diff --git a/examples/monolithic_build/mlkem_native_monobuild.c b/examples/monolithic_build/mlkem_native_monobuild.c index dfc6fc2d2..ae0b9daf9 100644 --- a/examples/monolithic_build/mlkem_native_monobuild.c +++ b/examples/monolithic_build/mlkem_native_monobuild.c @@ -49,23 +49,23 @@ #endif /* mlkem/cbd.c */ -#if defined(load32_littleendian) -#undef load32_littleendian +#if defined(cbd2) +#undef cbd2 #endif /* mlkem/cbd.c */ -#if defined(load24_littleendian) -#undef load24_littleendian +#if defined(cbd3) +#undef cbd3 #endif /* mlkem/cbd.c */ -#if defined(cbd2) -#undef cbd2 +#if defined(load24_littleendian) +#undef load24_littleendian #endif /* mlkem/cbd.c */ -#if defined(cbd3) -#undef cbd3 +#if defined(load32_littleendian) +#undef load32_littleendian #endif /* mlkem/cbd.h */ @@ -84,18 +84,18 @@ #endif /* mlkem/cbmc.h */ -#if defined(__contract__) -#undef __contract__ +#if defined(CBMC_CONCAT) +#undef CBMC_CONCAT #endif /* mlkem/cbmc.h */ -#if defined(__loop__) -#undef __loop__ +#if defined(CBMC_CONCAT_) +#undef CBMC_CONCAT_ #endif /* mlkem/cbmc.h */ -#if defined(cassert) -#undef cassert +#if defined(EXISTS) +#undef EXISTS #endif /* mlkem/cbmc.h */ @@ -104,38 +104,38 @@ #endif /* mlkem/cbmc.h */ -#if defined(__loop__) -#undef __loop__ +#if defined(__contract__) +#undef __contract__ #endif /* mlkem/cbmc.h */ -#if defined(assigns) -#undef assigns +#if defined(__loop__) +#undef __loop__ #endif /* mlkem/cbmc.h */ -#if defined(requires) -#undef requires +#if defined(__loop__) +#undef __loop__ #endif /* mlkem/cbmc.h */ -#if defined(ensures) -#undef ensures +#if defined(array_abs_bound) +#undef array_abs_bound #endif /* mlkem/cbmc.h */ -#if defined(invariant) -#undef invariant +#if defined(array_bound) +#undef array_bound #endif /* mlkem/cbmc.h */ -#if defined(decreases) -#undef decreases +#if defined(array_bound_core) +#undef array_bound_core #endif /* mlkem/cbmc.h */ -#if defined(cassert) -#undef cassert +#if defined(assigns) +#undef assigns #endif /* mlkem/cbmc.h */ @@ -144,208 +144,208 @@ #endif /* mlkem/cbmc.h */ -#if defined(return_value) -#undef return_value +#if defined(cassert) +#undef cassert #endif /* mlkem/cbmc.h */ -#if defined(object_whole) -#undef object_whole +#if defined(cassert) +#undef cassert #endif /* mlkem/cbmc.h */ -#if defined(memory_slice) -#undef memory_slice +#if defined(decreases) +#undef decreases #endif /* mlkem/cbmc.h */ -#if defined(same_object) -#undef same_object +#if defined(ensures) +#undef ensures #endif /* mlkem/cbmc.h */ -#if defined(memory_no_alias) -#undef memory_no_alias +#if defined(forall) +#undef forall #endif /* mlkem/cbmc.h */ -#if defined(readable) -#undef readable +#if defined(invariant) +#undef invariant #endif /* mlkem/cbmc.h */ -#if defined(writeable) -#undef writeable +#if defined(loop_entry) +#undef loop_entry #endif /* mlkem/cbmc.h */ -#if defined(old) -#undef old +#if defined(memory_no_alias) +#undef memory_no_alias #endif /* mlkem/cbmc.h */ -#if defined(loop_entry) -#undef loop_entry +#if defined(memory_slice) +#undef memory_slice #endif /* mlkem/cbmc.h */ -#if defined(forall) -#undef forall +#if defined(object_whole) +#undef object_whole #endif /* mlkem/cbmc.h */ -#if defined(EXISTS) -#undef EXISTS +#if defined(old) +#undef old #endif /* mlkem/cbmc.h */ -#if defined(CBMC_CONCAT_) -#undef CBMC_CONCAT_ +#if defined(readable) +#undef readable #endif /* mlkem/cbmc.h */ -#if defined(CBMC_CONCAT) -#undef CBMC_CONCAT +#if defined(requires) +#undef requires #endif /* mlkem/cbmc.h */ -#if defined(array_bound_core) -#undef array_bound_core +#if defined(return_value) +#undef return_value #endif /* mlkem/cbmc.h */ -#if defined(array_bound) -#undef array_bound +#if defined(same_object) +#undef same_object #endif /* mlkem/cbmc.h */ -#if defined(array_abs_bound) -#undef array_abs_bound +#if defined(writeable) +#undef writeable #endif /* mlkem/common.h */ -#if defined(MLKEM_NATIVE_COMMON_H) -#undef MLKEM_NATIVE_COMMON_H +#if defined(FIPS202_ASM_NAMESPACE) +#undef FIPS202_ASM_NAMESPACE #endif /* mlkem/common.h */ -#if defined(MLKEM_NATIVE_ARITH_BACKEND_NAME) -#undef MLKEM_NATIVE_ARITH_BACKEND_NAME +#if defined(FIPS202_ASM_NAMESPACE) +#undef FIPS202_ASM_NAMESPACE #endif /* mlkem/common.h */ -#if defined(MLKEM_NATIVE_FIPS202_BACKEND_NAME) -#undef MLKEM_NATIVE_FIPS202_BACKEND_NAME +#if defined(FIPS202_NAMESPACE) +#undef FIPS202_NAMESPACE #endif /* mlkem/common.h */ -#if defined(MLKEM_NATIVE_INTERNAL_API) -#undef MLKEM_NATIVE_INTERNAL_API +#if defined(MLKEM_ASM_NAMESPACE) +#undef MLKEM_ASM_NAMESPACE #endif /* mlkem/common.h */ -#if defined(MLKEM_NATIVE_INTERNAL_API) -#undef MLKEM_NATIVE_INTERNAL_API +#if defined(MLKEM_ASM_NAMESPACE) +#undef MLKEM_ASM_NAMESPACE #endif /* mlkem/common.h */ -#if defined(MLKEM_NATIVE_MAKE_NAMESPACE_) -#undef MLKEM_NATIVE_MAKE_NAMESPACE_ +#if defined(MLKEM_NAMESPACE) +#undef MLKEM_NAMESPACE #endif /* mlkem/common.h */ -#if defined(MLKEM_NATIVE_MAKE_NAMESPACE) -#undef MLKEM_NATIVE_MAKE_NAMESPACE +#if defined(MLKEM_NATIVE_ARITH_BACKEND_NAME) +#undef MLKEM_NATIVE_ARITH_BACKEND_NAME #endif /* mlkem/common.h */ -#if defined(FIPS202_NAMESPACE) -#undef FIPS202_NAMESPACE +#if defined(MLKEM_NATIVE_COMMON_H) +#undef MLKEM_NATIVE_COMMON_H #endif /* mlkem/common.h */ -#if defined(MLKEM_NAMESPACE) -#undef MLKEM_NAMESPACE +#if defined(MLKEM_NATIVE_FIPS202_BACKEND_NAME) +#undef MLKEM_NATIVE_FIPS202_BACKEND_NAME #endif /* mlkem/common.h */ -#if defined(MLKEM_ASM_NAMESPACE) -#undef MLKEM_ASM_NAMESPACE +#if defined(MLKEM_NATIVE_INTERNAL_API) +#undef MLKEM_NATIVE_INTERNAL_API #endif /* mlkem/common.h */ -#if defined(FIPS202_ASM_NAMESPACE) -#undef FIPS202_ASM_NAMESPACE +#if defined(MLKEM_NATIVE_INTERNAL_API) +#undef MLKEM_NATIVE_INTERNAL_API #endif /* mlkem/common.h */ -#if defined(_PREFIX_UNDERSCORE) -#undef _PREFIX_UNDERSCORE +#if defined(MLKEM_NATIVE_MAKE_NAMESPACE) +#undef MLKEM_NATIVE_MAKE_NAMESPACE #endif /* mlkem/common.h */ -#if defined(PREFIX_UNDERSCORE) -#undef PREFIX_UNDERSCORE +#if defined(MLKEM_NATIVE_MAKE_NAMESPACE_) +#undef MLKEM_NATIVE_MAKE_NAMESPACE_ #endif /* mlkem/common.h */ -#if defined(MLKEM_ASM_NAMESPACE) -#undef MLKEM_ASM_NAMESPACE +#if defined(PREFIX_UNDERSCORE) +#undef PREFIX_UNDERSCORE #endif /* mlkem/common.h */ -#if defined(FIPS202_ASM_NAMESPACE) -#undef FIPS202_ASM_NAMESPACE +#if defined(PREFIX_UNDERSCORE_) +#undef PREFIX_UNDERSCORE_ #endif /* mlkem/config.h */ -#if defined(MLKEM_NATIVE_CONFIG_H) -#undef MLKEM_NATIVE_CONFIG_H +#if defined(FIPS202_DEFAULT_NAMESPACE_PREFIX) +#undef FIPS202_DEFAULT_NAMESPACE_PREFIX #endif /* mlkem/config.h */ -#if defined(MLKEM_K) -#undef MLKEM_K +#if defined(FIPS202_NAMESPACE_PREFIX) +#undef FIPS202_NAMESPACE_PREFIX #endif /* mlkem/config.h */ -#if defined(MLKEM_NAMESPACE_PREFIX) -#undef MLKEM_NAMESPACE_PREFIX +#if defined(MLKEM_DEFAULT_NAMESPACE_PREFIX) +#undef MLKEM_DEFAULT_NAMESPACE_PREFIX #endif /* mlkem/config.h */ -#if defined(FIPS202_NAMESPACE_PREFIX) -#undef FIPS202_NAMESPACE_PREFIX +#if defined(MLKEM_DEFAULT_NAMESPACE_PREFIX) +#undef MLKEM_DEFAULT_NAMESPACE_PREFIX #endif /* mlkem/config.h */ -#if defined(MLKEM_NATIVE_ARITH_BACKEND) -#undef MLKEM_NATIVE_ARITH_BACKEND +#if defined(MLKEM_DEFAULT_NAMESPACE_PREFIX) +#undef MLKEM_DEFAULT_NAMESPACE_PREFIX #endif /* mlkem/config.h */ -#if defined(MLKEM_NATIVE_FIPS202_BACKEND) -#undef MLKEM_NATIVE_FIPS202_BACKEND +#if defined(MLKEM_K) +#undef MLKEM_K #endif /* mlkem/config.h */ -#if defined(FIPS202_DEFAULT_NAMESPACE_PREFIX) -#undef FIPS202_DEFAULT_NAMESPACE_PREFIX +#if defined(MLKEM_NAMESPACE_PREFIX) +#undef MLKEM_NAMESPACE_PREFIX #endif /* mlkem/config.h */ -#if defined(MLKEM_DEFAULT_NAMESPACE_PREFIX) -#undef MLKEM_DEFAULT_NAMESPACE_PREFIX +#if defined(MLKEM_NATIVE_ARITH_BACKEND) +#undef MLKEM_NATIVE_ARITH_BACKEND #endif /* mlkem/config.h */ -#if defined(MLKEM_DEFAULT_NAMESPACE_PREFIX) -#undef MLKEM_DEFAULT_NAMESPACE_PREFIX +#if defined(MLKEM_NATIVE_CONFIG_H) +#undef MLKEM_NATIVE_CONFIG_H #endif /* mlkem/config.h */ -#if defined(MLKEM_DEFAULT_NAMESPACE_PREFIX) -#undef MLKEM_DEFAULT_NAMESPACE_PREFIX +#if defined(MLKEM_NATIVE_FIPS202_BACKEND) +#undef MLKEM_NATIVE_FIPS202_BACKEND #endif /* mlkem/debug/debug.c */ @@ -359,18 +359,18 @@ #endif /* mlkem/debug/debug.h */ -#if defined(MLKEM_DEBUG_H) -#undef MLKEM_DEBUG_H +#if defined(BOUND) +#undef BOUND #endif /* mlkem/debug/debug.h */ -#if defined(mlkem_debug_assert) -#undef mlkem_debug_assert +#if defined(BOUND) +#undef BOUND #endif /* mlkem/debug/debug.h */ -#if defined(mlkem_debug_check_bounds) -#undef mlkem_debug_check_bounds +#if defined(CASSERT) +#undef CASSERT #endif /* mlkem/debug/debug.h */ @@ -379,38 +379,48 @@ #endif /* mlkem/debug/debug.h */ -#if defined(SCALAR_BOUND) -#undef SCALAR_BOUND +#if defined(MLKEM_CONCAT) +#undef MLKEM_CONCAT #endif /* mlkem/debug/debug.h */ -#if defined(UBOUND) -#undef UBOUND +#if defined(MLKEM_CONCAT_) +#undef MLKEM_CONCAT_ #endif /* mlkem/debug/debug.h */ -#if defined(BOUND) -#undef BOUND +#if defined(MLKEM_DEBUG_H) +#undef MLKEM_DEBUG_H #endif /* mlkem/debug/debug.h */ -#if defined(POLY_BOUND_MSG) -#undef POLY_BOUND_MSG +#if defined(MLKEM_STATIC_ASSERT_ADD_ERROR) +#undef MLKEM_STATIC_ASSERT_ADD_ERROR #endif /* mlkem/debug/debug.h */ -#if defined(POLY_UBOUND_MSG) -#undef POLY_UBOUND_MSG +#if defined(MLKEM_STATIC_ASSERT_ADD_LINE0) +#undef MLKEM_STATIC_ASSERT_ADD_LINE0 #endif /* mlkem/debug/debug.h */ -#if defined(POLY_BOUND) -#undef POLY_BOUND +#if defined(MLKEM_STATIC_ASSERT_ADD_LINE1) +#undef MLKEM_STATIC_ASSERT_ADD_LINE1 #endif /* mlkem/debug/debug.h */ -#if defined(POLY_UBOUND) -#undef POLY_UBOUND +#if defined(MLKEM_STATIC_ASSERT_ADD_LINE2) +#undef MLKEM_STATIC_ASSERT_ADD_LINE2 +#endif + +/* mlkem/debug/debug.h */ +#if defined(MLKEM_STATIC_ASSERT_DEFINE) +#undef MLKEM_STATIC_ASSERT_DEFINE +#endif + +/* mlkem/debug/debug.h */ +#if defined(POLYVEC_BOUND) +#undef POLYVEC_BOUND #endif /* mlkem/debug/debug.h */ @@ -424,48 +434,48 @@ #endif /* mlkem/debug/debug.h */ -#if defined(MLKEM_CONCAT_) -#undef MLKEM_CONCAT_ +#if defined(POLYVEC_UBOUND) +#undef POLYVEC_UBOUND #endif /* mlkem/debug/debug.h */ -#if defined(MLKEM_CONCAT) -#undef MLKEM_CONCAT +#if defined(POLY_BOUND) +#undef POLY_BOUND #endif /* mlkem/debug/debug.h */ -#if defined(MLKEM_STATIC_ASSERT_DEFINE) -#undef MLKEM_STATIC_ASSERT_DEFINE +#if defined(POLY_BOUND) +#undef POLY_BOUND #endif /* mlkem/debug/debug.h */ -#if defined(MLKEM_STATIC_ASSERT_ADD_LINE0) -#undef MLKEM_STATIC_ASSERT_ADD_LINE0 +#if defined(POLY_BOUND_MSG) +#undef POLY_BOUND_MSG #endif /* mlkem/debug/debug.h */ -#if defined(MLKEM_STATIC_ASSERT_ADD_LINE1) -#undef MLKEM_STATIC_ASSERT_ADD_LINE1 +#if defined(POLY_BOUND_MSG) +#undef POLY_BOUND_MSG #endif /* mlkem/debug/debug.h */ -#if defined(MLKEM_STATIC_ASSERT_ADD_LINE2) -#undef MLKEM_STATIC_ASSERT_ADD_LINE2 +#if defined(POLY_UBOUND) +#undef POLY_UBOUND #endif /* mlkem/debug/debug.h */ -#if defined(MLKEM_STATIC_ASSERT_ADD_ERROR) -#undef MLKEM_STATIC_ASSERT_ADD_ERROR +#if defined(POLY_UBOUND) +#undef POLY_UBOUND #endif /* mlkem/debug/debug.h */ -#if defined(STATIC_ASSERT) -#undef STATIC_ASSERT +#if defined(POLY_UBOUND_MSG) +#undef POLY_UBOUND_MSG #endif /* mlkem/debug/debug.h */ -#if defined(CASSERT) -#undef CASSERT +#if defined(POLY_UBOUND_MSG) +#undef POLY_UBOUND_MSG #endif /* mlkem/debug/debug.h */ @@ -474,23 +484,18 @@ #endif /* mlkem/debug/debug.h */ -#if defined(BOUND) -#undef BOUND -#endif - -/* mlkem/debug/debug.h */ -#if defined(POLY_BOUND) -#undef POLY_BOUND +#if defined(SCALAR_BOUND) +#undef SCALAR_BOUND #endif /* mlkem/debug/debug.h */ -#if defined(POLYVEC_BOUND) -#undef POLYVEC_BOUND +#if defined(STATIC_ASSERT) +#undef STATIC_ASSERT #endif /* mlkem/debug/debug.h */ -#if defined(POLY_BOUND_MSG) -#undef POLY_BOUND_MSG +#if defined(STATIC_ASSERT) +#undef STATIC_ASSERT #endif /* mlkem/debug/debug.h */ @@ -499,43 +504,38 @@ #endif /* mlkem/debug/debug.h */ -#if defined(POLY_UBOUND) -#undef POLY_UBOUND -#endif - -/* mlkem/debug/debug.h */ -#if defined(POLYVEC_UBOUND) -#undef POLYVEC_UBOUND +#if defined(UBOUND) +#undef UBOUND #endif /* mlkem/debug/debug.h */ -#if defined(POLY_UBOUND_MSG) -#undef POLY_UBOUND_MSG +#if defined(mlkem_debug_assert) +#undef mlkem_debug_assert #endif /* mlkem/debug/debug.h */ -#if defined(STATIC_ASSERT) -#undef STATIC_ASSERT +#if defined(mlkem_debug_check_bounds) +#undef mlkem_debug_check_bounds #endif /* mlkem/indcpa.c */ -#if defined(pack_pk) -#undef pack_pk +#if defined(MLKEM_GEN_MATRIX_NBLOCKS) +#undef MLKEM_GEN_MATRIX_NBLOCKS #endif /* mlkem/indcpa.c */ -#if defined(unpack_pk) -#undef unpack_pk +#if defined(gen_matrix_entry) +#undef gen_matrix_entry #endif /* mlkem/indcpa.c */ -#if defined(pack_sk) -#undef pack_sk +#if defined(gen_matrix_entry_x4) +#undef gen_matrix_entry_x4 #endif /* mlkem/indcpa.c */ -#if defined(unpack_sk) -#undef unpack_sk +#if defined(matvec_mul) +#undef matvec_mul #endif /* mlkem/indcpa.c */ @@ -544,33 +544,33 @@ #endif /* mlkem/indcpa.c */ -#if defined(unpack_ciphertext) -#undef unpack_ciphertext +#if defined(pack_pk) +#undef pack_pk #endif /* mlkem/indcpa.c */ -#if defined(gen_matrix_entry_x4) -#undef gen_matrix_entry_x4 +#if defined(pack_sk) +#undef pack_sk #endif /* mlkem/indcpa.c */ -#if defined(gen_matrix_entry) -#undef gen_matrix_entry +#if defined(poly_permute_bitrev_to_custom) +#undef poly_permute_bitrev_to_custom #endif /* mlkem/indcpa.c */ -#if defined(matvec_mul) -#undef matvec_mul +#if defined(unpack_ciphertext) +#undef unpack_ciphertext #endif /* mlkem/indcpa.c */ -#if defined(MLKEM_GEN_MATRIX_NBLOCKS) -#undef MLKEM_GEN_MATRIX_NBLOCKS +#if defined(unpack_pk) +#undef unpack_pk #endif /* mlkem/indcpa.c */ -#if defined(poly_permute_bitrev_to_custom) -#undef poly_permute_bitrev_to_custom +#if defined(unpack_sk) +#undef unpack_sk #endif /* mlkem/indcpa.h */ @@ -584,8 +584,8 @@ #endif /* mlkem/indcpa.h */ -#if defined(indcpa_keypair_derand) -#undef indcpa_keypair_derand +#if defined(indcpa_dec) +#undef indcpa_dec #endif /* mlkem/indcpa.h */ @@ -594,8 +594,8 @@ #endif /* mlkem/indcpa.h */ -#if defined(indcpa_dec) -#undef indcpa_dec +#if defined(indcpa_keypair_derand) +#undef indcpa_keypair_derand #endif /* mlkem/kem.c */ @@ -614,13 +614,13 @@ #endif /* mlkem/mlkem_native.h */ -#if defined(MLKEM_NATIVE_H) -#undef MLKEM_NATIVE_H +#if defined(BUILD_INFO_CONCAT) +#undef BUILD_INFO_CONCAT #endif /* mlkem/mlkem_native.h */ -#if defined(BUILD_INFO_LVL) -#undef BUILD_INFO_LVL +#if defined(BUILD_INFO_CONCAT_) +#undef BUILD_INFO_CONCAT_ #endif /* mlkem/mlkem_native.h */ @@ -634,13 +634,8 @@ #endif /* mlkem/mlkem_native.h */ -#if defined(BUILD_INFO_CONCAT_) -#undef BUILD_INFO_CONCAT_ -#endif - -/* mlkem/mlkem_native.h */ -#if defined(BUILD_INFO_CONCAT) -#undef BUILD_INFO_CONCAT +#if defined(BUILD_INFO_LVL) +#undef BUILD_INFO_LVL #endif /* mlkem/mlkem_native.h */ @@ -649,38 +644,38 @@ #endif /* mlkem/mlkem_native.h */ -#if defined(MLKEM512_SECRETKEYBYTES) -#undef MLKEM512_SECRETKEYBYTES +#if defined(CRYPTO_BYTES) +#undef CRYPTO_BYTES #endif /* mlkem/mlkem_native.h */ -#if defined(MLKEM512_PUBLICKEYBYTES) -#undef MLKEM512_PUBLICKEYBYTES +#if defined(CRYPTO_CIPHERTEXTBYTES) +#undef CRYPTO_CIPHERTEXTBYTES #endif /* mlkem/mlkem_native.h */ -#if defined(MLKEM512_CIPHERTEXTBYTES) -#undef MLKEM512_CIPHERTEXTBYTES +#if defined(CRYPTO_PUBLICKEYBYTES) +#undef CRYPTO_PUBLICKEYBYTES #endif /* mlkem/mlkem_native.h */ -#if defined(MLKEM768_SECRETKEYBYTES) -#undef MLKEM768_SECRETKEYBYTES +#if defined(CRYPTO_SECRETKEYBYTES) +#undef CRYPTO_SECRETKEYBYTES #endif /* mlkem/mlkem_native.h */ -#if defined(MLKEM768_PUBLICKEYBYTES) -#undef MLKEM768_PUBLICKEYBYTES +#if defined(CRYPTO_SYMBYTES) +#undef CRYPTO_SYMBYTES #endif /* mlkem/mlkem_native.h */ -#if defined(MLKEM768_CIPHERTEXTBYTES) -#undef MLKEM768_CIPHERTEXTBYTES +#if defined(MLKEM1024_BYTES) +#undef MLKEM1024_BYTES #endif /* mlkem/mlkem_native.h */ -#if defined(MLKEM1024_SECRETKEYBYTES) -#undef MLKEM1024_SECRETKEYBYTES +#if defined(MLKEM1024_CIPHERTEXTBYTES) +#undef MLKEM1024_CIPHERTEXTBYTES #endif /* mlkem/mlkem_native.h */ @@ -689,38 +684,38 @@ #endif /* mlkem/mlkem_native.h */ -#if defined(MLKEM1024_CIPHERTEXTBYTES) -#undef MLKEM1024_CIPHERTEXTBYTES +#if defined(MLKEM1024_SECRETKEYBYTES) +#undef MLKEM1024_SECRETKEYBYTES #endif /* mlkem/mlkem_native.h */ -#if defined(MLKEM_SYMBYTES) -#undef MLKEM_SYMBYTES +#if defined(MLKEM1024_SYMBYTES) +#undef MLKEM1024_SYMBYTES #endif /* mlkem/mlkem_native.h */ -#if defined(MLKEM512_SYMBYTES) -#undef MLKEM512_SYMBYTES +#if defined(MLKEM512_BYTES) +#undef MLKEM512_BYTES #endif /* mlkem/mlkem_native.h */ -#if defined(MLKEM768_SYMBYTES) -#undef MLKEM768_SYMBYTES +#if defined(MLKEM512_CIPHERTEXTBYTES) +#undef MLKEM512_CIPHERTEXTBYTES #endif /* mlkem/mlkem_native.h */ -#if defined(MLKEM1024_SYMBYTES) -#undef MLKEM1024_SYMBYTES +#if defined(MLKEM512_PUBLICKEYBYTES) +#undef MLKEM512_PUBLICKEYBYTES #endif /* mlkem/mlkem_native.h */ -#if defined(MLKEM_BYTES) -#undef MLKEM_BYTES +#if defined(MLKEM512_SECRETKEYBYTES) +#undef MLKEM512_SECRETKEYBYTES #endif /* mlkem/mlkem_native.h */ -#if defined(MLKEM512_BYTES) -#undef MLKEM512_BYTES +#if defined(MLKEM512_SYMBYTES) +#undef MLKEM512_SYMBYTES #endif /* mlkem/mlkem_native.h */ @@ -729,33 +724,28 @@ #endif /* mlkem/mlkem_native.h */ -#if defined(MLKEM1024_BYTES) -#undef MLKEM1024_BYTES -#endif - -/* mlkem/mlkem_native.h */ -#if defined(MLKEM_SECRETKEYBYTES_) -#undef MLKEM_SECRETKEYBYTES_ +#if defined(MLKEM768_CIPHERTEXTBYTES) +#undef MLKEM768_CIPHERTEXTBYTES #endif /* mlkem/mlkem_native.h */ -#if defined(MLKEM_PUBLICKEYBYTES_) -#undef MLKEM_PUBLICKEYBYTES_ +#if defined(MLKEM768_PUBLICKEYBYTES) +#undef MLKEM768_PUBLICKEYBYTES #endif /* mlkem/mlkem_native.h */ -#if defined(MLKEM_CIPHERTEXTBYTES_) -#undef MLKEM_CIPHERTEXTBYTES_ +#if defined(MLKEM768_SECRETKEYBYTES) +#undef MLKEM768_SECRETKEYBYTES #endif /* mlkem/mlkem_native.h */ -#if defined(MLKEM_SECRETKEYBYTES) -#undef MLKEM_SECRETKEYBYTES +#if defined(MLKEM768_SYMBYTES) +#undef MLKEM768_SYMBYTES #endif /* mlkem/mlkem_native.h */ -#if defined(MLKEM_PUBLICKEYBYTES) -#undef MLKEM_PUBLICKEYBYTES +#if defined(MLKEM_BYTES) +#undef MLKEM_BYTES #endif /* mlkem/mlkem_native.h */ @@ -764,43 +754,43 @@ #endif /* mlkem/mlkem_native.h */ -#if defined(CRYPTO_SECRETKEYBYTES) -#undef CRYPTO_SECRETKEYBYTES +#if defined(MLKEM_CIPHERTEXTBYTES_) +#undef MLKEM_CIPHERTEXTBYTES_ #endif /* mlkem/mlkem_native.h */ -#if defined(CRYPTO_PUBLICKEYBYTES) -#undef CRYPTO_PUBLICKEYBYTES +#if defined(MLKEM_NATIVE_H) +#undef MLKEM_NATIVE_H #endif /* mlkem/mlkem_native.h */ -#if defined(CRYPTO_CIPHERTEXTBYTES) -#undef CRYPTO_CIPHERTEXTBYTES +#if defined(MLKEM_PUBLICKEYBYTES) +#undef MLKEM_PUBLICKEYBYTES #endif /* mlkem/mlkem_native.h */ -#if defined(CRYPTO_SYMBYTES) -#undef CRYPTO_SYMBYTES +#if defined(MLKEM_PUBLICKEYBYTES_) +#undef MLKEM_PUBLICKEYBYTES_ #endif /* mlkem/mlkem_native.h */ -#if defined(CRYPTO_BYTES) -#undef CRYPTO_BYTES +#if defined(MLKEM_SECRETKEYBYTES) +#undef MLKEM_SECRETKEYBYTES #endif /* mlkem/mlkem_native.h */ -#if defined(crypto_kem_keypair_derand) -#undef crypto_kem_keypair_derand +#if defined(MLKEM_SECRETKEYBYTES_) +#undef MLKEM_SECRETKEYBYTES_ #endif /* mlkem/mlkem_native.h */ -#if defined(crypto_kem_keypair) -#undef crypto_kem_keypair +#if defined(MLKEM_SYMBYTES) +#undef MLKEM_SYMBYTES #endif /* mlkem/mlkem_native.h */ -#if defined(crypto_kem_enc_derand) -#undef crypto_kem_enc_derand +#if defined(crypto_kem_dec) +#undef crypto_kem_dec #endif /* mlkem/mlkem_native.h */ @@ -809,13 +799,18 @@ #endif /* mlkem/mlkem_native.h */ -#if defined(crypto_kem_dec) -#undef crypto_kem_dec +#if defined(crypto_kem_enc_derand) +#undef crypto_kem_enc_derand #endif -/* mlkem/native/aarch64/clean.h */ -#if defined(MLKEM_NATIVE_ARITH_PROFILE_H) -#undef MLKEM_NATIVE_ARITH_PROFILE_H +/* mlkem/mlkem_native.h */ +#if defined(crypto_kem_keypair) +#undef crypto_kem_keypair +#endif + +/* mlkem/mlkem_native.h */ +#if defined(crypto_kem_keypair_derand) +#undef crypto_kem_keypair_derand #endif /* mlkem/native/aarch64/clean.h */ @@ -824,16 +819,16 @@ #endif /* mlkem/native/aarch64/clean.h */ -#if defined(MLKEM_NATIVE_ARITH_BACKEND_NAME) -#undef MLKEM_NATIVE_ARITH_BACKEND_NAME +#if defined(MLKEM_NATIVE_ARITH_BACKEND_IMPL) +#undef MLKEM_NATIVE_ARITH_BACKEND_IMPL #endif /* mlkem/native/aarch64/clean.h */ -#if defined(MLKEM_NATIVE_ARITH_BACKEND_IMPL) -#undef MLKEM_NATIVE_ARITH_BACKEND_IMPL +#if defined(MLKEM_NATIVE_ARITH_BACKEND_NAME) +#undef MLKEM_NATIVE_ARITH_BACKEND_NAME #endif -/* mlkem/native/aarch64/opt.h */ +/* mlkem/native/aarch64/clean.h */ #if defined(MLKEM_NATIVE_ARITH_PROFILE_H) #undef MLKEM_NATIVE_ARITH_PROFILE_H #endif @@ -843,14 +838,19 @@ #undef MLKEM_NATIVE_ARITH_BACKEND_AARCH64_OPT #endif +/* mlkem/native/aarch64/opt.h */ +#if defined(MLKEM_NATIVE_ARITH_BACKEND_IMPL) +#undef MLKEM_NATIVE_ARITH_BACKEND_IMPL +#endif + /* mlkem/native/aarch64/opt.h */ #if defined(MLKEM_NATIVE_ARITH_BACKEND_NAME) #undef MLKEM_NATIVE_ARITH_BACKEND_NAME #endif /* mlkem/native/aarch64/opt.h */ -#if defined(MLKEM_NATIVE_ARITH_BACKEND_IMPL) -#undef MLKEM_NATIVE_ARITH_BACKEND_IMPL +#if defined(MLKEM_NATIVE_ARITH_PROFILE_H) +#undef MLKEM_NATIVE_ARITH_PROFILE_H #endif /* mlkem/native/aarch64/src/aarch64_zetas.c */ @@ -864,23 +864,23 @@ #endif /* mlkem/native/aarch64/src/arith_native_aarch64.h */ -#if defined(aarch64_ntt_zetas_layer01234) -#undef aarch64_ntt_zetas_layer01234 +#if defined(aarch64_invntt_zetas_layer01234) +#undef aarch64_invntt_zetas_layer01234 #endif /* mlkem/native/aarch64/src/arith_native_aarch64.h */ -#if defined(aarch64_ntt_zetas_layer56) -#undef aarch64_ntt_zetas_layer56 +#if defined(aarch64_invntt_zetas_layer56) +#undef aarch64_invntt_zetas_layer56 #endif /* mlkem/native/aarch64/src/arith_native_aarch64.h */ -#if defined(aarch64_invntt_zetas_layer01234) -#undef aarch64_invntt_zetas_layer01234 +#if defined(aarch64_ntt_zetas_layer01234) +#undef aarch64_ntt_zetas_layer01234 #endif /* mlkem/native/aarch64/src/arith_native_aarch64.h */ -#if defined(aarch64_invntt_zetas_layer56) -#undef aarch64_invntt_zetas_layer56 +#if defined(aarch64_ntt_zetas_layer56) +#undef aarch64_ntt_zetas_layer56 #endif /* mlkem/native/aarch64/src/arith_native_aarch64.h */ @@ -894,8 +894,13 @@ #endif /* mlkem/native/aarch64/src/arith_native_aarch64.h */ -#if defined(rej_uniform_table) -#undef rej_uniform_table +#if defined(intt_asm_clean) +#undef intt_asm_clean +#endif + +/* mlkem/native/aarch64/src/arith_native_aarch64.h */ +#if defined(intt_asm_opt) +#undef intt_asm_opt #endif /* mlkem/native/aarch64/src/arith_native_aarch64.h */ @@ -909,18 +914,13 @@ #endif /* mlkem/native/aarch64/src/arith_native_aarch64.h */ -#if defined(intt_asm_clean) -#undef intt_asm_clean -#endif - -/* mlkem/native/aarch64/src/arith_native_aarch64.h */ -#if defined(intt_asm_opt) -#undef intt_asm_opt +#if defined(poly_mulcache_compute_asm_clean) +#undef poly_mulcache_compute_asm_clean #endif /* mlkem/native/aarch64/src/arith_native_aarch64.h */ -#if defined(rej_uniform_asm_clean) -#undef rej_uniform_asm_clean +#if defined(poly_mulcache_compute_asm_opt) +#undef poly_mulcache_compute_asm_opt #endif /* mlkem/native/aarch64/src/arith_native_aarch64.h */ @@ -934,53 +934,53 @@ #endif /* mlkem/native/aarch64/src/arith_native_aarch64.h */ -#if defined(poly_tomont_asm_clean) -#undef poly_tomont_asm_clean +#if defined(poly_tobytes_asm_clean) +#undef poly_tobytes_asm_clean #endif /* mlkem/native/aarch64/src/arith_native_aarch64.h */ -#if defined(poly_tomont_asm_opt) -#undef poly_tomont_asm_opt +#if defined(poly_tobytes_asm_opt) +#undef poly_tobytes_asm_opt #endif /* mlkem/native/aarch64/src/arith_native_aarch64.h */ -#if defined(poly_mulcache_compute_asm_clean) -#undef poly_mulcache_compute_asm_clean +#if defined(poly_tomont_asm_clean) +#undef poly_tomont_asm_clean #endif /* mlkem/native/aarch64/src/arith_native_aarch64.h */ -#if defined(poly_mulcache_compute_asm_opt) -#undef poly_mulcache_compute_asm_opt +#if defined(poly_tomont_asm_opt) +#undef poly_tomont_asm_opt #endif /* mlkem/native/aarch64/src/arith_native_aarch64.h */ -#if defined(poly_tobytes_asm_clean) -#undef poly_tobytes_asm_clean +#if defined(polyvec_basemul_acc_montgomery_cached_asm_clean) +#undef polyvec_basemul_acc_montgomery_cached_asm_clean #endif /* mlkem/native/aarch64/src/arith_native_aarch64.h */ -#if defined(poly_tobytes_asm_opt) -#undef poly_tobytes_asm_opt +#if defined(polyvec_basemul_acc_montgomery_cached_asm_opt) +#undef polyvec_basemul_acc_montgomery_cached_asm_opt #endif /* mlkem/native/aarch64/src/arith_native_aarch64.h */ -#if defined(polyvec_basemul_acc_montgomery_cached_asm_clean) -#undef polyvec_basemul_acc_montgomery_cached_asm_clean +#if defined(rej_uniform_asm_clean) +#undef rej_uniform_asm_clean #endif /* mlkem/native/aarch64/src/arith_native_aarch64.h */ -#if defined(polyvec_basemul_acc_montgomery_cached_asm_opt) -#undef polyvec_basemul_acc_montgomery_cached_asm_opt +#if defined(rej_uniform_table) +#undef rej_uniform_table #endif /* mlkem/native/aarch64/src/clean_impl.h */ -#if defined(MLKEM_NATIVE_ARITH_PROFILE_IMPL_H) -#undef MLKEM_NATIVE_ARITH_PROFILE_IMPL_H +#if defined(INVNTT_BOUND_NATIVE) +#undef INVNTT_BOUND_NATIVE #endif /* mlkem/native/aarch64/src/clean_impl.h */ -#if defined(MLKEM_USE_NATIVE_NTT) -#undef MLKEM_USE_NATIVE_NTT +#if defined(MLKEM_NATIVE_ARITH_PROFILE_IMPL_H) +#undef MLKEM_NATIVE_ARITH_PROFILE_IMPL_H #endif /* mlkem/native/aarch64/src/clean_impl.h */ @@ -989,13 +989,13 @@ #endif /* mlkem/native/aarch64/src/clean_impl.h */ -#if defined(MLKEM_USE_NATIVE_POLY_REDUCE) -#undef MLKEM_USE_NATIVE_POLY_REDUCE +#if defined(MLKEM_USE_NATIVE_NTT) +#undef MLKEM_USE_NATIVE_NTT #endif /* mlkem/native/aarch64/src/clean_impl.h */ -#if defined(MLKEM_USE_NATIVE_POLY_TOMONT) -#undef MLKEM_USE_NATIVE_POLY_TOMONT +#if defined(MLKEM_USE_NATIVE_POLYVEC_BASEMUL_ACC_MONTGOMERY_CACHED) +#undef MLKEM_USE_NATIVE_POLYVEC_BASEMUL_ACC_MONTGOMERY_CACHED #endif /* mlkem/native/aarch64/src/clean_impl.h */ @@ -1004,8 +1004,8 @@ #endif /* mlkem/native/aarch64/src/clean_impl.h */ -#if defined(MLKEM_USE_NATIVE_POLYVEC_BASEMUL_ACC_MONTGOMERY_CACHED) -#undef MLKEM_USE_NATIVE_POLYVEC_BASEMUL_ACC_MONTGOMERY_CACHED +#if defined(MLKEM_USE_NATIVE_POLY_REDUCE) +#undef MLKEM_USE_NATIVE_POLY_REDUCE #endif /* mlkem/native/aarch64/src/clean_impl.h */ @@ -1014,13 +1014,13 @@ #endif /* mlkem/native/aarch64/src/clean_impl.h */ -#if defined(MLKEM_USE_NATIVE_REJ_UNIFORM) -#undef MLKEM_USE_NATIVE_REJ_UNIFORM +#if defined(MLKEM_USE_NATIVE_POLY_TOMONT) +#undef MLKEM_USE_NATIVE_POLY_TOMONT #endif /* mlkem/native/aarch64/src/clean_impl.h */ -#if defined(INVNTT_BOUND_NATIVE) -#undef INVNTT_BOUND_NATIVE +#if defined(MLKEM_USE_NATIVE_REJ_UNIFORM) +#undef MLKEM_USE_NATIVE_REJ_UNIFORM #endif /* mlkem/native/aarch64/src/consts.h */ @@ -1039,13 +1039,13 @@ #endif /* mlkem/native/aarch64/src/opt_impl.h */ -#if defined(MLKEM_NATIVE_ARITH_PROFILE_IMPL_H) -#undef MLKEM_NATIVE_ARITH_PROFILE_IMPL_H +#if defined(INVNTT_BOUND_NATIVE) +#undef INVNTT_BOUND_NATIVE #endif /* mlkem/native/aarch64/src/opt_impl.h */ -#if defined(MLKEM_USE_NATIVE_NTT) -#undef MLKEM_USE_NATIVE_NTT +#if defined(MLKEM_NATIVE_ARITH_PROFILE_IMPL_H) +#undef MLKEM_NATIVE_ARITH_PROFILE_IMPL_H #endif /* mlkem/native/aarch64/src/opt_impl.h */ @@ -1054,13 +1054,13 @@ #endif /* mlkem/native/aarch64/src/opt_impl.h */ -#if defined(MLKEM_USE_NATIVE_POLY_REDUCE) -#undef MLKEM_USE_NATIVE_POLY_REDUCE +#if defined(MLKEM_USE_NATIVE_NTT) +#undef MLKEM_USE_NATIVE_NTT #endif /* mlkem/native/aarch64/src/opt_impl.h */ -#if defined(MLKEM_USE_NATIVE_POLY_TOMONT) -#undef MLKEM_USE_NATIVE_POLY_TOMONT +#if defined(MLKEM_USE_NATIVE_POLYVEC_BASEMUL_ACC_MONTGOMERY_CACHED) +#undef MLKEM_USE_NATIVE_POLYVEC_BASEMUL_ACC_MONTGOMERY_CACHED #endif /* mlkem/native/aarch64/src/opt_impl.h */ @@ -1069,8 +1069,8 @@ #endif /* mlkem/native/aarch64/src/opt_impl.h */ -#if defined(MLKEM_USE_NATIVE_POLYVEC_BASEMUL_ACC_MONTGOMERY_CACHED) -#undef MLKEM_USE_NATIVE_POLYVEC_BASEMUL_ACC_MONTGOMERY_CACHED +#if defined(MLKEM_USE_NATIVE_POLY_REDUCE) +#undef MLKEM_USE_NATIVE_POLY_REDUCE #endif /* mlkem/native/aarch64/src/opt_impl.h */ @@ -1078,6 +1078,11 @@ #undef MLKEM_USE_NATIVE_POLY_TOBYTES #endif +/* mlkem/native/aarch64/src/opt_impl.h */ +#if defined(MLKEM_USE_NATIVE_POLY_TOMONT) +#undef MLKEM_USE_NATIVE_POLY_TOMONT +#endif + /* mlkem/native/aarch64/src/opt_impl.h */ #if defined(MLKEM_USE_NATIVE_REJ_UNIFORM) #undef MLKEM_USE_NATIVE_REJ_UNIFORM @@ -1088,11 +1093,6 @@ #undef NTT_BOUND_NATIVE #endif -/* mlkem/native/aarch64/src/opt_impl.h */ -#if defined(INVNTT_BOUND_NATIVE) -#undef INVNTT_BOUND_NATIVE -#endif - /* mlkem/native/aarch64/src/rej_uniform_table.c */ #if defined(empty_cu_aarch64_rej_uniform_table) #undef empty_cu_aarch64_rej_uniform_table @@ -1109,28 +1109,28 @@ #endif /* mlkem/native/x86_64/default.h */ -#if defined(MLKEM_NATIVE_ARITH_PROFILE_H) -#undef MLKEM_NATIVE_ARITH_PROFILE_H +#if defined(MLKEM_NATIVE_ARITH_BACKEND_IMPL) +#undef MLKEM_NATIVE_ARITH_BACKEND_IMPL #endif /* mlkem/native/x86_64/default.h */ -#if defined(MLKEM_NATIVE_ARITH_BACKEND_X86_64_DEFAULT) -#undef MLKEM_NATIVE_ARITH_BACKEND_X86_64_DEFAULT +#if defined(MLKEM_NATIVE_ARITH_BACKEND_NAME) +#undef MLKEM_NATIVE_ARITH_BACKEND_NAME #endif /* mlkem/native/x86_64/default.h */ -#if defined(MLKEM_NATIVE_ARITH_BACKEND_NAME) -#undef MLKEM_NATIVE_ARITH_BACKEND_NAME +#if defined(MLKEM_NATIVE_ARITH_BACKEND_X86_64_DEFAULT) +#undef MLKEM_NATIVE_ARITH_BACKEND_X86_64_DEFAULT #endif /* mlkem/native/x86_64/default.h */ -#if defined(MLKEM_NATIVE_ARITH_BACKEND_IMPL) -#undef MLKEM_NATIVE_ARITH_BACKEND_IMPL +#if defined(MLKEM_NATIVE_ARITH_PROFILE_H) +#undef MLKEM_NATIVE_ARITH_PROFILE_H #endif /* mlkem/native/x86_64/src/align.h */ -#if defined(ALIGN_H) -#undef ALIGN_H +#if defined(ALIGNED_INT16) +#undef ALIGNED_INT16 #endif /* mlkem/native/x86_64/src/align.h */ @@ -1139,8 +1139,8 @@ #endif /* mlkem/native/x86_64/src/align.h */ -#if defined(ALIGNED_INT16) -#undef ALIGNED_INT16 +#if defined(ALIGN_H) +#undef ALIGN_H #endif /* mlkem/native/x86_64/src/arith_native_x86_64.h */ @@ -1149,23 +1149,23 @@ #endif /* mlkem/native/x86_64/src/arith_native_x86_64.h */ -#if defined(REJ_UNIFORM_AVX_NBLOCKS) -#undef REJ_UNIFORM_AVX_NBLOCKS +#if defined(REJ_UNIFORM_AVX_BUFLEN) +#undef REJ_UNIFORM_AVX_BUFLEN #endif /* mlkem/native/x86_64/src/arith_native_x86_64.h */ -#if defined(REJ_UNIFORM_AVX_BUFLEN) -#undef REJ_UNIFORM_AVX_BUFLEN +#if defined(REJ_UNIFORM_AVX_NBLOCKS) +#undef REJ_UNIFORM_AVX_NBLOCKS #endif /* mlkem/native/x86_64/src/arith_native_x86_64.h */ -#if defined(rej_uniform_avx2) -#undef rej_uniform_avx2 +#if defined(basemul_avx2) +#undef basemul_avx2 #endif /* mlkem/native/x86_64/src/arith_native_x86_64.h */ -#if defined(rej_uniform_table) -#undef rej_uniform_table +#if defined(invntt_avx2) +#undef invntt_avx2 #endif /* mlkem/native/x86_64/src/arith_native_x86_64.h */ @@ -1174,8 +1174,8 @@ #endif /* mlkem/native/x86_64/src/arith_native_x86_64.h */ -#if defined(invntt_avx2) -#undef invntt_avx2 +#if defined(nttfrombytes_avx2) +#undef nttfrombytes_avx2 #endif /* mlkem/native/x86_64/src/arith_native_x86_64.h */ @@ -1184,33 +1184,33 @@ #endif /* mlkem/native/x86_64/src/arith_native_x86_64.h */ -#if defined(nttunpack_avx2) -#undef nttunpack_avx2 +#if defined(ntttobytes_avx2) +#undef ntttobytes_avx2 #endif /* mlkem/native/x86_64/src/arith_native_x86_64.h */ -#if defined(reduce_avx2) -#undef reduce_avx2 +#if defined(nttunpack_avx2) +#undef nttunpack_avx2 #endif /* mlkem/native/x86_64/src/arith_native_x86_64.h */ -#if defined(basemul_avx2) -#undef basemul_avx2 +#if defined(polyvec_basemul_acc_montgomery_cached_avx2) +#undef polyvec_basemul_acc_montgomery_cached_avx2 #endif /* mlkem/native/x86_64/src/arith_native_x86_64.h */ -#if defined(polyvec_basemul_acc_montgomery_cached_avx2) -#undef polyvec_basemul_acc_montgomery_cached_avx2 +#if defined(reduce_avx2) +#undef reduce_avx2 #endif /* mlkem/native/x86_64/src/arith_native_x86_64.h */ -#if defined(ntttobytes_avx2) -#undef ntttobytes_avx2 +#if defined(rej_uniform_avx2) +#undef rej_uniform_avx2 #endif /* mlkem/native/x86_64/src/arith_native_x86_64.h */ -#if defined(nttfrombytes_avx2) -#undef nttfrombytes_avx2 +#if defined(rej_uniform_table) +#undef rej_uniform_table #endif /* mlkem/native/x86_64/src/arith_native_x86_64.h */ @@ -1224,113 +1224,113 @@ #endif /* mlkem/native/x86_64/src/consts.c */ -#if defined(Q) -#undef Q +#if defined(AVX2_BACKEND_DATA_OFFSET_16XFHI) +#undef AVX2_BACKEND_DATA_OFFSET_16XFHI #endif /* mlkem/native/x86_64/src/consts.c */ -#if defined(MONT) -#undef MONT +#if defined(AVX2_BACKEND_DATA_OFFSET_16XFLO) +#undef AVX2_BACKEND_DATA_OFFSET_16XFLO #endif /* mlkem/native/x86_64/src/consts.c */ -#if defined(QINV) -#undef QINV +#if defined(AVX2_BACKEND_DATA_OFFSET_16XMASK) +#undef AVX2_BACKEND_DATA_OFFSET_16XMASK #endif /* mlkem/native/x86_64/src/consts.c */ -#if defined(V) -#undef V +#if defined(AVX2_BACKEND_DATA_OFFSET_16XMONTSQHI) +#undef AVX2_BACKEND_DATA_OFFSET_16XMONTSQHI #endif /* mlkem/native/x86_64/src/consts.c */ -#if defined(FHI) -#undef FHI +#if defined(AVX2_BACKEND_DATA_OFFSET_16XMONTSQLO) +#undef AVX2_BACKEND_DATA_OFFSET_16XMONTSQLO #endif /* mlkem/native/x86_64/src/consts.c */ -#if defined(FLO) -#undef FLO +#if defined(AVX2_BACKEND_DATA_OFFSET_16XQ) +#undef AVX2_BACKEND_DATA_OFFSET_16XQ #endif /* mlkem/native/x86_64/src/consts.c */ -#if defined(MONTSQHI) -#undef MONTSQHI +#if defined(AVX2_BACKEND_DATA_OFFSET_16XQINV) +#undef AVX2_BACKEND_DATA_OFFSET_16XQINV #endif /* mlkem/native/x86_64/src/consts.c */ -#if defined(MONTSQLO) -#undef MONTSQLO +#if defined(AVX2_BACKEND_DATA_OFFSET_16XSHIFT) +#undef AVX2_BACKEND_DATA_OFFSET_16XSHIFT #endif /* mlkem/native/x86_64/src/consts.c */ -#if defined(MASK) -#undef MASK +#if defined(AVX2_BACKEND_DATA_OFFSET_16XV) +#undef AVX2_BACKEND_DATA_OFFSET_16XV #endif /* mlkem/native/x86_64/src/consts.c */ -#if defined(SHIFT) -#undef SHIFT +#if defined(AVX2_BACKEND_DATA_OFFSET_REVIDXB) +#undef AVX2_BACKEND_DATA_OFFSET_REVIDXB #endif /* mlkem/native/x86_64/src/consts.c */ -#if defined(_16XQ) -#undef _16XQ +#if defined(AVX2_BACKEND_DATA_OFFSET_REVIDXD) +#undef AVX2_BACKEND_DATA_OFFSET_REVIDXD #endif /* mlkem/native/x86_64/src/consts.c */ -#if defined(_16XQINV) -#undef _16XQINV +#if defined(AVX2_BACKEND_DATA_OFFSET_ZETAS_EXP) +#undef AVX2_BACKEND_DATA_OFFSET_ZETAS_EXP #endif /* mlkem/native/x86_64/src/consts.c */ -#if defined(_16XV) -#undef _16XV +#if defined(FHI) +#undef FHI #endif /* mlkem/native/x86_64/src/consts.c */ -#if defined(_16XFLO) -#undef _16XFLO +#if defined(FLO) +#undef FLO #endif /* mlkem/native/x86_64/src/consts.c */ -#if defined(_16XFHI) -#undef _16XFHI +#if defined(MASK) +#undef MASK #endif /* mlkem/native/x86_64/src/consts.c */ -#if defined(_16XMONTSQLO) -#undef _16XMONTSQLO +#if defined(MONT) +#undef MONT #endif /* mlkem/native/x86_64/src/consts.c */ -#if defined(_16XMONTSQHI) -#undef _16XMONTSQHI +#if defined(MONTSQHI) +#undef MONTSQHI #endif /* mlkem/native/x86_64/src/consts.c */ -#if defined(_16XMASK) -#undef _16XMASK +#if defined(MONTSQLO) +#undef MONTSQLO #endif /* mlkem/native/x86_64/src/consts.c */ -#if defined(_REVIDXB) -#undef _REVIDXB +#if defined(Q) +#undef Q #endif /* mlkem/native/x86_64/src/consts.c */ -#if defined(_REVIDXD) -#undef _REVIDXD +#if defined(QINV) +#undef QINV #endif /* mlkem/native/x86_64/src/consts.c */ -#if defined(_ZETAS_EXP) -#undef _ZETAS_EXP +#if defined(SHIFT) +#undef SHIFT #endif /* mlkem/native/x86_64/src/consts.c */ -#if defined(_16XSHIFT) -#undef _16XSHIFT +#if defined(V) +#undef V #endif /* mlkem/native/x86_64/src/consts.c */ @@ -1339,68 +1339,68 @@ #endif /* mlkem/native/x86_64/src/consts.h */ -#if defined(CONSTS_H) -#undef CONSTS_H +#if defined(AVX2_BACKEND_DATA_OFFSET_16XFHI) +#undef AVX2_BACKEND_DATA_OFFSET_16XFHI #endif /* mlkem/native/x86_64/src/consts.h */ -#if defined(_16XQ) -#undef _16XQ +#if defined(AVX2_BACKEND_DATA_OFFSET_16XFLO) +#undef AVX2_BACKEND_DATA_OFFSET_16XFLO #endif /* mlkem/native/x86_64/src/consts.h */ -#if defined(_16XQINV) -#undef _16XQINV +#if defined(AVX2_BACKEND_DATA_OFFSET_16XMASK) +#undef AVX2_BACKEND_DATA_OFFSET_16XMASK #endif /* mlkem/native/x86_64/src/consts.h */ -#if defined(_16XV) -#undef _16XV +#if defined(AVX2_BACKEND_DATA_OFFSET_16XMONTSQHI) +#undef AVX2_BACKEND_DATA_OFFSET_16XMONTSQHI #endif /* mlkem/native/x86_64/src/consts.h */ -#if defined(_16XFLO) -#undef _16XFLO +#if defined(AVX2_BACKEND_DATA_OFFSET_16XMONTSQLO) +#undef AVX2_BACKEND_DATA_OFFSET_16XMONTSQLO #endif /* mlkem/native/x86_64/src/consts.h */ -#if defined(_16XFHI) -#undef _16XFHI +#if defined(AVX2_BACKEND_DATA_OFFSET_16XQ) +#undef AVX2_BACKEND_DATA_OFFSET_16XQ #endif /* mlkem/native/x86_64/src/consts.h */ -#if defined(_16XMONTSQLO) -#undef _16XMONTSQLO +#if defined(AVX2_BACKEND_DATA_OFFSET_16XQINV) +#undef AVX2_BACKEND_DATA_OFFSET_16XQINV #endif /* mlkem/native/x86_64/src/consts.h */ -#if defined(_16XMONTSQHI) -#undef _16XMONTSQHI +#if defined(AVX2_BACKEND_DATA_OFFSET_16XSHIFT) +#undef AVX2_BACKEND_DATA_OFFSET_16XSHIFT #endif /* mlkem/native/x86_64/src/consts.h */ -#if defined(_16XMASK) -#undef _16XMASK +#if defined(AVX2_BACKEND_DATA_OFFSET_16XV) +#undef AVX2_BACKEND_DATA_OFFSET_16XV #endif /* mlkem/native/x86_64/src/consts.h */ -#if defined(_REVIDXB) -#undef _REVIDXB +#if defined(AVX2_BACKEND_DATA_OFFSET_REVIDXB) +#undef AVX2_BACKEND_DATA_OFFSET_REVIDXB #endif /* mlkem/native/x86_64/src/consts.h */ -#if defined(_REVIDXD) -#undef _REVIDXD +#if defined(AVX2_BACKEND_DATA_OFFSET_REVIDXD) +#undef AVX2_BACKEND_DATA_OFFSET_REVIDXD #endif /* mlkem/native/x86_64/src/consts.h */ -#if defined(_ZETAS_EXP) -#undef _ZETAS_EXP +#if defined(AVX2_BACKEND_DATA_OFFSET_ZETAS_EXP) +#undef AVX2_BACKEND_DATA_OFFSET_ZETAS_EXP #endif /* mlkem/native/x86_64/src/consts.h */ -#if defined(_16XSHIFT) -#undef _16XSHIFT +#if defined(CONSTS_H) +#undef CONSTS_H #endif /* mlkem/native/x86_64/src/consts.h */ @@ -1409,18 +1409,18 @@ #endif /* mlkem/native/x86_64/src/default_impl.h */ -#if defined(MLKEM_NATIVE_ARITH_PROFILE_IMPL_H) -#undef MLKEM_NATIVE_ARITH_PROFILE_IMPL_H +#if defined(INVNTT_BOUND_NATIVE) +#undef INVNTT_BOUND_NATIVE #endif /* mlkem/native/x86_64/src/default_impl.h */ -#if defined(MLKEM_USE_NATIVE_NTT_CUSTOM_ORDER) -#undef MLKEM_USE_NATIVE_NTT_CUSTOM_ORDER +#if defined(MLKEM_NATIVE_ARITH_PROFILE_IMPL_H) +#undef MLKEM_NATIVE_ARITH_PROFILE_IMPL_H #endif /* mlkem/native/x86_64/src/default_impl.h */ -#if defined(MLKEM_USE_NATIVE_REJ_UNIFORM) -#undef MLKEM_USE_NATIVE_REJ_UNIFORM +#if defined(MLKEM_USE_NATIVE_INTT) +#undef MLKEM_USE_NATIVE_INTT #endif /* mlkem/native/x86_64/src/default_impl.h */ @@ -1429,28 +1429,28 @@ #endif /* mlkem/native/x86_64/src/default_impl.h */ -#if defined(MLKEM_USE_NATIVE_INTT) -#undef MLKEM_USE_NATIVE_INTT +#if defined(MLKEM_USE_NATIVE_NTT_CUSTOM_ORDER) +#undef MLKEM_USE_NATIVE_NTT_CUSTOM_ORDER #endif /* mlkem/native/x86_64/src/default_impl.h */ -#if defined(MLKEM_USE_NATIVE_POLY_REDUCE) -#undef MLKEM_USE_NATIVE_POLY_REDUCE +#if defined(MLKEM_USE_NATIVE_POLYVEC_BASEMUL_ACC_MONTGOMERY_CACHED) +#undef MLKEM_USE_NATIVE_POLYVEC_BASEMUL_ACC_MONTGOMERY_CACHED #endif /* mlkem/native/x86_64/src/default_impl.h */ -#if defined(MLKEM_USE_NATIVE_POLY_TOMONT) -#undef MLKEM_USE_NATIVE_POLY_TOMONT +#if defined(MLKEM_USE_NATIVE_POLY_FROMBYTES) +#undef MLKEM_USE_NATIVE_POLY_FROMBYTES #endif /* mlkem/native/x86_64/src/default_impl.h */ -#if defined(MLKEM_USE_NATIVE_POLYVEC_BASEMUL_ACC_MONTGOMERY_CACHED) -#undef MLKEM_USE_NATIVE_POLYVEC_BASEMUL_ACC_MONTGOMERY_CACHED +#if defined(MLKEM_USE_NATIVE_POLY_MULCACHE_COMPUTE) +#undef MLKEM_USE_NATIVE_POLY_MULCACHE_COMPUTE #endif /* mlkem/native/x86_64/src/default_impl.h */ -#if defined(MLKEM_USE_NATIVE_POLY_MULCACHE_COMPUTE) -#undef MLKEM_USE_NATIVE_POLY_MULCACHE_COMPUTE +#if defined(MLKEM_USE_NATIVE_POLY_REDUCE) +#undef MLKEM_USE_NATIVE_POLY_REDUCE #endif /* mlkem/native/x86_64/src/default_impl.h */ @@ -1459,13 +1459,13 @@ #endif /* mlkem/native/x86_64/src/default_impl.h */ -#if defined(MLKEM_USE_NATIVE_POLY_FROMBYTES) -#undef MLKEM_USE_NATIVE_POLY_FROMBYTES +#if defined(MLKEM_USE_NATIVE_POLY_TOMONT) +#undef MLKEM_USE_NATIVE_POLY_TOMONT #endif /* mlkem/native/x86_64/src/default_impl.h */ -#if defined(INVNTT_BOUND_NATIVE) -#undef INVNTT_BOUND_NATIVE +#if defined(MLKEM_USE_NATIVE_REJ_UNIFORM) +#undef MLKEM_USE_NATIVE_REJ_UNIFORM #endif /* mlkem/native/x86_64/src/default_impl.h */ @@ -1473,16 +1473,6 @@ #undef NTT_BOUND_NATIVE #endif -/* mlkem/native/x86_64/src/rej_uniform_avx2.c */ -#if defined(_mm256_cmpge_epu16) -#undef _mm256_cmpge_epu16 -#endif - -/* mlkem/native/x86_64/src/rej_uniform_avx2.c */ -#if defined(_mm_cmpge_epu16) -#undef _mm_cmpge_epu16 -#endif - /* mlkem/native/x86_64/src/rej_uniform_avx2.c */ #if defined(empty_cu_rej_uniform_avx2) #undef empty_cu_rej_uniform_avx2 @@ -1494,23 +1484,23 @@ #endif /* mlkem/ntt.c */ -#if defined(ntt_butterfly_block) -#undef ntt_butterfly_block +#if defined(INVNTT_BOUND_REF) +#undef INVNTT_BOUND_REF #endif /* mlkem/ntt.c */ -#if defined(ntt_layer) -#undef ntt_layer +#if defined(invntt_layer) +#undef invntt_layer #endif /* mlkem/ntt.c */ -#if defined(invntt_layer) -#undef invntt_layer +#if defined(ntt_butterfly_block) +#undef ntt_butterfly_block #endif /* mlkem/ntt.c */ -#if defined(INVNTT_BOUND_REF) -#undef INVNTT_BOUND_REF +#if defined(ntt_layer) +#undef ntt_layer #endif /* mlkem/ntt.h */ @@ -1519,88 +1509,88 @@ #endif /* mlkem/ntt.h */ -#if defined(zetas) -#undef zetas +#if defined(basemul_cached) +#undef basemul_cached #endif /* mlkem/ntt.h */ -#if defined(poly_ntt) -#undef poly_ntt +#if defined(poly_invntt_tomont) +#undef poly_invntt_tomont #endif /* mlkem/ntt.h */ -#if defined(poly_invntt_tomont) -#undef poly_invntt_tomont +#if defined(poly_ntt) +#undef poly_ntt #endif /* mlkem/ntt.h */ -#if defined(basemul_cached) -#undef basemul_cached +#if defined(zetas) +#undef zetas #endif /* mlkem/params.h */ -#if defined(PARAMS_H) -#undef PARAMS_H +#if defined(KECCAK_WAY) +#undef KECCAK_WAY #endif /* mlkem/params.h */ -#if defined(MLKEM_N) -#undef MLKEM_N +#if defined(MLKEM_ETA1) +#undef MLKEM_ETA1 #endif /* mlkem/params.h */ -#if defined(MLKEM_Q) -#undef MLKEM_Q +#if defined(MLKEM_ETA1) +#undef MLKEM_ETA1 #endif /* mlkem/params.h */ -#if defined(UINT12_LIMIT) -#undef UINT12_LIMIT +#if defined(MLKEM_ETA1) +#undef MLKEM_ETA1 #endif /* mlkem/params.h */ -#if defined(MLKEM_SYMBYTES) -#undef MLKEM_SYMBYTES +#if defined(MLKEM_ETA2) +#undef MLKEM_ETA2 #endif /* mlkem/params.h */ -#if defined(MLKEM_SSBYTES) -#undef MLKEM_SSBYTES +#if defined(MLKEM_INDCCA_CIPHERTEXTBYTES) +#undef MLKEM_INDCCA_CIPHERTEXTBYTES #endif /* mlkem/params.h */ -#if defined(MLKEM_POLYBYTES) -#undef MLKEM_POLYBYTES +#if defined(MLKEM_INDCCA_PUBLICKEYBYTES) +#undef MLKEM_INDCCA_PUBLICKEYBYTES #endif /* mlkem/params.h */ -#if defined(MLKEM_POLYVECBYTES) -#undef MLKEM_POLYVECBYTES +#if defined(MLKEM_INDCCA_SECRETKEYBYTES) +#undef MLKEM_INDCCA_SECRETKEYBYTES #endif /* mlkem/params.h */ -#if defined(MLKEM_LVL) -#undef MLKEM_LVL +#if defined(MLKEM_INDCPA_BYTES) +#undef MLKEM_INDCPA_BYTES #endif /* mlkem/params.h */ -#if defined(MLKEM_ETA1) -#undef MLKEM_ETA1 +#if defined(MLKEM_INDCPA_MSGBYTES) +#undef MLKEM_INDCPA_MSGBYTES #endif /* mlkem/params.h */ -#if defined(MLKEM_POLYCOMPRESSEDBYTES_DV) -#undef MLKEM_POLYCOMPRESSEDBYTES_DV +#if defined(MLKEM_INDCPA_PUBLICKEYBYTES) +#undef MLKEM_INDCPA_PUBLICKEYBYTES #endif /* mlkem/params.h */ -#if defined(MLKEM_POLYCOMPRESSEDBYTES_DU) -#undef MLKEM_POLYCOMPRESSEDBYTES_DU +#if defined(MLKEM_INDCPA_SECRETKEYBYTES) +#undef MLKEM_INDCPA_SECRETKEYBYTES #endif /* mlkem/params.h */ -#if defined(MLKEM_POLYVECCOMPRESSEDBYTES_DU) -#undef MLKEM_POLYVECCOMPRESSEDBYTES_DU +#if defined(MLKEM_LVL) +#undef MLKEM_LVL #endif /* mlkem/params.h */ @@ -1609,33 +1599,33 @@ #endif /* mlkem/params.h */ -#if defined(MLKEM_ETA1) -#undef MLKEM_ETA1 +#if defined(MLKEM_LVL) +#undef MLKEM_LVL #endif /* mlkem/params.h */ -#if defined(MLKEM_POLYCOMPRESSEDBYTES_DV) -#undef MLKEM_POLYCOMPRESSEDBYTES_DV +#if defined(MLKEM_N) +#undef MLKEM_N #endif /* mlkem/params.h */ -#if defined(MLKEM_POLYCOMPRESSEDBYTES_DU) -#undef MLKEM_POLYCOMPRESSEDBYTES_DU +#if defined(MLKEM_POLYBYTES) +#undef MLKEM_POLYBYTES #endif /* mlkem/params.h */ -#if defined(MLKEM_POLYVECCOMPRESSEDBYTES_DU) -#undef MLKEM_POLYVECCOMPRESSEDBYTES_DU +#if defined(MLKEM_POLYCOMPRESSEDBYTES_DU) +#undef MLKEM_POLYCOMPRESSEDBYTES_DU #endif /* mlkem/params.h */ -#if defined(MLKEM_LVL) -#undef MLKEM_LVL +#if defined(MLKEM_POLYCOMPRESSEDBYTES_DU) +#undef MLKEM_POLYCOMPRESSEDBYTES_DU #endif /* mlkem/params.h */ -#if defined(MLKEM_ETA1) -#undef MLKEM_ETA1 +#if defined(MLKEM_POLYCOMPRESSEDBYTES_DU) +#undef MLKEM_POLYCOMPRESSEDBYTES_DU #endif /* mlkem/params.h */ @@ -1644,63 +1634,58 @@ #endif /* mlkem/params.h */ -#if defined(MLKEM_POLYCOMPRESSEDBYTES_DU) -#undef MLKEM_POLYCOMPRESSEDBYTES_DU +#if defined(MLKEM_POLYCOMPRESSEDBYTES_DV) +#undef MLKEM_POLYCOMPRESSEDBYTES_DV #endif /* mlkem/params.h */ -#if defined(MLKEM_POLYVECCOMPRESSEDBYTES_DU) -#undef MLKEM_POLYVECCOMPRESSEDBYTES_DU +#if defined(MLKEM_POLYCOMPRESSEDBYTES_DV) +#undef MLKEM_POLYCOMPRESSEDBYTES_DV #endif /* mlkem/params.h */ -#if defined(MLKEM_ETA2) -#undef MLKEM_ETA2 +#if defined(MLKEM_POLYVECBYTES) +#undef MLKEM_POLYVECBYTES #endif /* mlkem/params.h */ -#if defined(MLKEM_INDCPA_MSGBYTES) -#undef MLKEM_INDCPA_MSGBYTES +#if defined(MLKEM_POLYVECCOMPRESSEDBYTES_DU) +#undef MLKEM_POLYVECCOMPRESSEDBYTES_DU #endif /* mlkem/params.h */ -#if defined(MLKEM_INDCPA_PUBLICKEYBYTES) -#undef MLKEM_INDCPA_PUBLICKEYBYTES +#if defined(MLKEM_POLYVECCOMPRESSEDBYTES_DU) +#undef MLKEM_POLYVECCOMPRESSEDBYTES_DU #endif /* mlkem/params.h */ -#if defined(MLKEM_INDCPA_SECRETKEYBYTES) -#undef MLKEM_INDCPA_SECRETKEYBYTES +#if defined(MLKEM_POLYVECCOMPRESSEDBYTES_DU) +#undef MLKEM_POLYVECCOMPRESSEDBYTES_DU #endif /* mlkem/params.h */ -#if defined(MLKEM_INDCPA_BYTES) -#undef MLKEM_INDCPA_BYTES +#if defined(MLKEM_Q) +#undef MLKEM_Q #endif /* mlkem/params.h */ -#if defined(MLKEM_INDCCA_PUBLICKEYBYTES) -#undef MLKEM_INDCCA_PUBLICKEYBYTES +#if defined(MLKEM_SSBYTES) +#undef MLKEM_SSBYTES #endif /* mlkem/params.h */ -#if defined(MLKEM_INDCCA_SECRETKEYBYTES) -#undef MLKEM_INDCCA_SECRETKEYBYTES +#if defined(MLKEM_SYMBYTES) +#undef MLKEM_SYMBYTES #endif /* mlkem/params.h */ -#if defined(MLKEM_INDCCA_CIPHERTEXTBYTES) -#undef MLKEM_INDCCA_CIPHERTEXTBYTES +#if defined(PARAMS_H) +#undef PARAMS_H #endif /* mlkem/params.h */ -#if defined(KECCAK_WAY) -#undef KECCAK_WAY -#endif - -/* mlkem/poly.h */ -#if defined(POLY_H) -#undef POLY_H +#if defined(UINT12_LIMIT) +#undef UINT12_LIMIT #endif /* mlkem/poly.h */ @@ -1713,84 +1698,94 @@ #undef NTT_BOUND #endif +/* mlkem/poly.h */ +#if defined(POLY_H) +#undef POLY_H +#endif + /* mlkem/poly.h */ #if defined(poly) #undef poly #endif /* mlkem/poly.h */ -#if defined(poly_mulcache) -#undef poly_mulcache +#if defined(poly_add) +#undef poly_add #endif /* mlkem/poly.h */ -#if defined(scalar_compress_d1) -#undef scalar_compress_d1 +#if defined(poly_basemul_montgomery_cached) +#undef poly_basemul_montgomery_cached #endif /* mlkem/poly.h */ -#if defined(scalar_compress_d4) -#undef scalar_compress_d4 +#if defined(poly_compress_du) +#undef poly_compress_du #endif /* mlkem/poly.h */ -#if defined(scalar_compress_d5) -#undef scalar_compress_d5 +#if defined(poly_compress_dv) +#undef poly_compress_dv #endif /* mlkem/poly.h */ -#if defined(scalar_compress_d10) -#undef scalar_compress_d10 +#if defined(poly_decompress_du) +#undef poly_decompress_du #endif /* mlkem/poly.h */ -#if defined(scalar_compress_d11) -#undef scalar_compress_d11 +#if defined(poly_decompress_dv) +#undef poly_decompress_dv #endif /* mlkem/poly.h */ -#if defined(scalar_decompress_d4) -#undef scalar_decompress_d4 +#if defined(poly_frombytes) +#undef poly_frombytes #endif /* mlkem/poly.h */ -#if defined(scalar_decompress_d5) -#undef scalar_decompress_d5 +#if defined(poly_frommsg) +#undef poly_frommsg #endif /* mlkem/poly.h */ -#if defined(scalar_decompress_d10) -#undef scalar_decompress_d10 +#if defined(poly_getnoise_eta1122_4x) +#undef poly_getnoise_eta1122_4x #endif /* mlkem/poly.h */ -#if defined(scalar_decompress_d11) -#undef scalar_decompress_d11 +#if defined(poly_getnoise_eta1_4x) +#undef poly_getnoise_eta1_4x #endif /* mlkem/poly.h */ -#if defined(scalar_signed_to_unsigned_q) -#undef scalar_signed_to_unsigned_q +#if defined(poly_getnoise_eta2) +#undef poly_getnoise_eta2 #endif /* mlkem/poly.h */ -#if defined(poly_compress_du) -#undef poly_compress_du +#if defined(poly_getnoise_eta2_4x) +#undef poly_getnoise_eta2_4x #endif /* mlkem/poly.h */ -#if defined(poly_decompress_du) -#undef poly_decompress_du +#if defined(poly_mulcache) +#undef poly_mulcache #endif /* mlkem/poly.h */ -#if defined(poly_compress_dv) -#undef poly_compress_dv +#if defined(poly_mulcache_compute) +#undef poly_mulcache_compute +#endif + +/* mlkem/poly.h */ +#if defined(poly_reduce) +#undef poly_reduce #endif /* mlkem/poly.h */ -#if defined(poly_decompress_dv) -#undef poly_decompress_dv +#if defined(poly_sub) +#undef poly_sub #endif /* mlkem/poly.h */ @@ -1799,13 +1794,8 @@ #endif /* mlkem/poly.h */ -#if defined(poly_frombytes) -#undef poly_frombytes -#endif - -/* mlkem/poly.h */ -#if defined(poly_frommsg) -#undef poly_frommsg +#if defined(poly_tomont) +#undef poly_tomont #endif /* mlkem/poly.h */ @@ -1814,53 +1804,53 @@ #endif /* mlkem/poly.h */ -#if defined(poly_getnoise_eta1_4x) -#undef poly_getnoise_eta1_4x +#if defined(scalar_compress_d1) +#undef scalar_compress_d1 #endif /* mlkem/poly.h */ -#if defined(poly_getnoise_eta2_4x) -#undef poly_getnoise_eta2_4x +#if defined(scalar_compress_d10) +#undef scalar_compress_d10 #endif /* mlkem/poly.h */ -#if defined(poly_getnoise_eta2) -#undef poly_getnoise_eta2 +#if defined(scalar_compress_d11) +#undef scalar_compress_d11 #endif /* mlkem/poly.h */ -#if defined(poly_getnoise_eta1122_4x) -#undef poly_getnoise_eta1122_4x +#if defined(scalar_compress_d4) +#undef scalar_compress_d4 #endif /* mlkem/poly.h */ -#if defined(poly_basemul_montgomery_cached) -#undef poly_basemul_montgomery_cached +#if defined(scalar_compress_d5) +#undef scalar_compress_d5 #endif /* mlkem/poly.h */ -#if defined(poly_tomont) -#undef poly_tomont +#if defined(scalar_decompress_d10) +#undef scalar_decompress_d10 #endif /* mlkem/poly.h */ -#if defined(poly_mulcache_compute) -#undef poly_mulcache_compute +#if defined(scalar_decompress_d11) +#undef scalar_decompress_d11 #endif /* mlkem/poly.h */ -#if defined(poly_reduce) -#undef poly_reduce +#if defined(scalar_decompress_d4) +#undef scalar_decompress_d4 #endif /* mlkem/poly.h */ -#if defined(poly_add) -#undef poly_add +#if defined(scalar_decompress_d5) +#undef scalar_decompress_d5 #endif /* mlkem/poly.h */ -#if defined(poly_sub) -#undef poly_sub +#if defined(scalar_signed_to_unsigned_q) +#undef scalar_signed_to_unsigned_q #endif /* mlkem/polyvec.h */ @@ -1874,33 +1864,33 @@ #endif /* mlkem/polyvec.h */ -#if defined(polyvec_mulcache) -#undef polyvec_mulcache +#if defined(polyvec_add) +#undef polyvec_add #endif /* mlkem/polyvec.h */ -#if defined(polyvec_compress_du) -#undef polyvec_compress_du +#if defined(polyvec_basemul_acc_montgomery) +#undef polyvec_basemul_acc_montgomery #endif /* mlkem/polyvec.h */ -#if defined(polyvec_decompress_du) -#undef polyvec_decompress_du +#if defined(polyvec_basemul_acc_montgomery_cached) +#undef polyvec_basemul_acc_montgomery_cached #endif /* mlkem/polyvec.h */ -#if defined(polyvec_tobytes) -#undef polyvec_tobytes +#if defined(polyvec_compress_du) +#undef polyvec_compress_du #endif /* mlkem/polyvec.h */ -#if defined(polyvec_frombytes) -#undef polyvec_frombytes +#if defined(polyvec_decompress_du) +#undef polyvec_decompress_du #endif /* mlkem/polyvec.h */ -#if defined(polyvec_ntt) -#undef polyvec_ntt +#if defined(polyvec_frombytes) +#undef polyvec_frombytes #endif /* mlkem/polyvec.h */ @@ -1909,18 +1899,18 @@ #endif /* mlkem/polyvec.h */ -#if defined(polyvec_basemul_acc_montgomery) -#undef polyvec_basemul_acc_montgomery +#if defined(polyvec_mulcache) +#undef polyvec_mulcache #endif /* mlkem/polyvec.h */ -#if defined(polyvec_basemul_acc_montgomery_cached) -#undef polyvec_basemul_acc_montgomery_cached +#if defined(polyvec_mulcache_compute) +#undef polyvec_mulcache_compute #endif /* mlkem/polyvec.h */ -#if defined(polyvec_mulcache_compute) -#undef polyvec_mulcache_compute +#if defined(polyvec_ntt) +#undef polyvec_ntt #endif /* mlkem/polyvec.h */ @@ -1929,8 +1919,8 @@ #endif /* mlkem/polyvec.h */ -#if defined(polyvec_add) -#undef polyvec_add +#if defined(polyvec_tobytes) +#undef polyvec_tobytes #endif /* mlkem/polyvec.h */ @@ -1944,23 +1934,23 @@ #endif /* mlkem/reduce.h */ -#if defined(REDUCE_H) -#undef REDUCE_H +#if defined(HALF_Q) +#undef HALF_Q #endif /* mlkem/reduce.h */ -#if defined(cast_uint16_to_int16) -#undef cast_uint16_to_int16 +#if defined(REDUCE_H) +#undef REDUCE_H #endif /* mlkem/reduce.h */ -#if defined(montgomery_reduce_generic) -#undef montgomery_reduce_generic +#if defined(barrett_reduce) +#undef barrett_reduce #endif /* mlkem/reduce.h */ -#if defined(montgomery_reduce) -#undef montgomery_reduce +#if defined(cast_uint16_to_int16) +#undef cast_uint16_to_int16 #endif /* mlkem/reduce.h */ @@ -1969,13 +1959,13 @@ #endif /* mlkem/reduce.h */ -#if defined(barrett_reduce) -#undef barrett_reduce +#if defined(montgomery_reduce) +#undef montgomery_reduce #endif /* mlkem/reduce.h */ -#if defined(HALF_Q) -#undef HALF_Q +#if defined(montgomery_reduce_generic) +#undef montgomery_reduce_generic #endif /* mlkem/rej_uniform.c */ @@ -1999,8 +1989,8 @@ #endif /* mlkem/symmetric.h */ -#if defined(hash_h) -#undef hash_h +#if defined(XOF_RATE) +#undef XOF_RATE #endif /* mlkem/symmetric.h */ @@ -2008,6 +1998,11 @@ #undef hash_g #endif +/* mlkem/symmetric.h */ +#if defined(hash_h) +#undef hash_h +#endif + /* mlkem/symmetric.h */ #if defined(hash_j) #undef hash_j @@ -2023,24 +2018,14 @@ #undef prf_eta1 #endif -/* mlkem/symmetric.h */ -#if defined(prf_eta2) -#undef prf_eta2 -#endif - /* mlkem/symmetric.h */ #if defined(prf_eta1_x4) #undef prf_eta1_x4 #endif /* mlkem/symmetric.h */ -#if defined(xof_ctx) -#undef xof_ctx -#endif - -/* mlkem/symmetric.h */ -#if defined(xof_x4_ctx) -#undef xof_x4_ctx +#if defined(prf_eta2) +#undef prf_eta2 #endif /* mlkem/symmetric.h */ @@ -2049,8 +2034,8 @@ #endif /* mlkem/symmetric.h */ -#if defined(xof_squeezeblocks) -#undef xof_squeezeblocks +#if defined(xof_ctx) +#undef xof_ctx #endif /* mlkem/symmetric.h */ @@ -2058,14 +2043,19 @@ #undef xof_release #endif +/* mlkem/symmetric.h */ +#if defined(xof_squeezeblocks) +#undef xof_squeezeblocks +#endif + /* mlkem/symmetric.h */ #if defined(xof_x4_absorb) #undef xof_x4_absorb #endif /* mlkem/symmetric.h */ -#if defined(xof_x4_squeezeblocks) -#undef xof_x4_squeezeblocks +#if defined(xof_x4_ctx) +#undef xof_x4_ctx #endif /* mlkem/symmetric.h */ @@ -2074,43 +2064,43 @@ #endif /* mlkem/symmetric.h */ -#if defined(XOF_RATE) -#undef XOF_RATE +#if defined(xof_x4_squeezeblocks) +#undef xof_x4_squeezeblocks #endif /* mlkem/sys.h */ -#if defined(MLKEM_NATIVE_SYS_H) -#undef MLKEM_NATIVE_SYS_H +#if defined(ALIGN) +#undef ALIGN #endif /* mlkem/sys.h */ -#if defined(SYS_AARCH64) -#undef SYS_AARCH64 +#if defined(ALIGN) +#undef ALIGN #endif /* mlkem/sys.h */ -#if defined(SYS_AARCH64_EB) -#undef SYS_AARCH64_EB +#if defined(ALWAYS_INLINE) +#undef ALWAYS_INLINE #endif /* mlkem/sys.h */ -#if defined(SYS_X86_64) -#undef SYS_X86_64 +#if defined(ALWAYS_INLINE) +#undef ALWAYS_INLINE #endif /* mlkem/sys.h */ -#if defined(SYS_X86_64_AVX2) -#undef SYS_X86_64_AVX2 +#if defined(ALWAYS_INLINE) +#undef ALWAYS_INLINE #endif /* mlkem/sys.h */ -#if defined(SYS_LITTLE_ENDIAN) -#undef SYS_LITTLE_ENDIAN +#if defined(ALWAYS_INLINE) +#undef ALWAYS_INLINE #endif /* mlkem/sys.h */ -#if defined(SYS_BIG_ENDIAN) -#undef SYS_BIG_ENDIAN +#if defined(DEFAULT_ALIGN) +#undef DEFAULT_ALIGN #endif /* mlkem/sys.h */ @@ -2118,39 +2108,24 @@ #undef INLINE #endif -/* mlkem/sys.h */ -#if defined(ALWAYS_INLINE) -#undef ALWAYS_INLINE -#endif - /* mlkem/sys.h */ #if defined(INLINE) #undef INLINE #endif -/* mlkem/sys.h */ -#if defined(ALWAYS_INLINE) -#undef ALWAYS_INLINE -#endif - /* mlkem/sys.h */ #if defined(INLINE) #undef INLINE #endif -/* mlkem/sys.h */ -#if defined(ALWAYS_INLINE) -#undef ALWAYS_INLINE -#endif - /* mlkem/sys.h */ #if defined(INLINE) #undef INLINE #endif /* mlkem/sys.h */ -#if defined(ALWAYS_INLINE) -#undef ALWAYS_INLINE +#if defined(MLKEM_NATIVE_SYS_H) +#undef MLKEM_NATIVE_SYS_H #endif /* mlkem/sys.h */ @@ -2169,18 +2144,33 @@ #endif /* mlkem/sys.h */ -#if defined(DEFAULT_ALIGN) -#undef DEFAULT_ALIGN +#if defined(SYS_AARCH64) +#undef SYS_AARCH64 #endif /* mlkem/sys.h */ -#if defined(ALIGN) -#undef ALIGN +#if defined(SYS_AARCH64_EB) +#undef SYS_AARCH64_EB #endif /* mlkem/sys.h */ -#if defined(asm) -#undef asm +#if defined(SYS_BIG_ENDIAN) +#undef SYS_BIG_ENDIAN +#endif + +/* mlkem/sys.h */ +#if defined(SYS_LITTLE_ENDIAN) +#undef SYS_LITTLE_ENDIAN +#endif + +/* mlkem/sys.h */ +#if defined(SYS_X86_64) +#undef SYS_X86_64 +#endif + +/* mlkem/sys.h */ +#if defined(SYS_X86_64_AVX2) +#undef SYS_X86_64_AVX2 #endif /* mlkem/sys.h */ @@ -2189,8 +2179,8 @@ #endif /* mlkem/sys.h */ -#if defined(ALIGN) -#undef ALIGN +#if defined(asm) +#undef asm #endif /* mlkem/verify.c */ @@ -2199,43 +2189,43 @@ #endif /* mlkem/verify.h */ -#if defined(VERIFY_H) -#undef VERIFY_H +#if defined(MLKEM_USE_ASM_VALUE_BARRIER) +#undef MLKEM_USE_ASM_VALUE_BARRIER #endif /* mlkem/verify.h */ -#if defined(value_barrier_u8) -#undef value_barrier_u8 +#if defined(VERIFY_H) +#undef VERIFY_H #endif /* mlkem/verify.h */ -#if defined(value_barrier_u32) -#undef value_barrier_u32 +#if defined(ct_cmask_neg_i16) +#undef ct_cmask_neg_i16 #endif /* mlkem/verify.h */ -#if defined(value_barrier_i32) -#undef value_barrier_i32 +#if defined(ct_cmask_nonzero_u16) +#undef ct_cmask_nonzero_u16 #endif /* mlkem/verify.h */ -#if defined(ct_cmask_neg_i16) -#undef ct_cmask_neg_i16 +#if defined(ct_cmask_nonzero_u8) +#undef ct_cmask_nonzero_u8 #endif /* mlkem/verify.h */ -#if defined(ct_cmask_nonzero_u8) -#undef ct_cmask_nonzero_u8 +#if defined(ct_cmov_zero) +#undef ct_cmov_zero #endif /* mlkem/verify.h */ -#if defined(ct_cmask_nonzero_u16) -#undef ct_cmask_nonzero_u16 +#if defined(ct_memcmp) +#undef ct_memcmp #endif /* mlkem/verify.h */ -#if defined(ct_sel_uint8) -#undef ct_sel_uint8 +#if defined(ct_opt_blocker_u64) +#undef ct_opt_blocker_u64 #endif /* mlkem/verify.h */ @@ -2244,23 +2234,23 @@ #endif /* mlkem/verify.h */ -#if defined(ct_memcmp) -#undef ct_memcmp +#if defined(ct_sel_uint8) +#undef ct_sel_uint8 #endif /* mlkem/verify.h */ -#if defined(ct_cmov_zero) -#undef ct_cmov_zero +#if defined(value_barrier_i32) +#undef value_barrier_i32 #endif /* mlkem/verify.h */ -#if defined(MLKEM_USE_ASM_VALUE_BARRIER) -#undef MLKEM_USE_ASM_VALUE_BARRIER +#if defined(value_barrier_u32) +#undef value_barrier_u32 #endif /* mlkem/verify.h */ -#if defined(ct_opt_blocker_u64) -#undef ct_opt_blocker_u64 +#if defined(value_barrier_u8) +#undef value_barrier_u8 #endif @@ -2296,13 +2286,8 @@ #endif /* mlkem/fips202/fips202.h */ -#if defined(SHAKE128_RATE) -#undef SHAKE128_RATE -#endif - -/* mlkem/fips202/fips202.h */ -#if defined(SHAKE256_RATE) -#undef SHAKE256_RATE +#if defined(SHA3_256_HASHBYTES) +#undef SHA3_256_HASHBYTES #endif /* mlkem/fips202/fips202.h */ @@ -2315,54 +2300,59 @@ #undef SHA3_384_RATE #endif +/* mlkem/fips202/fips202.h */ +#if defined(SHA3_512_HASHBYTES) +#undef SHA3_512_HASHBYTES +#endif + /* mlkem/fips202/fips202.h */ #if defined(SHA3_512_RATE) #undef SHA3_512_RATE #endif /* mlkem/fips202/fips202.h */ -#if defined(shake128ctx) -#undef shake128ctx +#if defined(SHAKE128_RATE) +#undef SHAKE128_RATE #endif /* mlkem/fips202/fips202.h */ -#if defined(shake128_absorb_once) -#undef shake128_absorb_once +#if defined(SHAKE256_RATE) +#undef SHAKE256_RATE #endif /* mlkem/fips202/fips202.h */ -#if defined(shake128_squeezeblocks) -#undef shake128_squeezeblocks +#if defined(sha3_256) +#undef sha3_256 #endif /* mlkem/fips202/fips202.h */ -#if defined(shake128_release) -#undef shake128_release +#if defined(sha3_512) +#undef sha3_512 #endif /* mlkem/fips202/fips202.h */ -#if defined(shake256) -#undef shake256 +#if defined(shake128_absorb_once) +#undef shake128_absorb_once #endif /* mlkem/fips202/fips202.h */ -#if defined(SHA3_256_HASHBYTES) -#undef SHA3_256_HASHBYTES +#if defined(shake128_release) +#undef shake128_release #endif /* mlkem/fips202/fips202.h */ -#if defined(sha3_256) -#undef sha3_256 +#if defined(shake128_squeezeblocks) +#undef shake128_squeezeblocks #endif /* mlkem/fips202/fips202.h */ -#if defined(SHA3_512_HASHBYTES) -#undef SHA3_512_HASHBYTES +#if defined(shake128ctx) +#undef shake128ctx #endif /* mlkem/fips202/fips202.h */ -#if defined(sha3_512) -#undef sha3_512 +#if defined(shake256) +#undef shake256 #endif /* mlkem/fips202/fips202_backend.h */ @@ -2370,11 +2360,6 @@ #undef MLKEM_NATIVE_FIPS202_IMPL_H #endif -/* mlkem/fips202/fips202x4.c */ -#if defined(shake256x4_ctx) -#undef shake256x4_ctx -#endif - /* mlkem/fips202/fips202x4.c */ #if defined(keccak_absorb_once_x4) #undef keccak_absorb_once_x4 @@ -2390,6 +2375,11 @@ #undef shake256x4_absorb_once #endif +/* mlkem/fips202/fips202x4.c */ +#if defined(shake256x4_ctx) +#undef shake256x4_ctx +#endif + /* mlkem/fips202/fips202x4.c */ #if defined(shake256x4_squeezeblocks) #undef shake256x4_squeezeblocks @@ -2401,13 +2391,13 @@ #endif /* mlkem/fips202/fips202x4.h */ -#if defined(shake128x4ctx) -#undef shake128x4ctx +#if defined(shake128x4_absorb_once) +#undef shake128x4_absorb_once #endif /* mlkem/fips202/fips202x4.h */ -#if defined(shake128x4_absorb_once) -#undef shake128x4_absorb_once +#if defined(shake128x4_release) +#undef shake128x4_release #endif /* mlkem/fips202/fips202x4.h */ @@ -2416,8 +2406,8 @@ #endif /* mlkem/fips202/fips202x4.h */ -#if defined(shake128x4_release) -#undef shake128x4_release +#if defined(shake128x4ctx) +#undef shake128x4ctx #endif /* mlkem/fips202/fips202x4.h */ @@ -2425,6 +2415,11 @@ #undef shake256x4 #endif +/* mlkem/fips202/keccakf1600.c */ +#if defined(KeccakF_RoundConstants) +#undef KeccakF_RoundConstants +#endif + /* mlkem/fips202/keccakf1600.c */ #if defined(NROUNDS) #undef NROUNDS @@ -2435,11 +2430,6 @@ #undef ROL #endif -/* mlkem/fips202/keccakf1600.c */ -#if defined(KeccakF_RoundConstants) -#undef KeccakF_RoundConstants -#endif - /* mlkem/fips202/keccakf1600.h */ #if defined(KECCAKF1600_H) #undef KECCAKF1600_H @@ -2456,33 +2446,33 @@ #endif /* mlkem/fips202/keccakf1600.h */ -#if defined(KeccakF1600_StateXORBytes) -#undef KeccakF1600_StateXORBytes +#if defined(KeccakF1600_StatePermute) +#undef KeccakF1600_StatePermute #endif /* mlkem/fips202/keccakf1600.h */ -#if defined(KeccakF1600x4_StateExtractBytes) -#undef KeccakF1600x4_StateExtractBytes +#if defined(KeccakF1600_StatePermute) +#undef KeccakF1600_StatePermute #endif /* mlkem/fips202/keccakf1600.h */ -#if defined(KeccakF1600x4_StateXORBytes) -#undef KeccakF1600x4_StateXORBytes +#if defined(KeccakF1600_StateXORBytes) +#undef KeccakF1600_StateXORBytes #endif /* mlkem/fips202/keccakf1600.h */ -#if defined(KeccakF1600x4_StatePermute) -#undef KeccakF1600x4_StatePermute +#if defined(KeccakF1600x4_StateExtractBytes) +#undef KeccakF1600x4_StateExtractBytes #endif /* mlkem/fips202/keccakf1600.h */ -#if defined(KeccakF1600_StatePermute) -#undef KeccakF1600_StatePermute +#if defined(KeccakF1600x4_StatePermute) +#undef KeccakF1600x4_StatePermute #endif /* mlkem/fips202/keccakf1600.h */ -#if defined(KeccakF1600_StatePermute) -#undef KeccakF1600_StatePermute +#if defined(KeccakF1600x4_StateXORBytes) +#undef KeccakF1600x4_StateXORBytes #endif /* mlkem/fips202/native/aarch64/cortex_a55.h */ @@ -2496,13 +2486,13 @@ #endif /* mlkem/fips202/native/aarch64/cortex_a55.h */ -#if defined(MLKEM_NATIVE_FIPS202_BACKEND_NAME) -#undef MLKEM_NATIVE_FIPS202_BACKEND_NAME +#if defined(MLKEM_NATIVE_FIPS202_BACKEND_IMPL) +#undef MLKEM_NATIVE_FIPS202_BACKEND_IMPL #endif /* mlkem/fips202/native/aarch64/cortex_a55.h */ -#if defined(MLKEM_NATIVE_FIPS202_BACKEND_IMPL) -#undef MLKEM_NATIVE_FIPS202_BACKEND_IMPL +#if defined(MLKEM_NATIVE_FIPS202_BACKEND_NAME) +#undef MLKEM_NATIVE_FIPS202_BACKEND_NAME #endif /* mlkem/fips202/native/aarch64/default.h */ @@ -2516,13 +2506,13 @@ #endif /* mlkem/fips202/native/aarch64/default.h */ -#if defined(MLKEM_NATIVE_FIPS202_BACKEND_NAME) -#undef MLKEM_NATIVE_FIPS202_BACKEND_NAME +#if defined(MLKEM_NATIVE_FIPS202_BACKEND_IMPL) +#undef MLKEM_NATIVE_FIPS202_BACKEND_IMPL #endif /* mlkem/fips202/native/aarch64/default.h */ -#if defined(MLKEM_NATIVE_FIPS202_BACKEND_IMPL) -#undef MLKEM_NATIVE_FIPS202_BACKEND_IMPL +#if defined(MLKEM_NATIVE_FIPS202_BACKEND_NAME) +#undef MLKEM_NATIVE_FIPS202_BACKEND_NAME #endif /* mlkem/fips202/native/aarch64/src/cortex_a55_impl.h */ @@ -2591,13 +2581,13 @@ #endif /* mlkem/fips202/native/aarch64/src/fips202_native_aarch64.h */ -#if defined(keccak_f1600_x4_scalar_v8a_asm_hybrid_opt) -#undef keccak_f1600_x4_scalar_v8a_asm_hybrid_opt +#if defined(keccak_f1600_x4_scalar_v84a_asm_hybrid_opt) +#undef keccak_f1600_x4_scalar_v84a_asm_hybrid_opt #endif /* mlkem/fips202/native/aarch64/src/fips202_native_aarch64.h */ -#if defined(keccak_f1600_x4_scalar_v84a_asm_hybrid_opt) -#undef keccak_f1600_x4_scalar_v84a_asm_hybrid_opt +#if defined(keccak_f1600_x4_scalar_v8a_asm_hybrid_opt) +#undef keccak_f1600_x4_scalar_v8a_asm_hybrid_opt #endif /* mlkem/fips202/native/aarch64/src/fips202_native_aarch64.h */ @@ -2641,13 +2631,13 @@ #endif /* mlkem/fips202/native/x86_64/src/KeccakP-1600-times4-SIMD256.c */ -#if defined(ROL64in256) -#undef ROL64in256 +#if defined(FullUnrolling) +#undef FullUnrolling #endif /* mlkem/fips202/native/x86_64/src/KeccakP-1600-times4-SIMD256.c */ -#if defined(ROL64in256_8) -#undef ROL64in256_8 +#if defined(ROL64in256) +#undef ROL64in256 #endif /* mlkem/fips202/native/x86_64/src/KeccakP-1600-times4-SIMD256.c */ @@ -2656,18 +2646,18 @@ #endif /* mlkem/fips202/native/x86_64/src/KeccakP-1600-times4-SIMD256.c */ -#if defined(STORE256) -#undef STORE256 +#if defined(ROL64in256_8) +#undef ROL64in256_8 #endif /* mlkem/fips202/native/x86_64/src/KeccakP-1600-times4-SIMD256.c */ -#if defined(XOR256) -#undef XOR256 +#if defined(SCATTER_STORE256) +#undef SCATTER_STORE256 #endif /* mlkem/fips202/native/x86_64/src/KeccakP-1600-times4-SIMD256.c */ -#if defined(XOReq256) -#undef XOReq256 +#if defined(STORE256) +#undef STORE256 #endif /* mlkem/fips202/native/x86_64/src/KeccakP-1600-times4-SIMD256.c */ @@ -2676,23 +2666,18 @@ #endif /* mlkem/fips202/native/x86_64/src/KeccakP-1600-times4-SIMD256.c */ -#if defined(declareABCDE) -#undef declareABCDE -#endif - -/* mlkem/fips202/native/x86_64/src/KeccakP-1600-times4-SIMD256.c */ -#if defined(prepareTheta) -#undef prepareTheta +#if defined(Unrolling) +#undef Unrolling #endif /* mlkem/fips202/native/x86_64/src/KeccakP-1600-times4-SIMD256.c */ -#if defined(thetaRhoPiChiIotaPrepareTheta) -#undef thetaRhoPiChiIotaPrepareTheta +#if defined(XOR256) +#undef XOR256 #endif /* mlkem/fips202/native/x86_64/src/KeccakP-1600-times4-SIMD256.c */ -#if defined(thetaRhoPiChiIota) -#undef thetaRhoPiChiIota +#if defined(XOReq256) +#undef XOReq256 #endif /* mlkem/fips202/native/x86_64/src/KeccakP-1600-times4-SIMD256.c */ @@ -2701,8 +2686,8 @@ #endif /* mlkem/fips202/native/x86_64/src/KeccakP-1600-times4-SIMD256.c */ -#if defined(SCATTER_STORE256) -#undef SCATTER_STORE256 +#if defined(copyStateVariables) +#undef copyStateVariables #endif /* mlkem/fips202/native/x86_64/src/KeccakP-1600-times4-SIMD256.c */ @@ -2711,33 +2696,33 @@ #endif /* mlkem/fips202/native/x86_64/src/KeccakP-1600-times4-SIMD256.c */ -#if defined(copyStateVariables) -#undef copyStateVariables +#if defined(declareABCDE) +#undef declareABCDE #endif /* mlkem/fips202/native/x86_64/src/KeccakP-1600-times4-SIMD256.c */ -#if defined(FullUnrolling) -#undef FullUnrolling +#if defined(empty_cu_avx2_keccakx4) +#undef empty_cu_avx2_keccakx4 #endif /* mlkem/fips202/native/x86_64/src/KeccakP-1600-times4-SIMD256.c */ -#if defined(Unrolling) -#undef Unrolling +#if defined(prepareTheta) +#undef prepareTheta #endif /* mlkem/fips202/native/x86_64/src/KeccakP-1600-times4-SIMD256.c */ -#if defined(empty_cu_avx2_keccakx4) -#undef empty_cu_avx2_keccakx4 +#if defined(thetaRhoPiChiIota) +#undef thetaRhoPiChiIota #endif -/* mlkem/fips202/native/x86_64/src/KeccakP-1600-times4-SnP.h */ -#if defined(_KeccakP_1600_times4_SnP_h_) -#undef _KeccakP_1600_times4_SnP_h_ +/* mlkem/fips202/native/x86_64/src/KeccakP-1600-times4-SIMD256.c */ +#if defined(thetaRhoPiChiIotaPrepareTheta) +#undef thetaRhoPiChiIotaPrepareTheta #endif /* mlkem/fips202/native/x86_64/src/KeccakP-1600-times4-SnP.h */ -#if defined(KeccakP1600times4_statesAlignment) -#undef KeccakP1600times4_statesAlignment +#if defined(KECCAKP_1600_TIMES4_SNP_H) +#undef KECCAKP_1600_TIMES4_SNP_H #endif /* mlkem/fips202/native/x86_64/src/KeccakP-1600-times4-SnP.h */ @@ -2745,9 +2730,9 @@ #undef KeccakP1600times4_PermuteAll_24rounds #endif -/* mlkem/fips202/native/x86_64/src/KeccakP-SIMD256-config.h */ -#if defined(KeccakP1600times4_implementation_config) -#undef KeccakP1600times4_implementation_config +/* mlkem/fips202/native/x86_64/src/KeccakP-1600-times4-SnP.h */ +#if defined(KeccakP1600times4_statesAlignment) +#undef KeccakP1600times4_statesAlignment #endif /* mlkem/fips202/native/x86_64/src/KeccakP-SIMD256-config.h */ @@ -2756,13 +2741,13 @@ #endif /* mlkem/fips202/native/x86_64/src/KeccakP-SIMD256-config.h */ -#if defined(KeccakP1600times4_useAVX2) -#undef KeccakP1600times4_useAVX2 +#if defined(KeccakP1600times4_implementation_config) +#undef KeccakP1600times4_implementation_config #endif -/* mlkem/fips202/native/x86_64/src/KeccakP-align.h */ -#if defined(_keccakp_align_h_) -#undef _keccakp_align_h_ +/* mlkem/fips202/native/x86_64/src/KeccakP-SIMD256-config.h */ +#if defined(KeccakP1600times4_useAVX2) +#undef KeccakP1600times4_useAVX2 #endif /* mlkem/fips202/native/x86_64/src/KeccakP-align.h */ @@ -2785,9 +2770,9 @@ #undef ALIGN #endif -/* mlkem/fips202/native/x86_64/src/KeccakP-brg_endian.h */ -#if defined(_KECCAKP_BRG_ENDIAN_H) -#undef _KECCAKP_BRG_ENDIAN_H +/* mlkem/fips202/native/x86_64/src/KeccakP-align.h */ +#if defined(KECCAKP_ALIGN_H) +#undef KECCAKP_ALIGN_H #endif /* mlkem/fips202/native/x86_64/src/KeccakP-brg_endian.h */ @@ -2800,6 +2785,11 @@ #undef IS_LITTLE_ENDIAN #endif +/* mlkem/fips202/native/x86_64/src/KeccakP-brg_endian.h */ +#if defined(KECCAKP_BRG_ENDIAN_H) +#undef KECCAKP_BRG_ENDIAN_H +#endif + /* mlkem/fips202/native/x86_64/src/KeccakP-brg_endian.h */ #if defined(PLATFORM_BYTE_ORDER) #undef PLATFORM_BYTE_ORDER @@ -2921,23 +2911,23 @@ #endif /* mlkem/fips202/native/x86_64/xkcp.h */ -#if defined(MLKEM_NATIVE_FIPS202_PROFILE_H) -#undef MLKEM_NATIVE_FIPS202_PROFILE_H +#if defined(MLKEM_NATIVE_FIPS202_BACKEND_IMPL) +#undef MLKEM_NATIVE_FIPS202_BACKEND_IMPL #endif /* mlkem/fips202/native/x86_64/xkcp.h */ -#if defined(MLKEM_NATIVE_FIPS202_BACKEND_X86_64_XKCP) -#undef MLKEM_NATIVE_FIPS202_BACKEND_X86_64_XKCP +#if defined(MLKEM_NATIVE_FIPS202_BACKEND_NAME) +#undef MLKEM_NATIVE_FIPS202_BACKEND_NAME #endif /* mlkem/fips202/native/x86_64/xkcp.h */ -#if defined(MLKEM_NATIVE_FIPS202_BACKEND_NAME) -#undef MLKEM_NATIVE_FIPS202_BACKEND_NAME +#if defined(MLKEM_NATIVE_FIPS202_BACKEND_X86_64_XKCP) +#undef MLKEM_NATIVE_FIPS202_BACKEND_X86_64_XKCP #endif /* mlkem/fips202/native/x86_64/xkcp.h */ -#if defined(MLKEM_NATIVE_FIPS202_BACKEND_IMPL) -#undef MLKEM_NATIVE_FIPS202_BACKEND_IMPL +#if defined(MLKEM_NATIVE_FIPS202_PROFILE_H) +#undef MLKEM_NATIVE_FIPS202_PROFILE_H #endif #endif /* MLKEM_NATIVE_MONOBUILD_KEEP_FIPS202_HEADERS */ diff --git a/mlkem/common.h b/mlkem/common.h index 47962a1d7..da886780c 100644 --- a/mlkem/common.h +++ b/mlkem/common.h @@ -56,8 +56,8 @@ #define MLKEM_ASM_NAMESPACE(sym) MLKEM_NAMESPACE(sym) #define FIPS202_ASM_NAMESPACE(sym) FIPS202_NAMESPACE(sym) #else -#define _PREFIX_UNDERSCORE(sym) _##sym -#define PREFIX_UNDERSCORE(sym) _PREFIX_UNDERSCORE(sym) +#define PREFIX_UNDERSCORE_(sym) _##sym +#define PREFIX_UNDERSCORE(sym) PREFIX_UNDERSCORE_(sym) #define MLKEM_ASM_NAMESPACE(sym) PREFIX_UNDERSCORE(MLKEM_NAMESPACE(sym)) #define FIPS202_ASM_NAMESPACE(sym) PREFIX_UNDERSCORE(FIPS202_NAMESPACE(sym)) #endif diff --git a/mlkem/fips202/native/x86_64/src/KeccakP-1600-times4-SnP.h b/mlkem/fips202/native/x86_64/src/KeccakP-1600-times4-SnP.h index bb12c9314..dec310acf 100644 --- a/mlkem/fips202/native/x86_64/src/KeccakP-1600-times4-SnP.h +++ b/mlkem/fips202/native/x86_64/src/KeccakP-1600-times4-SnP.h @@ -18,8 +18,8 @@ and related or neighboring rights to the source code in this file. http://creativecommons.org/publicdomain/zero/1.0/ */ -#ifndef _KeccakP_1600_times4_SnP_h_ -#define _KeccakP_1600_times4_SnP_h_ +#ifndef KECCAKP_1600_TIMES4_SNP_H +#define KECCAKP_1600_TIMES4_SNP_H /** For the documentation, see PlSnP-documentation.h. */ @@ -34,4 +34,4 @@ and related or neighboring rights to the source code in this file. FIPS202_NAMESPACE(KeccakP1600times4_PermuteAll_24rounds) void KeccakP1600times4_PermuteAll_24rounds(void *states); -#endif +#endif /* KECCAKP_1600_TIMES4_SNP_H */ diff --git a/mlkem/fips202/native/x86_64/src/KeccakP-align.h b/mlkem/fips202/native/x86_64/src/KeccakP-align.h index f56272546..5474fa368 100644 --- a/mlkem/fips202/native/x86_64/src/KeccakP-align.h +++ b/mlkem/fips202/native/x86_64/src/KeccakP-align.h @@ -18,8 +18,8 @@ and related or neighboring rights to the source code in this file. http://creativecommons.org/publicdomain/zero/1.0/ */ -#ifndef _keccakp_align_h_ -#define _keccakp_align_h_ +#ifndef KECCAKP_ALIGN_H +#define KECCAKP_ALIGN_H /* on Mac OS-X and possibly others, ALIGN(x) is defined in param.h, and -Werror * chokes on the redef. */ @@ -37,4 +37,4 @@ and related or neighboring rights to the source code in this file. #define ALIGN(x) #endif -#endif +#endif /* KECCAKP_ALIGN_H */ diff --git a/mlkem/fips202/native/x86_64/src/KeccakP-brg_endian.h b/mlkem/fips202/native/x86_64/src/KeccakP-brg_endian.h index 981f8d1d8..600394276 100644 --- a/mlkem/fips202/native/x86_64/src/KeccakP-brg_endian.h +++ b/mlkem/fips202/native/x86_64/src/KeccakP-brg_endian.h @@ -31,8 +31,8 @@ Changes for ARM 9/9/2010 */ -#ifndef _KECCAKP_BRG_ENDIAN_H -#define _KECCAKP_BRG_ENDIAN_H +#ifndef KECCAKP_BRG_ENDIAN_H +#define KECCAKP_BRG_ENDIAN_H #define IS_BIG_ENDIAN 4321 /* byte 0 is most significant (mc68k) */ #define IS_LITTLE_ENDIAN 1234 /* byte 0 is least significant (i386) */ @@ -147,4 +147,4 @@ #endif -#endif +#endif /* KECCAKP_BRG_ENDIAN_H */ diff --git a/mlkem/native/x86_64/src/basemul.S b/mlkem/native/x86_64/src/basemul.S index 8ed718042..5fdc3d0a0 100644 --- a/mlkem/native/x86_64/src/basemul.S +++ b/mlkem/native/x86_64/src/basemul.S @@ -13,7 +13,7 @@ /* Polynomials to be multiplied are denoted a+bX (rsi arg) and c+dX (rdx arg) */ .macro schoolbook off -vmovdqa _16XQINV*2(%rcx),%ymm0 +vmovdqa AVX2_BACKEND_DATA_OFFSET_16XQINV*2(%rcx),%ymm0 vmovdqa (64*\off+ 0)*2(%rsi),%ymm1 # a0 vmovdqa (64*\off+16)*2(%rsi),%ymm2 # b0 vmovdqa (64*\off+32)*2(%rsi),%ymm3 # a1 @@ -61,7 +61,7 @@ vpmullw %ymm7,%ymm12,%ymm7 # b1c1.lo vpmullw %ymm8,%ymm12,%ymm12 # b1d1.lo /* Compute 2nd high multiplication in Montgomery multiplication */ -vmovdqa _16XQ*2(%rcx),%ymm8 +vmovdqa AVX2_BACKEND_DATA_OFFSET_16XQ*2(%rcx),%ymm8 vpmulhw %ymm8,%ymm13,%ymm13 vpmulhw %ymm8,%ymm9,%ymm9 vpmulhw %ymm8,%ymm5,%ymm5 @@ -118,7 +118,7 @@ mov %rsp,%r8 and $-32,%rsp sub $32,%rsp -lea (_ZETAS_EXP+176)*2(%rcx),%r9 +lea (AVX2_BACKEND_DATA_OFFSET_ZETAS_EXP+176)*2(%rcx),%r9 schoolbook 0 add $32*2,%r9 diff --git a/mlkem/native/x86_64/src/consts.c b/mlkem/native/x86_64/src/consts.c index cf56eeb4c..568752ae8 100644 --- a/mlkem/native/x86_64/src/consts.c +++ b/mlkem/native/x86_64/src/consts.c @@ -27,60 +27,60 @@ #define SHIFT 32 const qdata_t qdata = {{ -#define _16XQ 0 +#define AVX2_BACKEND_DATA_OFFSET_16XQ 0 Q, Q, Q, Q, Q, Q, Q, Q, Q, Q, Q, Q, Q, Q, Q, Q, -#define _16XQINV 16 +#define AVX2_BACKEND_DATA_OFFSET_16XQINV 16 QINV, QINV, QINV, QINV, QINV, QINV, QINV, QINV, QINV, QINV, QINV, QINV, QINV, QINV, QINV, QINV, -#define _16XV 32 +#define AVX2_BACKEND_DATA_OFFSET_16XV 32 V, V, V, V, V, V, V, V, V, V, V, V, V, V, V, V, -#define _16XFLO 48 +#define AVX2_BACKEND_DATA_OFFSET_16XFLO 48 FLO, FLO, FLO, FLO, FLO, FLO, FLO, FLO, FLO, FLO, FLO, FLO, FLO, FLO, FLO, FLO, -#define _16XFHI 64 +#define AVX2_BACKEND_DATA_OFFSET_16XFHI 64 FHI, FHI, FHI, FHI, FHI, FHI, FHI, FHI, FHI, FHI, FHI, FHI, FHI, FHI, FHI, FHI, -#define _16XMONTSQLO 80 +#define AVX2_BACKEND_DATA_OFFSET_16XMONTSQLO 80 MONTSQLO, MONTSQLO, MONTSQLO, MONTSQLO, MONTSQLO, MONTSQLO, MONTSQLO, MONTSQLO, MONTSQLO, MONTSQLO, MONTSQLO, MONTSQLO, MONTSQLO, MONTSQLO, MONTSQLO, MONTSQLO, -#define _16XMONTSQHI 96 +#define AVX2_BACKEND_DATA_OFFSET_16XMONTSQHI 96 MONTSQHI, MONTSQHI, MONTSQHI, MONTSQHI, MONTSQHI, MONTSQHI, MONTSQHI, MONTSQHI, MONTSQHI, MONTSQHI, MONTSQHI, MONTSQHI, MONTSQHI, MONTSQHI, MONTSQHI, MONTSQHI, -#define _16XMASK 112 +#define AVX2_BACKEND_DATA_OFFSET_16XMASK 112 MASK, MASK, MASK, MASK, MASK, MASK, MASK, MASK, MASK, MASK, MASK, MASK, MASK, MASK, MASK, MASK, -#define _REVIDXB 128 +#define AVX2_BACKEND_DATA_OFFSET_REVIDXB 128 3854, 3340, 2826, 2312, 1798, 1284, 770, 256, 3854, 3340, 2826, 2312, 1798, 1284, 770, 256, -#define _REVIDXD 144 +#define AVX2_BACKEND_DATA_OFFSET_REVIDXD 144 7, 0, 6, 0, 5, 0, 4, 0, 3, 0, 2, 0, 1, 0, 0, 0, -#define _ZETAS_EXP 160 +#define AVX2_BACKEND_DATA_OFFSET_ZETAS_EXP 160 #include "x86_64_zetas.i" -#define _16XSHIFT 624 +#define AVX2_BACKEND_DATA_OFFSET_16XSHIFT 624 SHIFT, SHIFT, SHIFT, SHIFT, SHIFT, SHIFT, SHIFT, SHIFT, SHIFT, SHIFT, SHIFT, SHIFT, SHIFT, SHIFT, SHIFT, SHIFT}}; diff --git a/mlkem/native/x86_64/src/consts.h b/mlkem/native/x86_64/src/consts.h index 635ba737a..e2846b609 100644 --- a/mlkem/native/x86_64/src/consts.h +++ b/mlkem/native/x86_64/src/consts.h @@ -13,18 +13,18 @@ #include "../../../common.h" -#define _16XQ 0 -#define _16XQINV 16 -#define _16XV 32 -#define _16XFLO 48 -#define _16XFHI 64 -#define _16XMONTSQLO 80 -#define _16XMONTSQHI 96 -#define _16XMASK 112 -#define _REVIDXB 128 -#define _REVIDXD 144 -#define _ZETAS_EXP 160 -#define _16XSHIFT 624 +#define AVX2_BACKEND_DATA_OFFSET_16XQ 0 +#define AVX2_BACKEND_DATA_OFFSET_16XQINV 16 +#define AVX2_BACKEND_DATA_OFFSET_16XV 32 +#define AVX2_BACKEND_DATA_OFFSET_16XFLO 48 +#define AVX2_BACKEND_DATA_OFFSET_16XFHI 64 +#define AVX2_BACKEND_DATA_OFFSET_16XMONTSQLO 80 +#define AVX2_BACKEND_DATA_OFFSET_16XMONTSQHI 96 +#define AVX2_BACKEND_DATA_OFFSET_16XMASK 112 +#define AVX2_BACKEND_DATA_OFFSET_REVIDXB 128 +#define AVX2_BACKEND_DATA_OFFSET_REVIDXD 144 +#define AVX2_BACKEND_DATA_OFFSET_ZETAS_EXP 160 +#define AVX2_BACKEND_DATA_OFFSET_16XSHIFT 624 /* The C ABI on MacOS exports all symbols with a leading * underscore. This means that any symbols we refer to from diff --git a/mlkem/native/x86_64/src/fq.S b/mlkem/native/x86_64/src/fq.S index 33b848df2..3f013a5fa 100644 --- a/mlkem/native/x86_64/src/fq.S +++ b/mlkem/native/x86_64/src/fq.S @@ -63,8 +63,8 @@ ret .global MLKEM_ASM_NAMESPACE(reduce_avx2) MLKEM_ASM_NAMESPACE(reduce_avx2): #consts -vmovdqa _16XQ*2(%rsi),%ymm0 -vmovdqa _16XV*2(%rsi),%ymm1 +vmovdqa AVX2_BACKEND_DATA_OFFSET_16XQ*2(%rsi),%ymm0 +vmovdqa AVX2_BACKEND_DATA_OFFSET_16XV*2(%rsi),%ymm1 call reduce128_avx2 add $256,%rdi call reduce128_avx2 @@ -106,9 +106,9 @@ ret .global MLKEM_ASM_NAMESPACE(tomont_avx2) MLKEM_ASM_NAMESPACE(tomont_avx2): #consts -vmovdqa _16XQ*2(%rsi),%ymm0 -vmovdqa _16XMONTSQLO*2(%rsi),%ymm1 -vmovdqa _16XMONTSQHI*2(%rsi),%ymm2 +vmovdqa AVX2_BACKEND_DATA_OFFSET_16XQ*2(%rsi),%ymm0 +vmovdqa AVX2_BACKEND_DATA_OFFSET_16XMONTSQLO*2(%rsi),%ymm1 +vmovdqa AVX2_BACKEND_DATA_OFFSET_16XMONTSQHI*2(%rsi),%ymm2 call tomont128_avx2 add $256,%rdi call tomont128_avx2 diff --git a/mlkem/native/x86_64/src/intt.S b/mlkem/native/x86_64/src/intt.S index 3efd63794..7b1f22624 100644 --- a/mlkem/native/x86_64/src/intt.S +++ b/mlkem/native/x86_64/src/intt.S @@ -58,8 +58,8 @@ vpsubw %ymm\rh3,%ymm15,%ymm\rh3 /* rh3 = montmul(rh3-rl3, root0) */ .macro intt_levels0t5 off /* level 0 */ /* no bounds assumptions */ -vmovdqa _16XFLO*2(%rsi),%ymm2 -vmovdqa _16XFHI*2(%rsi),%ymm3 +vmovdqa AVX2_BACKEND_DATA_OFFSET_16XFLO*2(%rsi),%ymm2 +vmovdqa AVX2_BACKEND_DATA_OFFSET_16XFHI*2(%rsi),%ymm3 vmovdqa (128*\off+ 0)*2(%rdi),%ymm4 vmovdqa (128*\off+ 32)*2(%rdi),%ymm6 @@ -83,11 +83,11 @@ fqmulprecomp 2,3,11 /* bounds: coefficients < q */ -vpermq $0x4E,(_ZETAS_EXP+(1-\off)*224+208)*2(%rsi),%ymm15 -vpermq $0x4E,(_ZETAS_EXP+(1-\off)*224+176)*2(%rsi),%ymm1 -vpermq $0x4E,(_ZETAS_EXP+(1-\off)*224+224)*2(%rsi),%ymm2 -vpermq $0x4E,(_ZETAS_EXP+(1-\off)*224+192)*2(%rsi),%ymm3 -vmovdqa _REVIDXB*2(%rsi),%ymm12 +vpermq $0x4E,(AVX2_BACKEND_DATA_OFFSET_ZETAS_EXP+(1-\off)*224+208)*2(%rsi),%ymm15 +vpermq $0x4E,(AVX2_BACKEND_DATA_OFFSET_ZETAS_EXP+(1-\off)*224+176)*2(%rsi),%ymm1 +vpermq $0x4E,(AVX2_BACKEND_DATA_OFFSET_ZETAS_EXP+(1-\off)*224+224)*2(%rsi),%ymm2 +vpermq $0x4E,(AVX2_BACKEND_DATA_OFFSET_ZETAS_EXP+(1-\off)*224+192)*2(%rsi),%ymm3 +vmovdqa AVX2_BACKEND_DATA_OFFSET_REVIDXB*2(%rsi),%ymm12 vpshufb %ymm12,%ymm15,%ymm15 vpshufb %ymm12,%ymm1,%ymm1 vpshufb %ymm12,%ymm2,%ymm2 @@ -103,9 +103,9 @@ butterfly 4,5,8,9,6,7,10,11,15,1,2,3 * 4,5,8,9 abs bound < 2q; 6,7,10,11 abs bound < q */ /* level 1 */ -vpermq $0x4E,(_ZETAS_EXP+(1-\off)*224+144)*2(%rsi),%ymm2 -vpermq $0x4E,(_ZETAS_EXP+(1-\off)*224+160)*2(%rsi),%ymm3 -vmovdqa _REVIDXB*2(%rsi),%ymm1 +vpermq $0x4E,(AVX2_BACKEND_DATA_OFFSET_ZETAS_EXP+(1-\off)*224+144)*2(%rsi),%ymm2 +vpermq $0x4E,(AVX2_BACKEND_DATA_OFFSET_ZETAS_EXP+(1-\off)*224+160)*2(%rsi),%ymm3 +vmovdqa AVX2_BACKEND_DATA_OFFSET_REVIDXB*2(%rsi),%ymm1 vpshufb %ymm1,%ymm2,%ymm2 vpshufb %ymm1,%ymm3,%ymm3 @@ -122,14 +122,14 @@ shuffle1 8,9,6,9 // 6,9 abs bound < q shuffle1 10,11,8,11 // 8,11 abs bound < q /* level 2 */ -vmovdqa _REVIDXD*2(%rsi),%ymm12 -vpermd (_ZETAS_EXP+(1-\off)*224+112)*2(%rsi),%ymm12,%ymm2 -vpermd (_ZETAS_EXP+(1-\off)*224+128)*2(%rsi),%ymm12,%ymm10 +vmovdqa AVX2_BACKEND_DATA_OFFSET_REVIDXD*2(%rsi),%ymm12 +vpermd (AVX2_BACKEND_DATA_OFFSET_ZETAS_EXP+(1-\off)*224+112)*2(%rsi),%ymm12,%ymm2 +vpermd (AVX2_BACKEND_DATA_OFFSET_ZETAS_EXP+(1-\off)*224+128)*2(%rsi),%ymm12,%ymm10 butterfly 3,4,6,8,5,7,9,11,2,2,10,10 /* 3 abs bound < 8q, 4 abs bound < 4q, 6,8 abs bound < 2q, 5,7,9,11 abs bound < q */ -vmovdqa _16XV*2(%rsi),%ymm1 +vmovdqa AVX2_BACKEND_DATA_OFFSET_16XV*2(%rsi),%ymm1 red16 3 /* 4 abs bound < 4q, 6,8 abs bound < 2q, 3,5,7,9,11 abs bound < q */ @@ -139,8 +139,8 @@ shuffle2 5,7,6,7 // 6,7 abs bound < q shuffle2 9,11,5,11 // 5,11 abs bound < q /* level 3 */ -vpermq $0x1B,(_ZETAS_EXP+(1-\off)*224+80)*2(%rsi),%ymm2 -vpermq $0x1B,(_ZETAS_EXP+(1-\off)*224+96)*2(%rsi),%ymm9 +vpermq $0x1B,(AVX2_BACKEND_DATA_OFFSET_ZETAS_EXP+(1-\off)*224+80)*2(%rsi),%ymm2 +vpermq $0x1B,(AVX2_BACKEND_DATA_OFFSET_ZETAS_EXP+(1-\off)*224+96)*2(%rsi),%ymm9 butterfly 10,3,6,5,4,8,7,11,2,2,9,9 /* 10 abs bound < 8q @@ -165,8 +165,8 @@ shuffle4 4,8,6,8 /* 6,8 abs bound < q */ shuffle4 7,11,4,11 /* 4,11 abs bound < q */ /* level 4 */ -vpermq $0x4E,(_ZETAS_EXP+(1-\off)*224+48)*2(%rsi),%ymm2 -vpermq $0x4E,(_ZETAS_EXP+(1-\off)*224+64)*2(%rsi),%ymm7 +vpermq $0x4E,(AVX2_BACKEND_DATA_OFFSET_ZETAS_EXP+(1-\off)*224+48)*2(%rsi),%ymm2 +vpermq $0x4E,(AVX2_BACKEND_DATA_OFFSET_ZETAS_EXP+(1-\off)*224+64)*2(%rsi),%ymm7 butterfly 9,10,6,4,3,5,8,11,2,2,7,7 /* 9 abs bound < 8q @@ -184,8 +184,8 @@ shuffle8 3,5,6,5 /* 5,6 abs bound < q */ shuffle8 8,11,3,11 /* 3,11 abs bound < q */ /* level 5 */ -vmovdqa (_ZETAS_EXP+(1-\off)*224+16)*2(%rsi),%ymm2 -vmovdqa (_ZETAS_EXP+(1-\off)*224+32)*2(%rsi),%ymm8 +vmovdqa (AVX2_BACKEND_DATA_OFFSET_ZETAS_EXP+(1-\off)*224+16)*2(%rsi),%ymm2 +vmovdqa (AVX2_BACKEND_DATA_OFFSET_ZETAS_EXP+(1-\off)*224+32)*2(%rsi),%ymm8 butterfly 7,9,6,3,10,4,5,11,2,2,8,8 /* 7 abs bound <8q @@ -216,13 +216,13 @@ vmovdqa (64*\off+ 0)*2(%rdi),%ymm4 vmovdqa (64*\off+128)*2(%rdi),%ymm8 vmovdqa (64*\off+ 16)*2(%rdi),%ymm5 vmovdqa (64*\off+144)*2(%rdi),%ymm9 -vpbroadcastq (_ZETAS_EXP+0)*2(%rsi),%ymm2 +vpbroadcastq (AVX2_BACKEND_DATA_OFFSET_ZETAS_EXP+0)*2(%rsi),%ymm2 vmovdqa (64*\off+ 32)*2(%rdi),%ymm6 vmovdqa (64*\off+160)*2(%rdi),%ymm10 vmovdqa (64*\off+ 48)*2(%rdi),%ymm7 vmovdqa (64*\off+176)*2(%rdi),%ymm11 -vpbroadcastq (_ZETAS_EXP+4)*2(%rsi),%ymm3 +vpbroadcastq (AVX2_BACKEND_DATA_OFFSET_ZETAS_EXP+4)*2(%rsi),%ymm3 butterfly 4,5,6,7,8,9,10,11 /* global abs bound < 8q */ @@ -243,7 +243,7 @@ vmovdqa %ymm11,(64*\off+176)*2(%rdi) .text .global MLKEM_ASM_NAMESPACE(invntt_avx2) MLKEM_ASM_NAMESPACE(invntt_avx2): -vmovdqa _16XQ*2(%rsi),%ymm0 +vmovdqa AVX2_BACKEND_DATA_OFFSET_16XQ*2(%rsi),%ymm0 intt_levels0t5 0 intt_levels0t5 1 diff --git a/mlkem/native/x86_64/src/ntt.S b/mlkem/native/x86_64/src/ntt.S index a3e1f4088..5d928b4cc 100644 --- a/mlkem/native/x86_64/src/ntt.S +++ b/mlkem/native/x86_64/src/ntt.S @@ -76,12 +76,12 @@ vpaddw %ymm15,%ymm\rh3,%ymm\rh3 /* rh3 = rl3 - rh3 + ymm15 = rl3 - (rh3 - ymm15 .endm .macro level0 off -vpbroadcastq (_ZETAS_EXP+0)*2(%rsi),%ymm15 +vpbroadcastq (AVX2_BACKEND_DATA_OFFSET_ZETAS_EXP+0)*2(%rsi),%ymm15 vmovdqa (64*\off+128)*2(%rdi),%ymm8 vmovdqa (64*\off+144)*2(%rdi),%ymm9 vmovdqa (64*\off+160)*2(%rdi),%ymm10 vmovdqa (64*\off+176)*2(%rdi),%ymm11 -vpbroadcastq (_ZETAS_EXP+4)*2(%rsi),%ymm2 +vpbroadcastq (AVX2_BACKEND_DATA_OFFSET_ZETAS_EXP+4)*2(%rsi),%ymm2 mul 8,9,10,11 @@ -105,12 +105,12 @@ vmovdqa %ymm11,(64*\off+176)*2(%rdi) .macro levels1t6 off /* level 1 */ -vmovdqa (_ZETAS_EXP+224*\off+16)*2(%rsi),%ymm15 +vmovdqa (AVX2_BACKEND_DATA_OFFSET_ZETAS_EXP+224*\off+16)*2(%rsi),%ymm15 vmovdqa (128*\off+ 64)*2(%rdi),%ymm8 vmovdqa (128*\off+ 80)*2(%rdi),%ymm9 vmovdqa (128*\off+ 96)*2(%rdi),%ymm10 vmovdqa (128*\off+112)*2(%rdi),%ymm11 -vmovdqa (_ZETAS_EXP+224*\off+32)*2(%rsi),%ymm2 +vmovdqa (AVX2_BACKEND_DATA_OFFSET_ZETAS_EXP+224*\off+32)*2(%rsi),%ymm2 mul 8,9,10,11 @@ -126,8 +126,8 @@ update 3,4,5,6,7,8,9,10,11 shuffle8 5,10,7,10 shuffle8 6,11,5,11 -vmovdqa (_ZETAS_EXP+224*\off+48)*2(%rsi),%ymm15 -vmovdqa (_ZETAS_EXP+224*\off+64)*2(%rsi),%ymm2 +vmovdqa (AVX2_BACKEND_DATA_OFFSET_ZETAS_EXP+224*\off+48)*2(%rsi),%ymm15 +vmovdqa (AVX2_BACKEND_DATA_OFFSET_ZETAS_EXP+224*\off+64)*2(%rsi),%ymm2 mul 7,10,5,11 @@ -141,8 +141,8 @@ update 4,6,8,3,9,7,10,5,11 shuffle4 8,5,9,5 shuffle4 3,11,8,11 -vmovdqa (_ZETAS_EXP+224*\off+80)*2(%rsi),%ymm15 -vmovdqa (_ZETAS_EXP+224*\off+96)*2(%rsi),%ymm2 +vmovdqa (AVX2_BACKEND_DATA_OFFSET_ZETAS_EXP+224*\off+80)*2(%rsi),%ymm15 +vmovdqa (AVX2_BACKEND_DATA_OFFSET_ZETAS_EXP+224*\off+96)*2(%rsi),%ymm2 mul 9,5,8,11 @@ -156,8 +156,8 @@ update 6,3,7,4,10,9,5,8,11 shuffle2 7,8,10,8 shuffle2 4,11,7,11 -vmovdqa (_ZETAS_EXP+224*\off+112)*2(%rsi),%ymm15 -vmovdqa (_ZETAS_EXP+224*\off+128)*2(%rsi),%ymm2 +vmovdqa (AVX2_BACKEND_DATA_OFFSET_ZETAS_EXP+224*\off+112)*2(%rsi),%ymm15 +vmovdqa (AVX2_BACKEND_DATA_OFFSET_ZETAS_EXP+224*\off+128)*2(%rsi),%ymm2 mul 10,8,7,11 @@ -171,8 +171,8 @@ update 3,4,9,6,5,10,8,7,11 shuffle1 9,7,5,7 shuffle1 6,11,9,11 -vmovdqa (_ZETAS_EXP+224*\off+144)*2(%rsi),%ymm15 -vmovdqa (_ZETAS_EXP+224*\off+160)*2(%rsi),%ymm2 +vmovdqa (AVX2_BACKEND_DATA_OFFSET_ZETAS_EXP+224*\off+144)*2(%rsi),%ymm15 +vmovdqa (AVX2_BACKEND_DATA_OFFSET_ZETAS_EXP+224*\off+160)*2(%rsi),%ymm2 mul 5,7,9,11 @@ -183,10 +183,10 @@ reduce update 4,6,10,3,8,5,7,9,11 /* level 6 */ -vmovdqa (_ZETAS_EXP+224*\off+176)*2(%rsi),%ymm14 -vmovdqa (_ZETAS_EXP+224*\off+208)*2(%rsi),%ymm15 -vmovdqa (_ZETAS_EXP+224*\off+192)*2(%rsi),%ymm8 -vmovdqa (_ZETAS_EXP+224*\off+224)*2(%rsi),%ymm2 +vmovdqa (AVX2_BACKEND_DATA_OFFSET_ZETAS_EXP+224*\off+176)*2(%rsi),%ymm14 +vmovdqa (AVX2_BACKEND_DATA_OFFSET_ZETAS_EXP+224*\off+208)*2(%rsi),%ymm15 +vmovdqa (AVX2_BACKEND_DATA_OFFSET_ZETAS_EXP+224*\off+192)*2(%rsi),%ymm8 +vmovdqa (AVX2_BACKEND_DATA_OFFSET_ZETAS_EXP+224*\off+224)*2(%rsi),%ymm2 mul 10,3,9,11,14,15,8,2 @@ -206,7 +206,7 @@ vmovdqa %ymm11,(128*\off+112)*2(%rdi) .text .global MLKEM_ASM_NAMESPACE(ntt_avx2) MLKEM_ASM_NAMESPACE(ntt_avx2): -vmovdqa _16XQ*2(%rsi),%ymm0 +vmovdqa AVX2_BACKEND_DATA_OFFSET_16XQ*2(%rsi),%ymm0 level0 0 level0 1 diff --git a/mlkem/native/x86_64/src/rej_uniform_avx2.c b/mlkem/native/x86_64/src/rej_uniform_avx2.c index 0db6c6340..adf2d338b 100644 --- a/mlkem/native/x86_64/src/rej_uniform_avx2.c +++ b/mlkem/native/x86_64/src/rej_uniform_avx2.c @@ -18,15 +18,13 @@ #include "arith_native_x86_64.h" #include "consts.h" -#define _mm256_cmpge_epu16(a, b) _mm256_cmpeq_epi16(_mm256_max_epu16(a, b), a) -#define _mm_cmpge_epu16(a, b) _mm_cmpeq_epi16(_mm_max_epu16(a, b), a) - unsigned int rej_uniform_avx2(int16_t *RESTRICT r, const uint8_t *buf) { unsigned int ctr, pos; uint16_t val0, val1; uint32_t good; - const __m256i bound = _mm256_load_si256(&qdata.vec[_16XQ / 16]); + const __m256i bound = + _mm256_load_si256(&qdata.vec[AVX2_BACKEND_DATA_OFFSET_16XQ / 16]); const __m256i ones = _mm256_set1_epi8(1); const __m256i mask = _mm256_set1_epi16(0xFFF); const __m256i idx8 = diff --git a/mlkem/native/x86_64/src/shuffle.S b/mlkem/native/x86_64/src/shuffle.S index 7d66b2947..9bcd04896 100644 --- a/mlkem/native/x86_64/src/shuffle.S +++ b/mlkem/native/x86_64/src/shuffle.S @@ -171,7 +171,7 @@ ret .global MLKEM_ASM_NAMESPACE(ntttobytes_avx2) MLKEM_ASM_NAMESPACE(ntttobytes_avx2): #consts -vmovdqa _16XQ*2(%rdx),%ymm0 +vmovdqa AVX2_BACKEND_DATA_OFFSET_16XQ*2(%rdx),%ymm0 call ntttobytes128_avx add $256,%rsi add $192,%rdi @@ -247,7 +247,7 @@ ret .global MLKEM_ASM_NAMESPACE(nttfrombytes_avx2) MLKEM_ASM_NAMESPACE(nttfrombytes_avx2): #consts -vmovdqa _16XMASK*2(%rdx),%ymm0 +vmovdqa AVX2_BACKEND_DATA_OFFSET_16XMASK*2(%rdx),%ymm0 call nttfrombytes128_avx add $256,%rdi add $192,%rsi diff --git a/scripts/autogen b/scripts/autogen index ce8b1803c..1f3f4511b 100755 --- a/scripts/autogen +++ b/scripts/autogen @@ -575,6 +575,22 @@ def get_defines(): .replace("'", ""), ) +def get_checked_defines(): + allow_list = [("__contract__", "cbmc.h"), + ("__loop__", "cbmc.h")] + + def is_allowed(d,c): + for (d0,c0) in allow_list: + if c.endswith(c0) is True and d0 == d: + return True + return False + + for (c,i,d) in get_defines(): + if d.startswith("_") and is_allowed(d,c) is False: + raise Exception(f"{d} from {c}:{i} starts with an underscore, which is not allowed for mlkem-native macros. " + f"If this is an mlkem-native specific macro, please pick a different name. " + f"If this is an external macro, it likely needs removing from `gen_monolithic_undef_all_core()` in `scripts/autogen` -- check this!") + yield (c,i,d) def gen_monolithic_undef_all_core(filt=None): @@ -594,8 +610,8 @@ def gen_monolithic_undef_all_core(filt=None): yield "#endif" yield "" - defines = list(get_defines()) - defines.sort() + defines = list(set(get_checked_defines())) + defines.sort(key=lambda t: (t[0], t[2])) for filename, line_no, d in defines: if filt(filename) is False: