILE "config_768.h"
+#include "mlkem_native_monobuild.c"
+#undef MLKEM_NATIVE_CONFIG_FILE
 
-/* mlkem/verify.h */
-#if defined(ct_opt_blocker_u64)
-#undef ct_opt_blocker_u64
-#endif
+#define MLKEM_NATIVE_CONFIG_FILE "config_1024.h"
+#include "mlkem_native_monobuild.c"
+#undef MLKEM_NATIVE_CONFIG_FILE
diff --git a/examples/monolithic_build/mlkem_native_all.h b/examples/monolithic_build/mlkem_native_all.h
new file mode 100644
index 000000000..40f73c1c5
--- /dev/null
+++ b/examples/monolithic_build/mlkem_native_all.h
@@ -0,0 +1,39 @@
+/*
+ * Copyright (c) 2024 The mlkem-native project authors
+ * SPDX-License-Identifier: Apache-2.0
+ */
+
+#if !defined(MLKEM_NATIVE_ALL_H)
+#define MLKEM_NATIVE_ALL_H
+
+/* API for MLKEM-512 */
+#define BUILD_INFO_LVL 512
+#define BUILD_INFO_NAMESPACE(sym) mlkem512_##sym
+#define BUILD_INFO_NO_STANDARD_API
+#include "mlkem_native.h"
+#undef BUILD_INFO_LVL
+#undef BUILD_INFO_NAMESPACE
+#undef BUILD_INFO_NO_STANDARD_API
+#undef MLKEM_NATIVE_H
+
+/* API for MLKEM-768 */
+#define BUILD_INFO_LVL 768
+#define BUILD_INFO_NAMESPACE(sym) mlkem768_##sym
+#define BUILD_INFO_NO_STANDARD_API
+#include "mlkem_native.h"
+#undef BUILD_INFO_LVL
+#undef BUILD_INFO_NAMESPACE
+#undef BUILD_INFO_NO_STANDARD_API
+#undef MLKEM_NATIVE_H
+
+/* API for MLKEM-1024 */
+#define BUILD_INFO_LVL 1024
+#define BUILD_INFO_NAMESPACE(sym) mlkem1024_##sym
+#define BUILD_INFO_NO_STANDARD_API
+#include "mlkem_native.h"
+#undef BUILD_INFO_LVL
+#undef BUILD_INFO_NAMESPACE
+#undef BUILD_INFO_NO_STANDARD_API
+#undef MLKEM_NATIVE_H
+
+#endif /* MLKEM_NATIVE_ALL_H */
diff --git a/examples/monolithic_build/mlkem_native_monobuild.c b/examples/monolithic_build/mlkem_native_monobuild.c
new file mode 100644
index 000000000..8c5a16657
--- /dev/null
+++ b/examples/monolithic_build/mlkem_native_monobuild.c
@@ -0,0 +1,2900 @@
+/*
+ * Copyright (c) 2024 The mlkem-native project authors
+ * SPDX-License-Identifier: Apache-2.0
+ */
+
+/*
+ * WARNING: This file is auto-generated from scripts/autogenerate_files.py
+ *          Do not modify it directly.
+ */
+
+/*
+ * Monolithic compilation unit bundling all compilation units within
+ * mlkem-native
+ */
+
+#include "mlkem/cbd.c"
+#include "mlkem/debug/debug.c"
+#include "mlkem/fips202/fips202.c"
+#include "mlkem/fips202/fips202x4.c"
+#include "mlkem/fips202/keccakf1600.c"
+#include "mlkem/fips202/native/aarch64/src/keccakf1600_round_constants.c"
+#include "mlkem/fips202/native/x86_64/src/KeccakP-1600-times4-SIMD256.c"
+#include "mlkem/indcpa.c"
+#include "mlkem/kem.c"
+#include "mlkem/native/aarch64/src/aarch64_zetas.c"
+#include "mlkem/native/aarch64/src/rej_uniform_table.c"
+#include "mlkem/native/x86_64/src/basemul.c"
+#include "mlkem/native/x86_64/src/consts.c"
+#include "mlkem/native/x86_64/src/rej_uniform_avx2.c"
+#include "mlkem/native/x86_64/src/rej_uniform_table.c"
+#include "mlkem/ntt.c"
+#include "mlkem/poly.c"
+#include "mlkem/polyvec.c"
+#include "mlkem/rej_uniform.c"
+#include "mlkem/verify.c"
+#include "mlkem/zetas.c"
+
+/*
+ * Undo all #define directives from *.c or *.h files
+ */
+
+/* mlkem/arith_backend.h */
+#if defined(MLKEM_NATIVE_ARITH_IMPL_H)
+#undef MLKEM_NATIVE_ARITH_IMPL_H
+#endif
+
+/* mlkem/cbd.c */
+#if defined(load32_littleendian)
+#undef load32_littleendian
+#endif
+
+/* mlkem/cbd.c */
+#if defined(load24_littleendian)
+#undef load24_littleendian
+#endif
+
+/* mlkem/cbd.c */
+#if defined(cbd2)
+#undef cbd2
+#endif
+
+/* mlkem/cbd.c */
+#if defined(cbd3)
+#undef cbd3
+#endif
+
+/* mlkem/cbd.h */
+#if defined(CBD_H)
+#undef CBD_H
+#endif
+
+/* mlkem/cbd.h */
+#if defined(poly_cbd_eta1)
+#undef poly_cbd_eta1
+#endif
+
+/* mlkem/cbd.h */
+#if defined(poly_cbd_eta2)
+#undef poly_cbd_eta2
+#endif
+
+/* mlkem/cbmc.h */
+#if defined(__contract__)
+#undef __contract__
+#endif
+
+/* mlkem/cbmc.h */
+#if defined(__loop__)
+#undef __loop__
+#endif
+
+/* mlkem/cbmc.h */
+#if defined(cassert)
+#undef cassert
+#endif
+
+/* mlkem/cbmc.h */
+#if defined(__contract__)
+#undef __contract__
+#endif
+
+/* mlkem/cbmc.h */
+#if defined(__loop__)
+#undef __loop__
+#endif
+
+/* mlkem/cbmc.h */
+#if defined(assigns)
+#undef assigns
+#endif
+
+/* mlkem/cbmc.h */
+#if defined(requires)
+#undef requires
+#endif
+
+/* mlkem/cbmc.h */
+#if defined(ensures)
+#undef ensures
+#endif
+
+/* mlkem/cbmc.h */
+#if defined(invariant)
+#undef invariant
+#endif
+
+/* mlkem/cbmc.h */
+#if defined(decreases)
+#undef decreases
+#endif
+
+/* mlkem/cbmc.h */
+#if defined(cassert)
+#undef cassert
+#endif
+
+/* mlkem/cbmc.h */
+#if defined(assume)
+#undef assume
+#endif
+
+/* mlkem/cbmc.h */
+#if defined(return_value)
+#undef return_value
+#endif
+
+/* mlkem/cbmc.h */
+#if defined(object_whole)
+#undef object_whole
+#endif
+
+/* mlkem/cbmc.h */
+#if defined(memory_slice)
+#undef memory_slice
+#endif
+
+/* mlkem/cbmc.h */
+#if defined(same_object)
+#undef same_object
+#endif
+
+/* mlkem/cbmc.h */
+#if defined(memory_no_alias)
+#undef memory_no_alias
+#endif
+
+/* mlkem/cbmc.h */
+#if defined(readable)
+#undef readable
+#endif
+
+/* mlkem/cbmc.h */
+#if defined(writeable)
+#undef writeable
+#endif
+
+/* mlkem/cbmc.h */
+#if defined(old)
+#undef old
+#endif
+
+/* mlkem/cbmc.h */
+#if defined(loop_entry)
+#undef loop_entry
+#endif
+
+/* mlkem/cbmc.h */
+#if defined(forall)
+#undef forall
+#endif
+
+/* mlkem/cbmc.h */
+#if defined(EXISTS)
+#undef EXISTS
+#endif
+
+/* mlkem/cbmc.h */
+#if defined(CBMC_CONCAT_)
+#undef CBMC_CONCAT_
+#endif
+
+/* mlkem/cbmc.h */
+#if defined(CBMC_CONCAT)
+#undef CBMC_CONCAT
+#endif
+
+/* mlkem/cbmc.h */
+#if defined(array_bound_core)
+#undef array_bound_core
+#endif
+
+/* mlkem/cbmc.h */
+#if defined(array_bound)
+#undef array_bound
+#endif
+
+/* mlkem/cbmc.h */
+#if defined(array_abs_bound)
+#undef array_abs_bound
+#endif
+
+/* mlkem/common.h */
+#if defined(MLKEM_NATIVE_COMMON_H)
+#undef MLKEM_NATIVE_COMMON_H
+#endif
+
+/* mlkem/common.h */
+#if defined(MLKEM_NATIVE_ARITH_BACKEND_NAME)
+#undef MLKEM_NATIVE_ARITH_BACKEND_NAME
+#endif
+
+/* mlkem/common.h */
+#if defined(MLKEM_NATIVE_FIPS202_BACKEND_NAME)
+#undef MLKEM_NATIVE_FIPS202_BACKEND_NAME
+#endif
+
+/* mlkem/common.h */
+#if defined(MLKEM_ASM_NAMESPACE)
+#undef MLKEM_ASM_NAMESPACE
+#endif
+
+/* mlkem/common.h */
+#if defined(FIPS202_ASM_NAMESPACE)
+#undef FIPS202_ASM_NAMESPACE
+#endif
+
+/* mlkem/common.h */
+#if defined(_PREFIX_UNDERSCORE)
+#undef _PREFIX_UNDERSCORE
+#endif
+
+/* mlkem/common.h */
+#if defined(PREFIX_UNDERSCORE)
+#undef PREFIX_UNDERSCORE
+#endif
+
+/* mlkem/common.h */
+#if defined(MLKEM_ASM_NAMESPACE)
+#undef MLKEM_ASM_NAMESPACE
+#endif
+
+/* mlkem/common.h */
+#if defined(FIPS202_ASM_NAMESPACE)
+#undef FIPS202_ASM_NAMESPACE
+#endif
+
+/* mlkem/config.h */
+#if defined(MLKEM_NATIVE_CONFIG_H)
+#undef MLKEM_NATIVE_CONFIG_H
+#endif
+
+/* mlkem/config.h */
+#if defined(MLKEM_K)
+#undef MLKEM_K
+#endif
+
+/* mlkem/config.h */
+#if defined(MLKEM_NAMESPACE)
+#undef MLKEM_NAMESPACE
+#endif
+
+/* mlkem/config.h */
+#if defined(FIPS202_NAMESPACE)
+#undef FIPS202_NAMESPACE
+#endif
+
+/* mlkem/config.h */
+#if defined(MLKEM_NATIVE_ARITH_BACKEND)
+#undef MLKEM_NATIVE_ARITH_BACKEND
+#endif
+
+/* mlkem/config.h */
+#if defined(MLKEM_NATIVE_FIPS202_BACKEND)
+#undef MLKEM_NATIVE_FIPS202_BACKEND
+#endif
+
+/* mlkem/config.h */
+#if defined(FIPS202_DEFAULT_NAMESPACE___)
+#undef FIPS202_DEFAULT_NAMESPACE___
+#endif
+
+/* mlkem/config.h */
+#if defined(FIPS202_DEFAULT_NAMESPACE__)
+#undef FIPS202_DEFAULT_NAMESPACE__
+#endif
+
+/* mlkem/config.h */
+#if defined(FIPS202_DEFAULT_NAMESPACE)
+#undef FIPS202_DEFAULT_NAMESPACE
+#endif
+
+/* mlkem/config.h */
+#if defined(MLKEM_DEFAULT_NAMESPACE___)
+#undef MLKEM_DEFAULT_NAMESPACE___
+#endif
+
+/* mlkem/config.h */
+#if defined(MLKEM_DEFAULT_NAMESPACE__)
+#undef MLKEM_DEFAULT_NAMESPACE__
+#endif
+
+/* mlkem/config.h */
+#if defined(MLKEM_DEFAULT_NAMESPACE)
+#undef MLKEM_DEFAULT_NAMESPACE
+#endif
+
+/* mlkem/config.h */
+#if defined(MLKEM_DEFAULT_NAMESPACE)
+#undef MLKEM_DEFAULT_NAMESPACE
+#endif
+
+/* mlkem/config.h */
+#if defined(MLKEM_DEFAULT_NAMESPACE)
+#undef MLKEM_DEFAULT_NAMESPACE
+#endif
+
+/* mlkem/debug/debug.c */
+#if defined(_ISOC99_SOURCE)
+#undef _ISOC99_SOURCE
+#endif
+
+/* mlkem/debug/debug.c */
+#if defined(empty_cu_debug)
+#undef empty_cu_debug
+#endif
+
+/* mlkem/debug/debug.h */
+#if defined(MLKEM_DEBUG_H)
+#undef MLKEM_DEBUG_H
+#endif
+
+/* mlkem/debug/debug.h */
+#if defined(CASSERT)
+#undef CASSERT
+#endif
+
+/* mlkem/debug/debug.h */
+#if defined(SCALAR_BOUND)
+#undef SCALAR_BOUND
+#endif
+
+/* mlkem/debug/debug.h */
+#if defined(UBOUND)
+#undef UBOUND
+#endif
+
+/* mlkem/debug/debug.h */
+#if defined(BOUND)
+#undef BOUND
+#endif
+
+/* mlkem/debug/debug.h */
+#if defined(POLY_BOUND_MSG)
+#undef POLY_BOUND_MSG
+#endif
+
+/* mlkem/debug/debug.h */
+#if defined(POLY_UBOUND_MSG)
+#undef POLY_UBOUND_MSG
+#endif
+
+/* mlkem/debug/debug.h */
+#if defined(POLY_BOUND)
+#undef POLY_BOUND
+#endif
+
+/* mlkem/debug/debug.h */
+#if defined(POLY_UBOUND)
+#undef POLY_UBOUND
+#endif
+
+/* mlkem/debug/debug.h */
+#if defined(POLYVEC_BOUND)
+#undef POLYVEC_BOUND
+#endif
+
+/* mlkem/debug/debug.h */
+#if defined(POLYVEC_UBOUND)
+#undef POLYVEC_UBOUND
+#endif
+
+/* mlkem/debug/debug.h */
+#if defined(MLKEM_CONCAT_)
+#undef MLKEM_CONCAT_
+#endif
+
+/* mlkem/debug/debug.h */
+#if defined(MLKEM_CONCAT)
+#undef MLKEM_CONCAT
+#endif
+
+/* mlkem/debug/debug.h */
+#if defined(MLKEM_STATIC_ASSERT_DEFINE)
+#undef MLKEM_STATIC_ASSERT_DEFINE
+#endif
+
+/* mlkem/debug/debug.h */
+#if defined(MLKEM_STATIC_ASSERT_ADD_LINE0)
+#undef MLKEM_STATIC_ASSERT_ADD_LINE0
+#endif
+
+/* mlkem/debug/debug.h */
+#if defined(MLKEM_STATIC_ASSERT_ADD_LINE1)
+#undef MLKEM_STATIC_ASSERT_ADD_LINE1
+#endif
+
+/* mlkem/debug/debug.h */
+#if defined(MLKEM_STATIC_ASSERT_ADD_LINE2)
+#undef MLKEM_STATIC_ASSERT_ADD_LINE2
+#endif
+
+/* mlkem/debug/debug.h */
+#if defined(MLKEM_STATIC_ASSERT_ADD_ERROR)
+#undef MLKEM_STATIC_ASSERT_ADD_ERROR
+#endif
+
+/* mlkem/debug/debug.h */
+#if defined(STATIC_ASSERT)
+#undef STATIC_ASSERT
+#endif
+
+/* mlkem/debug/debug.h */
+#if defined(CASSERT)
+#undef CASSERT
+#endif
+
+/* mlkem/debug/debug.h */
+#if defined(SCALAR_BOUND)
+#undef SCALAR_BOUND
+#endif
+
+/* mlkem/debug/debug.h */
+#if defined(BOUND)
+#undef BOUND
+#endif
+
+/* mlkem/debug/debug.h */
+#if defined(POLY_BOUND)
+#undef POLY_BOUND
+#endif
+
+/* mlkem/debug/debug.h */
+#if defined(POLYVEC_BOUND)
+#undef POLYVEC_BOUND
+#endif
+
+/* mlkem/debug/debug.h */
+#if defined(POLY_BOUND_MSG)
+#undef POLY_BOUND_MSG
+#endif
+
+/* mlkem/debug/debug.h */
+#if defined(UBOUND)
+#undef UBOUND
+#endif
+
+/* mlkem/debug/debug.h */
+#if defined(POLY_UBOUND)
+#undef POLY_UBOUND
+#endif
+
+/* mlkem/debug/debug.h */
+#if defined(POLYVEC_UBOUND)
+#undef POLYVEC_UBOUND
+#endif
+
+/* mlkem/debug/debug.h */
+#if defined(POLY_UBOUND_MSG)
+#undef POLY_UBOUND_MSG
+#endif
+
+/* mlkem/debug/debug.h */
+#if defined(STATIC_ASSERT)
+#undef STATIC_ASSERT
+#endif
+
+/* mlkem/fips202/fips202.c */
+#if defined(keccak_absorb_once)
+#undef keccak_absorb_once
+#endif
+
+/* mlkem/fips202/fips202.c */
+#if defined(keccak_squeeze_once)
+#undef keccak_squeeze_once
+#endif
+
+/* mlkem/fips202/fips202.c */
+#if defined(keccak_squeezeblocks)
+#undef keccak_squeezeblocks
+#endif
+
+/* mlkem/fips202/fips202.c */
+#if defined(shake256ctx)
+#undef shake256ctx
+#endif
+
+/* mlkem/fips202/fips202.h */
+#if defined(FIPS202_H)
+#undef FIPS202_H
+#endif
+
+/* mlkem/fips202/fips202.h */
+#if defined(SHAKE128_RATE)
+#undef SHAKE128_RATE
+#endif
+
+/* mlkem/fips202/fips202.h */
+#if defined(SHAKE256_RATE)
+#undef SHAKE256_RATE
+#endif
+
+/* mlkem/fips202/fips202.h */
+#if defined(SHA3_256_RATE)
+#undef SHA3_256_RATE
+#endif
+
+/* mlkem/fips202/fips202.h */
+#if defined(SHA3_384_RATE)
+#undef SHA3_384_RATE
+#endif
+
+/* mlkem/fips202/fips202.h */
+#if defined(SHA3_512_RATE)
+#undef SHA3_512_RATE
+#endif
+
+/* mlkem/fips202/fips202.h */
+#if defined(shake128ctx)
+#undef shake128ctx
+#endif
+
+/* mlkem/fips202/fips202.h */
+#if defined(shake128_absorb_once)
+#undef shake128_absorb_once
+#endif
+
+/* mlkem/fips202/fips202.h */
+#if defined(shake128_squeezeblocks)
+#undef shake128_squeezeblocks
+#endif
+
+/* mlkem/fips202/fips202.h */
+#if defined(shake128_release)
+#undef shake128_release
+#endif
+
+/* mlkem/fips202/fips202.h */
+#if defined(shake256)
+#undef shake256
+#endif
+
+/* mlkem/fips202/fips202.h */
+#if defined(SHA3_256_HASHBYTES)
+#undef SHA3_256_HASHBYTES
+#endif
+
+/* mlkem/fips202/fips202.h */
+#if defined(sha3_256)
+#undef sha3_256
+#endif
+
+/* mlkem/fips202/fips202.h */
+#if defined(SHA3_512_HASHBYTES)
+#undef SHA3_512_HASHBYTES
+#endif
+
+/* mlkem/fips202/fips202.h */
+#if defined(sha3_512)
+#undef sha3_512
+#endif
+
+/* mlkem/fips202/fips202_backend.h */
+#if defined(MLKEM_NATIVE_FIPS202_IMPL_H)
+#undef MLKEM_NATIVE_FIPS202_IMPL_H
+#endif
+
+/* mlkem/fips202/fips202x4.c */
+#if defined(shake256x4_ctx)
+#undef shake256x4_ctx
+#endif
+
+/* mlkem/fips202/fips202x4.c */
+#if defined(keccak_absorb_once_x4)
+#undef keccak_absorb_once_x4
+#endif
+
+/* mlkem/fips202/fips202x4.c */
+#if defined(keccak_squeezeblocks_x4)
+#undef keccak_squeezeblocks_x4
+#endif
+
+/* mlkem/fips202/fips202x4.c */
+#if defined(shake256x4_absorb_once)
+#undef shake256x4_absorb_once
+#endif
+
+/* mlkem/fips202/fips202x4.c */
+#if defined(shake256x4_squeezeblocks)
+#undef shake256x4_squeezeblocks
+#endif
+
+/* mlkem/fips202/fips202x4.h */
+#if defined(FIPS_202X4_H)
+#undef FIPS_202X4_H
+#endif
+
+/* mlkem/fips202/fips202x4.h */
+#if defined(shake128x4ctx)
+#undef shake128x4ctx
+#endif
+
+/* mlkem/fips202/fips202x4.h */
+#if defined(shake128x4_absorb_once)
+#undef shake128x4_absorb_once
+#endif
+
+/* mlkem/fips202/fips202x4.h */
+#if defined(shake128x4_squeezeblocks)
+#undef shake128x4_squeezeblocks
+#endif
+
+/* mlkem/fips202/fips202x4.h */
+#if defined(shake128x4_release)
+#undef shake128x4_release
+#endif
+
+/* mlkem/fips202/fips202x4.h */
+#if defined(shake256x4)
+#undef shake256x4
+#endif
+
+/* mlkem/fips202/keccakf1600.c */
+#if defined(NROUNDS)
+#undef NROUNDS
+#endif
+
+/* mlkem/fips202/keccakf1600.c */
+#if defined(ROL)
+#undef ROL
+#endif
+
+/* mlkem/fips202/keccakf1600.c */
+#if defined(KeccakF_RoundConstants)
+#undef KeccakF_RoundConstants
+#endif
+
+/* mlkem/fips202/keccakf1600.h */
+#if defined(KECCAKF1600_H)
+#undef KECCAKF1600_H
+#endif
+
+/* mlkem/fips202/keccakf1600.h */
+#if defined(KECCAK_LANES)
+#undef KECCAK_LANES
+#endif
+
+/* mlkem/fips202/keccakf1600.h */
+#if defined(KeccakF1600_StateExtractBytes)
+#undef KeccakF1600_StateExtractBytes
+#endif
+
+/* mlkem/fips202/keccakf1600.h */
+#if defined(KeccakF1600_StateXORBytes)
+#undef KeccakF1600_StateXORBytes
+#endif
+
+/* mlkem/fips202/keccakf1600.h */
+#if defined(KeccakF1600x4_StateExtractBytes)
+#undef KeccakF1600x4_StateExtractBytes
+#endif
+
+/* mlkem/fips202/keccakf1600.h */
+#if defined(KeccakF1600x4_StateXORBytes)
+#undef KeccakF1600x4_StateXORBytes
+#endif
+
+/* mlkem/fips202/keccakf1600.h */
+#if defined(KeccakF1600x4_StatePermute)
+#undef KeccakF1600x4_StatePermute
+#endif
+
+/* mlkem/fips202/keccakf1600.h */
+#if defined(KeccakF1600_StatePermute)
+#undef KeccakF1600_StatePermute
+#endif
+
+/* mlkem/fips202/keccakf1600.h */
+#if defined(KeccakF1600_StatePermute)
+#undef KeccakF1600_StatePermute
+#endif
+
+/* mlkem/fips202/native/aarch64/cortex_a55.h */
+#if defined(FIPS202_NATIVE_PROFILE_H)
+#undef FIPS202_NATIVE_PROFILE_H
+#endif
+
+/* mlkem/fips202/native/aarch64/cortex_a55.h */
+#if defined(MLKEM_NATIVE_FIPS202_BACKEND_AARCH64_A55)
+#undef MLKEM_NATIVE_FIPS202_BACKEND_AARCH64_A55
+#endif
+
+/* mlkem/fips202/native/aarch64/cortex_a55.h */
+#if defined(MLKEM_NATIVE_FIPS202_BACKEND_NAME)
+#undef MLKEM_NATIVE_FIPS202_BACKEND_NAME
+#endif
+
+/* mlkem/fips202/native/aarch64/cortex_a55.h */
+#if defined(MLKEM_NATIVE_FIPS202_BACKEND_IMPL)
+#undef MLKEM_NATIVE_FIPS202_BACKEND_IMPL
+#endif
+
+/* mlkem/fips202/native/aarch64/default.h */
+#if defined(FIPS202_NATIVE_PROFILE_H)
+#undef FIPS202_NATIVE_PROFILE_H
+#endif
+
+/* mlkem/fips202/native/aarch64/default.h */
+#if defined(MLKEM_NATIVE_FIPS202_BACKEND_AARCH64_DEFAULT)
+#undef MLKEM_NATIVE_FIPS202_BACKEND_AARCH64_DEFAULT
+#endif
+
+/* mlkem/fips202/native/aarch64/default.h */
+#if defined(MLKEM_NATIVE_FIPS202_BACKEND_NAME)
+#undef MLKEM_NATIVE_FIPS202_BACKEND_NAME
+#endif
+
+/* mlkem/fips202/native/aarch64/default.h */
+#if defined(MLKEM_NATIVE_FIPS202_BACKEND_IMPL)
+#undef MLKEM_NATIVE_FIPS202_BACKEND_IMPL
+#endif
+
+/* mlkem/fips202/native/aarch64/src/cortex_a55_impl.h */
+#if defined(FIPS202_NATIVE_PROFILE_IMPL_H)
+#undef FIPS202_NATIVE_PROFILE_IMPL_H
+#endif
+
+/* mlkem/fips202/native/aarch64/src/cortex_a55_impl.h */
+#if defined(MLKEM_USE_FIPS202_X1_NATIVE)
+#undef MLKEM_USE_FIPS202_X1_NATIVE
+#endif
+
+/* mlkem/fips202/native/aarch64/src/default_impl.h */
+#if defined(FIPS202_NATIVE_PROFILE_IMPL_H)
+#undef FIPS202_NATIVE_PROFILE_IMPL_H
+#endif
+
+/* mlkem/fips202/native/aarch64/src/default_impl.h */
+#if defined(MLKEM_USE_FIPS202_X1_NATIVE)
+#undef MLKEM_USE_FIPS202_X1_NATIVE
+#endif
+
+/* mlkem/fips202/native/aarch64/src/default_impl.h */
+#if defined(MLKEM_USE_FIPS202_X1_NATIVE)
+#undef MLKEM_USE_FIPS202_X1_NATIVE
+#endif
+
+/* mlkem/fips202/native/aarch64/src/default_impl.h */
+#if defined(MLKEM_USE_FIPS202_X2_NATIVE)
+#undef MLKEM_USE_FIPS202_X2_NATIVE
+#endif
+
+/* mlkem/fips202/native/aarch64/src/default_impl.h */
+#if defined(MLKEM_USE_FIPS202_X4_NATIVE)
+#undef MLKEM_USE_FIPS202_X4_NATIVE
+#endif
+
+/* mlkem/fips202/native/aarch64/src/default_impl.h */
+#if defined(MLKEM_USE_FIPS202_X4_NATIVE)
+#undef MLKEM_USE_FIPS202_X4_NATIVE
+#endif
+
+/* mlkem/fips202/native/aarch64/src/fips202_native_aarch64.h */
+#if defined(FIPS202_AARCH64_NATIVE_H)
+#undef FIPS202_AARCH64_NATIVE_H
+#endif
+
+/* mlkem/fips202/native/aarch64/src/fips202_native_aarch64.h */
+#if defined(keccak_f1600_x1_scalar_asm_opt)
+#undef keccak_f1600_x1_scalar_asm_opt
+#endif
+
+/* mlkem/fips202/native/aarch64/src/fips202_native_aarch64.h */
+#if defined(keccak_f1600_x1_v84a_asm_clean)
+#undef keccak_f1600_x1_v84a_asm_clean
+#endif
+
+/* mlkem/fips202/native/aarch64/src/fips202_native_aarch64.h */
+#if defined(keccak_f1600_x2_v84a_asm_clean)
+#undef keccak_f1600_x2_v84a_asm_clean
+#endif
+
+/* mlkem/fips202/native/aarch64/src/fips202_native_aarch64.h */
+#if defined(keccak_f1600_x2_v8a_v84a_asm_hybrid)
+#undef keccak_f1600_x2_v8a_v84a_asm_hybrid
+#endif
+
+/* mlkem/fips202/native/aarch64/src/fips202_native_aarch64.h */
+#if defined(keccak_f1600_x4_scalar_v8a_asm_hybrid_opt)
+#undef keccak_f1600_x4_scalar_v8a_asm_hybrid_opt
+#endif
+
+/* mlkem/fips202/native/aarch64/src/fips202_native_aarch64.h */
+#if defined(keccak_f1600_x4_scalar_v84a_asm_hybrid_opt)
+#undef keccak_f1600_x4_scalar_v84a_asm_hybrid_opt
+#endif
+
+/* mlkem/fips202/native/aarch64/src/fips202_native_aarch64.h */
+#if defined(keccak_f1600_x4_scalar_v8a_v84a_hybrid_asm_opt)
+#undef keccak_f1600_x4_scalar_v8a_v84a_hybrid_asm_opt
+#endif
+
+/* mlkem/fips202/native/aarch64/src/fips202_native_aarch64.h */
+#if defined(keccakf1600_round_constants)
+#undef keccakf1600_round_constants
+#endif
+
+/* mlkem/fips202/native/aarch64/src/keccakf1600_round_constants.c */
+#if defined(empty_cu_keccakf1600_round_constants)
+#undef empty_cu_keccakf1600_round_constants
+#endif
+
+/* mlkem/fips202/native/api.h */
+#if defined(MLKEM_NATIVE_FIPS202_NATIVE_API_H)
+#undef MLKEM_NATIVE_FIPS202_NATIVE_API_H
+#endif
+
+/* mlkem/fips202/native/default.h */
+#if defined(MLKEM_NATIVE_FIPS202_BACKEND_DEFAULT_H)
+#undef MLKEM_NATIVE_FIPS202_BACKEND_DEFAULT_H
+#endif
+
+/* mlkem/fips202/native/x86_64/src/KeccakP-1600-times4-SIMD256.c */
+#if defined(ANDnu256)
+#undef ANDnu256
+#endif
+
+/* mlkem/fips202/native/x86_64/src/KeccakP-1600-times4-SIMD256.c */
+#if defined(CONST256)
+#undef CONST256
+#endif
+
+/* mlkem/fips202/native/x86_64/src/KeccakP-1600-times4-SIMD256.c */
+#if defined(CONST256_64)
+#undef CONST256_64
+#endif
+
+/* mlkem/fips202/native/x86_64/src/KeccakP-1600-times4-SIMD256.c */
+#if defined(ROL64in256)
+#undef ROL64in256
+#endif
+
+/* mlkem/fips202/native/x86_64/src/KeccakP-1600-times4-SIMD256.c */
+#if defined(ROL64in256_8)
+#undef ROL64in256_8
+#endif
+
+/* mlkem/fips202/native/x86_64/src/KeccakP-1600-times4-SIMD256.c */
+#if defined(ROL64in256_56)
+#undef ROL64in256_56
+#endif
+
+/* mlkem/fips202/native/x86_64/src/KeccakP-1600-times4-SIMD256.c */
+#if defined(STORE256)
+#undef STORE256
+#endif
+
+/* mlkem/fips202/native/x86_64/src/KeccakP-1600-times4-SIMD256.c */
+#if defined(XOR256)
+#undef XOR256
+#endif
+
+/* mlkem/fips202/native/x86_64/src/KeccakP-1600-times4-SIMD256.c */
+#if defined(XOReq256)
+#undef XOReq256
+#endif
+
+/* mlkem/fips202/native/x86_64/src/KeccakP-1600-times4-SIMD256.c */
+#if defined(SnP_laneLengthInBytes)
+#undef SnP_laneLengthInBytes
+#endif
+
+/* mlkem/fips202/native/x86_64/src/KeccakP-1600-times4-SIMD256.c */
+#if defined(declareABCDE)
+#undef declareABCDE
+#endif
+
+/* mlkem/fips202/native/x86_64/src/KeccakP-1600-times4-SIMD256.c */
+#if defined(prepareTheta)
+#undef prepareTheta
+#endif
+
+/* mlkem/fips202/native/x86_64/src/KeccakP-1600-times4-SIMD256.c */
+#if defined(thetaRhoPiChiIotaPrepareTheta)
+#undef thetaRhoPiChiIotaPrepareTheta
+#endif
+
+/* mlkem/fips202/native/x86_64/src/KeccakP-1600-times4-SIMD256.c */
+#if defined(thetaRhoPiChiIota)
+#undef thetaRhoPiChiIota
+#endif
+
+/* mlkem/fips202/native/x86_64/src/KeccakP-1600-times4-SIMD256.c */
+#if defined(copyFromState)
+#undef copyFromState
+#endif
+
+/* mlkem/fips202/native/x86_64/src/KeccakP-1600-times4-SIMD256.c */
+#if defined(SCATTER_STORE256)
+#undef SCATTER_STORE256
+#endif
+
+/* mlkem/fips202/native/x86_64/src/KeccakP-1600-times4-SIMD256.c */
+#if defined(copyToState)
+#undef copyToState
+#endif
+
+/* mlkem/fips202/native/x86_64/src/KeccakP-1600-times4-SIMD256.c */
+#if defined(copyStateVariables)
+#undef copyStateVariables
+#endif
+
+/* mlkem/fips202/native/x86_64/src/KeccakP-1600-times4-SIMD256.c */
+#if defined(FullUnrolling)
+#undef FullUnrolling
+#endif
+
+/* mlkem/fips202/native/x86_64/src/KeccakP-1600-times4-SIMD256.c */
+#if defined(Unrolling)
+#undef Unrolling
+#endif
+
+/* mlkem/fips202/native/x86_64/src/KeccakP-1600-times4-SIMD256.c */
+#if defined(empty_cu_avx2_keccakx4)
+#undef empty_cu_avx2_keccakx4
+#endif
+
+/* mlkem/fips202/native/x86_64/src/KeccakP-1600-times4-SnP.h */
+#if defined(_KeccakP_1600_times4_SnP_h_)
+#undef _KeccakP_1600_times4_SnP_h_
+#endif
+
+/* mlkem/fips202/native/x86_64/src/KeccakP-1600-times4-SnP.h */
+#if defined(KeccakP1600times4_statesAlignment)
+#undef KeccakP1600times4_statesAlignment
+#endif
+
+/* mlkem/fips202/native/x86_64/src/KeccakP-1600-times4-SnP.h */
+#if defined(KeccakP1600times4_PermuteAll_24rounds)
+#undef KeccakP1600times4_PermuteAll_24rounds
+#endif
+
+/* mlkem/fips202/native/x86_64/src/KeccakP-SIMD256-config.h */
+#if defined(KeccakP1600times4_implementation_config)
+#undef KeccakP1600times4_implementation_config
+#endif
+
+/* mlkem/fips202/native/x86_64/src/KeccakP-SIMD256-config.h */
+#if defined(KeccakP1600times4_fullUnrolling)
+#undef KeccakP1600times4_fullUnrolling
+#endif
+
+/* mlkem/fips202/native/x86_64/src/KeccakP-SIMD256-config.h */
+#if defined(KeccakP1600times4_useAVX2)
+#undef KeccakP1600times4_useAVX2
+#endif
+
+/* mlkem/fips202/native/x86_64/src/KeccakP-align.h */
+#if defined(_keccakp_align_h_)
+#undef _keccakp_align_h_
+#endif
+
+/* mlkem/fips202/native/x86_64/src/KeccakP-align.h */
+#if defined(ALIGN)
+#undef ALIGN
+#endif
+
+/* mlkem/fips202/native/x86_64/src/KeccakP-align.h */
+#if defined(ALIGN)
+#undef ALIGN
+#endif
+
+/* mlkem/fips202/native/x86_64/src/KeccakP-align.h */
+#if defined(ALIGN)
+#undef ALIGN
+#endif
+
+/* mlkem/fips202/native/x86_64/src/KeccakP-align.h */
+#if defined(ALIGN)
+#undef ALIGN
+#endif
+
+/* mlkem/fips202/native/x86_64/src/KeccakP-brg_endian.h */
+#if defined(_KECCAKP_BRG_ENDIAN_H)
+#undef _KECCAKP_BRG_ENDIAN_H
+#endif
+
+/* mlkem/fips202/native/x86_64/src/KeccakP-brg_endian.h */
+#if defined(IS_BIG_ENDIAN)
+#undef IS_BIG_ENDIAN
+#endif
+
+/* mlkem/fips202/native/x86_64/src/KeccakP-brg_endian.h */
+#if defined(IS_LITTLE_ENDIAN)
+#undef IS_LITTLE_ENDIAN
+#endif
+
+/* mlkem/fips202/native/x86_64/src/KeccakP-brg_endian.h */
+#if defined(PLATFORM_BYTE_ORDER)
+#undef PLATFORM_BYTE_ORDER
+#endif
+
+/* mlkem/fips202/native/x86_64/src/KeccakP-brg_endian.h */
+#if defined(PLATFORM_BYTE_ORDER)
+#undef PLATFORM_BYTE_ORDER
+#endif
+
+/* mlkem/fips202/native/x86_64/src/KeccakP-brg_endian.h */
+#if defined(PLATFORM_BYTE_ORDER)
+#undef PLATFORM_BYTE_ORDER
+#endif
+
+/* mlkem/fips202/native/x86_64/src/KeccakP-brg_endian.h */
+#if defined(PLATFORM_BYTE_ORDER)
+#undef PLATFORM_BYTE_ORDER
+#endif
+
+/* mlkem/fips202/native/x86_64/src/KeccakP-brg_endian.h */
+#if defined(PLATFORM_BYTE_ORDER)
+#undef PLATFORM_BYTE_ORDER
+#endif
+
+/* mlkem/fips202/native/x86_64/src/KeccakP-brg_endian.h */
+#if defined(PLATFORM_BYTE_ORDER)
+#undef PLATFORM_BYTE_ORDER
+#endif
+
+/* mlkem/fips202/native/x86_64/src/KeccakP-brg_endian.h */
+#if defined(PLATFORM_BYTE_ORDER)
+#undef PLATFORM_BYTE_ORDER
+#endif
+
+/* mlkem/fips202/native/x86_64/src/KeccakP-brg_endian.h */
+#if defined(PLATFORM_BYTE_ORDER)
+#undef PLATFORM_BYTE_ORDER
+#endif
+
+/* mlkem/fips202/native/x86_64/src/KeccakP-brg_endian.h */
+#if defined(PLATFORM_BYTE_ORDER)
+#undef PLATFORM_BYTE_ORDER
+#endif
+
+/* mlkem/fips202/native/x86_64/src/KeccakP-brg_endian.h */
+#if defined(PLATFORM_BYTE_ORDER)
+#undef PLATFORM_BYTE_ORDER
+#endif
+
+/* mlkem/fips202/native/x86_64/src/KeccakP-brg_endian.h */
+#if defined(PLATFORM_BYTE_ORDER)
+#undef PLATFORM_BYTE_ORDER
+#endif
+
+/* mlkem/fips202/native/x86_64/src/KeccakP-brg_endian.h */
+#if defined(PLATFORM_BYTE_ORDER)
+#undef PLATFORM_BYTE_ORDER
+#endif
+
+/* mlkem/fips202/native/x86_64/src/KeccakP-brg_endian.h */
+#if defined(PLATFORM_BYTE_ORDER)
+#undef PLATFORM_BYTE_ORDER
+#endif
+
+/* mlkem/fips202/native/x86_64/src/KeccakP-brg_endian.h */
+#if defined(PLATFORM_BYTE_ORDER)
+#undef PLATFORM_BYTE_ORDER
+#endif
+
+/* mlkem/fips202/native/x86_64/src/KeccakP-brg_endian.h */
+#if defined(PLATFORM_BYTE_ORDER)
+#undef PLATFORM_BYTE_ORDER
+#endif
+
+/* mlkem/fips202/native/x86_64/src/KeccakP-brg_endian.h */
+#if defined(PLATFORM_BYTE_ORDER)
+#undef PLATFORM_BYTE_ORDER
+#endif
+
+/* mlkem/fips202/native/x86_64/src/KeccakP-brg_endian.h */
+#if defined(PLATFORM_BYTE_ORDER)
+#undef PLATFORM_BYTE_ORDER
+#endif
+
+/* mlkem/fips202/native/x86_64/src/KeccakP-brg_endian.h */
+#if defined(PLATFORM_BYTE_ORDER)
+#undef PLATFORM_BYTE_ORDER
+#endif
+
+/* mlkem/fips202/native/x86_64/src/KeccakP-brg_endian.h */
+#if defined(PLATFORM_BYTE_ORDER)
+#undef PLATFORM_BYTE_ORDER
+#endif
+
+/* mlkem/fips202/native/x86_64/src/KeccakP-brg_endian.h */
+#if defined(PLATFORM_BYTE_ORDER)
+#undef PLATFORM_BYTE_ORDER
+#endif
+
+/* mlkem/fips202/native/x86_64/src/KeccakP-brg_endian.h */
+#if defined(PLATFORM_BYTE_ORDER)
+#undef PLATFORM_BYTE_ORDER
+#endif
+
+/* mlkem/fips202/native/x86_64/src/KeccakP-brg_endian.h */
+#if defined(PLATFORM_BYTE_ORDER)
+#undef PLATFORM_BYTE_ORDER
+#endif
+
+/* mlkem/fips202/native/x86_64/src/xkcp_impl.h */
+#if defined(MLKEM_NATIVE_FIPS202_PROFILE_IMPL_H)
+#undef MLKEM_NATIVE_FIPS202_PROFILE_IMPL_H
+#endif
+
+/* mlkem/fips202/native/x86_64/src/xkcp_impl.h */
+#if defined(MLKEM_USE_FIPS202_X4_NATIVE)
+#undef MLKEM_USE_FIPS202_X4_NATIVE
+#endif
+
+/* mlkem/fips202/native/x86_64/xkcp.h */
+#if defined(MLKEM_NATIVE_FIPS202_PROFILE_H)
+#undef MLKEM_NATIVE_FIPS202_PROFILE_H
+#endif
+
+/* mlkem/fips202/native/x86_64/xkcp.h */
+#if defined(MLKEM_NATIVE_FIPS202_BACKEND_X86_64_XKCP)
+#undef MLKEM_NATIVE_FIPS202_BACKEND_X86_64_XKCP
+#endif
+
+/* mlkem/fips202/native/x86_64/xkcp.h */
+#if defined(MLKEM_NATIVE_FIPS202_BACKEND_NAME)
+#undef MLKEM_NATIVE_FIPS202_BACKEND_NAME
+#endif
+
+/* mlkem/fips202/native/x86_64/xkcp.h */
+#if defined(MLKEM_NATIVE_FIPS202_BACKEND_IMPL)
+#undef MLKEM_NATIVE_FIPS202_BACKEND_IMPL
+#endif
+
+/* mlkem/indcpa.c */
+#if defined(pack_pk)
+#undef pack_pk
+#endif
+
+/* mlkem/indcpa.c */
+#if defined(unpack_pk)
+#undef unpack_pk
+#endif
+
+/* mlkem/indcpa.c */
+#if defined(pack_sk)
+#undef pack_sk
+#endif
+
+/* mlkem/indcpa.c */
+#if defined(unpack_sk)
+#undef unpack_sk
+#endif
+
+/* mlkem/indcpa.c */
+#if defined(pack_ciphertext)
+#undef pack_ciphertext
+#endif
+
+/* mlkem/indcpa.c */
+#if defined(unpack_ciphertext)
+#undef unpack_ciphertext
+#endif
+
+/* mlkem/indcpa.c */
+#if defined(gen_matrix_entry_x4)
+#undef gen_matrix_entry_x4
+#endif
+
+/* mlkem/indcpa.c */
+#if defined(gen_matrix_entry)
+#undef gen_matrix_entry
+#endif
+
+/* mlkem/indcpa.c */
+#if defined(matvec_mul)
+#undef matvec_mul
+#endif
+
+/* mlkem/indcpa.c */
+#if defined(MLKEM_GEN_MATRIX_NBLOCKS)
+#undef MLKEM_GEN_MATRIX_NBLOCKS
+#endif
+
+/* mlkem/indcpa.c */
+#if defined(poly_permute_bitrev_to_custom)
+#undef poly_permute_bitrev_to_custom
+#endif
+
+/* mlkem/indcpa.h */
+#if defined(INDCPA_H)
+#undef INDCPA_H
+#endif
+
+/* mlkem/indcpa.h */
+#if defined(gen_matrix)
+#undef gen_matrix
+#endif
+
+/* mlkem/indcpa.h */
+#if defined(indcpa_keypair_derand)
+#undef indcpa_keypair_derand
+#endif
+
+/* mlkem/indcpa.h */
+#if defined(indcpa_enc)
+#undef indcpa_enc
+#endif
+
+/* mlkem/indcpa.h */
+#if defined(indcpa_dec)
+#undef indcpa_dec
+#endif
+
+/* mlkem/kem.c */
+#if defined(check_pk)
+#undef check_pk
+#endif
+
+/* mlkem/kem.c */
+#if defined(check_sk)
+#undef check_sk
+#endif
+
+/* mlkem/kem.h */
+#if defined(KEM_H)
+#undef KEM_H
+#endif
+
+/* mlkem/mlkem_native.h */
+#if defined(MLKEM_NATIVE_H)
+#undef MLKEM_NATIVE_H
+#endif
+
+/* mlkem/mlkem_native.h */
+#if defined(BUILD_INFO_LVL)
+#undef BUILD_INFO_LVL
+#endif
+
+/* mlkem/mlkem_native.h */
+#if defined(BUILD_INFO_LVL)
+#undef BUILD_INFO_LVL
+#endif
+
+/* mlkem/mlkem_native.h */
+#if defined(BUILD_INFO_LVL)
+#undef BUILD_INFO_LVL
+#endif
+
+/* mlkem/mlkem_native.h */
+#if defined(BUILD_INFO_NAMESPACE)
+#undef BUILD_INFO_NAMESPACE
+#endif
+
+/* mlkem/mlkem_native.h */
+#if defined(MLKEM512_SECRETKEYBYTES)
+#undef MLKEM512_SECRETKEYBYTES
+#endif
+
+/* mlkem/mlkem_native.h */
+#if defined(MLKEM512_PUBLICKEYBYTES)
+#undef MLKEM512_PUBLICKEYBYTES
+#endif
+
+/* mlkem/mlkem_native.h */
+#if defined(MLKEM512_CIPHERTEXTBYTES)
+#undef MLKEM512_CIPHERTEXTBYTES
+#endif
+
+/* mlkem/mlkem_native.h */
+#if defined(MLKEM768_SECRETKEYBYTES)
+#undef MLKEM768_SECRETKEYBYTES
+#endif
+
+/* mlkem/mlkem_native.h */
+#if defined(MLKEM768_PUBLICKEYBYTES)
+#undef MLKEM768_PUBLICKEYBYTES
+#endif
+
+/* mlkem/mlkem_native.h */
+#if defined(MLKEM768_CIPHERTEXTBYTES)
+#undef MLKEM768_CIPHERTEXTBYTES
+#endif
+
+/* mlkem/mlkem_native.h */
+#if defined(MLKEM1024_SECRETKEYBYTES)
+#undef MLKEM1024_SECRETKEYBYTES
+#endif
+
+/* mlkem/mlkem_native.h */
+#if defined(MLKEM1024_PUBLICKEYBYTES)
+#undef MLKEM1024_PUBLICKEYBYTES
+#endif
+
+/* mlkem/mlkem_native.h */
+#if defined(MLKEM1024_CIPHERTEXTBYTES)
+#undef MLKEM1024_CIPHERTEXTBYTES
+#endif
+
+/* mlkem/mlkem_native.h */
+#if defined(MLKEM_SYMBYTES)
+#undef MLKEM_SYMBYTES
+#endif
+
+/* mlkem/mlkem_native.h */
+#if defined(MLKEM512_SYMBYTES)
+#undef MLKEM512_SYMBYTES
+#endif
+
+/* mlkem/mlkem_native.h */
+#if defined(MLKEM768_SYMBYTES)
+#undef MLKEM768_SYMBYTES
+#endif
+
+/* mlkem/mlkem_native.h */
+#if defined(MLKEM1024_SYMBYTES)
+#undef MLKEM1024_SYMBYTES
+#endif
+
+/* mlkem/mlkem_native.h */
+#if defined(MLKEM_BYTES)
+#undef MLKEM_BYTES
+#endif
+
+/* mlkem/mlkem_native.h */
+#if defined(MLKEM512_BYTES)
+#undef MLKEM512_BYTES
+#endif
+
+/* mlkem/mlkem_native.h */
+#if defined(MLKEM768_BYTES)
+#undef MLKEM768_BYTES
+#endif
+
+/* mlkem/mlkem_native.h */
+#if defined(MLKEM1024_BYTES)
+#undef MLKEM1024_BYTES
+#endif
+
+/* mlkem/mlkem_native.h */
+#if defined(MLKEM_SECRETKEYBYTES_)
+#undef MLKEM_SECRETKEYBYTES_
+#endif
+
+/* mlkem/mlkem_native.h */
+#if defined(MLKEM_PUBLICKEYBYTES_)
+#undef MLKEM_PUBLICKEYBYTES_
+#endif
+
+/* mlkem/mlkem_native.h */
+#if defined(MLKEM_CIPHERTEXTBYTES_)
+#undef MLKEM_CIPHERTEXTBYTES_
+#endif
+
+/* mlkem/mlkem_native.h */
+#if defined(MLKEM_SECRETKEYBYTES)
+#undef MLKEM_SECRETKEYBYTES
+#endif
+
+/* mlkem/mlkem_native.h */
+#if defined(MLKEM_PUBLICKEYBYTES)
+#undef MLKEM_PUBLICKEYBYTES
+#endif
+
+/* mlkem/mlkem_native.h */
+#if defined(MLKEM_CIPHERTEXTBYTES)
+#undef MLKEM_CIPHERTEXTBYTES
+#endif
+
+/* mlkem/mlkem_native.h */
+#if defined(CRYPTO_SECRETKEYBYTES)
+#undef CRYPTO_SECRETKEYBYTES
+#endif
+
+/* mlkem/mlkem_native.h */
+#if defined(CRYPTO_PUBLICKEYBYTES)
+#undef CRYPTO_PUBLICKEYBYTES
+#endif
+
+/* mlkem/mlkem_native.h */
+#if defined(CRYPTO_CIPHERTEXTBYTES)
+#undef CRYPTO_CIPHERTEXTBYTES
+#endif
+
+/* mlkem/mlkem_native.h */
+#if defined(CRYPTO_SYMBYTES)
+#undef CRYPTO_SYMBYTES
+#endif
+
+/* mlkem/mlkem_native.h */
+#if defined(CRYPTO_BYTES)
+#undef CRYPTO_BYTES
+#endif
+
+/* mlkem/mlkem_native.h */
+#if defined(crypto_kem_keypair_derand)
+#undef crypto_kem_keypair_derand
+#endif
+
+/* mlkem/mlkem_native.h */
+#if defined(crypto_kem_keypair)
+#undef crypto_kem_keypair
+#endif
+
+/* mlkem/mlkem_native.h */
+#if defined(crypto_kem_enc_derand)
+#undef crypto_kem_enc_derand
+#endif
+
+/* mlkem/mlkem_native.h */
+#if defined(crypto_kem_enc)
+#undef crypto_kem_enc
+#endif
+
+/* mlkem/mlkem_native.h */
+#if defined(crypto_kem_dec)
+#undef crypto_kem_dec
+#endif
+
+/* mlkem/native/aarch64/clean.h */
+#if defined(MLKEM_NATIVE_ARITH_PROFILE_H)
+#undef MLKEM_NATIVE_ARITH_PROFILE_H
+#endif
+
+/* mlkem/native/aarch64/clean.h */
+#if defined(MLKEM_NATIVE_ARITH_BACKEND_AARCH64_CLEAN)
+#undef MLKEM_NATIVE_ARITH_BACKEND_AARCH64_CLEAN
+#endif
+
+/* mlkem/native/aarch64/clean.h */
+#if defined(MLKEM_NATIVE_ARITH_BACKEND_NAME)
+#undef MLKEM_NATIVE_ARITH_BACKEND_NAME
+#endif
+
+/* mlkem/native/aarch64/clean.h */
+#if defined(MLKEM_NATIVE_ARITH_BACKEND_IMPL)
+#undef MLKEM_NATIVE_ARITH_BACKEND_IMPL
+#endif
+
+/* mlkem/native/aarch64/opt.h */
+#if defined(MLKEM_NATIVE_ARITH_PROFILE_H)
+#undef MLKEM_NATIVE_ARITH_PROFILE_H
+#endif
+
+/* mlkem/native/aarch64/opt.h */
+#if defined(MLKEM_NATIVE_ARITH_BACKEND_AARCH64_OPT)
+#undef MLKEM_NATIVE_ARITH_BACKEND_AARCH64_OPT
+#endif
+
+/* mlkem/native/aarch64/opt.h */
+#if defined(MLKEM_NATIVE_ARITH_BACKEND_NAME)
+#undef MLKEM_NATIVE_ARITH_BACKEND_NAME
+#endif
+
+/* mlkem/native/aarch64/opt.h */
+#if defined(MLKEM_NATIVE_ARITH_BACKEND_IMPL)
+#undef MLKEM_NATIVE_ARITH_BACKEND_IMPL
+#endif
+
+/* mlkem/native/aarch64/src/aarch64_zetas.c */
+#if defined(empty_cu_aarch64_zetas)
+#undef empty_cu_aarch64_zetas
+#endif
+
+/* mlkem/native/aarch64/src/arith_native_aarch64.h */
+#if defined(MLKEM_AARCH64_NATIVE_H)
+#undef MLKEM_AARCH64_NATIVE_H
+#endif
+
+/* mlkem/native/aarch64/src/arith_native_aarch64.h */
+#if defined(aarch64_ntt_zetas_layer01234)
+#undef aarch64_ntt_zetas_layer01234
+#endif
+
+/* mlkem/native/aarch64/src/arith_native_aarch64.h */
+#if defined(aarch64_ntt_zetas_layer56)
+#undef aarch64_ntt_zetas_layer56
+#endif
+
+/* mlkem/native/aarch64/src/arith_native_aarch64.h */
+#if defined(aarch64_invntt_zetas_layer01234)
+#undef aarch64_invntt_zetas_layer01234
+#endif
+
+/* mlkem/native/aarch64/src/arith_native_aarch64.h */
+#if defined(aarch64_invntt_zetas_layer56)
+#undef aarch64_invntt_zetas_layer56
+#endif
+
+/* mlkem/native/aarch64/src/arith_native_aarch64.h */
+#if defined(aarch64_zetas_mulcache_native)
+#undef aarch64_zetas_mulcache_native
+#endif
+
+/* mlkem/native/aarch64/src/arith_native_aarch64.h */
+#if defined(aarch64_zetas_mulcache_twisted_native)
+#undef aarch64_zetas_mulcache_twisted_native
+#endif
+
+/* mlkem/native/aarch64/src/arith_native_aarch64.h */
+#if defined(rej_uniform_table)
+#undef rej_uniform_table
+#endif
+
+/* mlkem/native/aarch64/src/arith_native_aarch64.h */
+#if defined(ntt_asm_clean)
+#undef ntt_asm_clean
+#endif
+
+/* mlkem/native/aarch64/src/arith_native_aarch64.h */
+#if defined(ntt_asm_opt)
+#undef ntt_asm_opt
+#endif
+
+/* mlkem/native/aarch64/src/arith_native_aarch64.h */
+#if defined(intt_asm_clean)
+#undef intt_asm_clean
+#endif
+
+/* mlkem/native/aarch64/src/arith_native_aarch64.h */
+#if defined(intt_asm_opt)
+#undef intt_asm_opt
+#endif
+
+/* mlkem/native/aarch64/src/arith_native_aarch64.h */
+#if defined(rej_uniform_asm_clean)
+#undef rej_uniform_asm_clean
+#endif
+
+/* mlkem/native/aarch64/src/arith_native_aarch64.h */
+#if defined(poly_reduce_asm_clean)
+#undef poly_reduce_asm_clean
+#endif
+
+/* mlkem/native/aarch64/src/arith_native_aarch64.h */
+#if defined(poly_reduce_asm_opt)
+#undef poly_reduce_asm_opt
+#endif
+
+/* mlkem/native/aarch64/src/arith_native_aarch64.h */
+#if defined(poly_tomont_asm_clean)
+#undef poly_tomont_asm_clean
+#endif
+
+/* mlkem/native/aarch64/src/arith_native_aarch64.h */
+#if defined(poly_tomont_asm_opt)
+#undef poly_tomont_asm_opt
+#endif
+
+/* mlkem/native/aarch64/src/arith_native_aarch64.h */
+#if defined(poly_mulcache_compute_asm_clean)
+#undef poly_mulcache_compute_asm_clean
+#endif
+
+/* mlkem/native/aarch64/src/arith_native_aarch64.h */
+#if defined(poly_mulcache_compute_asm_opt)
+#undef poly_mulcache_compute_asm_opt
+#endif
+
+/* mlkem/native/aarch64/src/arith_native_aarch64.h */
+#if defined(poly_tobytes_asm_clean)
+#undef poly_tobytes_asm_clean
+#endif
+
+/* mlkem/native/aarch64/src/arith_native_aarch64.h */
+#if defined(poly_tobytes_asm_opt)
+#undef poly_tobytes_asm_opt
+#endif
+
+/* mlkem/native/aarch64/src/arith_native_aarch64.h */
+#if defined(polyvec_basemul_acc_montgomery_cached_asm_clean)
+#undef polyvec_basemul_acc_montgomery_cached_asm_clean
+#endif
+
+/* mlkem/native/aarch64/src/arith_native_aarch64.h */
+#if defined(polyvec_basemul_acc_montgomery_cached_asm_opt)
+#undef polyvec_basemul_acc_montgomery_cached_asm_opt
+#endif
+
+/* mlkem/native/aarch64/src/clean_impl.h */
+#if defined(MLKEM_NATIVE_ARITH_PROFILE_IMPL_H)
+#undef MLKEM_NATIVE_ARITH_PROFILE_IMPL_H
+#endif
+
+/* mlkem/native/aarch64/src/clean_impl.h */
+#if defined(MLKEM_USE_NATIVE_NTT)
+#undef MLKEM_USE_NATIVE_NTT
+#endif
+
+/* mlkem/native/aarch64/src/clean_impl.h */
+#if defined(MLKEM_USE_NATIVE_INTT)
+#undef MLKEM_USE_NATIVE_INTT
+#endif
+
+/* mlkem/native/aarch64/src/clean_impl.h */
+#if defined(MLKEM_USE_NATIVE_POLY_REDUCE)
+#undef MLKEM_USE_NATIVE_POLY_REDUCE
+#endif
+
+/* mlkem/native/aarch64/src/clean_impl.h */
+#if defined(MLKEM_USE_NATIVE_POLY_TOMONT)
+#undef MLKEM_USE_NATIVE_POLY_TOMONT
+#endif
+
+/* mlkem/native/aarch64/src/clean_impl.h */
+#if defined(MLKEM_USE_NATIVE_POLY_MULCACHE_COMPUTE)
+#undef MLKEM_USE_NATIVE_POLY_MULCACHE_COMPUTE
+#endif
+
+/* mlkem/native/aarch64/src/clean_impl.h */
+#if defined(MLKEM_USE_NATIVE_POLYVEC_BASEMUL_ACC_MONTGOMERY_CACHED)
+#undef MLKEM_USE_NATIVE_POLYVEC_BASEMUL_ACC_MONTGOMERY_CACHED
+#endif
+
+/* mlkem/native/aarch64/src/clean_impl.h */
+#if defined(MLKEM_USE_NATIVE_POLY_TOBYTES)
+#undef MLKEM_USE_NATIVE_POLY_TOBYTES
+#endif
+
+/* mlkem/native/aarch64/src/clean_impl.h */
+#if defined(MLKEM_USE_NATIVE_REJ_UNIFORM)
+#undef MLKEM_USE_NATIVE_REJ_UNIFORM
+#endif
+
+/* mlkem/native/aarch64/src/clean_impl.h */
+#if defined(INVNTT_BOUND_NATIVE)
+#undef INVNTT_BOUND_NATIVE
+#endif
+
+/* mlkem/native/aarch64/src/consts.h */
+#if defined(MLKEM_NATIVE_AARCH64_CONSTS)
+#undef MLKEM_NATIVE_AARCH64_CONSTS
+#endif
+
+/* mlkem/native/aarch64/src/consts.h */
+#if defined(zetas_mulcache_native)
+#undef zetas_mulcache_native
+#endif
+
+/* mlkem/native/aarch64/src/consts.h */
+#if defined(zetas_mulcache_twisted_native)
+#undef zetas_mulcache_twisted_native
+#endif
+
+/* mlkem/native/aarch64/src/opt_impl.h */
+#if defined(MLKEM_NATIVE_ARITH_PROFILE_IMPL_H)
+#undef MLKEM_NATIVE_ARITH_PROFILE_IMPL_H
+#endif
+
+/* mlkem/native/aarch64/src/opt_impl.h */
+#if defined(MLKEM_USE_NATIVE_NTT)
+#undef MLKEM_USE_NATIVE_NTT
+#endif
+
+/* mlkem/native/aarch64/src/opt_impl.h */
+#if defined(MLKEM_USE_NATIVE_INTT)
+#undef MLKEM_USE_NATIVE_INTT
+#endif
+
+/* mlkem/native/aarch64/src/opt_impl.h */
+#if defined(MLKEM_USE_NATIVE_POLY_REDUCE)
+#undef MLKEM_USE_NATIVE_POLY_REDUCE
+#endif
+
+/* mlkem/native/aarch64/src/opt_impl.h */
+#if defined(MLKEM_USE_NATIVE_POLY_TOMONT)
+#undef MLKEM_USE_NATIVE_POLY_TOMONT
+#endif
+
+/* mlkem/native/aarch64/src/opt_impl.h */
+#if defined(MLKEM_USE_NATIVE_POLY_MULCACHE_COMPUTE)
+#undef MLKEM_USE_NATIVE_POLY_MULCACHE_COMPUTE
+#endif
+
+/* mlkem/native/aarch64/src/opt_impl.h */
+#if defined(MLKEM_USE_NATIVE_POLYVEC_BASEMUL_ACC_MONTGOMERY_CACHED)
+#undef MLKEM_USE_NATIVE_POLYVEC_BASEMUL_ACC_MONTGOMERY_CACHED
+#endif
+
+/* mlkem/native/aarch64/src/opt_impl.h */
+#if defined(MLKEM_USE_NATIVE_POLY_TOBYTES)
+#undef MLKEM_USE_NATIVE_POLY_TOBYTES
+#endif
+
+/* mlkem/native/aarch64/src/opt_impl.h */
+#if defined(MLKEM_USE_NATIVE_REJ_UNIFORM)
+#undef MLKEM_USE_NATIVE_REJ_UNIFORM
+#endif
+
+/* mlkem/native/aarch64/src/opt_impl.h */
+#if defined(NTT_BOUND_NATIVE)
+#undef NTT_BOUND_NATIVE
+#endif
+
+/* mlkem/native/aarch64/src/opt_impl.h */
+#if defined(INVNTT_BOUND_NATIVE)
+#undef INVNTT_BOUND_NATIVE
+#endif
+
+/* mlkem/native/aarch64/src/rej_uniform_table.c */
+#if defined(empty_cu_aarch64_rej_uniform_table)
+#undef empty_cu_aarch64_rej_uniform_table
+#endif
+
+/* mlkem/native/api.h */
+#if defined(MLKEM_NATIVE_ARITH_NATIVE_API_H)
+#undef MLKEM_NATIVE_ARITH_NATIVE_API_H
+#endif
+
+/* mlkem/native/default.h */
+#if defined(MLKEM_NATIVE_ARITH_BACKEND_DEFAULT_H)
+#undef MLKEM_NATIVE_ARITH_BACKEND_DEFAULT_H
+#endif
+
+/* mlkem/native/x86_64/default.h */
+#if defined(MLKEM_NATIVE_ARITH_PROFILE_H)
+#undef MLKEM_NATIVE_ARITH_PROFILE_H
+#endif
+
+/* mlkem/native/x86_64/default.h */
+#if defined(MLKEM_NATIVE_ARITH_BACKEND_X86_64_DEFAULT)
+#undef MLKEM_NATIVE_ARITH_BACKEND_X86_64_DEFAULT
+#endif
+
+/* mlkem/native/x86_64/default.h */
+#if defined(MLKEM_NATIVE_ARITH_BACKEND_NAME)
+#undef MLKEM_NATIVE_ARITH_BACKEND_NAME
+#endif
+
+/* mlkem/native/x86_64/default.h */
+#if defined(MLKEM_NATIVE_ARITH_BACKEND_IMPL)
+#undef MLKEM_NATIVE_ARITH_BACKEND_IMPL
+#endif
+
+/* mlkem/native/x86_64/src/align.h */
+#if defined(ALIGN_H)
+#undef ALIGN_H
+#endif
+
+/* mlkem/native/x86_64/src/align.h */
+#if defined(ALIGNED_UINT8)
+#undef ALIGNED_UINT8
+#endif
+
+/* mlkem/native/x86_64/src/align.h */
+#if defined(ALIGNED_INT16)
+#undef ALIGNED_INT16
+#endif
+
+/* mlkem/native/x86_64/src/arith_native_x86_64.h */
+#if defined(MLKEM_X86_64_NATIVE_H)
+#undef MLKEM_X86_64_NATIVE_H
+#endif
+
+/* mlkem/native/x86_64/src/arith_native_x86_64.h */
+#if defined(REJ_UNIFORM_AVX_NBLOCKS)
+#undef REJ_UNIFORM_AVX_NBLOCKS
+#endif
+
+/* mlkem/native/x86_64/src/arith_native_x86_64.h */
+#if defined(REJ_UNIFORM_AVX_BUFLEN)
+#undef REJ_UNIFORM_AVX_BUFLEN
+#endif
+
+/* mlkem/native/x86_64/src/arith_native_x86_64.h */
+#if defined(rej_uniform_avx2)
+#undef rej_uniform_avx2
+#endif
+
+/* mlkem/native/x86_64/src/arith_native_x86_64.h */
+#if defined(rej_uniform_table)
+#undef rej_uniform_table
+#endif
+
+/* mlkem/native/x86_64/src/arith_native_x86_64.h */
+#if defined(ntt_avx2)
+#undef ntt_avx2
+#endif
+
+/* mlkem/native/x86_64/src/arith_native_x86_64.h */
+#if defined(invntt_avx2)
+#undef invntt_avx2
+#endif
+
+/* mlkem/native/x86_64/src/arith_native_x86_64.h */
+#if defined(nttpack_avx2)
+#undef nttpack_avx2
+#endif
+
+/* mlkem/native/x86_64/src/arith_native_x86_64.h */
+#if defined(nttunpack_avx2)
+#undef nttunpack_avx2
+#endif
+
+/* mlkem/native/x86_64/src/arith_native_x86_64.h */
+#if defined(reduce_avx2)
+#undef reduce_avx2
+#endif
+
+/* mlkem/native/x86_64/src/arith_native_x86_64.h */
+#if defined(basemul_avx2)
+#undef basemul_avx2
+#endif
+
+/* mlkem/native/x86_64/src/arith_native_x86_64.h */
+#if defined(polyvec_basemul_acc_montgomery_cached_avx2)
+#undef polyvec_basemul_acc_montgomery_cached_avx2
+#endif
+
+/* mlkem/native/x86_64/src/arith_native_x86_64.h */
+#if defined(ntttobytes_avx2)
+#undef ntttobytes_avx2
+#endif
+
+/* mlkem/native/x86_64/src/arith_native_x86_64.h */
+#if defined(nttfrombytes_avx2)
+#undef nttfrombytes_avx2
+#endif
+
+/* mlkem/native/x86_64/src/arith_native_x86_64.h */
+#if defined(tomont_avx2)
+#undef tomont_avx2
+#endif
+
+/* mlkem/native/x86_64/src/basemul.c */
+#if defined(empty_cu_avx2_basemul)
+#undef empty_cu_avx2_basemul
+#endif
+
+/* mlkem/native/x86_64/src/consts.c */
+#if defined(Q)
+#undef Q
+#endif
+
+/* mlkem/native/x86_64/src/consts.c */
+#if defined(MONT)
+#undef MONT
+#endif
+
+/* mlkem/native/x86_64/src/consts.c */
+#if defined(QINV)
+#undef QINV
+#endif
+
+/* mlkem/native/x86_64/src/consts.c */
+#if defined(V)
+#undef V
+#endif
+
+/* mlkem/native/x86_64/src/consts.c */
+#if defined(FHI)
+#undef FHI
+#endif
+
+/* mlkem/native/x86_64/src/consts.c */
+#if defined(FLO)
+#undef FLO
+#endif
+
+/* mlkem/native/x86_64/src/consts.c */
+#if defined(MONTSQHI)
+#undef MONTSQHI
+#endif
+
+/* mlkem/native/x86_64/src/consts.c */
+#if defined(MONTSQLO)
+#undef MONTSQLO
+#endif
+
+/* mlkem/native/x86_64/src/consts.c */
+#if defined(MASK)
+#undef MASK
+#endif
+
+/* mlkem/native/x86_64/src/consts.c */
+#if defined(SHIFT)
+#undef SHIFT
+#endif
+
+/* mlkem/native/x86_64/src/consts.c */
+#if defined(_16XQ)
+#undef _16XQ
+#endif
+
+/* mlkem/native/x86_64/src/consts.c */
+#if defined(_16XQINV)
+#undef _16XQINV
+#endif
+
+/* mlkem/native/x86_64/src/consts.c */
+#if defined(_16XV)
+#undef _16XV
+#endif
+
+/* mlkem/native/x86_64/src/consts.c */
+#if defined(_16XFLO)
+#undef _16XFLO
+#endif
+
+/* mlkem/native/x86_64/src/consts.c */
+#if defined(_16XFHI)
+#undef _16XFHI
+#endif
+
+/* mlkem/native/x86_64/src/consts.c */
+#if defined(_16XMONTSQLO)
+#undef _16XMONTSQLO
+#endif
+
+/* mlkem/native/x86_64/src/consts.c */
+#if defined(_16XMONTSQHI)
+#undef _16XMONTSQHI
+#endif
+
+/* mlkem/native/x86_64/src/consts.c */
+#if defined(_16XMASK)
+#undef _16XMASK
+#endif
+
+/* mlkem/native/x86_64/src/consts.c */
+#if defined(_REVIDXB)
+#undef _REVIDXB
+#endif
+
+/* mlkem/native/x86_64/src/consts.c */
+#if defined(_REVIDXD)
+#undef _REVIDXD
+#endif
+
+/* mlkem/native/x86_64/src/consts.c */
+#if defined(_ZETAS_EXP)
+#undef _ZETAS_EXP
+#endif
+
+/* mlkem/native/x86_64/src/consts.c */
+#if defined(_16XSHIFT)
+#undef _16XSHIFT
+#endif
+
+/* mlkem/native/x86_64/src/consts.c */
+#if defined(empty_cu_consts)
+#undef empty_cu_consts
+#endif
+
+/* mlkem/native/x86_64/src/consts.h */
+#if defined(CONSTS_H)
+#undef CONSTS_H
+#endif
+
+/* mlkem/native/x86_64/src/consts.h */
+#if defined(_16XQ)
+#undef _16XQ
+#endif
+
+/* mlkem/native/x86_64/src/consts.h */
+#if defined(_16XQINV)
+#undef _16XQINV
+#endif
+
+/* mlkem/native/x86_64/src/consts.h */
+#if defined(_16XV)
+#undef _16XV
+#endif
+
+/* mlkem/native/x86_64/src/consts.h */
+#if defined(_16XFLO)
+#undef _16XFLO
+#endif
+
+/* mlkem/native/x86_64/src/consts.h */
+#if defined(_16XFHI)
+#undef _16XFHI
+#endif
+
+/* mlkem/native/x86_64/src/consts.h */
+#if defined(_16XMONTSQLO)
+#undef _16XMONTSQLO
+#endif
+
+/* mlkem/native/x86_64/src/consts.h */
+#if defined(_16XMONTSQHI)
+#undef _16XMONTSQHI
+#endif
+
+/* mlkem/native/x86_64/src/consts.h */
+#if defined(_16XMASK)
+#undef _16XMASK
+#endif
+
+/* mlkem/native/x86_64/src/consts.h */
+#if defined(_REVIDXB)
+#undef _REVIDXB
+#endif
+
+/* mlkem/native/x86_64/src/consts.h */
+#if defined(_REVIDXD)
+#undef _REVIDXD
+#endif
+
+/* mlkem/native/x86_64/src/consts.h */
+#if defined(_ZETAS_EXP)
+#undef _ZETAS_EXP
+#endif
+
+/* mlkem/native/x86_64/src/consts.h */
+#if defined(_16XSHIFT)
+#undef _16XSHIFT
+#endif
+
+/* mlkem/native/x86_64/src/consts.h */
+#if defined(qdata)
+#undef qdata
+#endif
+
+/* mlkem/native/x86_64/src/default_impl.h */
+#if defined(MLKEM_NATIVE_ARITH_PROFILE_IMPL_H)
+#undef MLKEM_NATIVE_ARITH_PROFILE_IMPL_H
+#endif
+
+/* mlkem/native/x86_64/src/default_impl.h */
+#if defined(MLKEM_USE_NATIVE_NTT_CUSTOM_ORDER)
+#undef MLKEM_USE_NATIVE_NTT_CUSTOM_ORDER
+#endif
+
+/* mlkem/native/x86_64/src/default_impl.h */
+#if defined(MLKEM_USE_NATIVE_REJ_UNIFORM)
+#undef MLKEM_USE_NATIVE_REJ_UNIFORM
+#endif
+
+/* mlkem/native/x86_64/src/default_impl.h */
+#if defined(MLKEM_USE_NATIVE_NTT)
+#undef MLKEM_USE_NATIVE_NTT
+#endif
+
+/* mlkem/native/x86_64/src/default_impl.h */
+#if defined(MLKEM_USE_NATIVE_INTT)
+#undef MLKEM_USE_NATIVE_INTT
+#endif
+
+/* mlkem/native/x86_64/src/default_impl.h */
+#if defined(MLKEM_USE_NATIVE_POLY_REDUCE)
+#undef MLKEM_USE_NATIVE_POLY_REDUCE
+#endif
+
+/* mlkem/native/x86_64/src/default_impl.h */
+#if defined(MLKEM_USE_NATIVE_POLY_TOMONT)
+#undef MLKEM_USE_NATIVE_POLY_TOMONT
+#endif
+
+/* mlkem/native/x86_64/src/default_impl.h */
+#if defined(MLKEM_USE_NATIVE_POLYVEC_BASEMUL_ACC_MONTGOMERY_CACHED)
+#undef MLKEM_USE_NATIVE_POLYVEC_BASEMUL_ACC_MONTGOMERY_CACHED
+#endif
+
+/* mlkem/native/x86_64/src/default_impl.h */
+#if defined(MLKEM_USE_NATIVE_POLY_MULCACHE_COMPUTE)
+#undef MLKEM_USE_NATIVE_POLY_MULCACHE_COMPUTE
+#endif
+
+/* mlkem/native/x86_64/src/default_impl.h */
+#if defined(MLKEM_USE_NATIVE_POLY_TOBYTES)
+#undef MLKEM_USE_NATIVE_POLY_TOBYTES
+#endif
+
+/* mlkem/native/x86_64/src/default_impl.h */
+#if defined(MLKEM_USE_NATIVE_POLY_FROMBYTES)
+#undef MLKEM_USE_NATIVE_POLY_FROMBYTES
+#endif
+
+/* mlkem/native/x86_64/src/default_impl.h */
+#if defined(INVNTT_BOUND_NATIVE)
+#undef INVNTT_BOUND_NATIVE
+#endif
+
+/* mlkem/native/x86_64/src/default_impl.h */
+#if defined(NTT_BOUND_NATIVE)
+#undef NTT_BOUND_NATIVE
+#endif
+
+/* mlkem/native/x86_64/src/rej_uniform_avx2.c */
+#if defined(_mm256_cmpge_epu16)
+#undef _mm256_cmpge_epu16
+#endif
+
+/* mlkem/native/x86_64/src/rej_uniform_avx2.c */
+#if defined(_mm_cmpge_epu16)
+#undef _mm_cmpge_epu16
+#endif
+
+/* mlkem/native/x86_64/src/rej_uniform_avx2.c */
+#if defined(empty_cu_rej_uniform_avx2)
+#undef empty_cu_rej_uniform_avx2
+#endif
+
+/* mlkem/native/x86_64/src/rej_uniform_table.c */
+#if defined(empty_cu_avx2_rej_uniform_table)
+#undef empty_cu_avx2_rej_uniform_table
+#endif
+
+/* mlkem/ntt.c */
+#if defined(ntt_butterfly_block)
+#undef ntt_butterfly_block
+#endif
+
+/* mlkem/ntt.c */
+#if defined(ntt_layer)
+#undef ntt_layer
+#endif
+
+/* mlkem/ntt.c */
+#if defined(invntt_layer)
+#undef invntt_layer
+#endif
+
+/* mlkem/ntt.c */
+#if defined(INVNTT_BOUND_REF)
+#undef INVNTT_BOUND_REF
+#endif
+
+/* mlkem/ntt.h */
+#if defined(NTT_H)
+#undef NTT_H
+#endif
+
+/* mlkem/ntt.h */
+#if defined(zetas)
+#undef zetas
+#endif
+
+/* mlkem/ntt.h */
+#if defined(poly_ntt)
+#undef poly_ntt
+#endif
+
+/* mlkem/ntt.h */
+#if defined(poly_invntt_tomont)
+#undef poly_invntt_tomont
+#endif
+
+/* mlkem/ntt.h */
+#if defined(basemul_cached)
+#undef basemul_cached
+#endif
+
+/* mlkem/params.h */
+#if defined(PARAMS_H)
+#undef PARAMS_H
+#endif
+
+/* mlkem/params.h */
+#if defined(MLKEM_N)
+#undef MLKEM_N
+#endif
+
+/* mlkem/params.h */
+#if defined(MLKEM_Q)
+#undef MLKEM_Q
+#endif
+
+/* mlkem/params.h */
+#if defined(UINT12_MAX)
+#undef UINT12_MAX
+#endif
+
+/* mlkem/params.h */
+#if defined(MLKEM_SYMBYTES)
+#undef MLKEM_SYMBYTES
+#endif
+
+/* mlkem/params.h */
+#if defined(MLKEM_SSBYTES)
+#undef MLKEM_SSBYTES
+#endif
+
+/* mlkem/params.h */
+#if defined(MLKEM_POLYBYTES)
+#undef MLKEM_POLYBYTES
+#endif
+
+/* mlkem/params.h */
+#if defined(MLKEM_POLYVECBYTES)
+#undef MLKEM_POLYVECBYTES
+#endif
+
+/* mlkem/params.h */
+#if defined(MLKEM_LVL)
+#undef MLKEM_LVL
+#endif
+
+/* mlkem/params.h */
+#if defined(MLKEM_ETA1)
+#undef MLKEM_ETA1
+#endif
+
+/* mlkem/params.h */
+#if defined(MLKEM_POLYCOMPRESSEDBYTES_DV)
+#undef MLKEM_POLYCOMPRESSEDBYTES_DV
+#endif
+
+/* mlkem/params.h */
+#if defined(MLKEM_POLYCOMPRESSEDBYTES_DU)
+#undef MLKEM_POLYCOMPRESSEDBYTES_DU
+#endif
+
+/* mlkem/params.h */
+#if defined(MLKEM_POLYVECCOMPRESSEDBYTES_DU)
+#undef MLKEM_POLYVECCOMPRESSEDBYTES_DU
+#endif
+
+/* mlkem/params.h */
+#if defined(MLKEM_LVL)
+#undef MLKEM_LVL
+#endif
+
+/* mlkem/params.h */
+#if defined(MLKEM_ETA1)
+#undef MLKEM_ETA1
+#endif
+
+/* mlkem/params.h */
+#if defined(MLKEM_POLYCOMPRESSEDBYTES_DV)
+#undef MLKEM_POLYCOMPRESSEDBYTES_DV
+#endif
+
+/* mlkem/params.h */
+#if defined(MLKEM_POLYCOMPRESSEDBYTES_DU)
+#undef MLKEM_POLYCOMPRESSEDBYTES_DU
+#endif
+
+/* mlkem/params.h */
+#if defined(MLKEM_POLYVECCOMPRESSEDBYTES_DU)
+#undef MLKEM_POLYVECCOMPRESSEDBYTES_DU
+#endif
+
+/* mlkem/params.h */
+#if defined(MLKEM_LVL)
+#undef MLKEM_LVL
+#endif
+
+/* mlkem/params.h */
+#if defined(MLKEM_ETA1)
+#undef MLKEM_ETA1
+#endif
+
+/* mlkem/params.h */
+#if defined(MLKEM_POLYCOMPRESSEDBYTES_DV)
+#undef MLKEM_POLYCOMPRESSEDBYTES_DV
+#endif
+
+/* mlkem/params.h */
+#if defined(MLKEM_POLYCOMPRESSEDBYTES_DU)
+#undef MLKEM_POLYCOMPRESSEDBYTES_DU
+#endif
+
+/* mlkem/params.h */
+#if defined(MLKEM_POLYVECCOMPRESSEDBYTES_DU)
+#undef MLKEM_POLYVECCOMPRESSEDBYTES_DU
+#endif
+
+/* mlkem/params.h */
+#if defined(MLKEM_ETA2)
+#undef MLKEM_ETA2
+#endif
+
+/* mlkem/params.h */
+#if defined(MLKEM_INDCPA_MSGBYTES)
+#undef MLKEM_INDCPA_MSGBYTES
+#endif
+
+/* mlkem/params.h */
+#if defined(MLKEM_INDCPA_PUBLICKEYBYTES)
+#undef MLKEM_INDCPA_PUBLICKEYBYTES
+#endif
+
+/* mlkem/params.h */
+#if defined(MLKEM_INDCPA_SECRETKEYBYTES)
+#undef MLKEM_INDCPA_SECRETKEYBYTES
+#endif
+
+/* mlkem/params.h */
+#if defined(MLKEM_INDCPA_BYTES)
+#undef MLKEM_INDCPA_BYTES
+#endif
+
+/* mlkem/params.h */
+#if defined(MLKEM_INDCCA_PUBLICKEYBYTES)
+#undef MLKEM_INDCCA_PUBLICKEYBYTES
+#endif
+
+/* mlkem/params.h */
+#if defined(MLKEM_INDCCA_SECRETKEYBYTES)
+#undef MLKEM_INDCCA_SECRETKEYBYTES
+#endif
+
+/* mlkem/params.h */
+#if defined(MLKEM_INDCCA_CIPHERTEXTBYTES)
+#undef MLKEM_INDCCA_CIPHERTEXTBYTES
+#endif
+
+/* mlkem/params.h */
+#if defined(KECCAK_WAY)
+#undef KECCAK_WAY
+#endif
+
+/* mlkem/poly.h */
+#if defined(POLY_H)
+#undef POLY_H
+#endif
+
+/* mlkem/poly.h */
+#if defined(INVNTT_BOUND)
+#undef INVNTT_BOUND
+#endif
+
+/* mlkem/poly.h */
+#if defined(NTT_BOUND)
+#undef NTT_BOUND
+#endif
+
+/* mlkem/poly.h */
+#if defined(poly)
+#undef poly
+#endif
+
+/* mlkem/poly.h */
+#if defined(poly_mulcache)
+#undef poly_mulcache
+#endif
+
+/* mlkem/poly.h */
+#if defined(scalar_compress_d1)
+#undef scalar_compress_d1
+#endif
+
+/* mlkem/poly.h */
+#if defined(scalar_compress_d4)
+#undef scalar_compress_d4
+#endif
+
+/* mlkem/poly.h */
+#if defined(scalar_compress_d5)
+#undef scalar_compress_d5
+#endif
+
+/* mlkem/poly.h */
+#if defined(scalar_compress_d10)
+#undef scalar_compress_d10
+#endif
+
+/* mlkem/poly.h */
+#if defined(scalar_compress_d11)
+#undef scalar_compress_d11
+#endif
+
+/* mlkem/poly.h */
+#if defined(scalar_decompress_d4)
+#undef scalar_decompress_d4
+#endif
+
+/* mlkem/poly.h */
+#if defined(scalar_decompress_d5)
+#undef scalar_decompress_d5
+#endif
+
+/* mlkem/poly.h */
+#if defined(scalar_decompress_d10)
+#undef scalar_decompress_d10
+#endif
+
+/* mlkem/poly.h */
+#if defined(scalar_decompress_d11)
+#undef scalar_decompress_d11
+#endif
+
+/* mlkem/poly.h */
+#if defined(scalar_signed_to_unsigned_q)
+#undef scalar_signed_to_unsigned_q
+#endif
+
+/* mlkem/poly.h */
+#if defined(poly_compress_du)
+#undef poly_compress_du
+#endif
+
+/* mlkem/poly.h */
+#if defined(poly_decompress_du)
+#undef poly_decompress_du
+#endif
+
+/* mlkem/poly.h */
+#if defined(poly_compress_dv)
+#undef poly_compress_dv
+#endif
+
+/* mlkem/poly.h */
+#if defined(poly_decompress_dv)
+#undef poly_decompress_dv
+#endif
+
+/* mlkem/poly.h */
+#if defined(poly_tobytes)
+#undef poly_tobytes
+#endif
+
+/* mlkem/poly.h */
+#if defined(poly_frombytes)
+#undef poly_frombytes
+#endif
+
+/* mlkem/poly.h */
+#if defined(poly_frommsg)
+#undef poly_frommsg
+#endif
+
+/* mlkem/poly.h */
+#if defined(poly_tomsg)
+#undef poly_tomsg
+#endif
+
+/* mlkem/poly.h */
+#if defined(poly_getnoise_eta1_4x)
+#undef poly_getnoise_eta1_4x
+#endif
+
+/* mlkem/poly.h */
+#if defined(poly_getnoise_eta2_4x)
+#undef poly_getnoise_eta2_4x
+#endif
+
+/* mlkem/poly.h */
+#if defined(poly_getnoise_eta2)
+#undef poly_getnoise_eta2
+#endif
+
+/* mlkem/poly.h */
+#if defined(poly_getnoise_eta1122_4x)
+#undef poly_getnoise_eta1122_4x
+#endif
+
+/* mlkem/poly.h */
+#if defined(poly_basemul_montgomery_cached)
+#undef poly_basemul_montgomery_cached
+#endif
+
+/* mlkem/poly.h */
+#if defined(poly_tomont)
+#undef poly_tomont
+#endif
+
+/* mlkem/poly.h */
+#if defined(poly_mulcache_compute)
+#undef poly_mulcache_compute
+#endif
+
+/* mlkem/poly.h */
+#if defined(poly_reduce)
+#undef poly_reduce
+#endif
+
+/* mlkem/poly.h */
+#if defined(poly_add)
+#undef poly_add
+#endif
+
+/* mlkem/poly.h */
+#if defined(poly_sub)
+#undef poly_sub
+#endif
+
+/* mlkem/polyvec.h */
+#if defined(POLYVEC_H)
+#undef POLYVEC_H
+#endif
+
+/* mlkem/polyvec.h */
+#if defined(polyvec)
+#undef polyvec
+#endif
+
+/* mlkem/polyvec.h */
+#if defined(polyvec_mulcache)
+#undef polyvec_mulcache
+#endif
+
+/* mlkem/polyvec.h */
+#if defined(polyvec_compress_du)
+#undef polyvec_compress_du
+#endif
+
+/* mlkem/polyvec.h */
+#if defined(polyvec_decompress_du)
+#undef polyvec_decompress_du
+#endif
+
+/* mlkem/polyvec.h */
+#if defined(polyvec_tobytes)
+#undef polyvec_tobytes
+#endif
+
+/* mlkem/polyvec.h */
+#if defined(polyvec_frombytes)
+#undef polyvec_frombytes
+#endif
+
+/* mlkem/polyvec.h */
+#if defined(polyvec_ntt)
+#undef polyvec_ntt
+#endif
+
+/* mlkem/polyvec.h */
+#if defined(polyvec_invntt_tomont)
+#undef polyvec_invntt_tomont
+#endif
+
+/* mlkem/polyvec.h */
+#if defined(polyvec_basemul_acc_montgomery)
+#undef polyvec_basemul_acc_montgomery
+#endif
+
+/* mlkem/polyvec.h */
+#if defined(polyvec_basemul_acc_montgomery_cached)
+#undef polyvec_basemul_acc_montgomery_cached
+#endif
+
+/* mlkem/polyvec.h */
+#if defined(polyvec_mulcache_compute)
+#undef polyvec_mulcache_compute
+#endif
+
+/* mlkem/polyvec.h */
+#if defined(polyvec_reduce)
+#undef polyvec_reduce
+#endif
+
+/* mlkem/polyvec.h */
+#if defined(polyvec_add)
+#undef polyvec_add
+#endif
+
+/* mlkem/polyvec.h */
+#if defined(polyvec_tomont)
+#undef polyvec_tomont
+#endif
+
+/* mlkem/randombytes.h */
+#if defined(RANDOMBYTES_H)
+#undef RANDOMBYTES_H
+#endif
+
+/* mlkem/reduce.h */
+#if defined(REDUCE_H)
+#undef REDUCE_H
+#endif
+
+/* mlkem/reduce.h */
+#if defined(cast_uint16_to_int16)
+#undef cast_uint16_to_int16
+#endif
+
+/* mlkem/reduce.h */
+#if defined(montgomery_reduce_generic)
+#undef montgomery_reduce_generic
+#endif
+
+/* mlkem/reduce.h */
+#if defined(montgomery_reduce)
+#undef montgomery_reduce
+#endif
+
+/* mlkem/reduce.h */
+#if defined(fqmul)
+#undef fqmul
+#endif
+
+/* mlkem/reduce.h */
+#if defined(barrett_reduce)
+#undef barrett_reduce
+#endif
+
+/* mlkem/reduce.h */
+#if defined(HALF_Q)
+#undef HALF_Q
+#endif
+
+/* mlkem/rej_uniform.c */
+#if defined(rej_uniform_scalar)
+#undef rej_uniform_scalar
+#endif
+
+/* mlkem/rej_uniform.h */
+#if defined(REJ_UNIFORM_H)
+#undef REJ_UNIFORM_H
+#endif
+
+/* mlkem/rej_uniform.h */
+#if defined(rej_uniform)
+#undef rej_uniform
+#endif
+
+/* mlkem/symmetric.h */
+#if defined(SYMMETRIC_H)
+#undef SYMMETRIC_H
+#endif
+
+/* mlkem/symmetric.h */
+#if defined(hash_h)
+#undef hash_h
+#endif
+
+/* mlkem/symmetric.h */
+#if defined(hash_g)
+#undef hash_g
+#endif
+
+/* mlkem/symmetric.h */
+#if defined(hash_j)
+#undef hash_j
+#endif
+
+/* mlkem/symmetric.h */
+#if defined(prf_eta)
+#undef prf_eta
+#endif
+
+/* mlkem/symmetric.h */
+#if defined(prf_eta1)
+#undef prf_eta1
+#endif
+
+/* mlkem/symmetric.h */
+#if defined(prf_eta2)
+#undef prf_eta2
+#endif
+
+/* mlkem/symmetric.h */
+#if defined(prf_eta1_x4)
+#undef prf_eta1_x4
+#endif
+
+/* mlkem/symmetric.h */
+#if defined(xof_ctx)
+#undef xof_ctx
+#endif
+
+/* mlkem/symmetric.h */
+#if defined(xof_x4_ctx)
+#undef xof_x4_ctx
+#endif
+
+/* mlkem/symmetric.h */
+#if defined(xof_absorb)
+#undef xof_absorb
+#endif
+
+/* mlkem/symmetric.h */
+#if defined(xof_squeezeblocks)
+#undef xof_squeezeblocks
+#endif
+
+/* mlkem/symmetric.h */
+#if defined(xof_release)
+#undef xof_release
+#endif
+
+/* mlkem/symmetric.h */
+#if defined(xof_x4_absorb)
+#undef xof_x4_absorb
+#endif
+
+/* mlkem/symmetric.h */
+#if defined(xof_x4_squeezeblocks)
+#undef xof_x4_squeezeblocks
+#endif
+
+/* mlkem/symmetric.h */
+#if defined(xof_x4_release)
+#undef xof_x4_release
+#endif
+
+/* mlkem/symmetric.h */
+#if defined(XOF_RATE)
+#undef XOF_RATE
+#endif
+
+/* mlkem/sys.h */
+#if defined(MLKEM_NATIVE_SYS_H)
+#undef MLKEM_NATIVE_SYS_H
+#endif
+
+/* mlkem/sys.h */
+#if defined(SYS_AARCH64)
+#undef SYS_AARCH64
+#endif
+
+/* mlkem/sys.h */
+#if defined(SYS_AARCH64_EB)
+#undef SYS_AARCH64_EB
+#endif
+
+/* mlkem/sys.h */
+#if defined(SYS_X86_64)
+#undef SYS_X86_64
+#endif
+
+/* mlkem/sys.h */
+#if defined(SYS_X86_64_AVX2)
+#undef SYS_X86_64_AVX2
+#endif
+
+/* mlkem/sys.h */
+#if defined(SYS_LITTLE_ENDIAN)
+#undef SYS_LITTLE_ENDIAN
+#endif
+
+/* mlkem/sys.h */
+#if defined(SYS_BIG_ENDIAN)
+#undef SYS_BIG_ENDIAN
+#endif
+
+/* mlkem/sys.h */
+#if defined(INLINE)
+#undef INLINE
+#endif
+
+/* mlkem/sys.h */
+#if defined(ALWAYS_INLINE)
+#undef ALWAYS_INLINE
+#endif
+
+/* mlkem/sys.h */
+#if defined(INLINE)
+#undef INLINE
+#endif
+
+/* mlkem/sys.h */
+#if defined(ALWAYS_INLINE)
+#undef ALWAYS_INLINE
+#endif
+
+/* mlkem/sys.h */
+#if defined(INLINE)
+#undef INLINE
+#endif
+
+/* mlkem/sys.h */
+#if defined(ALWAYS_INLINE)
+#undef ALWAYS_INLINE
+#endif
+
+/* mlkem/sys.h */
+#if defined(INLINE)
+#undef INLINE
+#endif
+
+/* mlkem/sys.h */
+#if defined(ALWAYS_INLINE)
+#undef ALWAYS_INLINE
+#endif
+
+/* mlkem/sys.h */
+#if defined(RESTRICT)
+#undef RESTRICT
+#endif
+
+/* mlkem/sys.h */
+#if defined(RESTRICT)
+#undef RESTRICT
+#endif
+
+/* mlkem/sys.h */
+#if defined(RESTRICT)
+#undef RESTRICT
+#endif
+
+/* mlkem/sys.h */
+#if defined(DEFAULT_ALIGN)
+#undef DEFAULT_ALIGN
+#endif
+
+/* mlkem/sys.h */
+#if defined(ALIGN)
+#undef ALIGN
+#endif
+
+/* mlkem/sys.h */
+#if defined(asm)
+#undef asm
+#endif
+
+/* mlkem/sys.h */
+#if defined(asm)
+#undef asm
+#endif
+
+/* mlkem/sys.h */
+#if defined(ALIGN)
+#undef ALIGN
+#endif
+
+/* mlkem/verify.c */
+#if defined(empty_cu_verify)
+#undef empty_cu_verify
+#endif
+
+/* mlkem/verify.h */
+#if defined(VERIFY_H)
+#undef VERIFY_H
+#endif
+
+/* mlkem/verify.h */
+#if defined(value_barrier_u8)
+#undef value_barrier_u8
+#endif
+
+/* mlkem/verify.h */
+#if defined(value_barrier_u32)
+#undef value_barrier_u32
+#endif
+
+/* mlkem/verify.h */
+#if defined(value_barrier_i32)
+#undef value_barrier_i32
+#endif
+
+/* mlkem/verify.h */
+#if defined(ct_cmask_neg_i16)
+#undef ct_cmask_neg_i16
+#endif
+
+/* mlkem/verify.h */
+#if defined(ct_cmask_nonzero_u8)
+#undef ct_cmask_nonzero_u8
+#endif
+
+/* mlkem/verify.h */
+#if defined(ct_cmask_nonzero_u16)
+#undef ct_cmask_nonzero_u16
+#endif
+
+/* mlkem/verify.h */
+#if defined(ct_sel_uint8)
+#undef ct_sel_uint8
+#endif
+
+/* mlkem/verify.h */
+#if defined(ct_sel_int16)
+#undef ct_sel_int16
+#endif
+
+/* mlkem/verify.h */
+#if defined(ct_memcmp)
+#undef ct_memcmp
+#endif
+
+/* mlkem/verify.h */
+#if defined(ct_cmov_zero)
+#undef ct_cmov_zero
+#endif
+
+/* mlkem/verify.h */
+#if defined(MLKEM_USE_ASM_VALUE_BARRIER)
+#undef MLKEM_USE_ASM_VALUE_BARRIER
+#endif
+
+/* mlkem/verify.h */
+#if defined(ct_opt_blocker_u64)
+#undef ct_opt_blocker_u64
+#endif
diff --git a/mlkem/common.h b/mlkem/common.h
index c71468a69..8114e5aee 100644
--- a/mlkem/common.h
+++ b/mlkem/common.h
@@ -11,7 +11,6 @@
 #include "config.h"
 #endif /* MLKEM_NATIVE_CONFIG_FILE */
 
-#include "namespace.h"
 #include "params.h"
 #include "sys.h"
 
diff --git a/mlkem/config.h b/mlkem/config.h
index dca18ecd6..0472e2d47 100644
--- a/mlkem/config.h
+++ b/mlkem/config.h
@@ -97,4 +97,49 @@
 #define MLKEM_NATIVE_FIPS202_BACKEND "fips202/native/default.h"
 #endif /* MLKEM_NATIVE_FIPS202_BACKEND */
 
+/*************************  Config internals  ********************************/
+
+/* Default namespace
+ *
+ * Don't change this. If you need a different namespace, re-define
+ * MLKEM_NAMESPACE above instead, and remove the following.
+ */
+
+/*
+ * The default FIPS202 namespace is
+ *
+ *   PQCP_MLKEM_NATIVE_FIPS202_<BACKEND>_
+ *
+ * e.g., PQCP_MLKEM_NATIVE_FIPS202_C_
+ */
+
+#define FIPS202_DEFAULT_NAMESPACE___(x1, x2) x1##_##x2
+#define FIPS202_DEFAULT_NAMESPACE__(x1, x2) FIPS202_DEFAULT_NAMESPACE___(x1, x2)
+
+#define FIPS202_DEFAULT_NAMESPACE(s) \
+  FIPS202_DEFAULT_NAMESPACE__(PQCP_MLKEM_NATIVE_FIPS202, s)
+
+/*
+ * The default MLKEM namespace is
+ *
+ *   PQCP_MLKEM_NATIVE_MLKEM<LEVEL>_<BACKEND>_
+ *
+ * e.g., PQCP_MLKEM_NATIVE_MLKEM512_AARCH64_OPT_
+ */
+
+#define MLKEM_DEFAULT_NAMESPACE___(x1, x2, x3) x1##_##x2##_##x3
+#define MLKEM_DEFAULT_NAMESPACE__(x1, x2, x3) \
+  MLKEM_DEFAULT_NAMESPACE___(x1, x2, x3)
+
+#if MLKEM_K == 2
+#define MLKEM_DEFAULT_NAMESPACE(s) \
+  MLKEM_DEFAULT_NAMESPACE__(PQCP_MLKEM_NATIVE, MLKEM512, s)
+#elif MLKEM_K == 3
+#define MLKEM_DEFAULT_NAMESPACE(s) \
+  MLKEM_DEFAULT_NAMESPACE__(PQCP_MLKEM_NATIVE, MLKEM768, s)
+#elif MLKEM_K == 4
+#define MLKEM_DEFAULT_NAMESPACE(s) \
+  MLKEM_DEFAULT_NAMESPACE__(PQCP_MLKEM_NATIVE, MLKEM1024, s)
+#endif
+
 #endif /* MLkEM_NATIVE_CONFIG_H */
diff --git a/mlkem/kem.c b/mlkem/kem.c
index 6026d362b..5779d3273 100644
--- a/mlkem/kem.c
+++ b/mlkem/kem.c
@@ -2,11 +2,12 @@
  * Copyright (c) 2024 The mlkem-native project authors
  * SPDX-License-Identifier: Apache-2.0
  */
-#include "kem.h"
 #include <stddef.h>
 #include <stdint.h>
 #include <string.h>
+
 #include "indcpa.h"
+#include "kem.h"
 #include "randombytes.h"
 #include "symmetric.h"
 #include "verify.h"
@@ -36,11 +37,12 @@ __contract__(
  *              Described in Section 7.2 of FIPS203.
  *
  * Arguments:   - const uint8_t *pk: pointer to input public key
- *                (an already allocated array of MLKEM_PUBLICKEYBYTES bytes)
- **
+ *                (an already allocated array of MLKEM_INDCCA_PUBLICKEYBYTES
+ *                 bytes)
+ *
  * Returns 0 on success, and -1 on failure
  **************************************************/
-static int check_pk(const uint8_t pk[MLKEM_PUBLICKEYBYTES])
+static int check_pk(const uint8_t pk[MLKEM_INDCCA_PUBLICKEYBYTES])
 {
   polyvec p;
   uint8_t p_reencoded[MLKEM_POLYVECBYTES];
@@ -64,11 +66,12 @@ static int check_pk(const uint8_t pk[MLKEM_PUBLICKEYBYTES])
  *              Described in Section 7.3 of FIPS203.
  *
  * Arguments:   - const uint8_t *sk: pointer to input private key
- *                (an already allocated array of MLKEM_SECRETKEYBYTES bytes)
+ *                (an already allocated array of MLKEM_INDCCA_SECRETKEYBYTES
+ *                 bytes)
  *
  * Returns 0 on success, and -1 on failure
  **************************************************/
-static int check_sk(const uint8_t sk[MLKEM_SECRETKEYBYTES])
+static int check_sk(const uint8_t sk[MLKEM_INDCCA_SECRETKEYBYTES])
 {
   uint8_t test[MLKEM_SYMBYTES];
   /*
@@ -76,8 +79,8 @@ static int check_sk(const uint8_t sk[MLKEM_SECRETKEYBYTES])
    * no public information is leaked through the runtime or the return value
    * of this function.
    */
-  hash_h(test, sk + MLKEM_INDCPA_SECRETKEYBYTES, MLKEM_PUBLICKEYBYTES);
-  if (memcmp(sk + MLKEM_SECRETKEYBYTES - 2 * MLKEM_SYMBYTES, test,
+  hash_h(test, sk + MLKEM_INDCPA_SECRETKEYBYTES, MLKEM_INDCCA_PUBLICKEYBYTES);
+  if (memcmp(sk + MLKEM_INDCCA_SECRETKEYBYTES - 2 * MLKEM_SYMBYTES, test,
              MLKEM_SYMBYTES))
   {
     return -1;
@@ -85,19 +88,22 @@ static int check_sk(const uint8_t sk[MLKEM_SECRETKEYBYTES])
   return 0;
 }
 
-int crypto_kem_keypair_derand(uint8_t *pk, uint8_t *sk, const uint8_t *coins)
+int crypto_kem_keypair_derand(uint8_t pk[MLKEM_INDCCA_PUBLICKEYBYTES],
+                              uint8_t sk[MLKEM_INDCCA_SECRETKEYBYTES],
+                              const uint8_t *coins)
 {
   indcpa_keypair_derand(pk, sk, coins);
-  memcpy(sk + MLKEM_INDCPA_SECRETKEYBYTES, pk, MLKEM_PUBLICKEYBYTES);
-  hash_h(sk + MLKEM_SECRETKEYBYTES - 2 * MLKEM_SYMBYTES, pk,
-         MLKEM_PUBLICKEYBYTES);
+  memcpy(sk + MLKEM_INDCPA_SECRETKEYBYTES, pk, MLKEM_INDCCA_PUBLICKEYBYTES);
+  hash_h(sk + MLKEM_INDCCA_SECRETKEYBYTES - 2 * MLKEM_SYMBYTES, pk,
+         MLKEM_INDCCA_PUBLICKEYBYTES);
   /* Value z for pseudo-random output on reject */
-  memcpy(sk + MLKEM_SECRETKEYBYTES - MLKEM_SYMBYTES, coins + MLKEM_SYMBYTES,
-         MLKEM_SYMBYTES);
+  memcpy(sk + MLKEM_INDCCA_SECRETKEYBYTES - MLKEM_SYMBYTES,
+         coins + MLKEM_SYMBYTES, MLKEM_SYMBYTES);
   return 0;
 }
 
-int crypto_kem_keypair(uint8_t *pk, uint8_t *sk)
+int crypto_kem_keypair(uint8_t pk[MLKEM_INDCCA_PUBLICKEYBYTES],
+                       uint8_t sk[MLKEM_INDCCA_SECRETKEYBYTES])
 {
   ALIGN uint8_t coins[2 * MLKEM_SYMBYTES];
   randombytes(coins, 2 * MLKEM_SYMBYTES);
@@ -105,8 +111,10 @@ int crypto_kem_keypair(uint8_t *pk, uint8_t *sk)
   return 0;
 }
 
-int crypto_kem_enc_derand(uint8_t *ct, uint8_t *ss, const uint8_t *pk,
-                          const uint8_t *coins)
+int crypto_kem_enc_derand(uint8_t ct[MLKEM_INDCCA_CIPHERTEXTBYTES],
+                          uint8_t ss[MLKEM_SSBYTES],
+                          const uint8_t pk[MLKEM_INDCCA_PUBLICKEYBYTES],
+                          const uint8_t coins[MLKEM_SYMBYTES])
 {
   ALIGN uint8_t buf[2 * MLKEM_SYMBYTES];
   /* Will contain key, coins */
@@ -120,7 +128,7 @@ int crypto_kem_enc_derand(uint8_t *ct, uint8_t *ss, const uint8_t *pk,
   memcpy(buf, coins, MLKEM_SYMBYTES);
 
   /* Multitarget countermeasure for coins + contributory KEM */
-  hash_h(buf + MLKEM_SYMBYTES, pk, MLKEM_PUBLICKEYBYTES);
+  hash_h(buf + MLKEM_SYMBYTES, pk, MLKEM_INDCCA_PUBLICKEYBYTES);
   hash_g(kr, buf, 2 * MLKEM_SYMBYTES);
 
   /* coins are in kr+MLKEM_SYMBYTES */
@@ -130,14 +138,18 @@ int crypto_kem_enc_derand(uint8_t *ct, uint8_t *ss, const uint8_t *pk,
   return 0;
 }
 
-int crypto_kem_enc(uint8_t *ct, uint8_t *ss, const uint8_t *pk)
+int crypto_kem_enc(uint8_t ct[MLKEM_INDCCA_CIPHERTEXTBYTES],
+                   uint8_t ss[MLKEM_SSBYTES],
+                   const uint8_t pk[MLKEM_INDCCA_PUBLICKEYBYTES])
 {
   ALIGN uint8_t coins[MLKEM_SYMBYTES];
   randombytes(coins, MLKEM_SYMBYTES);
   return crypto_kem_enc_derand(ct, ss, pk, coins);
 }
 
-int crypto_kem_dec(uint8_t *ss, const uint8_t *ct, const uint8_t *sk)
+int crypto_kem_dec(uint8_t ss[MLKEM_SSBYTES],
+                   const uint8_t ct[MLKEM_INDCCA_CIPHERTEXTBYTES],
+                   const uint8_t sk[MLKEM_INDCCA_SECRETKEYBYTES])
 {
   uint8_t fail;
   ALIGN uint8_t buf[2 * MLKEM_SYMBYTES];
@@ -153,25 +165,26 @@ int crypto_kem_dec(uint8_t *ss, const uint8_t *ct, const uint8_t *sk)
   indcpa_dec(buf, ct, sk);
 
   /* Multitarget countermeasure for coins + contributory KEM */
-  memcpy(buf + MLKEM_SYMBYTES, sk + MLKEM_SECRETKEYBYTES - 2 * MLKEM_SYMBYTES,
-         MLKEM_SYMBYTES);
+  memcpy(buf + MLKEM_SYMBYTES,
+         sk + MLKEM_INDCCA_SECRETKEYBYTES - 2 * MLKEM_SYMBYTES, MLKEM_SYMBYTES);
   hash_g(kr, buf, 2 * MLKEM_SYMBYTES);
 
   /* Recompute and compare ciphertext */
   {
     /* Temporary buffer */
-    ALIGN uint8_t cmp[MLKEM_CIPHERTEXTBYTES];
+    ALIGN uint8_t cmp[MLKEM_INDCCA_CIPHERTEXTBYTES];
     /* coins are in kr+MLKEM_SYMBYTES */
     indcpa_enc(cmp, buf, pk, kr + MLKEM_SYMBYTES);
-    fail = ct_memcmp(ct, cmp, MLKEM_CIPHERTEXTBYTES);
+    fail = ct_memcmp(ct, cmp, MLKEM_INDCCA_CIPHERTEXTBYTES);
   }
 
   /* Compute rejection key */
   {
     /* Temporary buffer */
-    ALIGN uint8_t tmp[MLKEM_SYMBYTES + MLKEM_CIPHERTEXTBYTES];
-    memcpy(tmp, sk + MLKEM_SECRETKEYBYTES - MLKEM_SYMBYTES, MLKEM_SYMBYTES);
-    memcpy(tmp + MLKEM_SYMBYTES, ct, MLKEM_CIPHERTEXTBYTES);
+    ALIGN uint8_t tmp[MLKEM_SYMBYTES + MLKEM_INDCCA_CIPHERTEXTBYTES];
+    memcpy(tmp, sk + MLKEM_INDCCA_SECRETKEYBYTES - MLKEM_SYMBYTES,
+           MLKEM_SYMBYTES);
+    memcpy(tmp + MLKEM_SYMBYTES, ct, MLKEM_INDCCA_CIPHERTEXTBYTES);
     hash_j(ss, tmp, sizeof(tmp));
   }
 
diff --git a/mlkem/kem.h b/mlkem/kem.h
index 534e3783c..074e4771e 100644
--- a/mlkem/kem.h
+++ b/mlkem/kem.h
@@ -9,12 +9,22 @@
 #include "cbmc.h"
 #include "common.h"
 
-#define CRYPTO_SECRETKEYBYTES MLKEM_SECRETKEYBYTES
-#define CRYPTO_PUBLICKEYBYTES MLKEM_PUBLICKEYBYTES
-#define CRYPTO_CIPHERTEXTBYTES MLKEM_CIPHERTEXTBYTES
-#define CRYPTO_BYTES MLKEM_SSBYTES
+/* Include to ensure consistency between internal kem.h
+ * and external mlkem_native.h. */
+#include "mlkem_native.h"
+
+#if MLKEM_INDCCA_SECRETKEYBYTES != MLKEM_SECRETKEYBYTES(MLKEM_LVL)
+#error Mismatch for SECRETKEYBYTES between kem.h and mlkem_native.h
+#endif
+
+#if MLKEM_INDCCA_PUBLICKEYBYTES != MLKEM_PUBLICKEYBYTES(MLKEM_LVL)
+#error Mismatch for PUBLICKEYBYTES between kem.h and mlkem_native.h
+#endif
+
+#if MLKEM_INDCCA_CIPHERTEXTBYTES != MLKEM_CIPHERTEXTBYTES(MLKEM_LVL)
+#error Mismatch for CIPHERTEXTBYTES between kem.h and mlkem_native.h
+#endif
 
-#define crypto_kem_keypair_derand MLKEM_NAMESPACE(keypair_derand)
 /*************************************************
  * Name:        crypto_kem_keypair_derand
  *
@@ -22,25 +32,28 @@
  *              for CCA-secure ML-KEM key encapsulation mechanism
  *
  * Arguments:   - uint8_t *pk: pointer to output public key
- *                (an already allocated array of MLKEM_PUBLICKEYBYTES bytes)
+ *                (an already allocated array of MLKEM_INDCCA_PUBLICKEYBYTES
+ *                 bytes)
  *              - uint8_t *sk: pointer to output private key
- *                (an already allocated array of MLKEM_SECRETKEYBYTES bytes)
+ *                (an already allocated array of MLKEM_INDCCA_SECRETKEYBYTES
+ *                 bytes)
  *              - uint8_t *coins: pointer to input randomness
  *                (an already allocated array filled with 2*MLKEM_SYMBYTES
- *random bytes)
+ *                 random bytes)
  **
  * Returns 0 (success)
  **************************************************/
-int crypto_kem_keypair_derand(uint8_t *pk, uint8_t *sk, const uint8_t *coins)
+int crypto_kem_keypair_derand(uint8_t pk[MLKEM_INDCCA_PUBLICKEYBYTES],
+                              uint8_t sk[MLKEM_INDCCA_SECRETKEYBYTES],
+                              const uint8_t *coins)
 __contract__(
-  requires(memory_no_alias(pk, MLKEM_PUBLICKEYBYTES))
-  requires(memory_no_alias(sk, MLKEM_SECRETKEYBYTES))
+  requires(memory_no_alias(pk, MLKEM_INDCCA_PUBLICKEYBYTES))
+  requires(memory_no_alias(sk, MLKEM_INDCCA_SECRETKEYBYTES))
   requires(memory_no_alias(coins, 2 * MLKEM_SYMBYTES))
   assigns(object_whole(pk))
   assigns(object_whole(sk))
 );
 
-#define crypto_kem_keypair MLKEM_NAMESPACE(keypair)
 /*************************************************
  * Name:        crypto_kem_keypair
  *
@@ -48,21 +61,23 @@ __contract__(
  *              for CCA-secure ML-KEM key encapsulation mechanism
  *
  * Arguments:   - uint8_t *pk: pointer to output public key
- *                (an already allocated array of MLKEM_PUBLICKEYBYTES bytes)
+ *                (an already allocated array of MLKEM_INDCCA_PUBLICKEYBYTES
+ *                 bytes)
  *              - uint8_t *sk: pointer to output private key
- *                (an already allocated array of MLKEM_SECRETKEYBYTES bytes)
+ *                (an already allocated array of MLKEM_INDCCA_SECRETKEYBYTES
+ *                 bytes)
  *
  * Returns 0 (success)
  **************************************************/
-int crypto_kem_keypair(uint8_t *pk, uint8_t *sk)
+int crypto_kem_keypair(uint8_t pk[MLKEM_INDCCA_PUBLICKEYBYTES],
+                       uint8_t sk[MLKEM_INDCCA_SECRETKEYBYTES])
 __contract__(
-  requires(memory_no_alias(pk, MLKEM_PUBLICKEYBYTES))
-  requires(memory_no_alias(sk, MLKEM_SECRETKEYBYTES))
+  requires(memory_no_alias(pk, MLKEM_INDCCA_PUBLICKEYBYTES))
+  requires(memory_no_alias(sk, MLKEM_INDCCA_SECRETKEYBYTES))
   assigns(object_whole(pk))
   assigns(object_whole(sk))
 );
 
-#define crypto_kem_enc_derand MLKEM_NAMESPACE(enc_derand)
 /*************************************************
  * Name:        crypto_kem_enc_derand
  *
@@ -70,30 +85,33 @@ __contract__(
  *              secret for given public key
  *
  * Arguments:   - uint8_t *ct: pointer to output cipher text
- *                (an already allocated array of MLKEM_CIPHERTEXTBYTES bytes)
+ *                (an already allocated array of MLKEM_INDCCA_CIPHERTEXTBYTES
+ *                 bytes)
  *              - uint8_t *ss: pointer to output shared secret
  *                (an already allocated array of MLKEM_SSBYTES bytes)
  *              - const uint8_t *pk: pointer to input public key
- *                (an already allocated array of MLKEM_PUBLICKEYBYTES bytes)
+ *                (an already allocated array of MLKEM_INDCCA_PUBLICKEYBYTES
+ *                 bytes)
  *              - const uint8_t *coins: pointer to input randomness
  *                (an already allocated array filled with MLKEM_SYMBYTES random
- *bytes)
+ *                 bytes)
  **
  * Returns 0 on success, and -1 if the public key modulus check (see Section 7.2
  * of FIPS203) fails.
  **************************************************/
-int crypto_kem_enc_derand(uint8_t *ct, uint8_t *ss, const uint8_t *pk,
-                          const uint8_t *coins)
+int crypto_kem_enc_derand(uint8_t ct[MLKEM_INDCCA_CIPHERTEXTBYTES],
+                          uint8_t ss[MLKEM_SSBYTES],
+                          const uint8_t pk[MLKEM_INDCCA_PUBLICKEYBYTES],
+                          const uint8_t coins[MLKEM_SYMBYTES])
 __contract__(
-  requires(memory_no_alias(ct, MLKEM_CIPHERTEXTBYTES))
+  requires(memory_no_alias(ct, MLKEM_INDCCA_CIPHERTEXTBYTES))
   requires(memory_no_alias(ss, MLKEM_SSBYTES))
-  requires(memory_no_alias(pk, MLKEM_PUBLICKEYBYTES))
+  requires(memory_no_alias(pk, MLKEM_INDCCA_PUBLICKEYBYTES))
   requires(memory_no_alias(coins, MLKEM_SYMBYTES))
   assigns(object_whole(ct))
   assigns(object_whole(ss))
 );
 
-#define crypto_kem_enc MLKEM_NAMESPACE(enc)
 /*************************************************
  * Name:        crypto_kem_enc
  *
@@ -101,25 +119,28 @@ __contract__(
  *              secret for given public key
  *
  * Arguments:   - uint8_t *ct: pointer to output cipher text
- *                (an already allocated array of MLKEM_CIPHERTEXTBYTES bytes)
+ *                (an already allocated array of MLKEM_INDCCA_CIPHERTEXTBYTES
+ *bytes)
  *              - uint8_t *ss: pointer to output shared secret
  *                (an already allocated array of MLKEM_SSBYTES bytes)
  *              - const uint8_t *pk: pointer to input public key
- *                (an already allocated array of MLKEM_PUBLICKEYBYTES bytes)
+ *                (an already allocated array of MLKEM_INDCCA_PUBLICKEYBYTES
+ *bytes)
  *
  * Returns 0 on success, and -1 if the public key modulus check (see Section 7.2
  * of FIPS203) fails.
  **************************************************/
-int crypto_kem_enc(uint8_t *ct, uint8_t *ss, const uint8_t *pk)
+int crypto_kem_enc(uint8_t ct[MLKEM_INDCCA_CIPHERTEXTBYTES],
+                   uint8_t ss[MLKEM_SSBYTES],
+                   const uint8_t pk[MLKEM_INDCCA_PUBLICKEYBYTES])
 __contract__(
-  requires(memory_no_alias(ct, MLKEM_CIPHERTEXTBYTES))
+  requires(memory_no_alias(ct, MLKEM_INDCCA_CIPHERTEXTBYTES))
   requires(memory_no_alias(ss, MLKEM_SSBYTES))
-  requires(memory_no_alias(pk, MLKEM_PUBLICKEYBYTES))
+  requires(memory_no_alias(pk, MLKEM_INDCCA_PUBLICKEYBYTES))
   assigns(object_whole(ct))
   assigns(object_whole(ss))
 );
 
-#define crypto_kem_dec MLKEM_NAMESPACE(dec)
 /*************************************************
  * Name:        crypto_kem_dec
  *
@@ -129,20 +150,24 @@ __contract__(
  * Arguments:   - uint8_t *ss: pointer to output shared secret
  *                (an already allocated array of MLKEM_SSBYTES bytes)
  *              - const uint8_t *ct: pointer to input cipher text
- *                (an already allocated array of MLKEM_CIPHERTEXTBYTES bytes)
+ *                (an already allocated array of MLKEM_INDCCA_CIPHERTEXTBYTES
+ *bytes)
  *              - const uint8_t *sk: pointer to input private key
- *                (an already allocated array of MLKEM_SECRETKEYBYTES bytes)
+ *                (an already allocated array of MLKEM_INDCCA_SECRETKEYBYTES
+ *bytes)
  *
  * Returns 0 on success, and -1 if the secret key hash check (see Section 7.3 of
  * FIPS203) fails.
  *
  * On failure, ss will contain a pseudo-random value.
  **************************************************/
-int crypto_kem_dec(uint8_t *ss, const uint8_t *ct, const uint8_t *sk)
+int crypto_kem_dec(uint8_t ss[MLKEM_SSBYTES],
+                   const uint8_t ct[MLKEM_INDCCA_CIPHERTEXTBYTES],
+                   const uint8_t sk[MLKEM_INDCCA_SECRETKEYBYTES])
 __contract__(
   requires(memory_no_alias(ss, MLKEM_SSBYTES))
-  requires(memory_no_alias(ct, MLKEM_CIPHERTEXTBYTES))
-  requires(memory_no_alias(sk, MLKEM_SECRETKEYBYTES))
+  requires(memory_no_alias(ct, MLKEM_INDCCA_CIPHERTEXTBYTES))
+  requires(memory_no_alias(sk, MLKEM_INDCCA_SECRETKEYBYTES))
   assigns(object_whole(ss))
 );
 
diff --git a/mlkem/mlkem_native.h b/mlkem/mlkem_native.h
new file mode 100644
index 000000000..6cbaa9122
--- /dev/null
+++ b/mlkem/mlkem_native.h
@@ -0,0 +1,239 @@
+/*
+ * Copyright (c) 2024 The mlkem-native project authors
+ * SPDX-License-Identifier: Apache-2.0
+ */
+
+/*
+ * Public API for mlkem-native
+ *
+ * This header defines the public API of a single build of mlkem-native.
+ *
+ * To use this header, make sure one of the following holds:
+ *
+ * - The config.h used for the build is available in the include paths.
+ * - The values of BUILD_INFO_LVL and BUILD_INFO_NAMESPACE are set, reflecting
+ *   the security level (512/768/1024) and namespace of the build.
+ *
+ * This header specifies a build of mlkem-native for a fixed security level.
+ * If you need multiple builds, e.g. to build a library offering multiple
+ * security levels, you need multiple instances of this header.
+ */
+
+/* NOTE: To use multiple instances of this header, use separate guards. */
+#ifndef MLKEM_NATIVE_H
+#define MLKEM_NATIVE_H
+
+#include <stdint.h>
+
+/*************************** Build information ********************************/
+
+/*
+ * Provide security level (BUILD_INFO_LVL) and namespacing
+ * (BUILD_INFO_NAMESPACE)
+ *
+ * By default, this is extracted from the configuration used for the build,
+ * but you can also set it manually to avoid a dependency on the build config.
+ */
+
+/* Skip this if BUILD_INFO_LVL has already been set */
+#if !defined(BUILD_INFO_LVL)
+
+/* Option 1: Extract from config */
+#if defined(MLKEM_NATIVE_CONFIG_FILE)
+#include MLKEM_NATIVE_CONFIG_FILE
+#else
+#include "config.h"
+#endif
+
+#if MLKEM_K == 2
+#define BUILD_INFO_LVL 512
+#elif MLKEM_K == 3
+#define BUILD_INFO_LVL 768
+#elif MLKEM_K == 4
+#define BUILD_INFO_LVL 1024
+#else
+#error MLKEM_K not set by config file
+#endif
+
+#ifndef MLKEM_NAMESPACE
+#error MLKEM_NAMESPACE not set by config file
+#endif
+
+#define BUILD_INFO_NAMESPACE(sym) MLKEM_NAMESPACE(sym)
+
+#endif /* BUILD_INFO_LVL */
+
+/* Option 2: Provide BUILD_INFO_LVL and BUILD_INFO_NAMESPACE manually */
+
+/* #define BUILD_INFO_LVL            ADJUSTME */
+/* #define BUILD_INFO_NAMESPACE(sym) ADJUSTME */
+
+/******************************* Key sizes ************************************/
+
+/* Sizes of cryptographic material, per level */
+#define MLKEM512_SECRETKEYBYTES 1632
+#define MLKEM512_PUBLICKEYBYTES 800
+#define MLKEM512_CIPHERTEXTBYTES 768
+
+#define MLKEM768_SECRETKEYBYTES 2400
+#define MLKEM768_PUBLICKEYBYTES 1184
+#define MLKEM768_CIPHERTEXTBYTES 1088
+
+#define MLKEM1024_SECRETKEYBYTES 3168
+#define MLKEM1024_PUBLICKEYBYTES 1568
+#define MLKEM1024_CIPHERTEXTBYTES 1568
+
+/* Size of randomness coins in bytes (level-independent) */
+#define MLKEM_SYMBYTES 32
+#define MLKEM512_SYMBYTES MLKEM_SYMBYTES
+#define MLKEM768_SYMBYTES MLKEM_SYMBYTES
+#define MLKEM1024_SYMBYTES MLKEM_SYMBYTES
+/* Size of shared secret in bytes (level-independent) */
+#define MLKEM_BYTES 32
+#define MLKEM512_BYTES MLKEM_BYTES
+#define MLKEM768_BYTES MLKEM_BYTES
+#define MLKEM1024_BYTES MLKEM_BYTES
+
+/* Sizes of cryptographic material, as a function of LVL=512,768,1024 */
+#define MLKEM_SECRETKEYBYTES_(LVL) MLKEM##LVL##_SECRETKEYBYTES
+#define MLKEM_PUBLICKEYBYTES_(LVL) MLKEM##LVL##_PUBLICKEYBYTES
+#define MLKEM_CIPHERTEXTBYTES_(LVL) MLKEM##LVL##_CIPHERTEXTBYTES
+#define MLKEM_SECRETKEYBYTES(LVL) MLKEM_SECRETKEYBYTES_(LVL)
+#define MLKEM_PUBLICKEYBYTES(LVL) MLKEM_PUBLICKEYBYTES_(LVL)
+#define MLKEM_CIPHERTEXTBYTES(LVL) MLKEM_CIPHERTEXTBYTES_(LVL)
+
+/****************************** Function API **********************************/
+
+/*************************************************
+ * Name:        crypto_kem_keypair_derand
+ *
+ * Description: Generates public and private key
+ *              for CCA-secure ML-KEM key encapsulation mechanism
+ *
+ * Arguments:   - uint8_t pk[]: pointer to output public key, an array of
+ *                 length MLKEM{512,768,1024}_PUBLICKEYBYTES bytes.
+ *              - uint8_t sk[]: pointer to output private key, an array of
+ *                  of MLKEM{512,768,1024}_SECRETKEYBYTES bytes.
+ *              - uint8_t *coins: pointer to input randomness, an array of
+ *                  2*MLKEM_SYMBYTES uniformly random bytes.
+ *
+ * Returns 0 (success)
+ **************************************************/
+int BUILD_INFO_NAMESPACE(keypair_derand)(
+    uint8_t pk[MLKEM_PUBLICKEYBYTES(BUILD_INFO_LVL)],
+    uint8_t sk[MLKEM_SECRETKEYBYTES(BUILD_INFO_LVL)], const uint8_t *coins);
+
+/*************************************************
+ * Name:        crypto_kem_keypair
+ *
+ * Description: Generates public and private key
+ *              for CCA-secure ML-KEM key encapsulation mechanism
+ *
+ * Arguments:   - uint8_t *pk: pointer to output public key, an array of
+ *                 MLKEM{512,768,1024}_PUBLICKEYBYTES bytes.
+ *              - uint8_t *sk: pointer to output private key, an array of
+ *                 MLKEM{512,768,1024}_SECRETKEYBYTES bytes.
+ *
+ * Returns 0 (success)
+ **************************************************/
+int BUILD_INFO_NAMESPACE(keypair)(
+    uint8_t pk[MLKEM_PUBLICKEYBYTES(BUILD_INFO_LVL)],
+    uint8_t sk[MLKEM_SECRETKEYBYTES(BUILD_INFO_LVL)]);
+
+/*************************************************
+ * Name:        crypto_kem_enc_derand
+ *
+ * Description: Generates cipher text and shared
+ *              secret for given public key
+ *
+ * Arguments:   - uint8_t *ct: pointer to output cipher text, an array of
+ *                 MLKEM{512,768,1024}_CIPHERTEXTBYTES bytes.
+ *              - uint8_t *ss: pointer to output shared secret, an array of
+ *                 MLKEM_BYTES bytes.
+ *              - const uint8_t *pk: pointer to input public key, an array of
+ *                 MLKEM{512,768,1024}_PUBLICKEYBYTES bytes.
+ *              - const uint8_t *coins: pointer to input randomness, an array of
+ *                 MLKEM_SYMBYTES bytes.
+ *
+ * Returns 0 on success, and -1 if the public key modulus check (see Section 7.2
+ * of FIPS203) fails.
+ **************************************************/
+int BUILD_INFO_NAMESPACE(enc_derand)(
+    uint8_t ct[MLKEM_CIPHERTEXTBYTES(BUILD_INFO_LVL)], uint8_t ss[MLKEM_BYTES],
+    const uint8_t pk[MLKEM_PUBLICKEYBYTES(BUILD_INFO_LVL)],
+    const uint8_t coins[MLKEM_SYMBYTES]);
+
+/*************************************************
+ * Name:        crypto_kem_enc
+ *
+ * Description: Generates cipher text and shared
+ *              secret for given public key
+ *
+ * Arguments:   - uint8_t *ct: pointer to output cipher text, an array of
+ *                 MLKEM{512,768,1024}_CIPHERTEXTBYTES bytes.
+ *              - uint8_t *ss: pointer to output shared secret, an array of
+ *                 MLKEM_BYTES bytes.
+ *              - const uint8_t *pk: pointer to input public key, an array of
+ *                 MLKEM{512,768,1024}_PUBLICKEYBYTES bytes.
+ *
+ * Returns 0 on success, and -1 if the public key modulus check (see Section 7.2
+ * of FIPS203) fails.
+ **************************************************/
+int BUILD_INFO_NAMESPACE(enc)(
+    uint8_t ct[MLKEM_CIPHERTEXTBYTES(BUILD_INFO_LVL)], uint8_t ss[MLKEM_BYTES],
+    const uint8_t pk[MLKEM_PUBLICKEYBYTES(BUILD_INFO_LVL)]);
+
+/*************************************************
+ * Name:        crypto_kem_dec
+ *
+ * Description: Generates shared secret for given
+ *              cipher text and private key
+ *
+ * Arguments:   - uint8_t *ss: pointer to output shared secret, an array of
+ *                 MLKEM_BYTES bytes.
+ *              - const uint8_t *ct: pointer to input cipher text, an array of
+ *                 MLKEM{512,768,1024}_CIPHERTEXTBYTES bytes.
+ *              - const uint8_t *sk: pointer to input private key, an array of
+ *                 MLKEM{512,768,1024}_SECRETKEYBYTES bytes.
+ *
+ * Returns 0 on success, and -1 if the secret key hash check (see Section 7.3 of
+ * FIPS203) fails.
+ *
+ * On failure, ss will contain a pseudo-random value.
+ **************************************************/
+int BUILD_INFO_NAMESPACE(dec)(
+    uint8_t ss[MLKEM_BYTES],
+    const uint8_t ct[MLKEM_CIPHERTEXTBYTES(BUILD_INFO_LVL)],
+    const uint8_t sk[MLKEM_SECRETKEYBYTES(BUILD_INFO_LVL)]);
+
+/****************************** Standard API *********************************/
+
+/* If desired, export API in CRYPTO_xxx and crypto_kem_xxx format as used
+ * e.g. by SUPERCOP and NIST.
+ *
+ * Remove this if you don't need it, or if you need multiple instances
+ * of this header. */
+
+#if !defined(BUILD_INFO_NO_STANDARD_API)
+#define CRYPTO_SECRETKEYBYTES MLKEM_SECRETKEYBYTES(BUILD_INFO_LVL)
+#define CRYPTO_PUBLICKEYBYTES MLKEM_PUBLICKEYBYTES(BUILD_INFO_LVL)
+#define CRYPTO_CIPHERTEXTBYTES MLKEM_CIPHERTEXTBYTES(BUILD_INFO_LVL)
+
+#define CRYPTO_SYMBYTES MLKEM_SYMBYTES
+#define CRYPTO_BYTES MLKEM_BYTES
+
+#define crypto_kem_keypair_derand BUILD_INFO_NAMESPACE(keypair_derand)
+#define crypto_kem_keypair BUILD_INFO_NAMESPACE(keypair)
+#define crypto_kem_enc_derand BUILD_INFO_NAMESPACE(enc_derand)
+#define crypto_kem_enc BUILD_INFO_NAMESPACE(enc)
+#define crypto_kem_dec BUILD_INFO_NAMESPACE(dec)
+#endif /* BUILD_INFO_NO_STANDARD_API */
+
+/********************************* Cleanup ************************************/
+
+/* Unset build information to allow multiple instances of this header.
+ * Keep this commented out when using the standard API. */
+/* #undef BUILD_INFO_LVL */
+/* #undef BUILD_INFO_NAMESPACE */
+
+#endif /* MLKEM_NATIVE_API_H */
diff --git a/mlkem/namespace.h b/mlkem/namespace.h
deleted file mode 100644
index f1490b8e7..000000000
--- a/mlkem/namespace.h
+++ /dev/null
@@ -1,40 +0,0 @@
-/*
- * Copyright (c) 2024 The mlkem-native project authors
- * SPDX-License-Identifier: Apache-2.0
- */
-#ifndef MLKEM_NATIVE_NAMESPACE_H
-#define MLKEM_NATIVE_NAMESPACE_H
-
-/* Don't change parameters below this line */
-#if (MLKEM_K == 2)
-#define MLKEM_PARAM_NAME MLKEM512
-#elif (MLKEM_K == 3)
-#define MLKEM_PARAM_NAME MLKEM768
-#elif (MLKEM_K == 4)
-#define MLKEM_PARAM_NAME MLKEM1024
-#else
-#error "MLKEM_K must be in {2,3,4}"
-#endif
-
-#define ___MLKEM_DEFAULT_NAMESPACE(x1, x2, x3) x1##_##x2##_##x3
-#define __MLKEM_DEFAULT_NAMESPACE(x1, x2, x3) \
-  ___MLKEM_DEFAULT_NAMESPACE(x1, x2, x3)
-
-/*
- * NAMESPACE is PQCP_MLKEM_NATIVE_<PARAM_NAME>_<BACKEND>_
- * e.g., PQCP_MLKEM_NATIVE_MLKEM512_
- */
-#define MLKEM_DEFAULT_NAMESPACE(s) \
-  __MLKEM_DEFAULT_NAMESPACE(PQCP_MLKEM_NATIVE, MLKEM_PARAM_NAME, s)
-
-#define ___FIPS202_DEFAULT_NAMESPACE(x1, x2) x1##_##x2
-#define __FIPS202_DEFAULT_NAMESPACE(x1, x2) ___FIPS202_DEFAULT_NAMESPACE(x1, x2)
-
-/*
- * NAMESPACE is PQCP_MLKEM_NATIVE_FIPS202_<BACKEND>_
- * e.g., PQCP_MLKEM_NATIVE_FIPS202_
- */
-#define FIPS202_DEFAULT_NAMESPACE(s) \
-  __FIPS202_DEFAULT_NAMESPACE(PQCP_MLKEM_NATIVE_FIPS202, s)
-
-#endif /* MLKEM_NATIVE_NAMESPACE_H */
diff --git a/mlkem/params.h b/mlkem/params.h
index 656758475..d9a24a38b 100644
--- a/mlkem/params.h
+++ b/mlkem/params.h
@@ -26,16 +26,19 @@
 #define MLKEM_POLYVECBYTES (MLKEM_K * MLKEM_POLYBYTES)
 
 #if MLKEM_K == 2
+#define MLKEM_LVL 512
 #define MLKEM_ETA1 3
 #define MLKEM_POLYCOMPRESSEDBYTES_DV 128
 #define MLKEM_POLYCOMPRESSEDBYTES_DU 320
 #define MLKEM_POLYVECCOMPRESSEDBYTES_DU (MLKEM_K * MLKEM_POLYCOMPRESSEDBYTES_DU)
 #elif MLKEM_K == 3
+#define MLKEM_LVL 768
 #define MLKEM_ETA1 2
 #define MLKEM_POLYCOMPRESSEDBYTES_DV 128
 #define MLKEM_POLYCOMPRESSEDBYTES_DU 320
 #define MLKEM_POLYVECCOMPRESSEDBYTES_DU (MLKEM_K * MLKEM_POLYCOMPRESSEDBYTES_DU)
 #elif MLKEM_K == 4
+#define MLKEM_LVL 1024
 #define MLKEM_ETA1 2
 #define MLKEM_POLYCOMPRESSEDBYTES_DV 160
 #define MLKEM_POLYCOMPRESSEDBYTES_DU 352
@@ -50,12 +53,12 @@
 #define MLKEM_INDCPA_BYTES \
   (MLKEM_POLYVECCOMPRESSEDBYTES_DU + MLKEM_POLYCOMPRESSEDBYTES_DV)
 
-#define MLKEM_PUBLICKEYBYTES (MLKEM_INDCPA_PUBLICKEYBYTES)
+#define MLKEM_INDCCA_PUBLICKEYBYTES (MLKEM_INDCPA_PUBLICKEYBYTES)
 /* 32 bytes of additional space to save H(pk) */
-#define MLKEM_SECRETKEYBYTES                                   \
+#define MLKEM_INDCCA_SECRETKEYBYTES                            \
   (MLKEM_INDCPA_SECRETKEYBYTES + MLKEM_INDCPA_PUBLICKEYBYTES + \
    2 * MLKEM_SYMBYTES)
-#define MLKEM_CIPHERTEXTBYTES (MLKEM_INDCPA_BYTES)
+#define MLKEM_INDCCA_CIPHERTEXTBYTES (MLKEM_INDCPA_BYTES)
 
 #define KECCAK_WAY 4
 #endif
diff --git a/scripts/autogenerate_files.py b/scripts/autogenerate_files.py
index 0555aaf1d..79ca1a1c2 100644
--- a/scripts/autogenerate_files.py
+++ b/scripts/autogenerate_files.py
@@ -615,7 +615,7 @@ def gen():
         yield ""
 
     update_file(
-        "examples/monolithic_build/mlkem_native_all.c",
+        "examples/monolithic_build/mlkem_native_monobuild.c",
         "\n".join(gen()),
         dry_run=dry_run,
     )
diff --git a/test/acvp_mlkem.c b/test/acvp_mlkem.c
index cd4a44af5..a4e54c08f 100644
--- a/test/acvp_mlkem.c
+++ b/test/acvp_mlkem.c
@@ -5,7 +5,7 @@
 #include <stddef.h>
 #include <stdio.h>
 #include <string.h>
-#include "kem.h"
+#include "mlkem_native.h"
 #include "randombytes.h"
 
 #define USAGE \
@@ -114,11 +114,11 @@ static void print_hex(const char *name, const unsigned char *raw, size_t len)
 }
 
 static void acvp_mlkem_encapDecp_AFT_encapsulation(
-    unsigned char const ek[MLKEM_INDCPA_PUBLICKEYBYTES],
-    unsigned char const m[MLKEM_SYMBYTES])
+    unsigned char const ek[CRYPTO_PUBLICKEYBYTES],
+    unsigned char const m[CRYPTO_SYMBYTES])
 {
-  unsigned char ct[MLKEM_CIPHERTEXTBYTES];
-  unsigned char ss[MLKEM_SSBYTES];
+  unsigned char ct[CRYPTO_CIPHERTEXTBYTES];
+  unsigned char ss[CRYPTO_BYTES];
 
   crypto_kem_enc_derand(ct, ss, ek, m);
 
@@ -127,25 +127,25 @@ static void acvp_mlkem_encapDecp_AFT_encapsulation(
 }
 
 static void acvp_mlkem_encapDecp_VAL_decapsulation(
-    unsigned char const dk[MLKEM_SECRETKEYBYTES],
-    unsigned char const c[MLKEM_CIPHERTEXTBYTES])
+    unsigned char const dk[CRYPTO_SECRETKEYBYTES],
+    unsigned char const c[CRYPTO_CIPHERTEXTBYTES])
 {
-  unsigned char ss[MLKEM_SSBYTES];
+  unsigned char ss[CRYPTO_BYTES];
 
   crypto_kem_dec(ss, c, dk);
 
   print_hex("k", ss, sizeof(ss));
 }
 
-static void acvp_mlkem_keyGen_AFT(unsigned char const z[MLKEM_SYMBYTES],
-                                  unsigned char const d[MLKEM_SYMBYTES])
+static void acvp_mlkem_keyGen_AFT(unsigned char const z[CRYPTO_SYMBYTES],
+                                  unsigned char const d[CRYPTO_SYMBYTES])
 {
-  unsigned char ek[MLKEM_INDCPA_PUBLICKEYBYTES];
-  unsigned char dk[MLKEM_SECRETKEYBYTES];
+  unsigned char ek[CRYPTO_PUBLICKEYBYTES];
+  unsigned char dk[CRYPTO_SECRETKEYBYTES];
 
-  unsigned char zd[2 * MLKEM_SYMBYTES];
-  memcpy(zd, d, MLKEM_SYMBYTES);
-  memcpy(zd + MLKEM_SYMBYTES, z, MLKEM_SYMBYTES);
+  unsigned char zd[2 * CRYPTO_SYMBYTES];
+  memcpy(zd, d, CRYPTO_SYMBYTES);
+  memcpy(zd + CRYPTO_SYMBYTES, z, CRYPTO_SYMBYTES);
 
   crypto_kem_keypair_derand(ek, dk, zd);
 
@@ -234,8 +234,8 @@ int main(int argc, char *argv[])
       {
         case encapsulation:
         {
-          unsigned char ek[MLKEM_INDCPA_PUBLICKEYBYTES];
-          unsigned char m[MLKEM_SYMBYTES];
+          unsigned char ek[CRYPTO_PUBLICKEYBYTES];
+          unsigned char m[CRYPTO_SYMBYTES];
           /* Encapsulation only for "AFT" */
           if (type != AFT)
           {
@@ -262,8 +262,8 @@ int main(int argc, char *argv[])
         }
         case decapsulation:
         {
-          unsigned char dk[MLKEM_SECRETKEYBYTES];
-          unsigned char c[MLKEM_CIPHERTEXTBYTES];
+          unsigned char dk[CRYPTO_SECRETKEYBYTES];
+          unsigned char c[CRYPTO_CIPHERTEXTBYTES];
           /* Decapsulation only for "VAL" */
           if (type != VAL)
           {
@@ -293,8 +293,8 @@ int main(int argc, char *argv[])
     }
     case keyGen:
     {
-      unsigned char z[MLKEM_SYMBYTES];
-      unsigned char d[MLKEM_SYMBYTES];
+      unsigned char z[CRYPTO_SYMBYTES];
+      unsigned char d[CRYPTO_SYMBYTES];
       /* keyGen only for "AFT" */
       if (type != AFT)
       {
diff --git a/test/bench_mlkem.c b/test/bench_mlkem.c
index d34e0ff3f..204d4964f 100644
--- a/test/bench_mlkem.c
+++ b/test/bench_mlkem.c
@@ -8,7 +8,7 @@
 #include <stdlib.h>
 #include <string.h>
 #include "hal.h"
-#include "kem.h"
+#include "mlkem_native.h"
 #include "randombytes.h"
 
 #define NWARMUP 50
diff --git a/test/gen_KAT.c b/test/gen_KAT.c
index 5ea0d7dd9..69d9c8dee 100644
--- a/test/gen_KAT.c
+++ b/test/gen_KAT.c
@@ -6,8 +6,7 @@
 #include <stdio.h>
 #include <string.h>
 #include "fips202.h"
-#include "kem.h"
-#include "params.h"
+#include "mlkem_native.h"
 
 #define NTESTS 1000
 
@@ -25,7 +24,7 @@ static void print_hex(const char *label, const uint8_t *data, size_t size)
 int main(void)
 {
   unsigned int i;
-  ALIGN uint8_t coins[3 * MLKEM_SYMBYTES];
+  ALIGN uint8_t coins[3 * CRYPTO_SYMBYTES];
   ALIGN uint8_t pk[CRYPTO_PUBLICKEYBYTES];
   ALIGN uint8_t sk[CRYPTO_SECRETKEYBYTES];
   ALIGN uint8_t ct[CRYPTO_CIPHERTEXTBYTES];
diff --git a/test/gen_NISTKAT.c b/test/gen_NISTKAT.c
index 91cfc0056..5e11bac17 100644
--- a/test/gen_NISTKAT.c
+++ b/test/gen_NISTKAT.c
@@ -6,7 +6,7 @@
 #include <stdio.h>
 #include <string.h>
 
-#include "kem.h"
+#include "mlkem_native.h"
 #include "nistrng.h"
 #include "randombytes.h"
 
diff --git a/test/test_mlkem.c b/test/test_mlkem.c
index e8c20f901..84b683c88 100644
--- a/test/test_mlkem.c
+++ b/test/test_mlkem.c
@@ -5,7 +5,7 @@
 #include <stddef.h>
 #include <stdio.h>
 #include <string.h>
-#include "kem.h"
+#include "mlkem_native.h"
 #include "randombytes.h"
 
 #define NTESTS 1000