aboutsummaryrefslogtreecommitdiffstatshomepage
path: root/Modules/_hacl
diff options
context:
space:
mode:
Diffstat (limited to 'Modules/_hacl')
-rw-r--r--Modules/_hacl/Hacl_Hash_Blake2b.c52
-rw-r--r--Modules/_hacl/Hacl_Hash_Blake2b_Simd256.c52
-rw-r--r--Modules/_hacl/Hacl_Hash_Blake2s.c52
-rw-r--r--Modules/_hacl/Hacl_Hash_Blake2s_Simd128.c52
-rw-r--r--Modules/_hacl/Hacl_Hash_MD5.c523
-rw-r--r--Modules/_hacl/Hacl_Hash_SHA1.c12
-rw-r--r--Modules/_hacl/Hacl_Hash_SHA2.c42
-rw-r--r--Modules/_hacl/Hacl_Hash_SHA3.c22
-rw-r--r--Modules/_hacl/Hacl_Streaming_HMAC.c127
-rw-r--r--Modules/_hacl/Lib_Memzero0.c18
-rw-r--r--Modules/_hacl/include/krml/FStar_UInt128_Verified.h45
-rw-r--r--Modules/_hacl/python_hacl_namespaces.h237
-rwxr-xr-xModules/_hacl/refresh.sh2
13 files changed, 494 insertions, 742 deletions
diff --git a/Modules/_hacl/Hacl_Hash_Blake2b.c b/Modules/_hacl/Hacl_Hash_Blake2b.c
index 21ab2b88c79..a5b75d61798 100644
--- a/Modules/_hacl/Hacl_Hash_Blake2b.c
+++ b/Modules/_hacl/Hacl_Hash_Blake2b.c
@@ -544,11 +544,9 @@ void Hacl_Hash_Blake2b_init(uint64_t *hash, uint32_t kk, uint32_t nn)
uint64_t x = r;
os[i] = x;);
tmp[0U] =
- (uint64_t)nn1
- ^
- ((uint64_t)kk1
- << 8U
- ^ ((uint64_t)p.fanout << 16U ^ ((uint64_t)p.depth << 24U ^ (uint64_t)p.leaf_length << 32U)));
+ (uint64_t)nn1 ^
+ ((uint64_t)kk1 << 8U ^
+ ((uint64_t)p.fanout << 16U ^ ((uint64_t)p.depth << 24U ^ (uint64_t)p.leaf_length << 32U)));
tmp[1U] = p.node_offset;
tmp[2U] = (uint64_t)p.node_depth ^ (uint64_t)p.inner_length << 8U;
tmp[3U] = 0ULL;
@@ -860,14 +858,10 @@ static Hacl_Hash_Blake2b_state_t
uint64_t x = r4;
os[i0] = x;);
tmp[0U] =
- (uint64_t)nn1
- ^
- ((uint64_t)kk2
- << 8U
- ^
- ((uint64_t)pv.fanout
- << 16U
- ^ ((uint64_t)pv.depth << 24U ^ (uint64_t)pv.leaf_length << 32U)));
+ (uint64_t)nn1 ^
+ ((uint64_t)kk2 << 8U ^
+ ((uint64_t)pv.fanout << 16U ^
+ ((uint64_t)pv.depth << 24U ^ (uint64_t)pv.leaf_length << 32U)));
tmp[1U] = pv.node_offset;
tmp[2U] = (uint64_t)pv.node_depth ^ (uint64_t)pv.inner_length << 8U;
tmp[3U] = 0ULL;
@@ -1059,11 +1053,9 @@ static void reset_raw(Hacl_Hash_Blake2b_state_t *state, Hacl_Hash_Blake2b_params
uint64_t x = r;
os[i0] = x;);
tmp[0U] =
- (uint64_t)nn1
- ^
- ((uint64_t)kk2
- << 8U
- ^ ((uint64_t)pv.fanout << 16U ^ ((uint64_t)pv.depth << 24U ^ (uint64_t)pv.leaf_length << 32U)));
+ (uint64_t)nn1 ^
+ ((uint64_t)kk2 << 8U ^
+ ((uint64_t)pv.fanout << 16U ^ ((uint64_t)pv.depth << 24U ^ (uint64_t)pv.leaf_length << 32U)));
tmp[1U] = pv.node_offset;
tmp[2U] = (uint64_t)pv.node_depth ^ (uint64_t)pv.inner_length << 8U;
tmp[3U] = 0ULL;
@@ -1200,8 +1192,7 @@ Hacl_Hash_Blake2b_update(Hacl_Hash_Blake2b_state_t *state, uint8_t *chunk, uint3
uint8_t *buf2 = buf + sz1;
memcpy(buf2, chunk, chunk_len * sizeof (uint8_t));
uint64_t total_len2 = total_len1 + (uint64_t)chunk_len;
- *state
- =
+ *state =
(
(Hacl_Hash_Blake2b_state_t){
.block_state = block_state1,
@@ -1265,8 +1256,7 @@ Hacl_Hash_Blake2b_update(Hacl_Hash_Blake2b_state_t *state, uint8_t *chunk, uint3
nb);
uint8_t *dst = buf;
memcpy(dst, data2, data2_len * sizeof (uint8_t));
- *state
- =
+ *state =
(
(Hacl_Hash_Blake2b_state_t){
.block_state = block_state1,
@@ -1296,8 +1286,7 @@ Hacl_Hash_Blake2b_update(Hacl_Hash_Blake2b_state_t *state, uint8_t *chunk, uint3
uint8_t *buf2 = buf0 + sz10;
memcpy(buf2, chunk1, diff * sizeof (uint8_t));
uint64_t total_len2 = total_len10 + (uint64_t)diff;
- *state
- =
+ *state =
(
(Hacl_Hash_Blake2b_state_t){
.block_state = block_state10,
@@ -1359,8 +1348,7 @@ Hacl_Hash_Blake2b_update(Hacl_Hash_Blake2b_state_t *state, uint8_t *chunk, uint3
nb);
uint8_t *dst = buf;
memcpy(dst, data2, data2_len * sizeof (uint8_t));
- *state
- =
+ *state =
(
(Hacl_Hash_Blake2b_state_t){
.block_state = block_state1,
@@ -1690,14 +1678,10 @@ Hacl_Hash_Blake2b_hash_with_key_and_params(
uint64_t x = r;
os[i] = x;);
tmp[0U] =
- (uint64_t)nn
- ^
- ((uint64_t)kk
- << 8U
- ^
- ((uint64_t)params.fanout
- << 16U
- ^ ((uint64_t)params.depth << 24U ^ (uint64_t)params.leaf_length << 32U)));
+ (uint64_t)nn ^
+ ((uint64_t)kk << 8U ^
+ ((uint64_t)params.fanout << 16U ^
+ ((uint64_t)params.depth << 24U ^ (uint64_t)params.leaf_length << 32U)));
tmp[1U] = params.node_offset;
tmp[2U] = (uint64_t)params.node_depth ^ (uint64_t)params.inner_length << 8U;
tmp[3U] = 0ULL;
diff --git a/Modules/_hacl/Hacl_Hash_Blake2b_Simd256.c b/Modules/_hacl/Hacl_Hash_Blake2b_Simd256.c
index c4d9b4a689d..f955f1c6115 100644
--- a/Modules/_hacl/Hacl_Hash_Blake2b_Simd256.c
+++ b/Modules/_hacl/Hacl_Hash_Blake2b_Simd256.c
@@ -274,11 +274,9 @@ Hacl_Hash_Blake2b_Simd256_init(Lib_IntVector_Intrinsics_vec256 *hash, uint32_t k
uint64_t x = r;
os[i] = x;);
tmp[0U] =
- (uint64_t)nn1
- ^
- ((uint64_t)kk1
- << 8U
- ^ ((uint64_t)p.fanout << 16U ^ ((uint64_t)p.depth << 24U ^ (uint64_t)p.leaf_length << 32U)));
+ (uint64_t)nn1 ^
+ ((uint64_t)kk1 << 8U ^
+ ((uint64_t)p.fanout << 16U ^ ((uint64_t)p.depth << 24U ^ (uint64_t)p.leaf_length << 32U)));
tmp[1U] = p.node_offset;
tmp[2U] = (uint64_t)p.node_depth ^ (uint64_t)p.inner_length << 8U;
tmp[3U] = 0ULL;
@@ -746,14 +744,10 @@ static Hacl_Hash_Blake2b_Simd256_state_t
uint64_t x = r4;
os[i0] = x;);
tmp[0U] =
- (uint64_t)nn1
- ^
- ((uint64_t)kk2
- << 8U
- ^
- ((uint64_t)pv.fanout
- << 16U
- ^ ((uint64_t)pv.depth << 24U ^ (uint64_t)pv.leaf_length << 32U)));
+ (uint64_t)nn1 ^
+ ((uint64_t)kk2 << 8U ^
+ ((uint64_t)pv.fanout << 16U ^
+ ((uint64_t)pv.depth << 24U ^ (uint64_t)pv.leaf_length << 32U)));
tmp[1U] = pv.node_offset;
tmp[2U] = (uint64_t)pv.node_depth ^ (uint64_t)pv.inner_length << 8U;
tmp[3U] = 0ULL;
@@ -936,11 +930,9 @@ reset_raw(Hacl_Hash_Blake2b_Simd256_state_t *state, Hacl_Hash_Blake2b_params_and
uint64_t x = r;
os[i0] = x;);
tmp[0U] =
- (uint64_t)nn1
- ^
- ((uint64_t)kk2
- << 8U
- ^ ((uint64_t)pv.fanout << 16U ^ ((uint64_t)pv.depth << 24U ^ (uint64_t)pv.leaf_length << 32U)));
+ (uint64_t)nn1 ^
+ ((uint64_t)kk2 << 8U ^
+ ((uint64_t)pv.fanout << 16U ^ ((uint64_t)pv.depth << 24U ^ (uint64_t)pv.leaf_length << 32U)));
tmp[1U] = pv.node_offset;
tmp[2U] = (uint64_t)pv.node_depth ^ (uint64_t)pv.inner_length << 8U;
tmp[3U] = 0ULL;
@@ -1075,8 +1067,7 @@ Hacl_Hash_Blake2b_Simd256_update(
uint8_t *buf2 = buf + sz1;
memcpy(buf2, chunk, chunk_len * sizeof (uint8_t));
uint64_t total_len2 = total_len1 + (uint64_t)chunk_len;
- *state
- =
+ *state =
(
(Hacl_Hash_Blake2b_Simd256_state_t){
.block_state = block_state1,
@@ -1140,8 +1131,7 @@ Hacl_Hash_Blake2b_Simd256_update(
nb);
uint8_t *dst = buf;
memcpy(dst, data2, data2_len * sizeof (uint8_t));
- *state
- =
+ *state =
(
(Hacl_Hash_Blake2b_Simd256_state_t){
.block_state = block_state1,
@@ -1171,8 +1161,7 @@ Hacl_Hash_Blake2b_Simd256_update(
uint8_t *buf2 = buf0 + sz10;
memcpy(buf2, chunk1, diff * sizeof (uint8_t));
uint64_t total_len2 = total_len10 + (uint64_t)diff;
- *state
- =
+ *state =
(
(Hacl_Hash_Blake2b_Simd256_state_t){
.block_state = block_state10,
@@ -1234,8 +1223,7 @@ Hacl_Hash_Blake2b_Simd256_update(
nb);
uint8_t *dst = buf;
memcpy(dst, data2, data2_len * sizeof (uint8_t));
- *state
- =
+ *state =
(
(Hacl_Hash_Blake2b_Simd256_state_t){
.block_state = block_state1,
@@ -1578,14 +1566,10 @@ Hacl_Hash_Blake2b_Simd256_hash_with_key_and_params(
uint64_t x = r;
os[i] = x;);
tmp[0U] =
- (uint64_t)nn
- ^
- ((uint64_t)kk
- << 8U
- ^
- ((uint64_t)params.fanout
- << 16U
- ^ ((uint64_t)params.depth << 24U ^ (uint64_t)params.leaf_length << 32U)));
+ (uint64_t)nn ^
+ ((uint64_t)kk << 8U ^
+ ((uint64_t)params.fanout << 16U ^
+ ((uint64_t)params.depth << 24U ^ (uint64_t)params.leaf_length << 32U)));
tmp[1U] = params.node_offset;
tmp[2U] = (uint64_t)params.node_depth ^ (uint64_t)params.inner_length << 8U;
tmp[3U] = 0ULL;
diff --git a/Modules/_hacl/Hacl_Hash_Blake2s.c b/Modules/_hacl/Hacl_Hash_Blake2s.c
index 730ba135afb..0d4fcc7f395 100644
--- a/Modules/_hacl/Hacl_Hash_Blake2s.c
+++ b/Modules/_hacl/Hacl_Hash_Blake2s.c
@@ -543,13 +543,13 @@ void Hacl_Hash_Blake2s_init(uint32_t *hash, uint32_t kk, uint32_t nn)
uint32_t x = r;
os[i] = x;);
tmp[0U] =
- (uint32_t)(uint8_t)nn
- ^ ((uint32_t)(uint8_t)kk << 8U ^ ((uint32_t)p.fanout << 16U ^ (uint32_t)p.depth << 24U));
+ (uint32_t)(uint8_t)nn ^
+ ((uint32_t)(uint8_t)kk << 8U ^ ((uint32_t)p.fanout << 16U ^ (uint32_t)p.depth << 24U));
tmp[1U] = p.leaf_length;
tmp[2U] = (uint32_t)p.node_offset;
tmp[3U] =
- (uint32_t)(p.node_offset >> 32U)
- ^ ((uint32_t)p.node_depth << 16U ^ (uint32_t)p.inner_length << 24U);
+ (uint32_t)(p.node_offset >> 32U) ^
+ ((uint32_t)p.node_depth << 16U ^ (uint32_t)p.inner_length << 24U);
uint32_t tmp0 = tmp[0U];
uint32_t tmp1 = tmp[1U];
uint32_t tmp2 = tmp[2U];
@@ -846,16 +846,14 @@ static Hacl_Hash_Blake2s_state_t
uint32_t x = r4;
os[i0] = x;);
tmp[0U] =
- (uint32_t)pv.digest_length
- ^
- ((uint32_t)pv.key_length
- << 8U
- ^ ((uint32_t)pv.fanout << 16U ^ (uint32_t)pv.depth << 24U));
+ (uint32_t)pv.digest_length ^
+ ((uint32_t)pv.key_length << 8U ^
+ ((uint32_t)pv.fanout << 16U ^ (uint32_t)pv.depth << 24U));
tmp[1U] = pv.leaf_length;
tmp[2U] = (uint32_t)pv.node_offset;
tmp[3U] =
- (uint32_t)(pv.node_offset >> 32U)
- ^ ((uint32_t)pv.node_depth << 16U ^ (uint32_t)pv.inner_length << 24U);
+ (uint32_t)(pv.node_offset >> 32U) ^
+ ((uint32_t)pv.node_depth << 16U ^ (uint32_t)pv.inner_length << 24U);
uint32_t tmp0 = tmp[0U];
uint32_t tmp1 = tmp[1U];
uint32_t tmp2 = tmp[2U];
@@ -1042,13 +1040,13 @@ static void reset_raw(Hacl_Hash_Blake2s_state_t *state, Hacl_Hash_Blake2b_params
uint32_t x = r;
os[i0] = x;);
tmp[0U] =
- (uint32_t)pv.digest_length
- ^ ((uint32_t)pv.key_length << 8U ^ ((uint32_t)pv.fanout << 16U ^ (uint32_t)pv.depth << 24U));
+ (uint32_t)pv.digest_length ^
+ ((uint32_t)pv.key_length << 8U ^ ((uint32_t)pv.fanout << 16U ^ (uint32_t)pv.depth << 24U));
tmp[1U] = pv.leaf_length;
tmp[2U] = (uint32_t)pv.node_offset;
tmp[3U] =
- (uint32_t)(pv.node_offset >> 32U)
- ^ ((uint32_t)pv.node_depth << 16U ^ (uint32_t)pv.inner_length << 24U);
+ (uint32_t)(pv.node_offset >> 32U) ^
+ ((uint32_t)pv.node_depth << 16U ^ (uint32_t)pv.inner_length << 24U);
uint32_t tmp0 = tmp[0U];
uint32_t tmp1 = tmp[1U];
uint32_t tmp2 = tmp[2U];
@@ -1182,8 +1180,7 @@ Hacl_Hash_Blake2s_update(Hacl_Hash_Blake2s_state_t *state, uint8_t *chunk, uint3
uint8_t *buf2 = buf + sz1;
memcpy(buf2, chunk, chunk_len * sizeof (uint8_t));
uint64_t total_len2 = total_len1 + (uint64_t)chunk_len;
- *state
- =
+ *state =
(
(Hacl_Hash_Blake2s_state_t){
.block_state = block_state1,
@@ -1237,8 +1234,7 @@ Hacl_Hash_Blake2s_update(Hacl_Hash_Blake2s_state_t *state, uint8_t *chunk, uint3
Hacl_Hash_Blake2s_update_multi(data1_len, wv, hash, total_len1, data1, nb);
uint8_t *dst = buf;
memcpy(dst, data2, data2_len * sizeof (uint8_t));
- *state
- =
+ *state =
(
(Hacl_Hash_Blake2s_state_t){
.block_state = block_state1,
@@ -1268,8 +1264,7 @@ Hacl_Hash_Blake2s_update(Hacl_Hash_Blake2s_state_t *state, uint8_t *chunk, uint3
uint8_t *buf2 = buf0 + sz10;
memcpy(buf2, chunk1, diff * sizeof (uint8_t));
uint64_t total_len2 = total_len10 + (uint64_t)diff;
- *state
- =
+ *state =
(
(Hacl_Hash_Blake2s_state_t){
.block_state = block_state10,
@@ -1321,8 +1316,7 @@ Hacl_Hash_Blake2s_update(Hacl_Hash_Blake2s_state_t *state, uint8_t *chunk, uint3
Hacl_Hash_Blake2s_update_multi(data1_len, wv, hash, total_len1, data1, nb);
uint8_t *dst = buf;
memcpy(dst, data2, data2_len * sizeof (uint8_t));
- *state
- =
+ *state =
(
(Hacl_Hash_Blake2s_state_t){
.block_state = block_state1,
@@ -1639,16 +1633,14 @@ Hacl_Hash_Blake2s_hash_with_key_and_params(
uint32_t x = r;
os[i] = x;);
tmp[0U] =
- (uint32_t)params.digest_length
- ^
- ((uint32_t)params.key_length
- << 8U
- ^ ((uint32_t)params.fanout << 16U ^ (uint32_t)params.depth << 24U));
+ (uint32_t)params.digest_length ^
+ ((uint32_t)params.key_length << 8U ^
+ ((uint32_t)params.fanout << 16U ^ (uint32_t)params.depth << 24U));
tmp[1U] = params.leaf_length;
tmp[2U] = (uint32_t)params.node_offset;
tmp[3U] =
- (uint32_t)(params.node_offset >> 32U)
- ^ ((uint32_t)params.node_depth << 16U ^ (uint32_t)params.inner_length << 24U);
+ (uint32_t)(params.node_offset >> 32U) ^
+ ((uint32_t)params.node_depth << 16U ^ (uint32_t)params.inner_length << 24U);
uint32_t tmp0 = tmp[0U];
uint32_t tmp1 = tmp[1U];
uint32_t tmp2 = tmp[2U];
diff --git a/Modules/_hacl/Hacl_Hash_Blake2s_Simd128.c b/Modules/_hacl/Hacl_Hash_Blake2s_Simd128.c
index 7e9cd79544f..fa46be045f3 100644
--- a/Modules/_hacl/Hacl_Hash_Blake2s_Simd128.c
+++ b/Modules/_hacl/Hacl_Hash_Blake2s_Simd128.c
@@ -271,13 +271,13 @@ Hacl_Hash_Blake2s_Simd128_init(Lib_IntVector_Intrinsics_vec128 *hash, uint32_t k
uint32_t x = r;
os[i] = x;);
tmp[0U] =
- (uint32_t)(uint8_t)nn
- ^ ((uint32_t)(uint8_t)kk << 8U ^ ((uint32_t)p.fanout << 16U ^ (uint32_t)p.depth << 24U));
+ (uint32_t)(uint8_t)nn ^
+ ((uint32_t)(uint8_t)kk << 8U ^ ((uint32_t)p.fanout << 16U ^ (uint32_t)p.depth << 24U));
tmp[1U] = p.leaf_length;
tmp[2U] = (uint32_t)p.node_offset;
tmp[3U] =
- (uint32_t)(p.node_offset >> 32U)
- ^ ((uint32_t)p.node_depth << 16U ^ (uint32_t)p.inner_length << 24U);
+ (uint32_t)(p.node_offset >> 32U) ^
+ ((uint32_t)p.node_depth << 16U ^ (uint32_t)p.inner_length << 24U);
uint32_t tmp0 = tmp[0U];
uint32_t tmp1 = tmp[1U];
uint32_t tmp2 = tmp[2U];
@@ -736,16 +736,14 @@ static Hacl_Hash_Blake2s_Simd128_state_t
uint32_t x = r4;
os[i0] = x;);
tmp[0U] =
- (uint32_t)pv.digest_length
- ^
- ((uint32_t)pv.key_length
- << 8U
- ^ ((uint32_t)pv.fanout << 16U ^ (uint32_t)pv.depth << 24U));
+ (uint32_t)pv.digest_length ^
+ ((uint32_t)pv.key_length << 8U ^
+ ((uint32_t)pv.fanout << 16U ^ (uint32_t)pv.depth << 24U));
tmp[1U] = pv.leaf_length;
tmp[2U] = (uint32_t)pv.node_offset;
tmp[3U] =
- (uint32_t)(pv.node_offset >> 32U)
- ^ ((uint32_t)pv.node_depth << 16U ^ (uint32_t)pv.inner_length << 24U);
+ (uint32_t)(pv.node_offset >> 32U) ^
+ ((uint32_t)pv.node_depth << 16U ^ (uint32_t)pv.inner_length << 24U);
uint32_t tmp0 = tmp[0U];
uint32_t tmp1 = tmp[1U];
uint32_t tmp2 = tmp[2U];
@@ -923,13 +921,13 @@ reset_raw(Hacl_Hash_Blake2s_Simd128_state_t *state, Hacl_Hash_Blake2b_params_and
uint32_t x = r;
os[i0] = x;);
tmp[0U] =
- (uint32_t)pv.digest_length
- ^ ((uint32_t)pv.key_length << 8U ^ ((uint32_t)pv.fanout << 16U ^ (uint32_t)pv.depth << 24U));
+ (uint32_t)pv.digest_length ^
+ ((uint32_t)pv.key_length << 8U ^ ((uint32_t)pv.fanout << 16U ^ (uint32_t)pv.depth << 24U));
tmp[1U] = pv.leaf_length;
tmp[2U] = (uint32_t)pv.node_offset;
tmp[3U] =
- (uint32_t)(pv.node_offset >> 32U)
- ^ ((uint32_t)pv.node_depth << 16U ^ (uint32_t)pv.inner_length << 24U);
+ (uint32_t)(pv.node_offset >> 32U) ^
+ ((uint32_t)pv.node_depth << 16U ^ (uint32_t)pv.inner_length << 24U);
uint32_t tmp0 = tmp[0U];
uint32_t tmp1 = tmp[1U];
uint32_t tmp2 = tmp[2U];
@@ -1061,8 +1059,7 @@ Hacl_Hash_Blake2s_Simd128_update(
uint8_t *buf2 = buf + sz1;
memcpy(buf2, chunk, chunk_len * sizeof (uint8_t));
uint64_t total_len2 = total_len1 + (uint64_t)chunk_len;
- *state
- =
+ *state =
(
(Hacl_Hash_Blake2s_Simd128_state_t){
.block_state = block_state1,
@@ -1116,8 +1113,7 @@ Hacl_Hash_Blake2s_Simd128_update(
Hacl_Hash_Blake2s_Simd128_update_multi(data1_len, wv, hash, total_len1, data1, nb);
uint8_t *dst = buf;
memcpy(dst, data2, data2_len * sizeof (uint8_t));
- *state
- =
+ *state =
(
(Hacl_Hash_Blake2s_Simd128_state_t){
.block_state = block_state1,
@@ -1147,8 +1143,7 @@ Hacl_Hash_Blake2s_Simd128_update(
uint8_t *buf2 = buf0 + sz10;
memcpy(buf2, chunk1, diff * sizeof (uint8_t));
uint64_t total_len2 = total_len10 + (uint64_t)diff;
- *state
- =
+ *state =
(
(Hacl_Hash_Blake2s_Simd128_state_t){
.block_state = block_state10,
@@ -1200,8 +1195,7 @@ Hacl_Hash_Blake2s_Simd128_update(
Hacl_Hash_Blake2s_Simd128_update_multi(data1_len, wv, hash, total_len1, data1, nb);
uint8_t *dst = buf;
memcpy(dst, data2, data2_len * sizeof (uint8_t));
- *state
- =
+ *state =
(
(Hacl_Hash_Blake2s_Simd128_state_t){
.block_state = block_state1,
@@ -1531,16 +1525,14 @@ Hacl_Hash_Blake2s_Simd128_hash_with_key_and_params(
uint32_t x = r;
os[i] = x;);
tmp[0U] =
- (uint32_t)params.digest_length
- ^
- ((uint32_t)params.key_length
- << 8U
- ^ ((uint32_t)params.fanout << 16U ^ (uint32_t)params.depth << 24U));
+ (uint32_t)params.digest_length ^
+ ((uint32_t)params.key_length << 8U ^
+ ((uint32_t)params.fanout << 16U ^ (uint32_t)params.depth << 24U));
tmp[1U] = params.leaf_length;
tmp[2U] = (uint32_t)params.node_offset;
tmp[3U] =
- (uint32_t)(params.node_offset >> 32U)
- ^ ((uint32_t)params.node_depth << 16U ^ (uint32_t)params.inner_length << 24U);
+ (uint32_t)(params.node_offset >> 32U) ^
+ ((uint32_t)params.node_depth << 16U ^ (uint32_t)params.inner_length << 24U);
uint32_t tmp0 = tmp[0U];
uint32_t tmp1 = tmp[1U];
uint32_t tmp2 = tmp[2U];
diff --git a/Modules/_hacl/Hacl_Hash_MD5.c b/Modules/_hacl/Hacl_Hash_MD5.c
index 75ce8d2926e..305c75483c0 100644
--- a/Modules/_hacl/Hacl_Hash_MD5.c
+++ b/Modules/_hacl/Hacl_Hash_MD5.c
@@ -66,11 +66,9 @@ static void update(uint32_t *abcd, uint8_t *x)
uint32_t ti0 = _t[0U];
uint32_t
v =
- vb0
- +
- ((va + ((vb0 & vc0) | (~vb0 & vd0)) + xk + ti0)
- << 7U
- | (va + ((vb0 & vc0) | (~vb0 & vd0)) + xk + ti0) >> 25U);
+ vb0 +
+ ((va + ((vb0 & vc0) | (~vb0 & vd0)) + xk + ti0) << 7U |
+ (va + ((vb0 & vc0) | (~vb0 & vd0)) + xk + ti0) >> 25U);
abcd[0U] = v;
uint32_t va0 = abcd[3U];
uint32_t vb1 = abcd[0U];
@@ -82,11 +80,9 @@ static void update(uint32_t *abcd, uint8_t *x)
uint32_t ti1 = _t[1U];
uint32_t
v0 =
- vb1
- +
- ((va0 + ((vb1 & vc1) | (~vb1 & vd1)) + xk0 + ti1)
- << 12U
- | (va0 + ((vb1 & vc1) | (~vb1 & vd1)) + xk0 + ti1) >> 20U);
+ vb1 +
+ ((va0 + ((vb1 & vc1) | (~vb1 & vd1)) + xk0 + ti1) << 12U |
+ (va0 + ((vb1 & vc1) | (~vb1 & vd1)) + xk0 + ti1) >> 20U);
abcd[3U] = v0;
uint32_t va1 = abcd[2U];
uint32_t vb2 = abcd[3U];
@@ -98,11 +94,9 @@ static void update(uint32_t *abcd, uint8_t *x)
uint32_t ti2 = _t[2U];
uint32_t
v1 =
- vb2
- +
- ((va1 + ((vb2 & vc2) | (~vb2 & vd2)) + xk1 + ti2)
- << 17U
- | (va1 + ((vb2 & vc2) | (~vb2 & vd2)) + xk1 + ti2) >> 15U);
+ vb2 +
+ ((va1 + ((vb2 & vc2) | (~vb2 & vd2)) + xk1 + ti2) << 17U |
+ (va1 + ((vb2 & vc2) | (~vb2 & vd2)) + xk1 + ti2) >> 15U);
abcd[2U] = v1;
uint32_t va2 = abcd[1U];
uint32_t vb3 = abcd[2U];
@@ -114,11 +108,9 @@ static void update(uint32_t *abcd, uint8_t *x)
uint32_t ti3 = _t[3U];
uint32_t
v2 =
- vb3
- +
- ((va2 + ((vb3 & vc3) | (~vb3 & vd3)) + xk2 + ti3)
- << 22U
- | (va2 + ((vb3 & vc3) | (~vb3 & vd3)) + xk2 + ti3) >> 10U);
+ vb3 +
+ ((va2 + ((vb3 & vc3) | (~vb3 & vd3)) + xk2 + ti3) << 22U |
+ (va2 + ((vb3 & vc3) | (~vb3 & vd3)) + xk2 + ti3) >> 10U);
abcd[1U] = v2;
uint32_t va3 = abcd[0U];
uint32_t vb4 = abcd[1U];
@@ -130,11 +122,9 @@ static void update(uint32_t *abcd, uint8_t *x)
uint32_t ti4 = _t[4U];
uint32_t
v3 =
- vb4
- +
- ((va3 + ((vb4 & vc4) | (~vb4 & vd4)) + xk3 + ti4)
- << 7U
- | (va3 + ((vb4 & vc4) | (~vb4 & vd4)) + xk3 + ti4) >> 25U);
+ vb4 +
+ ((va3 + ((vb4 & vc4) | (~vb4 & vd4)) + xk3 + ti4) << 7U |
+ (va3 + ((vb4 & vc4) | (~vb4 & vd4)) + xk3 + ti4) >> 25U);
abcd[0U] = v3;
uint32_t va4 = abcd[3U];
uint32_t vb5 = abcd[0U];
@@ -146,11 +136,9 @@ static void update(uint32_t *abcd, uint8_t *x)
uint32_t ti5 = _t[5U];
uint32_t
v4 =
- vb5
- +
- ((va4 + ((vb5 & vc5) | (~vb5 & vd5)) + xk4 + ti5)
- << 12U
- | (va4 + ((vb5 & vc5) | (~vb5 & vd5)) + xk4 + ti5) >> 20U);
+ vb5 +
+ ((va4 + ((vb5 & vc5) | (~vb5 & vd5)) + xk4 + ti5) << 12U |
+ (va4 + ((vb5 & vc5) | (~vb5 & vd5)) + xk4 + ti5) >> 20U);
abcd[3U] = v4;
uint32_t va5 = abcd[2U];
uint32_t vb6 = abcd[3U];
@@ -162,11 +150,9 @@ static void update(uint32_t *abcd, uint8_t *x)
uint32_t ti6 = _t[6U];
uint32_t
v5 =
- vb6
- +
- ((va5 + ((vb6 & vc6) | (~vb6 & vd6)) + xk5 + ti6)
- << 17U
- | (va5 + ((vb6 & vc6) | (~vb6 & vd6)) + xk5 + ti6) >> 15U);
+ vb6 +
+ ((va5 + ((vb6 & vc6) | (~vb6 & vd6)) + xk5 + ti6) << 17U |
+ (va5 + ((vb6 & vc6) | (~vb6 & vd6)) + xk5 + ti6) >> 15U);
abcd[2U] = v5;
uint32_t va6 = abcd[1U];
uint32_t vb7 = abcd[2U];
@@ -178,11 +164,9 @@ static void update(uint32_t *abcd, uint8_t *x)
uint32_t ti7 = _t[7U];
uint32_t
v6 =
- vb7
- +
- ((va6 + ((vb7 & vc7) | (~vb7 & vd7)) + xk6 + ti7)
- << 22U
- | (va6 + ((vb7 & vc7) | (~vb7 & vd7)) + xk6 + ti7) >> 10U);
+ vb7 +
+ ((va6 + ((vb7 & vc7) | (~vb7 & vd7)) + xk6 + ti7) << 22U |
+ (va6 + ((vb7 & vc7) | (~vb7 & vd7)) + xk6 + ti7) >> 10U);
abcd[1U] = v6;
uint32_t va7 = abcd[0U];
uint32_t vb8 = abcd[1U];
@@ -194,11 +178,9 @@ static void update(uint32_t *abcd, uint8_t *x)
uint32_t ti8 = _t[8U];
uint32_t
v7 =
- vb8
- +
- ((va7 + ((vb8 & vc8) | (~vb8 & vd8)) + xk7 + ti8)
- << 7U
- | (va7 + ((vb8 & vc8) | (~vb8 & vd8)) + xk7 + ti8) >> 25U);
+ vb8 +
+ ((va7 + ((vb8 & vc8) | (~vb8 & vd8)) + xk7 + ti8) << 7U |
+ (va7 + ((vb8 & vc8) | (~vb8 & vd8)) + xk7 + ti8) >> 25U);
abcd[0U] = v7;
uint32_t va8 = abcd[3U];
uint32_t vb9 = abcd[0U];
@@ -210,11 +192,9 @@ static void update(uint32_t *abcd, uint8_t *x)
uint32_t ti9 = _t[9U];
uint32_t
v8 =
- vb9
- +
- ((va8 + ((vb9 & vc9) | (~vb9 & vd9)) + xk8 + ti9)
- << 12U
- | (va8 + ((vb9 & vc9) | (~vb9 & vd9)) + xk8 + ti9) >> 20U);
+ vb9 +
+ ((va8 + ((vb9 & vc9) | (~vb9 & vd9)) + xk8 + ti9) << 12U |
+ (va8 + ((vb9 & vc9) | (~vb9 & vd9)) + xk8 + ti9) >> 20U);
abcd[3U] = v8;
uint32_t va9 = abcd[2U];
uint32_t vb10 = abcd[3U];
@@ -226,11 +206,9 @@ static void update(uint32_t *abcd, uint8_t *x)
uint32_t ti10 = _t[10U];
uint32_t
v9 =
- vb10
- +
- ((va9 + ((vb10 & vc10) | (~vb10 & vd10)) + xk9 + ti10)
- << 17U
- | (va9 + ((vb10 & vc10) | (~vb10 & vd10)) + xk9 + ti10) >> 15U);
+ vb10 +
+ ((va9 + ((vb10 & vc10) | (~vb10 & vd10)) + xk9 + ti10) << 17U |
+ (va9 + ((vb10 & vc10) | (~vb10 & vd10)) + xk9 + ti10) >> 15U);
abcd[2U] = v9;
uint32_t va10 = abcd[1U];
uint32_t vb11 = abcd[2U];
@@ -242,11 +220,9 @@ static void update(uint32_t *abcd, uint8_t *x)
uint32_t ti11 = _t[11U];
uint32_t
v10 =
- vb11
- +
- ((va10 + ((vb11 & vc11) | (~vb11 & vd11)) + xk10 + ti11)
- << 22U
- | (va10 + ((vb11 & vc11) | (~vb11 & vd11)) + xk10 + ti11) >> 10U);
+ vb11 +
+ ((va10 + ((vb11 & vc11) | (~vb11 & vd11)) + xk10 + ti11) << 22U |
+ (va10 + ((vb11 & vc11) | (~vb11 & vd11)) + xk10 + ti11) >> 10U);
abcd[1U] = v10;
uint32_t va11 = abcd[0U];
uint32_t vb12 = abcd[1U];
@@ -258,11 +234,9 @@ static void update(uint32_t *abcd, uint8_t *x)
uint32_t ti12 = _t[12U];
uint32_t
v11 =
- vb12
- +
- ((va11 + ((vb12 & vc12) | (~vb12 & vd12)) + xk11 + ti12)
- << 7U
- | (va11 + ((vb12 & vc12) | (~vb12 & vd12)) + xk11 + ti12) >> 25U);
+ vb12 +
+ ((va11 + ((vb12 & vc12) | (~vb12 & vd12)) + xk11 + ti12) << 7U |
+ (va11 + ((vb12 & vc12) | (~vb12 & vd12)) + xk11 + ti12) >> 25U);
abcd[0U] = v11;
uint32_t va12 = abcd[3U];
uint32_t vb13 = abcd[0U];
@@ -274,11 +248,9 @@ static void update(uint32_t *abcd, uint8_t *x)
uint32_t ti13 = _t[13U];
uint32_t
v12 =
- vb13
- +
- ((va12 + ((vb13 & vc13) | (~vb13 & vd13)) + xk12 + ti13)
- << 12U
- | (va12 + ((vb13 & vc13) | (~vb13 & vd13)) + xk12 + ti13) >> 20U);
+ vb13 +
+ ((va12 + ((vb13 & vc13) | (~vb13 & vd13)) + xk12 + ti13) << 12U |
+ (va12 + ((vb13 & vc13) | (~vb13 & vd13)) + xk12 + ti13) >> 20U);
abcd[3U] = v12;
uint32_t va13 = abcd[2U];
uint32_t vb14 = abcd[3U];
@@ -290,11 +262,9 @@ static void update(uint32_t *abcd, uint8_t *x)
uint32_t ti14 = _t[14U];
uint32_t
v13 =
- vb14
- +
- ((va13 + ((vb14 & vc14) | (~vb14 & vd14)) + xk13 + ti14)
- << 17U
- | (va13 + ((vb14 & vc14) | (~vb14 & vd14)) + xk13 + ti14) >> 15U);
+ vb14 +
+ ((va13 + ((vb14 & vc14) | (~vb14 & vd14)) + xk13 + ti14) << 17U |
+ (va13 + ((vb14 & vc14) | (~vb14 & vd14)) + xk13 + ti14) >> 15U);
abcd[2U] = v13;
uint32_t va14 = abcd[1U];
uint32_t vb15 = abcd[2U];
@@ -306,11 +276,9 @@ static void update(uint32_t *abcd, uint8_t *x)
uint32_t ti15 = _t[15U];
uint32_t
v14 =
- vb15
- +
- ((va14 + ((vb15 & vc15) | (~vb15 & vd15)) + xk14 + ti15)
- << 22U
- | (va14 + ((vb15 & vc15) | (~vb15 & vd15)) + xk14 + ti15) >> 10U);
+ vb15 +
+ ((va14 + ((vb15 & vc15) | (~vb15 & vd15)) + xk14 + ti15) << 22U |
+ (va14 + ((vb15 & vc15) | (~vb15 & vd15)) + xk14 + ti15) >> 10U);
abcd[1U] = v14;
uint32_t va15 = abcd[0U];
uint32_t vb16 = abcd[1U];
@@ -322,11 +290,9 @@ static void update(uint32_t *abcd, uint8_t *x)
uint32_t ti16 = _t[16U];
uint32_t
v15 =
- vb16
- +
- ((va15 + ((vb16 & vd16) | (vc16 & ~vd16)) + xk15 + ti16)
- << 5U
- | (va15 + ((vb16 & vd16) | (vc16 & ~vd16)) + xk15 + ti16) >> 27U);
+ vb16 +
+ ((va15 + ((vb16 & vd16) | (vc16 & ~vd16)) + xk15 + ti16) << 5U |
+ (va15 + ((vb16 & vd16) | (vc16 & ~vd16)) + xk15 + ti16) >> 27U);
abcd[0U] = v15;
uint32_t va16 = abcd[3U];
uint32_t vb17 = abcd[0U];
@@ -338,11 +304,9 @@ static void update(uint32_t *abcd, uint8_t *x)
uint32_t ti17 = _t[17U];
uint32_t
v16 =
- vb17
- +
- ((va16 + ((vb17 & vd17) | (vc17 & ~vd17)) + xk16 + ti17)
- << 9U
- | (va16 + ((vb17 & vd17) | (vc17 & ~vd17)) + xk16 + ti17) >> 23U);
+ vb17 +
+ ((va16 + ((vb17 & vd17) | (vc17 & ~vd17)) + xk16 + ti17) << 9U |
+ (va16 + ((vb17 & vd17) | (vc17 & ~vd17)) + xk16 + ti17) >> 23U);
abcd[3U] = v16;
uint32_t va17 = abcd[2U];
uint32_t vb18 = abcd[3U];
@@ -354,11 +318,9 @@ static void update(uint32_t *abcd, uint8_t *x)
uint32_t ti18 = _t[18U];
uint32_t
v17 =
- vb18
- +
- ((va17 + ((vb18 & vd18) | (vc18 & ~vd18)) + xk17 + ti18)
- << 14U
- | (va17 + ((vb18 & vd18) | (vc18 & ~vd18)) + xk17 + ti18) >> 18U);
+ vb18 +
+ ((va17 + ((vb18 & vd18) | (vc18 & ~vd18)) + xk17 + ti18) << 14U |
+ (va17 + ((vb18 & vd18) | (vc18 & ~vd18)) + xk17 + ti18) >> 18U);
abcd[2U] = v17;
uint32_t va18 = abcd[1U];
uint32_t vb19 = abcd[2U];
@@ -370,11 +332,9 @@ static void update(uint32_t *abcd, uint8_t *x)
uint32_t ti19 = _t[19U];
uint32_t
v18 =
- vb19
- +
- ((va18 + ((vb19 & vd19) | (vc19 & ~vd19)) + xk18 + ti19)
- << 20U
- | (va18 + ((vb19 & vd19) | (vc19 & ~vd19)) + xk18 + ti19) >> 12U);
+ vb19 +
+ ((va18 + ((vb19 & vd19) | (vc19 & ~vd19)) + xk18 + ti19) << 20U |
+ (va18 + ((vb19 & vd19) | (vc19 & ~vd19)) + xk18 + ti19) >> 12U);
abcd[1U] = v18;
uint32_t va19 = abcd[0U];
uint32_t vb20 = abcd[1U];
@@ -386,11 +346,9 @@ static void update(uint32_t *abcd, uint8_t *x)
uint32_t ti20 = _t[20U];
uint32_t
v19 =
- vb20
- +
- ((va19 + ((vb20 & vd20) | (vc20 & ~vd20)) + xk19 + ti20)
- << 5U
- | (va19 + ((vb20 & vd20) | (vc20 & ~vd20)) + xk19 + ti20) >> 27U);
+ vb20 +
+ ((va19 + ((vb20 & vd20) | (vc20 & ~vd20)) + xk19 + ti20) << 5U |
+ (va19 + ((vb20 & vd20) | (vc20 & ~vd20)) + xk19 + ti20) >> 27U);
abcd[0U] = v19;
uint32_t va20 = abcd[3U];
uint32_t vb21 = abcd[0U];
@@ -402,11 +360,9 @@ static void update(uint32_t *abcd, uint8_t *x)
uint32_t ti21 = _t[21U];
uint32_t
v20 =
- vb21
- +
- ((va20 + ((vb21 & vd21) | (vc21 & ~vd21)) + xk20 + ti21)
- << 9U
- | (va20 + ((vb21 & vd21) | (vc21 & ~vd21)) + xk20 + ti21) >> 23U);
+ vb21 +
+ ((va20 + ((vb21 & vd21) | (vc21 & ~vd21)) + xk20 + ti21) << 9U |
+ (va20 + ((vb21 & vd21) | (vc21 & ~vd21)) + xk20 + ti21) >> 23U);
abcd[3U] = v20;
uint32_t va21 = abcd[2U];
uint32_t vb22 = abcd[3U];
@@ -418,11 +374,9 @@ static void update(uint32_t *abcd, uint8_t *x)
uint32_t ti22 = _t[22U];
uint32_t
v21 =
- vb22
- +
- ((va21 + ((vb22 & vd22) | (vc22 & ~vd22)) + xk21 + ti22)
- << 14U
- | (va21 + ((vb22 & vd22) | (vc22 & ~vd22)) + xk21 + ti22) >> 18U);
+ vb22 +
+ ((va21 + ((vb22 & vd22) | (vc22 & ~vd22)) + xk21 + ti22) << 14U |
+ (va21 + ((vb22 & vd22) | (vc22 & ~vd22)) + xk21 + ti22) >> 18U);
abcd[2U] = v21;
uint32_t va22 = abcd[1U];
uint32_t vb23 = abcd[2U];
@@ -434,11 +388,9 @@ static void update(uint32_t *abcd, uint8_t *x)
uint32_t ti23 = _t[23U];
uint32_t
v22 =
- vb23
- +
- ((va22 + ((vb23 & vd23) | (vc23 & ~vd23)) + xk22 + ti23)
- << 20U
- | (va22 + ((vb23 & vd23) | (vc23 & ~vd23)) + xk22 + ti23) >> 12U);
+ vb23 +
+ ((va22 + ((vb23 & vd23) | (vc23 & ~vd23)) + xk22 + ti23) << 20U |
+ (va22 + ((vb23 & vd23) | (vc23 & ~vd23)) + xk22 + ti23) >> 12U);
abcd[1U] = v22;
uint32_t va23 = abcd[0U];
uint32_t vb24 = abcd[1U];
@@ -450,11 +402,9 @@ static void update(uint32_t *abcd, uint8_t *x)
uint32_t ti24 = _t[24U];
uint32_t
v23 =
- vb24
- +
- ((va23 + ((vb24 & vd24) | (vc24 & ~vd24)) + xk23 + ti24)
- << 5U
- | (va23 + ((vb24 & vd24) | (vc24 & ~vd24)) + xk23 + ti24) >> 27U);
+ vb24 +
+ ((va23 + ((vb24 & vd24) | (vc24 & ~vd24)) + xk23 + ti24) << 5U |
+ (va23 + ((vb24 & vd24) | (vc24 & ~vd24)) + xk23 + ti24) >> 27U);
abcd[0U] = v23;
uint32_t va24 = abcd[3U];
uint32_t vb25 = abcd[0U];
@@ -466,11 +416,9 @@ static void update(uint32_t *abcd, uint8_t *x)
uint32_t ti25 = _t[25U];
uint32_t
v24 =
- vb25
- +
- ((va24 + ((vb25 & vd25) | (vc25 & ~vd25)) + xk24 + ti25)
- << 9U
- | (va24 + ((vb25 & vd25) | (vc25 & ~vd25)) + xk24 + ti25) >> 23U);
+ vb25 +
+ ((va24 + ((vb25 & vd25) | (vc25 & ~vd25)) + xk24 + ti25) << 9U |
+ (va24 + ((vb25 & vd25) | (vc25 & ~vd25)) + xk24 + ti25) >> 23U);
abcd[3U] = v24;
uint32_t va25 = abcd[2U];
uint32_t vb26 = abcd[3U];
@@ -482,11 +430,9 @@ static void update(uint32_t *abcd, uint8_t *x)
uint32_t ti26 = _t[26U];
uint32_t
v25 =
- vb26
- +
- ((va25 + ((vb26 & vd26) | (vc26 & ~vd26)) + xk25 + ti26)
- << 14U
- | (va25 + ((vb26 & vd26) | (vc26 & ~vd26)) + xk25 + ti26) >> 18U);
+ vb26 +
+ ((va25 + ((vb26 & vd26) | (vc26 & ~vd26)) + xk25 + ti26) << 14U |
+ (va25 + ((vb26 & vd26) | (vc26 & ~vd26)) + xk25 + ti26) >> 18U);
abcd[2U] = v25;
uint32_t va26 = abcd[1U];
uint32_t vb27 = abcd[2U];
@@ -498,11 +444,9 @@ static void update(uint32_t *abcd, uint8_t *x)
uint32_t ti27 = _t[27U];
uint32_t
v26 =
- vb27
- +
- ((va26 + ((vb27 & vd27) | (vc27 & ~vd27)) + xk26 + ti27)
- << 20U
- | (va26 + ((vb27 & vd27) | (vc27 & ~vd27)) + xk26 + ti27) >> 12U);
+ vb27 +
+ ((va26 + ((vb27 & vd27) | (vc27 & ~vd27)) + xk26 + ti27) << 20U |
+ (va26 + ((vb27 & vd27) | (vc27 & ~vd27)) + xk26 + ti27) >> 12U);
abcd[1U] = v26;
uint32_t va27 = abcd[0U];
uint32_t vb28 = abcd[1U];
@@ -514,11 +458,9 @@ static void update(uint32_t *abcd, uint8_t *x)
uint32_t ti28 = _t[28U];
uint32_t
v27 =
- vb28
- +
- ((va27 + ((vb28 & vd28) | (vc28 & ~vd28)) + xk27 + ti28)
- << 5U
- | (va27 + ((vb28 & vd28) | (vc28 & ~vd28)) + xk27 + ti28) >> 27U);
+ vb28 +
+ ((va27 + ((vb28 & vd28) | (vc28 & ~vd28)) + xk27 + ti28) << 5U |
+ (va27 + ((vb28 & vd28) | (vc28 & ~vd28)) + xk27 + ti28) >> 27U);
abcd[0U] = v27;
uint32_t va28 = abcd[3U];
uint32_t vb29 = abcd[0U];
@@ -530,11 +472,9 @@ static void update(uint32_t *abcd, uint8_t *x)
uint32_t ti29 = _t[29U];
uint32_t
v28 =
- vb29
- +
- ((va28 + ((vb29 & vd29) | (vc29 & ~vd29)) + xk28 + ti29)
- << 9U
- | (va28 + ((vb29 & vd29) | (vc29 & ~vd29)) + xk28 + ti29) >> 23U);
+ vb29 +
+ ((va28 + ((vb29 & vd29) | (vc29 & ~vd29)) + xk28 + ti29) << 9U |
+ (va28 + ((vb29 & vd29) | (vc29 & ~vd29)) + xk28 + ti29) >> 23U);
abcd[3U] = v28;
uint32_t va29 = abcd[2U];
uint32_t vb30 = abcd[3U];
@@ -546,11 +486,9 @@ static void update(uint32_t *abcd, uint8_t *x)
uint32_t ti30 = _t[30U];
uint32_t
v29 =
- vb30
- +
- ((va29 + ((vb30 & vd30) | (vc30 & ~vd30)) + xk29 + ti30)
- << 14U
- | (va29 + ((vb30 & vd30) | (vc30 & ~vd30)) + xk29 + ti30) >> 18U);
+ vb30 +
+ ((va29 + ((vb30 & vd30) | (vc30 & ~vd30)) + xk29 + ti30) << 14U |
+ (va29 + ((vb30 & vd30) | (vc30 & ~vd30)) + xk29 + ti30) >> 18U);
abcd[2U] = v29;
uint32_t va30 = abcd[1U];
uint32_t vb31 = abcd[2U];
@@ -562,11 +500,9 @@ static void update(uint32_t *abcd, uint8_t *x)
uint32_t ti31 = _t[31U];
uint32_t
v30 =
- vb31
- +
- ((va30 + ((vb31 & vd31) | (vc31 & ~vd31)) + xk30 + ti31)
- << 20U
- | (va30 + ((vb31 & vd31) | (vc31 & ~vd31)) + xk30 + ti31) >> 12U);
+ vb31 +
+ ((va30 + ((vb31 & vd31) | (vc31 & ~vd31)) + xk30 + ti31) << 20U |
+ (va30 + ((vb31 & vd31) | (vc31 & ~vd31)) + xk30 + ti31) >> 12U);
abcd[1U] = v30;
uint32_t va31 = abcd[0U];
uint32_t vb32 = abcd[1U];
@@ -578,11 +514,9 @@ static void update(uint32_t *abcd, uint8_t *x)
uint32_t ti32 = _t[32U];
uint32_t
v31 =
- vb32
- +
- ((va31 + (vb32 ^ (vc32 ^ vd32)) + xk31 + ti32)
- << 4U
- | (va31 + (vb32 ^ (vc32 ^ vd32)) + xk31 + ti32) >> 28U);
+ vb32 +
+ ((va31 + (vb32 ^ (vc32 ^ vd32)) + xk31 + ti32) << 4U |
+ (va31 + (vb32 ^ (vc32 ^ vd32)) + xk31 + ti32) >> 28U);
abcd[0U] = v31;
uint32_t va32 = abcd[3U];
uint32_t vb33 = abcd[0U];
@@ -594,11 +528,9 @@ static void update(uint32_t *abcd, uint8_t *x)
uint32_t ti33 = _t[33U];
uint32_t
v32 =
- vb33
- +
- ((va32 + (vb33 ^ (vc33 ^ vd33)) + xk32 + ti33)
- << 11U
- | (va32 + (vb33 ^ (vc33 ^ vd33)) + xk32 + ti33) >> 21U);
+ vb33 +
+ ((va32 + (vb33 ^ (vc33 ^ vd33)) + xk32 + ti33) << 11U |
+ (va32 + (vb33 ^ (vc33 ^ vd33)) + xk32 + ti33) >> 21U);
abcd[3U] = v32;
uint32_t va33 = abcd[2U];
uint32_t vb34 = abcd[3U];
@@ -610,11 +542,9 @@ static void update(uint32_t *abcd, uint8_t *x)
uint32_t ti34 = _t[34U];
uint32_t
v33 =
- vb34
- +
- ((va33 + (vb34 ^ (vc34 ^ vd34)) + xk33 + ti34)
- << 16U
- | (va33 + (vb34 ^ (vc34 ^ vd34)) + xk33 + ti34) >> 16U);
+ vb34 +
+ ((va33 + (vb34 ^ (vc34 ^ vd34)) + xk33 + ti34) << 16U |
+ (va33 + (vb34 ^ (vc34 ^ vd34)) + xk33 + ti34) >> 16U);
abcd[2U] = v33;
uint32_t va34 = abcd[1U];
uint32_t vb35 = abcd[2U];
@@ -626,11 +556,9 @@ static void update(uint32_t *abcd, uint8_t *x)
uint32_t ti35 = _t[35U];
uint32_t
v34 =
- vb35
- +
- ((va34 + (vb35 ^ (vc35 ^ vd35)) + xk34 + ti35)
- << 23U
- | (va34 + (vb35 ^ (vc35 ^ vd35)) + xk34 + ti35) >> 9U);
+ vb35 +
+ ((va34 + (vb35 ^ (vc35 ^ vd35)) + xk34 + ti35) << 23U |
+ (va34 + (vb35 ^ (vc35 ^ vd35)) + xk34 + ti35) >> 9U);
abcd[1U] = v34;
uint32_t va35 = abcd[0U];
uint32_t vb36 = abcd[1U];
@@ -642,11 +570,9 @@ static void update(uint32_t *abcd, uint8_t *x)
uint32_t ti36 = _t[36U];
uint32_t
v35 =
- vb36
- +
- ((va35 + (vb36 ^ (vc36 ^ vd36)) + xk35 + ti36)
- << 4U
- | (va35 + (vb36 ^ (vc36 ^ vd36)) + xk35 + ti36) >> 28U);
+ vb36 +
+ ((va35 + (vb36 ^ (vc36 ^ vd36)) + xk35 + ti36) << 4U |
+ (va35 + (vb36 ^ (vc36 ^ vd36)) + xk35 + ti36) >> 28U);
abcd[0U] = v35;
uint32_t va36 = abcd[3U];
uint32_t vb37 = abcd[0U];
@@ -658,11 +584,9 @@ static void update(uint32_t *abcd, uint8_t *x)
uint32_t ti37 = _t[37U];
uint32_t
v36 =
- vb37
- +
- ((va36 + (vb37 ^ (vc37 ^ vd37)) + xk36 + ti37)
- << 11U
- | (va36 + (vb37 ^ (vc37 ^ vd37)) + xk36 + ti37) >> 21U);
+ vb37 +
+ ((va36 + (vb37 ^ (vc37 ^ vd37)) + xk36 + ti37) << 11U |
+ (va36 + (vb37 ^ (vc37 ^ vd37)) + xk36 + ti37) >> 21U);
abcd[3U] = v36;
uint32_t va37 = abcd[2U];
uint32_t vb38 = abcd[3U];
@@ -674,11 +598,9 @@ static void update(uint32_t *abcd, uint8_t *x)
uint32_t ti38 = _t[38U];
uint32_t
v37 =
- vb38
- +
- ((va37 + (vb38 ^ (vc38 ^ vd38)) + xk37 + ti38)
- << 16U
- | (va37 + (vb38 ^ (vc38 ^ vd38)) + xk37 + ti38) >> 16U);
+ vb38 +
+ ((va37 + (vb38 ^ (vc38 ^ vd38)) + xk37 + ti38) << 16U |
+ (va37 + (vb38 ^ (vc38 ^ vd38)) + xk37 + ti38) >> 16U);
abcd[2U] = v37;
uint32_t va38 = abcd[1U];
uint32_t vb39 = abcd[2U];
@@ -690,11 +612,9 @@ static void update(uint32_t *abcd, uint8_t *x)
uint32_t ti39 = _t[39U];
uint32_t
v38 =
- vb39
- +
- ((va38 + (vb39 ^ (vc39 ^ vd39)) + xk38 + ti39)
- << 23U
- | (va38 + (vb39 ^ (vc39 ^ vd39)) + xk38 + ti39) >> 9U);
+ vb39 +
+ ((va38 + (vb39 ^ (vc39 ^ vd39)) + xk38 + ti39) << 23U |
+ (va38 + (vb39 ^ (vc39 ^ vd39)) + xk38 + ti39) >> 9U);
abcd[1U] = v38;
uint32_t va39 = abcd[0U];
uint32_t vb40 = abcd[1U];
@@ -706,11 +626,9 @@ static void update(uint32_t *abcd, uint8_t *x)
uint32_t ti40 = _t[40U];
uint32_t
v39 =
- vb40
- +
- ((va39 + (vb40 ^ (vc40 ^ vd40)) + xk39 + ti40)
- << 4U
- | (va39 + (vb40 ^ (vc40 ^ vd40)) + xk39 + ti40) >> 28U);
+ vb40 +
+ ((va39 + (vb40 ^ (vc40 ^ vd40)) + xk39 + ti40) << 4U |
+ (va39 + (vb40 ^ (vc40 ^ vd40)) + xk39 + ti40) >> 28U);
abcd[0U] = v39;
uint32_t va40 = abcd[3U];
uint32_t vb41 = abcd[0U];
@@ -722,11 +640,9 @@ static void update(uint32_t *abcd, uint8_t *x)
uint32_t ti41 = _t[41U];
uint32_t
v40 =
- vb41
- +
- ((va40 + (vb41 ^ (vc41 ^ vd41)) + xk40 + ti41)
- << 11U
- | (va40 + (vb41 ^ (vc41 ^ vd41)) + xk40 + ti41) >> 21U);
+ vb41 +
+ ((va40 + (vb41 ^ (vc41 ^ vd41)) + xk40 + ti41) << 11U |
+ (va40 + (vb41 ^ (vc41 ^ vd41)) + xk40 + ti41) >> 21U);
abcd[3U] = v40;
uint32_t va41 = abcd[2U];
uint32_t vb42 = abcd[3U];
@@ -738,11 +654,9 @@ static void update(uint32_t *abcd, uint8_t *x)
uint32_t ti42 = _t[42U];
uint32_t
v41 =
- vb42
- +
- ((va41 + (vb42 ^ (vc42 ^ vd42)) + xk41 + ti42)
- << 16U
- | (va41 + (vb42 ^ (vc42 ^ vd42)) + xk41 + ti42) >> 16U);
+ vb42 +
+ ((va41 + (vb42 ^ (vc42 ^ vd42)) + xk41 + ti42) << 16U |
+ (va41 + (vb42 ^ (vc42 ^ vd42)) + xk41 + ti42) >> 16U);
abcd[2U] = v41;
uint32_t va42 = abcd[1U];
uint32_t vb43 = abcd[2U];
@@ -754,11 +668,9 @@ static void update(uint32_t *abcd, uint8_t *x)
uint32_t ti43 = _t[43U];
uint32_t
v42 =
- vb43
- +
- ((va42 + (vb43 ^ (vc43 ^ vd43)) + xk42 + ti43)
- << 23U
- | (va42 + (vb43 ^ (vc43 ^ vd43)) + xk42 + ti43) >> 9U);
+ vb43 +
+ ((va42 + (vb43 ^ (vc43 ^ vd43)) + xk42 + ti43) << 23U |
+ (va42 + (vb43 ^ (vc43 ^ vd43)) + xk42 + ti43) >> 9U);
abcd[1U] = v42;
uint32_t va43 = abcd[0U];
uint32_t vb44 = abcd[1U];
@@ -770,11 +682,9 @@ static void update(uint32_t *abcd, uint8_t *x)
uint32_t ti44 = _t[44U];
uint32_t
v43 =
- vb44
- +
- ((va43 + (vb44 ^ (vc44 ^ vd44)) + xk43 + ti44)
- << 4U
- | (va43 + (vb44 ^ (vc44 ^ vd44)) + xk43 + ti44) >> 28U);
+ vb44 +
+ ((va43 + (vb44 ^ (vc44 ^ vd44)) + xk43 + ti44) << 4U |
+ (va43 + (vb44 ^ (vc44 ^ vd44)) + xk43 + ti44) >> 28U);
abcd[0U] = v43;
uint32_t va44 = abcd[3U];
uint32_t vb45 = abcd[0U];
@@ -786,11 +696,9 @@ static void update(uint32_t *abcd, uint8_t *x)
uint32_t ti45 = _t[45U];
uint32_t
v44 =
- vb45
- +
- ((va44 + (vb45 ^ (vc45 ^ vd45)) + xk44 + ti45)
- << 11U
- | (va44 + (vb45 ^ (vc45 ^ vd45)) + xk44 + ti45) >> 21U);
+ vb45 +
+ ((va44 + (vb45 ^ (vc45 ^ vd45)) + xk44 + ti45) << 11U |
+ (va44 + (vb45 ^ (vc45 ^ vd45)) + xk44 + ti45) >> 21U);
abcd[3U] = v44;
uint32_t va45 = abcd[2U];
uint32_t vb46 = abcd[3U];
@@ -802,11 +710,9 @@ static void update(uint32_t *abcd, uint8_t *x)
uint32_t ti46 = _t[46U];
uint32_t
v45 =
- vb46
- +
- ((va45 + (vb46 ^ (vc46 ^ vd46)) + xk45 + ti46)
- << 16U
- | (va45 + (vb46 ^ (vc46 ^ vd46)) + xk45 + ti46) >> 16U);
+ vb46 +
+ ((va45 + (vb46 ^ (vc46 ^ vd46)) + xk45 + ti46) << 16U |
+ (va45 + (vb46 ^ (vc46 ^ vd46)) + xk45 + ti46) >> 16U);
abcd[2U] = v45;
uint32_t va46 = abcd[1U];
uint32_t vb47 = abcd[2U];
@@ -818,11 +724,9 @@ static void update(uint32_t *abcd, uint8_t *x)
uint32_t ti47 = _t[47U];
uint32_t
v46 =
- vb47
- +
- ((va46 + (vb47 ^ (vc47 ^ vd47)) + xk46 + ti47)
- << 23U
- | (va46 + (vb47 ^ (vc47 ^ vd47)) + xk46 + ti47) >> 9U);
+ vb47 +
+ ((va46 + (vb47 ^ (vc47 ^ vd47)) + xk46 + ti47) << 23U |
+ (va46 + (vb47 ^ (vc47 ^ vd47)) + xk46 + ti47) >> 9U);
abcd[1U] = v46;
uint32_t va47 = abcd[0U];
uint32_t vb48 = abcd[1U];
@@ -834,11 +738,9 @@ static void update(uint32_t *abcd, uint8_t *x)
uint32_t ti48 = _t[48U];
uint32_t
v47 =
- vb48
- +
- ((va47 + (vc48 ^ (vb48 | ~vd48)) + xk47 + ti48)
- << 6U
- | (va47 + (vc48 ^ (vb48 | ~vd48)) + xk47 + ti48) >> 26U);
+ vb48 +
+ ((va47 + (vc48 ^ (vb48 | ~vd48)) + xk47 + ti48) << 6U |
+ (va47 + (vc48 ^ (vb48 | ~vd48)) + xk47 + ti48) >> 26U);
abcd[0U] = v47;
uint32_t va48 = abcd[3U];
uint32_t vb49 = abcd[0U];
@@ -850,11 +752,9 @@ static void update(uint32_t *abcd, uint8_t *x)
uint32_t ti49 = _t[49U];
uint32_t
v48 =
- vb49
- +
- ((va48 + (vc49 ^ (vb49 | ~vd49)) + xk48 + ti49)
- << 10U
- | (va48 + (vc49 ^ (vb49 | ~vd49)) + xk48 + ti49) >> 22U);
+ vb49 +
+ ((va48 + (vc49 ^ (vb49 | ~vd49)) + xk48 + ti49) << 10U |
+ (va48 + (vc49 ^ (vb49 | ~vd49)) + xk48 + ti49) >> 22U);
abcd[3U] = v48;
uint32_t va49 = abcd[2U];
uint32_t vb50 = abcd[3U];
@@ -866,11 +766,9 @@ static void update(uint32_t *abcd, uint8_t *x)
uint32_t ti50 = _t[50U];
uint32_t
v49 =
- vb50
- +
- ((va49 + (vc50 ^ (vb50 | ~vd50)) + xk49 + ti50)
- << 15U
- | (va49 + (vc50 ^ (vb50 | ~vd50)) + xk49 + ti50) >> 17U);
+ vb50 +
+ ((va49 + (vc50 ^ (vb50 | ~vd50)) + xk49 + ti50) << 15U |
+ (va49 + (vc50 ^ (vb50 | ~vd50)) + xk49 + ti50) >> 17U);
abcd[2U] = v49;
uint32_t va50 = abcd[1U];
uint32_t vb51 = abcd[2U];
@@ -882,11 +780,9 @@ static void update(uint32_t *abcd, uint8_t *x)
uint32_t ti51 = _t[51U];
uint32_t
v50 =
- vb51
- +
- ((va50 + (vc51 ^ (vb51 | ~vd51)) + xk50 + ti51)
- << 21U
- | (va50 + (vc51 ^ (vb51 | ~vd51)) + xk50 + ti51) >> 11U);
+ vb51 +
+ ((va50 + (vc51 ^ (vb51 | ~vd51)) + xk50 + ti51) << 21U |
+ (va50 + (vc51 ^ (vb51 | ~vd51)) + xk50 + ti51) >> 11U);
abcd[1U] = v50;
uint32_t va51 = abcd[0U];
uint32_t vb52 = abcd[1U];
@@ -898,11 +794,9 @@ static void update(uint32_t *abcd, uint8_t *x)
uint32_t ti52 = _t[52U];
uint32_t
v51 =
- vb52
- +
- ((va51 + (vc52 ^ (vb52 | ~vd52)) + xk51 + ti52)
- << 6U
- | (va51 + (vc52 ^ (vb52 | ~vd52)) + xk51 + ti52) >> 26U);
+ vb52 +
+ ((va51 + (vc52 ^ (vb52 | ~vd52)) + xk51 + ti52) << 6U |
+ (va51 + (vc52 ^ (vb52 | ~vd52)) + xk51 + ti52) >> 26U);
abcd[0U] = v51;
uint32_t va52 = abcd[3U];
uint32_t vb53 = abcd[0U];
@@ -914,11 +808,9 @@ static void update(uint32_t *abcd, uint8_t *x)
uint32_t ti53 = _t[53U];
uint32_t
v52 =
- vb53
- +
- ((va52 + (vc53 ^ (vb53 | ~vd53)) + xk52 + ti53)
- << 10U
- | (va52 + (vc53 ^ (vb53 | ~vd53)) + xk52 + ti53) >> 22U);
+ vb53 +
+ ((va52 + (vc53 ^ (vb53 | ~vd53)) + xk52 + ti53) << 10U |
+ (va52 + (vc53 ^ (vb53 | ~vd53)) + xk52 + ti53) >> 22U);
abcd[3U] = v52;
uint32_t va53 = abcd[2U];
uint32_t vb54 = abcd[3U];
@@ -930,11 +822,9 @@ static void update(uint32_t *abcd, uint8_t *x)
uint32_t ti54 = _t[54U];
uint32_t
v53 =
- vb54
- +
- ((va53 + (vc54 ^ (vb54 | ~vd54)) + xk53 + ti54)
- << 15U
- | (va53 + (vc54 ^ (vb54 | ~vd54)) + xk53 + ti54) >> 17U);
+ vb54 +
+ ((va53 + (vc54 ^ (vb54 | ~vd54)) + xk53 + ti54) << 15U |
+ (va53 + (vc54 ^ (vb54 | ~vd54)) + xk53 + ti54) >> 17U);
abcd[2U] = v53;
uint32_t va54 = abcd[1U];
uint32_t vb55 = abcd[2U];
@@ -946,11 +836,9 @@ static void update(uint32_t *abcd, uint8_t *x)
uint32_t ti55 = _t[55U];
uint32_t
v54 =
- vb55
- +
- ((va54 + (vc55 ^ (vb55 | ~vd55)) + xk54 + ti55)
- << 21U
- | (va54 + (vc55 ^ (vb55 | ~vd55)) + xk54 + ti55) >> 11U);
+ vb55 +
+ ((va54 + (vc55 ^ (vb55 | ~vd55)) + xk54 + ti55) << 21U |
+ (va54 + (vc55 ^ (vb55 | ~vd55)) + xk54 + ti55) >> 11U);
abcd[1U] = v54;
uint32_t va55 = abcd[0U];
uint32_t vb56 = abcd[1U];
@@ -962,11 +850,9 @@ static void update(uint32_t *abcd, uint8_t *x)
uint32_t ti56 = _t[56U];
uint32_t
v55 =
- vb56
- +
- ((va55 + (vc56 ^ (vb56 | ~vd56)) + xk55 + ti56)
- << 6U
- | (va55 + (vc56 ^ (vb56 | ~vd56)) + xk55 + ti56) >> 26U);
+ vb56 +
+ ((va55 + (vc56 ^ (vb56 | ~vd56)) + xk55 + ti56) << 6U |
+ (va55 + (vc56 ^ (vb56 | ~vd56)) + xk55 + ti56) >> 26U);
abcd[0U] = v55;
uint32_t va56 = abcd[3U];
uint32_t vb57 = abcd[0U];
@@ -978,11 +864,9 @@ static void update(uint32_t *abcd, uint8_t *x)
uint32_t ti57 = _t[57U];
uint32_t
v56 =
- vb57
- +
- ((va56 + (vc57 ^ (vb57 | ~vd57)) + xk56 + ti57)
- << 10U
- | (va56 + (vc57 ^ (vb57 | ~vd57)) + xk56 + ti57) >> 22U);
+ vb57 +
+ ((va56 + (vc57 ^ (vb57 | ~vd57)) + xk56 + ti57) << 10U |
+ (va56 + (vc57 ^ (vb57 | ~vd57)) + xk56 + ti57) >> 22U);
abcd[3U] = v56;
uint32_t va57 = abcd[2U];
uint32_t vb58 = abcd[3U];
@@ -994,11 +878,9 @@ static void update(uint32_t *abcd, uint8_t *x)
uint32_t ti58 = _t[58U];
uint32_t
v57 =
- vb58
- +
- ((va57 + (vc58 ^ (vb58 | ~vd58)) + xk57 + ti58)
- << 15U
- | (va57 + (vc58 ^ (vb58 | ~vd58)) + xk57 + ti58) >> 17U);
+ vb58 +
+ ((va57 + (vc58 ^ (vb58 | ~vd58)) + xk57 + ti58) << 15U |
+ (va57 + (vc58 ^ (vb58 | ~vd58)) + xk57 + ti58) >> 17U);
abcd[2U] = v57;
uint32_t va58 = abcd[1U];
uint32_t vb59 = abcd[2U];
@@ -1010,11 +892,9 @@ static void update(uint32_t *abcd, uint8_t *x)
uint32_t ti59 = _t[59U];
uint32_t
v58 =
- vb59
- +
- ((va58 + (vc59 ^ (vb59 | ~vd59)) + xk58 + ti59)
- << 21U
- | (va58 + (vc59 ^ (vb59 | ~vd59)) + xk58 + ti59) >> 11U);
+ vb59 +
+ ((va58 + (vc59 ^ (vb59 | ~vd59)) + xk58 + ti59) << 21U |
+ (va58 + (vc59 ^ (vb59 | ~vd59)) + xk58 + ti59) >> 11U);
abcd[1U] = v58;
uint32_t va59 = abcd[0U];
uint32_t vb60 = abcd[1U];
@@ -1026,11 +906,9 @@ static void update(uint32_t *abcd, uint8_t *x)
uint32_t ti60 = _t[60U];
uint32_t
v59 =
- vb60
- +
- ((va59 + (vc60 ^ (vb60 | ~vd60)) + xk59 + ti60)
- << 6U
- | (va59 + (vc60 ^ (vb60 | ~vd60)) + xk59 + ti60) >> 26U);
+ vb60 +
+ ((va59 + (vc60 ^ (vb60 | ~vd60)) + xk59 + ti60) << 6U |
+ (va59 + (vc60 ^ (vb60 | ~vd60)) + xk59 + ti60) >> 26U);
abcd[0U] = v59;
uint32_t va60 = abcd[3U];
uint32_t vb61 = abcd[0U];
@@ -1042,11 +920,9 @@ static void update(uint32_t *abcd, uint8_t *x)
uint32_t ti61 = _t[61U];
uint32_t
v60 =
- vb61
- +
- ((va60 + (vc61 ^ (vb61 | ~vd61)) + xk60 + ti61)
- << 10U
- | (va60 + (vc61 ^ (vb61 | ~vd61)) + xk60 + ti61) >> 22U);
+ vb61 +
+ ((va60 + (vc61 ^ (vb61 | ~vd61)) + xk60 + ti61) << 10U |
+ (va60 + (vc61 ^ (vb61 | ~vd61)) + xk60 + ti61) >> 22U);
abcd[3U] = v60;
uint32_t va61 = abcd[2U];
uint32_t vb62 = abcd[3U];
@@ -1058,11 +934,9 @@ static void update(uint32_t *abcd, uint8_t *x)
uint32_t ti62 = _t[62U];
uint32_t
v61 =
- vb62
- +
- ((va61 + (vc62 ^ (vb62 | ~vd62)) + xk61 + ti62)
- << 15U
- | (va61 + (vc62 ^ (vb62 | ~vd62)) + xk61 + ti62) >> 17U);
+ vb62 +
+ ((va61 + (vc62 ^ (vb62 | ~vd62)) + xk61 + ti62) << 15U |
+ (va61 + (vc62 ^ (vb62 | ~vd62)) + xk61 + ti62) >> 17U);
abcd[2U] = v61;
uint32_t va62 = abcd[1U];
uint32_t vb = abcd[2U];
@@ -1074,11 +948,8 @@ static void update(uint32_t *abcd, uint8_t *x)
uint32_t ti = _t[63U];
uint32_t
v62 =
- vb
- +
- ((va62 + (vc ^ (vb | ~vd)) + xk62 + ti)
- << 21U
- | (va62 + (vc ^ (vb | ~vd)) + xk62 + ti) >> 11U);
+ vb +
+ ((va62 + (vc ^ (vb | ~vd)) + xk62 + ti) << 21U | (va62 + (vc ^ (vb | ~vd)) + xk62 + ti) >> 11U);
abcd[1U] = v62;
uint32_t a = abcd[0U];
uint32_t b = abcd[1U];
@@ -1282,8 +1153,7 @@ Hacl_Hash_MD5_update(Hacl_Streaming_MD_state_32 *state, uint8_t *chunk, uint32_t
uint8_t *buf2 = buf + sz1;
memcpy(buf2, chunk, chunk_len * sizeof (uint8_t));
uint64_t total_len2 = total_len1 + (uint64_t)chunk_len;
- *state
- =
+ *state =
(
(Hacl_Streaming_MD_state_32){
.block_state = block_state1,
@@ -1328,8 +1198,7 @@ Hacl_Hash_MD5_update(Hacl_Streaming_MD_state_32 *state, uint8_t *chunk, uint32_t
Hacl_Hash_MD5_update_multi(block_state1, data1, data1_len / 64U);
uint8_t *dst = buf;
memcpy(dst, data2, data2_len * sizeof (uint8_t));
- *state
- =
+ *state =
(
(Hacl_Streaming_MD_state_32){
.block_state = block_state1,
@@ -1359,8 +1228,7 @@ Hacl_Hash_MD5_update(Hacl_Streaming_MD_state_32 *state, uint8_t *chunk, uint32_t
uint8_t *buf2 = buf0 + sz10;
memcpy(buf2, chunk1, diff * sizeof (uint8_t));
uint64_t total_len2 = total_len10 + (uint64_t)diff;
- *state
- =
+ *state =
(
(Hacl_Streaming_MD_state_32){
.block_state = block_state10,
@@ -1403,8 +1271,7 @@ Hacl_Hash_MD5_update(Hacl_Streaming_MD_state_32 *state, uint8_t *chunk, uint32_t
Hacl_Hash_MD5_update_multi(block_state1, data1, data1_len / 64U);
uint8_t *dst = buf;
memcpy(dst, data2, data2_len * sizeof (uint8_t));
- *state
- =
+ *state =
(
(Hacl_Streaming_MD_state_32){
.block_state = block_state1,
diff --git a/Modules/_hacl/Hacl_Hash_SHA1.c b/Modules/_hacl/Hacl_Hash_SHA1.c
index 508e447bf27..97bd4f2204c 100644
--- a/Modules/_hacl/Hacl_Hash_SHA1.c
+++ b/Modules/_hacl/Hacl_Hash_SHA1.c
@@ -315,8 +315,7 @@ Hacl_Hash_SHA1_update(Hacl_Streaming_MD_state_32 *state, uint8_t *chunk, uint32_
uint8_t *buf2 = buf + sz1;
memcpy(buf2, chunk, chunk_len * sizeof (uint8_t));
uint64_t total_len2 = total_len1 + (uint64_t)chunk_len;
- *state
- =
+ *state =
(
(Hacl_Streaming_MD_state_32){
.block_state = block_state1,
@@ -361,8 +360,7 @@ Hacl_Hash_SHA1_update(Hacl_Streaming_MD_state_32 *state, uint8_t *chunk, uint32_
Hacl_Hash_SHA1_update_multi(block_state1, data1, data1_len / 64U);
uint8_t *dst = buf;
memcpy(dst, data2, data2_len * sizeof (uint8_t));
- *state
- =
+ *state =
(
(Hacl_Streaming_MD_state_32){
.block_state = block_state1,
@@ -392,8 +390,7 @@ Hacl_Hash_SHA1_update(Hacl_Streaming_MD_state_32 *state, uint8_t *chunk, uint32_
uint8_t *buf2 = buf0 + sz10;
memcpy(buf2, chunk1, diff * sizeof (uint8_t));
uint64_t total_len2 = total_len10 + (uint64_t)diff;
- *state
- =
+ *state =
(
(Hacl_Streaming_MD_state_32){
.block_state = block_state10,
@@ -436,8 +433,7 @@ Hacl_Hash_SHA1_update(Hacl_Streaming_MD_state_32 *state, uint8_t *chunk, uint32_
Hacl_Hash_SHA1_update_multi(block_state1, data1, data1_len / 64U);
uint8_t *dst = buf;
memcpy(dst, data2, data2_len * sizeof (uint8_t));
- *state
- =
+ *state =
(
(Hacl_Streaming_MD_state_32){
.block_state = block_state1,
diff --git a/Modules/_hacl/Hacl_Hash_SHA2.c b/Modules/_hacl/Hacl_Hash_SHA2.c
index d612bafa72c..d2ee0c9ef51 100644
--- a/Modules/_hacl/Hacl_Hash_SHA2.c
+++ b/Modules/_hacl/Hacl_Hash_SHA2.c
@@ -100,15 +100,14 @@ static inline void sha256_update(uint8_t *b, uint32_t *hash)
uint32_t k_e_t = k_t;
uint32_t
t1 =
- h02
- + ((e0 << 26U | e0 >> 6U) ^ ((e0 << 21U | e0 >> 11U) ^ (e0 << 7U | e0 >> 25U)))
- + ((e0 & f0) ^ (~e0 & g0))
+ h02 + ((e0 << 26U | e0 >> 6U) ^ ((e0 << 21U | e0 >> 11U) ^ (e0 << 7U | e0 >> 25U))) +
+ ((e0 & f0) ^ (~e0 & g0))
+ k_e_t
+ ws_t;
uint32_t
t2 =
- ((a0 << 30U | a0 >> 2U) ^ ((a0 << 19U | a0 >> 13U) ^ (a0 << 10U | a0 >> 22U)))
- + ((a0 & b0) ^ ((a0 & c0) ^ (b0 & c0)));
+ ((a0 << 30U | a0 >> 2U) ^ ((a0 << 19U | a0 >> 13U) ^ (a0 << 10U | a0 >> 22U))) +
+ ((a0 & b0) ^ ((a0 & c0) ^ (b0 & c0)));
uint32_t a1 = t1 + t2;
uint32_t b1 = a0;
uint32_t c1 = b0;
@@ -301,15 +300,14 @@ static inline void sha512_update(uint8_t *b, uint64_t *hash)
uint64_t k_e_t = k_t;
uint64_t
t1 =
- h02
- + ((e0 << 50U | e0 >> 14U) ^ ((e0 << 46U | e0 >> 18U) ^ (e0 << 23U | e0 >> 41U)))
- + ((e0 & f0) ^ (~e0 & g0))
+ h02 + ((e0 << 50U | e0 >> 14U) ^ ((e0 << 46U | e0 >> 18U) ^ (e0 << 23U | e0 >> 41U))) +
+ ((e0 & f0) ^ (~e0 & g0))
+ k_e_t
+ ws_t;
uint64_t
t2 =
- ((a0 << 36U | a0 >> 28U) ^ ((a0 << 30U | a0 >> 34U) ^ (a0 << 25U | a0 >> 39U)))
- + ((a0 & b0) ^ ((a0 & c0) ^ (b0 & c0)));
+ ((a0 << 36U | a0 >> 28U) ^ ((a0 << 30U | a0 >> 34U) ^ (a0 << 25U | a0 >> 39U))) +
+ ((a0 & b0) ^ ((a0 & c0) ^ (b0 & c0)));
uint64_t a1 = t1 + t2;
uint64_t b1 = a0;
uint64_t c1 = b0;
@@ -639,8 +637,7 @@ update_224_256(Hacl_Streaming_MD_state_32 *state, uint8_t *chunk, uint32_t chunk
uint8_t *buf2 = buf + sz1;
memcpy(buf2, chunk, chunk_len * sizeof (uint8_t));
uint64_t total_len2 = total_len1 + (uint64_t)chunk_len;
- *state
- =
+ *state =
(
(Hacl_Streaming_MD_state_32){
.block_state = block_state1,
@@ -685,8 +682,7 @@ update_224_256(Hacl_Streaming_MD_state_32 *state, uint8_t *chunk, uint32_t chunk
Hacl_Hash_SHA2_sha256_update_nblocks(data1_len / 64U * 64U, data1, block_state1);
uint8_t *dst = buf;
memcpy(dst, data2, data2_len * sizeof (uint8_t));
- *state
- =
+ *state =
(
(Hacl_Streaming_MD_state_32){
.block_state = block_state1,
@@ -716,8 +712,7 @@ update_224_256(Hacl_Streaming_MD_state_32 *state, uint8_t *chunk, uint32_t chunk
uint8_t *buf2 = buf0 + sz10;
memcpy(buf2, chunk1, diff * sizeof (uint8_t));
uint64_t total_len2 = total_len10 + (uint64_t)diff;
- *state
- =
+ *state =
(
(Hacl_Streaming_MD_state_32){
.block_state = block_state10,
@@ -760,8 +755,7 @@ update_224_256(Hacl_Streaming_MD_state_32 *state, uint8_t *chunk, uint32_t chunk
Hacl_Hash_SHA2_sha256_update_nblocks(data1_len / 64U * 64U, data1, block_state1);
uint8_t *dst = buf;
memcpy(dst, data2, data2_len * sizeof (uint8_t));
- *state
- =
+ *state =
(
(Hacl_Streaming_MD_state_32){
.block_state = block_state1,
@@ -1205,8 +1199,7 @@ update_384_512(Hacl_Streaming_MD_state_64 *state, uint8_t *chunk, uint32_t chunk
uint8_t *buf2 = buf + sz1;
memcpy(buf2, chunk, chunk_len * sizeof (uint8_t));
uint64_t total_len2 = total_len1 + (uint64_t)chunk_len;
- *state
- =
+ *state =
(
(Hacl_Streaming_MD_state_64){
.block_state = block_state1,
@@ -1251,8 +1244,7 @@ update_384_512(Hacl_Streaming_MD_state_64 *state, uint8_t *chunk, uint32_t chunk
Hacl_Hash_SHA2_sha512_update_nblocks(data1_len / 128U * 128U, data1, block_state1);
uint8_t *dst = buf;
memcpy(dst, data2, data2_len * sizeof (uint8_t));
- *state
- =
+ *state =
(
(Hacl_Streaming_MD_state_64){
.block_state = block_state1,
@@ -1282,8 +1274,7 @@ update_384_512(Hacl_Streaming_MD_state_64 *state, uint8_t *chunk, uint32_t chunk
uint8_t *buf2 = buf0 + sz10;
memcpy(buf2, chunk1, diff * sizeof (uint8_t));
uint64_t total_len2 = total_len10 + (uint64_t)diff;
- *state
- =
+ *state =
(
(Hacl_Streaming_MD_state_64){
.block_state = block_state10,
@@ -1326,8 +1317,7 @@ update_384_512(Hacl_Streaming_MD_state_64 *state, uint8_t *chunk, uint32_t chunk
Hacl_Hash_SHA2_sha512_update_nblocks(data1_len / 128U * 128U, data1, block_state1);
uint8_t *dst = buf;
memcpy(dst, data2, data2_len * sizeof (uint8_t));
- *state
- =
+ *state =
(
(Hacl_Streaming_MD_state_64){
.block_state = block_state1,
diff --git a/Modules/_hacl/Hacl_Hash_SHA3.c b/Modules/_hacl/Hacl_Hash_SHA3.c
index 87638df9549..466d2b96c0c 100644
--- a/Modules/_hacl/Hacl_Hash_SHA3.c
+++ b/Modules/_hacl/Hacl_Hash_SHA3.c
@@ -866,8 +866,7 @@ Hacl_Hash_SHA3_update(Hacl_Hash_SHA3_state_t *state, uint8_t *chunk, uint32_t ch
uint8_t *buf2 = buf + sz1;
memcpy(buf2, chunk, chunk_len * sizeof (uint8_t));
uint64_t total_len2 = total_len1 + (uint64_t)chunk_len;
- *state
- =
+ *state =
((Hacl_Hash_SHA3_state_t){ .block_state = block_state1, .buf = buf, .total_len = total_len2 });
}
else if (sz == 0U)
@@ -910,8 +909,7 @@ Hacl_Hash_SHA3_update(Hacl_Hash_SHA3_state_t *state, uint8_t *chunk, uint32_t ch
Hacl_Hash_SHA3_update_multi_sha3(a1, s2, data1, data1_len / block_len(a1));
uint8_t *dst = buf;
memcpy(dst, data2, data2_len * sizeof (uint8_t));
- *state
- =
+ *state =
(
(Hacl_Hash_SHA3_state_t){
.block_state = block_state1,
@@ -941,8 +939,7 @@ Hacl_Hash_SHA3_update(Hacl_Hash_SHA3_state_t *state, uint8_t *chunk, uint32_t ch
uint8_t *buf2 = buf0 + sz10;
memcpy(buf2, chunk1, diff * sizeof (uint8_t));
uint64_t total_len2 = total_len10 + (uint64_t)diff;
- *state
- =
+ *state =
(
(Hacl_Hash_SHA3_state_t){
.block_state = block_state10,
@@ -972,10 +969,8 @@ Hacl_Hash_SHA3_update(Hacl_Hash_SHA3_state_t *state, uint8_t *chunk, uint32_t ch
uint32_t ite;
if
(
- (uint64_t)(chunk_len - diff)
- % (uint64_t)block_len(i)
- == 0ULL
- && (uint64_t)(chunk_len - diff) > 0ULL
+ (uint64_t)(chunk_len - diff) % (uint64_t)block_len(i) == 0ULL &&
+ (uint64_t)(chunk_len - diff) > 0ULL
)
{
ite = block_len(i);
@@ -994,8 +989,7 @@ Hacl_Hash_SHA3_update(Hacl_Hash_SHA3_state_t *state, uint8_t *chunk, uint32_t ch
Hacl_Hash_SHA3_update_multi_sha3(a1, s2, data1, data1_len / block_len(a1));
uint8_t *dst = buf;
memcpy(dst, data2, data2_len * sizeof (uint8_t));
- *state
- =
+ *state =
(
(Hacl_Hash_SHA3_state_t){
.block_state = block_state1,
@@ -2422,9 +2416,7 @@ Hacl_Hash_SHA3_shake128_squeeze_nblocks(
5U,
1U,
_C[i] =
- state[i
- + 0U]
- ^ (state[i + 5U] ^ (state[i + 10U] ^ (state[i + 15U] ^ state[i + 20U]))););
+ state[i + 0U] ^ (state[i + 5U] ^ (state[i + 10U] ^ (state[i + 15U] ^ state[i + 20U]))););
KRML_MAYBE_FOR5(i2,
0U,
5U,
diff --git a/Modules/_hacl/Hacl_Streaming_HMAC.c b/Modules/_hacl/Hacl_Streaming_HMAC.c
index d28b39792af..8dd7e2c0bf3 100644
--- a/Modules/_hacl/Hacl_Streaming_HMAC.c
+++ b/Modules/_hacl/Hacl_Streaming_HMAC.c
@@ -198,8 +198,7 @@ static Hacl_Agile_Hash_state_s *malloc_(Hacl_Agile_Hash_impl a)
*st = (Hacl_Agile_Hash_state_s *)KRML_HOST_MALLOC(sizeof (Hacl_Agile_Hash_state_s));
if (st != NULL)
{
- st[0U]
- = ((Hacl_Agile_Hash_state_s){ .tag = Hacl_Agile_Hash_MD5_a, { .case_MD5_a = s1 } });
+ st[0U] = ((Hacl_Agile_Hash_state_s){ .tag = Hacl_Agile_Hash_MD5_a, { .case_MD5_a = s1 } });
}
if (st == NULL)
{
@@ -220,8 +219,8 @@ static Hacl_Agile_Hash_state_s *malloc_(Hacl_Agile_Hash_impl a)
*st = (Hacl_Agile_Hash_state_s *)KRML_HOST_MALLOC(sizeof (Hacl_Agile_Hash_state_s));
if (st != NULL)
{
- st[0U]
- = ((Hacl_Agile_Hash_state_s){ .tag = Hacl_Agile_Hash_SHA1_a, { .case_SHA1_a = s1 } });
+ st[0U] =
+ ((Hacl_Agile_Hash_state_s){ .tag = Hacl_Agile_Hash_SHA1_a, { .case_SHA1_a = s1 } });
}
if (st == NULL)
{
@@ -242,8 +241,7 @@ static Hacl_Agile_Hash_state_s *malloc_(Hacl_Agile_Hash_impl a)
*st = (Hacl_Agile_Hash_state_s *)KRML_HOST_MALLOC(sizeof (Hacl_Agile_Hash_state_s));
if (st != NULL)
{
- st[0U]
- =
+ st[0U] =
(
(Hacl_Agile_Hash_state_s){
.tag = Hacl_Agile_Hash_SHA2_224_a,
@@ -270,8 +268,7 @@ static Hacl_Agile_Hash_state_s *malloc_(Hacl_Agile_Hash_impl a)
*st = (Hacl_Agile_Hash_state_s *)KRML_HOST_MALLOC(sizeof (Hacl_Agile_Hash_state_s));
if (st != NULL)
{
- st[0U]
- =
+ st[0U] =
(
(Hacl_Agile_Hash_state_s){
.tag = Hacl_Agile_Hash_SHA2_256_a,
@@ -298,8 +295,7 @@ static Hacl_Agile_Hash_state_s *malloc_(Hacl_Agile_Hash_impl a)
*st = (Hacl_Agile_Hash_state_s *)KRML_HOST_MALLOC(sizeof (Hacl_Agile_Hash_state_s));
if (st != NULL)
{
- st[0U]
- =
+ st[0U] =
(
(Hacl_Agile_Hash_state_s){
.tag = Hacl_Agile_Hash_SHA2_384_a,
@@ -326,8 +322,7 @@ static Hacl_Agile_Hash_state_s *malloc_(Hacl_Agile_Hash_impl a)
*st = (Hacl_Agile_Hash_state_s *)KRML_HOST_MALLOC(sizeof (Hacl_Agile_Hash_state_s));
if (st != NULL)
{
- st[0U]
- =
+ st[0U] =
(
(Hacl_Agile_Hash_state_s){
.tag = Hacl_Agile_Hash_SHA2_512_a,
@@ -354,8 +349,7 @@ static Hacl_Agile_Hash_state_s *malloc_(Hacl_Agile_Hash_impl a)
*st = (Hacl_Agile_Hash_state_s *)KRML_HOST_MALLOC(sizeof (Hacl_Agile_Hash_state_s));
if (st != NULL)
{
- st[0U]
- =
+ st[0U] =
(
(Hacl_Agile_Hash_state_s){
.tag = Hacl_Agile_Hash_SHA3_224_a,
@@ -382,8 +376,7 @@ static Hacl_Agile_Hash_state_s *malloc_(Hacl_Agile_Hash_impl a)
*st = (Hacl_Agile_Hash_state_s *)KRML_HOST_MALLOC(sizeof (Hacl_Agile_Hash_state_s));
if (st != NULL)
{
- st[0U]
- =
+ st[0U] =
(
(Hacl_Agile_Hash_state_s){
.tag = Hacl_Agile_Hash_SHA3_256_a,
@@ -410,8 +403,7 @@ static Hacl_Agile_Hash_state_s *malloc_(Hacl_Agile_Hash_impl a)
*st = (Hacl_Agile_Hash_state_s *)KRML_HOST_MALLOC(sizeof (Hacl_Agile_Hash_state_s));
if (st != NULL)
{
- st[0U]
- =
+ st[0U] =
(
(Hacl_Agile_Hash_state_s){
.tag = Hacl_Agile_Hash_SHA3_384_a,
@@ -438,8 +430,7 @@ static Hacl_Agile_Hash_state_s *malloc_(Hacl_Agile_Hash_impl a)
*st = (Hacl_Agile_Hash_state_s *)KRML_HOST_MALLOC(sizeof (Hacl_Agile_Hash_state_s));
if (st != NULL)
{
- st[0U]
- =
+ st[0U] =
(
(Hacl_Agile_Hash_state_s){
.tag = Hacl_Agile_Hash_SHA3_512_a,
@@ -466,8 +457,7 @@ static Hacl_Agile_Hash_state_s *malloc_(Hacl_Agile_Hash_impl a)
*st = (Hacl_Agile_Hash_state_s *)KRML_HOST_MALLOC(sizeof (Hacl_Agile_Hash_state_s));
if (st != NULL)
{
- st[0U]
- =
+ st[0U] =
(
(Hacl_Agile_Hash_state_s){
.tag = Hacl_Agile_Hash_Blake2S_a,
@@ -495,8 +485,7 @@ static Hacl_Agile_Hash_state_s *malloc_(Hacl_Agile_Hash_impl a)
*st = (Hacl_Agile_Hash_state_s *)KRML_HOST_MALLOC(sizeof (Hacl_Agile_Hash_state_s));
if (st != NULL)
{
- st[0U]
- =
+ st[0U] =
(
(Hacl_Agile_Hash_state_s){
.tag = Hacl_Agile_Hash_Blake2S_128_a,
@@ -531,8 +520,7 @@ static Hacl_Agile_Hash_state_s *malloc_(Hacl_Agile_Hash_impl a)
*st = (Hacl_Agile_Hash_state_s *)KRML_HOST_MALLOC(sizeof (Hacl_Agile_Hash_state_s));
if (st != NULL)
{
- st[0U]
- =
+ st[0U] =
(
(Hacl_Agile_Hash_state_s){
.tag = Hacl_Agile_Hash_Blake2B_a,
@@ -560,8 +548,7 @@ static Hacl_Agile_Hash_state_s *malloc_(Hacl_Agile_Hash_impl a)
*st = (Hacl_Agile_Hash_state_s *)KRML_HOST_MALLOC(sizeof (Hacl_Agile_Hash_state_s));
if (st != NULL)
{
- st[0U]
- =
+ st[0U] =
(
(Hacl_Agile_Hash_state_s){
.tag = Hacl_Agile_Hash_Blake2B_256_a,
@@ -2059,8 +2046,8 @@ Hacl_Streaming_HMAC_update(
Hacl_Streaming_HMAC_Definitions_index i1 = Hacl_Streaming_HMAC_index_of_state(block_state);
if
(
- (uint64_t)chunk_len
- > max_input_len64(alg_of_impl(dfst__Hacl_Agile_Hash_impl_uint32_t(i1))) - total_len
+ (uint64_t)chunk_len >
+ max_input_len64(alg_of_impl(dfst__Hacl_Agile_Hash_impl_uint32_t(i1))) - total_len
)
{
return Hacl_Streaming_Types_MaximumLengthExceeded;
@@ -2068,9 +2055,7 @@ Hacl_Streaming_HMAC_update(
uint32_t sz;
if
(
- total_len
- % (uint64_t)block_len(alg_of_impl(dfst__Hacl_Agile_Hash_impl_uint32_t(i1)))
- == 0ULL
+ total_len % (uint64_t)block_len(alg_of_impl(dfst__Hacl_Agile_Hash_impl_uint32_t(i1))) == 0ULL
&& total_len > 0ULL
)
{
@@ -2079,8 +2064,8 @@ Hacl_Streaming_HMAC_update(
else
{
sz =
- (uint32_t)(total_len
- % (uint64_t)block_len(alg_of_impl(dfst__Hacl_Agile_Hash_impl_uint32_t(i1))));
+ (uint32_t)(total_len %
+ (uint64_t)block_len(alg_of_impl(dfst__Hacl_Agile_Hash_impl_uint32_t(i1))));
}
if (chunk_len <= block_len(alg_of_impl(dfst__Hacl_Agile_Hash_impl_uint32_t(i1))) - sz)
{
@@ -2091,9 +2076,7 @@ Hacl_Streaming_HMAC_update(
uint32_t sz1;
if
(
- total_len1
- % (uint64_t)block_len(alg_of_impl(dfst__Hacl_Agile_Hash_impl_uint32_t(i1)))
- == 0ULL
+ total_len1 % (uint64_t)block_len(alg_of_impl(dfst__Hacl_Agile_Hash_impl_uint32_t(i1))) == 0ULL
&& total_len1 > 0ULL
)
{
@@ -2102,14 +2085,13 @@ Hacl_Streaming_HMAC_update(
else
{
sz1 =
- (uint32_t)(total_len1
- % (uint64_t)block_len(alg_of_impl(dfst__Hacl_Agile_Hash_impl_uint32_t(i1))));
+ (uint32_t)(total_len1 %
+ (uint64_t)block_len(alg_of_impl(dfst__Hacl_Agile_Hash_impl_uint32_t(i1))));
}
uint8_t *buf2 = buf + sz1;
memcpy(buf2, chunk, chunk_len * sizeof (uint8_t));
uint64_t total_len2 = total_len1 + (uint64_t)chunk_len;
- *state
- =
+ *state =
(
(Hacl_Streaming_HMAC_agile_state){
.block_state = block_state1,
@@ -2127,9 +2109,7 @@ Hacl_Streaming_HMAC_update(
uint32_t sz1;
if
(
- total_len1
- % (uint64_t)block_len(alg_of_impl(dfst__Hacl_Agile_Hash_impl_uint32_t(i1)))
- == 0ULL
+ total_len1 % (uint64_t)block_len(alg_of_impl(dfst__Hacl_Agile_Hash_impl_uint32_t(i1))) == 0ULL
&& total_len1 > 0ULL
)
{
@@ -2138,8 +2118,8 @@ Hacl_Streaming_HMAC_update(
else
{
sz1 =
- (uint32_t)(total_len1
- % (uint64_t)block_len(alg_of_impl(dfst__Hacl_Agile_Hash_impl_uint32_t(i1))));
+ (uint32_t)(total_len1 %
+ (uint64_t)block_len(alg_of_impl(dfst__Hacl_Agile_Hash_impl_uint32_t(i1))));
}
if (!(sz1 == 0U))
{
@@ -2153,8 +2133,8 @@ Hacl_Streaming_HMAC_update(
uint32_t ite;
if
(
- (uint64_t)chunk_len
- % (uint64_t)block_len(alg_of_impl(dfst__Hacl_Agile_Hash_impl_uint32_t(i1)))
+ (uint64_t)chunk_len %
+ (uint64_t)block_len(alg_of_impl(dfst__Hacl_Agile_Hash_impl_uint32_t(i1)))
== 0ULL
&& (uint64_t)chunk_len > 0ULL
)
@@ -2164,8 +2144,8 @@ Hacl_Streaming_HMAC_update(
else
{
ite =
- (uint32_t)((uint64_t)chunk_len
- % (uint64_t)block_len(alg_of_impl(dfst__Hacl_Agile_Hash_impl_uint32_t(i1))));
+ (uint32_t)((uint64_t)chunk_len %
+ (uint64_t)block_len(alg_of_impl(dfst__Hacl_Agile_Hash_impl_uint32_t(i1))));
}
uint32_t
n_blocks = (chunk_len - ite) / block_len(alg_of_impl(dfst__Hacl_Agile_Hash_impl_uint32_t(i1)));
@@ -2178,8 +2158,7 @@ Hacl_Streaming_HMAC_update(
update_multi(s11, total_len1, data1, data1_len);
uint8_t *dst = buf;
memcpy(dst, data2, data2_len * sizeof (uint8_t));
- *state
- =
+ *state =
(
(Hacl_Streaming_HMAC_agile_state){
.block_state = block_state1,
@@ -2200,9 +2179,8 @@ Hacl_Streaming_HMAC_update(
uint32_t sz10;
if
(
- total_len10
- % (uint64_t)block_len(alg_of_impl(dfst__Hacl_Agile_Hash_impl_uint32_t(i1)))
- == 0ULL
+ total_len10 % (uint64_t)block_len(alg_of_impl(dfst__Hacl_Agile_Hash_impl_uint32_t(i1))) ==
+ 0ULL
&& total_len10 > 0ULL
)
{
@@ -2211,14 +2189,13 @@ Hacl_Streaming_HMAC_update(
else
{
sz10 =
- (uint32_t)(total_len10
- % (uint64_t)block_len(alg_of_impl(dfst__Hacl_Agile_Hash_impl_uint32_t(i1))));
+ (uint32_t)(total_len10 %
+ (uint64_t)block_len(alg_of_impl(dfst__Hacl_Agile_Hash_impl_uint32_t(i1))));
}
uint8_t *buf2 = buf0 + sz10;
memcpy(buf2, chunk1, diff * sizeof (uint8_t));
uint64_t total_len2 = total_len10 + (uint64_t)diff;
- *state
- =
+ *state =
(
(Hacl_Streaming_HMAC_agile_state){
.block_state = block_state10,
@@ -2233,9 +2210,7 @@ Hacl_Streaming_HMAC_update(
uint32_t sz1;
if
(
- total_len1
- % (uint64_t)block_len(alg_of_impl(dfst__Hacl_Agile_Hash_impl_uint32_t(i1)))
- == 0ULL
+ total_len1 % (uint64_t)block_len(alg_of_impl(dfst__Hacl_Agile_Hash_impl_uint32_t(i1))) == 0ULL
&& total_len1 > 0ULL
)
{
@@ -2244,8 +2219,8 @@ Hacl_Streaming_HMAC_update(
else
{
sz1 =
- (uint32_t)(total_len1
- % (uint64_t)block_len(alg_of_impl(dfst__Hacl_Agile_Hash_impl_uint32_t(i1))));
+ (uint32_t)(total_len1 %
+ (uint64_t)block_len(alg_of_impl(dfst__Hacl_Agile_Hash_impl_uint32_t(i1))));
}
if (!(sz1 == 0U))
{
@@ -2259,8 +2234,8 @@ Hacl_Streaming_HMAC_update(
uint32_t ite;
if
(
- (uint64_t)(chunk_len - diff)
- % (uint64_t)block_len(alg_of_impl(dfst__Hacl_Agile_Hash_impl_uint32_t(i1)))
+ (uint64_t)(chunk_len - diff) %
+ (uint64_t)block_len(alg_of_impl(dfst__Hacl_Agile_Hash_impl_uint32_t(i1)))
== 0ULL
&& (uint64_t)(chunk_len - diff) > 0ULL
)
@@ -2270,13 +2245,12 @@ Hacl_Streaming_HMAC_update(
else
{
ite =
- (uint32_t)((uint64_t)(chunk_len - diff)
- % (uint64_t)block_len(alg_of_impl(dfst__Hacl_Agile_Hash_impl_uint32_t(i1))));
+ (uint32_t)((uint64_t)(chunk_len - diff) %
+ (uint64_t)block_len(alg_of_impl(dfst__Hacl_Agile_Hash_impl_uint32_t(i1))));
}
uint32_t
n_blocks =
- (chunk_len - diff - ite)
- / block_len(alg_of_impl(dfst__Hacl_Agile_Hash_impl_uint32_t(i1)));
+ (chunk_len - diff - ite) / block_len(alg_of_impl(dfst__Hacl_Agile_Hash_impl_uint32_t(i1)));
uint32_t
data1_len = n_blocks * block_len(alg_of_impl(dfst__Hacl_Agile_Hash_impl_uint32_t(i1)));
uint32_t data2_len = chunk_len - diff - data1_len;
@@ -2286,8 +2260,7 @@ Hacl_Streaming_HMAC_update(
update_multi(s11, total_len1, data1, data1_len);
uint8_t *dst = buf;
memcpy(dst, data2, data2_len * sizeof (uint8_t));
- *state
- =
+ *state =
(
(Hacl_Streaming_HMAC_agile_state){
.block_state = block_state1,
@@ -2324,9 +2297,7 @@ Hacl_Streaming_HMAC_digest(
uint32_t r;
if
(
- total_len
- % (uint64_t)block_len(alg_of_impl(dfst__Hacl_Agile_Hash_impl_uint32_t(i1)))
- == 0ULL
+ total_len % (uint64_t)block_len(alg_of_impl(dfst__Hacl_Agile_Hash_impl_uint32_t(i1))) == 0ULL
&& total_len > 0ULL
)
{
@@ -2335,8 +2306,8 @@ Hacl_Streaming_HMAC_digest(
else
{
r =
- (uint32_t)(total_len
- % (uint64_t)block_len(alg_of_impl(dfst__Hacl_Agile_Hash_impl_uint32_t(i1))));
+ (uint32_t)(total_len %
+ (uint64_t)block_len(alg_of_impl(dfst__Hacl_Agile_Hash_impl_uint32_t(i1))));
}
uint8_t *buf_1 = buf_;
Hacl_Agile_Hash_state_s *s110 = malloc_(dfst__Hacl_Agile_Hash_impl_uint32_t(i1));
diff --git a/Modules/_hacl/Lib_Memzero0.c b/Modules/_hacl/Lib_Memzero0.c
index 4dbf55eef58..f94e0e2254a 100644
--- a/Modules/_hacl/Lib_Memzero0.c
+++ b/Modules/_hacl/Lib_Memzero0.c
@@ -10,6 +10,20 @@
#if defined(__APPLE__) && defined(__MACH__)
#include <AvailabilityMacros.h>
+// memset_s is available from macOS 10.9, iOS 7, watchOS 2, and on all tvOS and visionOS versions.
+# if (defined(MAC_OS_X_VERSION_MIN_REQUIRED) && defined(MAC_OS_X_VERSION_10_9) && (MAC_OS_X_VERSION_MIN_REQUIRED >= MAC_OS_X_VERSION_10_9))
+# define APPLE_HAS_MEMSET_S
+# elif (defined(__IPHONE_OS_VERSION_MIN_REQUIRED) && defined(__IPHONE_7_0) && (__IPHONE_OS_VERSION_MIN_REQUIRED >= __IPHONE_7_0))
+# define APPLE_HAS_MEMSET_S
+# elif (defined(TARGET_OS_TV) && TARGET_OS_TV)
+# define APPLE_HAS_MEMSET_S
+# elif (defined(__WATCH_OS_VERSION_MIN_REQUIRED) && defined(__WATCHOS_2_0) && (__WATCH_OS_VERSION_MIN_REQUIRED >= __WATCHOS_2_0))
+# define APPLE_HAS_MEMSET_S
+# elif (defined(TARGET_OS_VISION) && TARGET_OS_VISION)
+# define APPLE_HAS_MEMSET_S
+# else
+# undef APPLE_HAS_MEMSET_S
+# endif
#endif
#if (defined(__APPLE__) && defined(__MACH__)) || defined(__linux__) || defined(__OpenBSD__)
@@ -41,7 +55,7 @@ void Lib_Memzero0_memzero0(void *dst, uint64_t len) {
#ifdef _WIN32
SecureZeroMemory(dst, len_);
- #elif defined(__APPLE__) && defined(__MACH__) && defined(MAC_OS_X_VERSION_MIN_REQUIRED) && (MAC_OS_X_VERSION_MIN_REQUIRED >= 1090)
+ #elif defined(__APPLE__) && defined(__MACH__) && defined(APPLE_HAS_MEMSET_S)
memset_s(dst, len_, 0, len_);
#elif (defined(__linux__) && !defined(LINUX_NO_EXPLICIT_BZERO)) || defined(__FreeBSD__) || defined(__OpenBSD__)
explicit_bzero(dst, len_);
@@ -52,7 +66,7 @@ void Lib_Memzero0_memzero0(void *dst, uint64_t len) {
#warning "Your platform does not support any safe implementation of memzero -- consider a pull request!"
volatile unsigned char *volatile dst_ = (volatile unsigned char *volatile) dst;
size_t i = 0U;
- while (i < len)
+ while (i < len_)
dst_[i++] = 0U;
#endif
}
diff --git a/Modules/_hacl/include/krml/FStar_UInt128_Verified.h b/Modules/_hacl/include/krml/FStar_UInt128_Verified.h
index d4a90220bea..f85982f3373 100644
--- a/Modules/_hacl/include/krml/FStar_UInt128_Verified.h
+++ b/Modules/_hacl/include/krml/FStar_UInt128_Verified.h
@@ -257,11 +257,11 @@ FStar_UInt128_gte_mask(FStar_UInt128_uint128 a, FStar_UInt128_uint128 b)
{
FStar_UInt128_uint128 lit;
lit.low =
- (FStar_UInt64_gte_mask(a.high, b.high) & ~FStar_UInt64_eq_mask(a.high, b.high))
- | (FStar_UInt64_eq_mask(a.high, b.high) & FStar_UInt64_gte_mask(a.low, b.low));
+ (FStar_UInt64_gte_mask(a.high, b.high) & ~FStar_UInt64_eq_mask(a.high, b.high)) |
+ (FStar_UInt64_eq_mask(a.high, b.high) & FStar_UInt64_gte_mask(a.low, b.low));
lit.high =
- (FStar_UInt64_gte_mask(a.high, b.high) & ~FStar_UInt64_eq_mask(a.high, b.high))
- | (FStar_UInt64_eq_mask(a.high, b.high) & FStar_UInt64_gte_mask(a.low, b.low));
+ (FStar_UInt64_gte_mask(a.high, b.high) & ~FStar_UInt64_eq_mask(a.high, b.high)) |
+ (FStar_UInt64_eq_mask(a.high, b.high) & FStar_UInt64_gte_mask(a.low, b.low));
return lit;
}
@@ -294,14 +294,12 @@ static inline FStar_UInt128_uint128 FStar_UInt128_mul32(uint64_t x, uint32_t y)
{
FStar_UInt128_uint128 lit;
lit.low =
- FStar_UInt128_u32_combine((x >> FStar_UInt128_u32_32)
- * (uint64_t)y
- + (FStar_UInt128_u64_mod_32(x) * (uint64_t)y >> FStar_UInt128_u32_32),
+ FStar_UInt128_u32_combine((x >> FStar_UInt128_u32_32) * (uint64_t)y +
+ (FStar_UInt128_u64_mod_32(x) * (uint64_t)y >> FStar_UInt128_u32_32),
FStar_UInt128_u64_mod_32(FStar_UInt128_u64_mod_32(x) * (uint64_t)y));
lit.high =
- ((x >> FStar_UInt128_u32_32)
- * (uint64_t)y
- + (FStar_UInt128_u64_mod_32(x) * (uint64_t)y >> FStar_UInt128_u32_32))
+ ((x >> FStar_UInt128_u32_32) * (uint64_t)y +
+ (FStar_UInt128_u64_mod_32(x) * (uint64_t)y >> FStar_UInt128_u32_32))
>> FStar_UInt128_u32_32;
return lit;
}
@@ -315,28 +313,19 @@ static inline FStar_UInt128_uint128 FStar_UInt128_mul_wide(uint64_t x, uint64_t
{
FStar_UInt128_uint128 lit;
lit.low =
- FStar_UInt128_u32_combine_(FStar_UInt128_u64_mod_32(x)
- * (y >> FStar_UInt128_u32_32)
- +
- FStar_UInt128_u64_mod_32((x >> FStar_UInt128_u32_32)
- * FStar_UInt128_u64_mod_32(y)
- + (FStar_UInt128_u64_mod_32(x) * FStar_UInt128_u64_mod_32(y) >> FStar_UInt128_u32_32)),
+ FStar_UInt128_u32_combine_(FStar_UInt128_u64_mod_32(x) * (y >> FStar_UInt128_u32_32) +
+ FStar_UInt128_u64_mod_32((x >> FStar_UInt128_u32_32) * FStar_UInt128_u64_mod_32(y) +
+ (FStar_UInt128_u64_mod_32(x) * FStar_UInt128_u64_mod_32(y) >> FStar_UInt128_u32_32)),
FStar_UInt128_u64_mod_32(FStar_UInt128_u64_mod_32(x) * FStar_UInt128_u64_mod_32(y)));
lit.high =
- (x >> FStar_UInt128_u32_32)
- * (y >> FStar_UInt128_u32_32)
- +
- (((x >> FStar_UInt128_u32_32)
- * FStar_UInt128_u64_mod_32(y)
- + (FStar_UInt128_u64_mod_32(x) * FStar_UInt128_u64_mod_32(y) >> FStar_UInt128_u32_32))
+ (x >> FStar_UInt128_u32_32) * (y >> FStar_UInt128_u32_32) +
+ (((x >> FStar_UInt128_u32_32) * FStar_UInt128_u64_mod_32(y) +
+ (FStar_UInt128_u64_mod_32(x) * FStar_UInt128_u64_mod_32(y) >> FStar_UInt128_u32_32))
>> FStar_UInt128_u32_32)
+
- ((FStar_UInt128_u64_mod_32(x)
- * (y >> FStar_UInt128_u32_32)
- +
- FStar_UInt128_u64_mod_32((x >> FStar_UInt128_u32_32)
- * FStar_UInt128_u64_mod_32(y)
- + (FStar_UInt128_u64_mod_32(x) * FStar_UInt128_u64_mod_32(y) >> FStar_UInt128_u32_32)))
+ ((FStar_UInt128_u64_mod_32(x) * (y >> FStar_UInt128_u32_32) +
+ FStar_UInt128_u64_mod_32((x >> FStar_UInt128_u32_32) * FStar_UInt128_u64_mod_32(y) +
+ (FStar_UInt128_u64_mod_32(x) * FStar_UInt128_u64_mod_32(y) >> FStar_UInt128_u32_32)))
>> FStar_UInt128_u32_32);
return lit;
}
diff --git a/Modules/_hacl/python_hacl_namespaces.h b/Modules/_hacl/python_hacl_namespaces.h
index 1c2f7fea5c8..d0b4500395e 100644
--- a/Modules/_hacl/python_hacl_namespaces.h
+++ b/Modules/_hacl/python_hacl_namespaces.h
@@ -2,95 +2,43 @@
#define _PYTHON_HACL_NAMESPACES_H
/*
- * C's excuse for namespaces: Use globally unique names to avoid linkage
- * conflicts with builds linking or dynamically loading other code potentially
- * using HACL* libraries.
+ * Use globally unique names to avoid linkage conflicts with builds linking
+ * or dynamically loading other code potentially using HACL* libraries.
*
- * Something like this to generate new entries for the list:
- *
- * nm *.o | grep Hacl | cut -c 20- | sort | uniq | grep -v _Py_LibHacl_ | egrep ^_ | sed 's/_\(.*\)/#define \1 _Py_LibHacl_\1/g'
- */
+ * Assuming that the current working directory is Modules/_hacl,
+ * use the following command to generate a list of candidates:
-#define Lib_Memzero0_memzero0 _Py_LibHacl_Lib_Memzero0_memzero0
+ nm -j *.o | grep -i hacl | grep -P '^[a-zA-Z_][a-zA-Z0-9_]+' \
+ | sed -e 's/^_Py_LibHacl_//g' \
+ | sed 's/\(.*\)/#define \1 _Py_LibHacl_\1/g' \
+ | sort -u
-#define Hacl_Hash_SHA2_state_sha2_224_s _Py_LibHacl_Hacl_Hash_SHA2_state_sha2_224_s
-#define Hacl_Hash_SHA2_state_sha2_224 _Py_LibHacl_Hacl_Hash_SHA2_state_sha2_224
-#define Hacl_Hash_SHA2_state_sha2_256 _Py_LibHacl_Hacl_Hash_SHA2_state_sha2_256
-#define Hacl_Hash_SHA2_state_sha2_384_s _Py_LibHacl_Hacl_Hash_SHA2_state_sha2_384_s
-#define Hacl_Hash_SHA2_state_sha2_384 _Py_LibHacl_Hacl_Hash_SHA2_state_sha2_384
-#define Hacl_Hash_SHA2_state_sha2_512 _Py_LibHacl_Hacl_Hash_SHA2_state_sha2_512
-#define Hacl_Hash_SHA2_malloc_256 _Py_LibHacl_Hacl_Hash_SHA2_malloc_256
-#define Hacl_Hash_SHA2_malloc_224 _Py_LibHacl_Hacl_Hash_SHA2_malloc_224
-#define Hacl_Hash_SHA2_malloc_512 _Py_LibHacl_Hacl_Hash_SHA2_malloc_512
-#define Hacl_Hash_SHA2_malloc_384 _Py_LibHacl_Hacl_Hash_SHA2_malloc_384
-#define Hacl_Hash_SHA2_copy_256 _Py_LibHacl_Hacl_Hash_SHA2_copy_256
-#define Hacl_Hash_SHA2_copy_224 _Py_LibHacl_Hacl_Hash_SHA2_copy_224
-#define Hacl_Hash_SHA2_copy_512 _Py_LibHacl_Hacl_Hash_SHA2_copy_512
-#define Hacl_Hash_SHA2_copy_384 _Py_LibHacl_Hacl_Hash_SHA2_copy_384
-#define Hacl_Hash_SHA2_init_256 _Py_LibHacl_Hacl_Hash_SHA2_init_256
-#define Hacl_Hash_SHA2_init_224 _Py_LibHacl_Hacl_Hash_SHA2_init_224
-#define Hacl_Hash_SHA2_init_512 _Py_LibHacl_Hacl_Hash_SHA2_init_512
-#define Hacl_Hash_SHA2_init_384 _Py_LibHacl_Hacl_Hash_SHA2_init_384
-#define Hacl_SHA2_Scalar32_sha512_init _Py_LibHacl_Hacl_SHA2_Scalar32_sha512_init
-#define Hacl_Hash_SHA2_update_256 _Py_LibHacl_Hacl_Hash_SHA2_update_256
-#define Hacl_Hash_SHA2_update_224 _Py_LibHacl_Hacl_Hash_SHA2_update_224
-#define Hacl_Hash_SHA2_update_512 _Py_LibHacl_Hacl_Hash_SHA2_update_512
-#define Hacl_Hash_SHA2_update_384 _Py_LibHacl_Hacl_Hash_SHA2_update_384
-#define Hacl_Hash_SHA2_digest_256 _Py_LibHacl_Hacl_Hash_SHA2_digest_256
-#define Hacl_Hash_SHA2_digest_224 _Py_LibHacl_Hacl_Hash_SHA2_digest_224
-#define Hacl_Hash_SHA2_digest_512 _Py_LibHacl_Hacl_Hash_SHA2_digest_512
-#define Hacl_Hash_SHA2_digest_384 _Py_LibHacl_Hacl_Hash_SHA2_digest_384
-#define Hacl_Hash_SHA2_free_256 _Py_LibHacl_Hacl_Hash_SHA2_free_256
-#define Hacl_Hash_SHA2_free_224 _Py_LibHacl_Hacl_Hash_SHA2_free_224
-#define Hacl_Hash_SHA2_free_512 _Py_LibHacl_Hacl_Hash_SHA2_free_512
-#define Hacl_Hash_SHA2_free_384 _Py_LibHacl_Hacl_Hash_SHA2_free_384
-#define Hacl_Hash_SHA2_sha256 _Py_LibHacl_Hacl_Hash_SHA2_sha256
-#define Hacl_Hash_SHA2_sha224 _Py_LibHacl_Hacl_Hash_SHA2_sha224
-#define Hacl_Hash_SHA2_sha512 _Py_LibHacl_Hacl_Hash_SHA2_sha512
-#define Hacl_Hash_SHA2_sha384 _Py_LibHacl_Hacl_Hash_SHA2_sha384
+ * Compare the entries to add as follows:
-#define Hacl_Hash_MD5_malloc _Py_LibHacl_Hacl_Hash_MD5_malloc
-#define Hacl_Hash_MD5_init _Py_LibHacl_Hacl_Hash_MD5_init
-#define Hacl_Hash_MD5_update _Py_LibHacl_Hacl_Hash_MD5_update
-#define Hacl_Hash_MD5_digest _Py_LibHacl_Hacl_Hash_MD5_digest
-#define Hacl_Hash_MD5_free _Py_LibHacl_Hacl_Hash_MD5_free
-#define Hacl_Hash_MD5_copy _Py_LibHacl_Hacl_Hash_MD5_copy
-#define Hacl_Hash_MD5_hash _Py_LibHacl_Hacl_Hash_MD5_hash
-
-#define Hacl_Hash_SHA1_malloc _Py_LibHacl_Hacl_Hash_SHA1_malloc
-#define Hacl_Hash_SHA1_init _Py_LibHacl_Hacl_Hash_SHA1_init
-#define Hacl_Hash_SHA1_update _Py_LibHacl_Hacl_Hash_SHA1_update
-#define Hacl_Hash_SHA1_digest _Py_LibHacl_Hacl_Hash_SHA1_digest
-#define Hacl_Hash_SHA1_free _Py_LibHacl_Hacl_Hash_SHA1_free
-#define Hacl_Hash_SHA1_copy _Py_LibHacl_Hacl_Hash_SHA1_copy
-#define Hacl_Hash_SHA1_hash _Py_LibHacl_Hacl_Hash_SHA1_hash
-
-#define Hacl_Hash_SHA3_update_last_sha3 _Py_LibHacl_Hacl_Hash_SHA3_update_last_sha3
-#define Hacl_Hash_SHA3_update_multi_sha3 _Py_LibHacl_Hacl_Hash_SHA3_update_multi_sha3
-#define Hacl_Impl_SHA3_absorb_inner _Py_LibHacl_Hacl_Impl_SHA3_absorb_inner
-#define Hacl_Impl_SHA3_keccak _Py_LibHacl_Hacl_Impl_SHA3_keccak
-#define Hacl_Impl_SHA3_loadState _Py_LibHacl_Hacl_Impl_SHA3_loadState
-#define Hacl_Impl_SHA3_squeeze _Py_LibHacl_Hacl_Impl_SHA3_squeeze
-#define Hacl_Impl_SHA3_state_permute _Py_LibHacl_Hacl_Impl_SHA3_state_permute
-#define Hacl_SHA3_sha3_224 _Py_LibHacl_Hacl_SHA3_sha3_224
-#define Hacl_SHA3_sha3_256 _Py_LibHacl_Hacl_SHA3_sha3_256
-#define Hacl_SHA3_sha3_384 _Py_LibHacl_Hacl_SHA3_sha3_384
-#define Hacl_SHA3_sha3_512 _Py_LibHacl_Hacl_SHA3_sha3_512
-#define Hacl_SHA3_shake128_hacl _Py_LibHacl_Hacl_SHA3_shake128_hacl
-#define Hacl_SHA3_shake256_hacl _Py_LibHacl_Hacl_SHA3_shake256_hacl
-#define Hacl_Hash_SHA3_block_len _Py_LibHacl_Hacl_Hash_SHA3_block_len
-#define Hacl_Hash_SHA3_copy _Py_LibHacl_Hacl_Hash_SHA3_copy
-#define Hacl_Hash_SHA3_digest _Py_LibHacl_Hacl_Hash_SHA3_digest
-#define Hacl_Hash_SHA3_free _Py_LibHacl_Hacl_Hash_SHA3_free
-#define Hacl_Hash_SHA3_get_alg _Py_LibHacl_Hacl_Hash_SHA3_get_alg
-#define Hacl_Hash_SHA3_hash_len _Py_LibHacl_Hacl_Hash_SHA3_hash_len
-#define Hacl_Hash_SHA3_is_shake _Py_LibHacl_Hacl_Hash_SHA3_is_shake
-#define Hacl_Hash_SHA3_init_ _Py_LibHacl_Hacl_Hash_SHA3_init_
-#define Hacl_Hash_SHA3_malloc _Py_LibHacl_Hacl_Hash_SHA3_malloc
-#define Hacl_Hash_SHA3_reset _Py_LibHacl_Hacl_Hash_SHA3_reset
-#define Hacl_Hash_SHA3_update _Py_LibHacl_Hacl_Hash_SHA3_update
-#define Hacl_Hash_SHA3_squeeze _Py_LibHacl_Hacl_Hash_SHA3_squeeze
+ diff -y --suppress-common-lines \
+ <(grep -P '^#define (?!_PY.+_H)' python_hacl_namespaces.h | sort -u) \
+ <(nm -j *.o | grep -i hacl | grep -P '^[a-zA-Z_][a-zA-Z0-9_]+' \
+ | sed -e 's/^_Py_LibHacl_//g' \
+ | sed 's/\(.*\)/#define \1 _Py_LibHacl_\1/g' | sort -u)
+ */
+// --- Utils ------------------------------------------------------------------
+#define Lib_Memzero0_memzero0 _Py_LibHacl_Lib_Memzero0_memzero0
+// --- HASH-BLAKE-2b ----------------------------------------------------------
+#define Hacl_Hash_Blake2b_copy _Py_LibHacl_Hacl_Hash_Blake2b_copy
+#define Hacl_Hash_Blake2b_digest _Py_LibHacl_Hacl_Hash_Blake2b_digest
+#define Hacl_Hash_Blake2b_finish _Py_LibHacl_Hacl_Hash_Blake2b_finish
+#define Hacl_Hash_Blake2b_free _Py_LibHacl_Hacl_Hash_Blake2b_free
+#define Hacl_Hash_Blake2b_hash_with_key _Py_LibHacl_Hacl_Hash_Blake2b_hash_with_key
+#define Hacl_Hash_Blake2b_hash_with_key_and_params _Py_LibHacl_Hacl_Hash_Blake2b_hash_with_key_and_params
+#define Hacl_Hash_Blake2b_info _Py_LibHacl_Hacl_Hash_Blake2b_info
+#define Hacl_Hash_Blake2b_init _Py_LibHacl_Hacl_Hash_Blake2b_init
+#define Hacl_Hash_Blake2b_malloc _Py_LibHacl_Hacl_Hash_Blake2b_malloc
+#define Hacl_Hash_Blake2b_malloc_with_key _Py_LibHacl_Hacl_Hash_Blake2b_malloc_with_key
+#define Hacl_Hash_Blake2b_malloc_with_params_and_key _Py_LibHacl_Hacl_Hash_Blake2b_malloc_with_params_and_key
+#define Hacl_Hash_Blake2b_reset _Py_LibHacl_Hacl_Hash_Blake2b_reset
+#define Hacl_Hash_Blake2b_reset_with_key _Py_LibHacl_Hacl_Hash_Blake2b_reset_with_key
+#define Hacl_Hash_Blake2b_reset_with_key_and_params _Py_LibHacl_Hacl_Hash_Blake2b_reset_with_key_and_params
#define Hacl_Hash_Blake2b_Simd256_copy _Py_LibHacl_Hacl_Hash_Blake2b_Simd256_copy
#define Hacl_Hash_Blake2b_Simd256_copy_internal_state _Py_LibHacl_Hacl_Hash_Blake2b_Simd256_copy_internal_state
#define Hacl_Hash_Blake2b_Simd256_digest _Py_LibHacl_Hacl_Hash_Blake2b_Simd256_digest
@@ -104,7 +52,6 @@
#define Hacl_Hash_Blake2b_Simd256_malloc _Py_LibHacl_Hacl_Hash_Blake2b_Simd256_malloc
#define Hacl_Hash_Blake2b_Simd256_malloc_internal_state_with_key _Py_LibHacl_Hacl_Hash_Blake2b_Simd256_malloc_internal_state_with_key
#define Hacl_Hash_Blake2b_Simd256_malloc_with_key _Py_LibHacl_Hacl_Hash_Blake2b_Simd256_malloc_with_key
-#define Hacl_Hash_Blake2b_Simd256_malloc_with_key0 _Py_LibHacl_Hacl_Hash_Blake2b_Simd256_malloc_with_key0
#define Hacl_Hash_Blake2b_Simd256_malloc_with_params_and_key _Py_LibHacl_Hacl_Hash_Blake2b_Simd256_malloc_with_params_and_key
#define Hacl_Hash_Blake2b_Simd256_reset _Py_LibHacl_Hacl_Hash_Blake2b_Simd256_reset
#define Hacl_Hash_Blake2b_Simd256_reset_with_key _Py_LibHacl_Hacl_Hash_Blake2b_Simd256_reset_with_key
@@ -115,23 +62,24 @@
#define Hacl_Hash_Blake2b_Simd256_update_last_no_inline _Py_LibHacl_Hacl_Hash_Blake2b_Simd256_update_last_no_inline
#define Hacl_Hash_Blake2b_Simd256_update_multi _Py_LibHacl_Hacl_Hash_Blake2b_Simd256_update_multi
#define Hacl_Hash_Blake2b_Simd256_update_multi_no_inline _Py_LibHacl_Hacl_Hash_Blake2b_Simd256_update_multi_no_inline
-#define Hacl_Hash_Blake2b_copy _Py_LibHacl_Hacl_Hash_Blake2b_copy
-#define Hacl_Hash_Blake2b_digest _Py_LibHacl_Hacl_Hash_Blake2b_digest
-#define Hacl_Hash_Blake2b_finish _Py_LibHacl_Hacl_Hash_Blake2b_finish
-#define Hacl_Hash_Blake2b_free _Py_LibHacl_Hacl_Hash_Blake2b_free
-#define Hacl_Hash_Blake2b_hash_with_key _Py_LibHacl_Hacl_Hash_Blake2b_hash_with_key
-#define Hacl_Hash_Blake2b_hash_with_key_and_params _Py_LibHacl_Hacl_Hash_Blake2b_hash_with_key_and_params
-#define Hacl_Hash_Blake2b_info _Py_LibHacl_Hacl_Hash_Blake2b_info
-#define Hacl_Hash_Blake2b_init _Py_LibHacl_Hacl_Hash_Blake2b_init
-#define Hacl_Hash_Blake2b_malloc _Py_LibHacl_Hacl_Hash_Blake2b_malloc
-#define Hacl_Hash_Blake2b_malloc_with_key _Py_LibHacl_Hacl_Hash_Blake2b_malloc_with_key
-#define Hacl_Hash_Blake2b_malloc_with_params_and_key _Py_LibHacl_Hacl_Hash_Blake2b_malloc_with_params_and_key
-#define Hacl_Hash_Blake2b_reset _Py_LibHacl_Hacl_Hash_Blake2b_reset
-#define Hacl_Hash_Blake2b_reset_with_key _Py_LibHacl_Hacl_Hash_Blake2b_reset_with_key
-#define Hacl_Hash_Blake2b_reset_with_key_and_params _Py_LibHacl_Hacl_Hash_Blake2b_reset_with_key_and_params
#define Hacl_Hash_Blake2b_update _Py_LibHacl_Hacl_Hash_Blake2b_update
#define Hacl_Hash_Blake2b_update_last _Py_LibHacl_Hacl_Hash_Blake2b_update_last
#define Hacl_Hash_Blake2b_update_multi _Py_LibHacl_Hacl_Hash_Blake2b_update_multi
+// --- HASH-BLAKE-2s ----------------------------------------------------------
+#define Hacl_Hash_Blake2s_copy _Py_LibHacl_Hacl_Hash_Blake2s_copy
+#define Hacl_Hash_Blake2s_digest _Py_LibHacl_Hacl_Hash_Blake2s_digest
+#define Hacl_Hash_Blake2s_finish _Py_LibHacl_Hacl_Hash_Blake2s_finish
+#define Hacl_Hash_Blake2s_free _Py_LibHacl_Hacl_Hash_Blake2s_free
+#define Hacl_Hash_Blake2s_hash_with_key _Py_LibHacl_Hacl_Hash_Blake2s_hash_with_key
+#define Hacl_Hash_Blake2s_hash_with_key_and_params _Py_LibHacl_Hacl_Hash_Blake2s_hash_with_key_and_params
+#define Hacl_Hash_Blake2s_info _Py_LibHacl_Hacl_Hash_Blake2s_info
+#define Hacl_Hash_Blake2s_init _Py_LibHacl_Hacl_Hash_Blake2s_init
+#define Hacl_Hash_Blake2s_malloc _Py_LibHacl_Hacl_Hash_Blake2s_malloc
+#define Hacl_Hash_Blake2s_malloc_with_key _Py_LibHacl_Hacl_Hash_Blake2s_malloc_with_key
+#define Hacl_Hash_Blake2s_malloc_with_params_and_key _Py_LibHacl_Hacl_Hash_Blake2s_malloc_with_params_and_key
+#define Hacl_Hash_Blake2s_reset _Py_LibHacl_Hacl_Hash_Blake2s_reset
+#define Hacl_Hash_Blake2s_reset_with_key _Py_LibHacl_Hacl_Hash_Blake2s_reset_with_key
+#define Hacl_Hash_Blake2s_reset_with_key_and_params _Py_LibHacl_Hacl_Hash_Blake2s_reset_with_key_and_params
#define Hacl_Hash_Blake2s_Simd128_copy _Py_LibHacl_Hacl_Hash_Blake2s_Simd128_copy
#define Hacl_Hash_Blake2s_Simd128_copy_internal_state _Py_LibHacl_Hacl_Hash_Blake2s_Simd128_copy_internal_state
#define Hacl_Hash_Blake2s_Simd128_digest _Py_LibHacl_Hacl_Hash_Blake2s_Simd128_digest
@@ -145,7 +93,6 @@
#define Hacl_Hash_Blake2s_Simd128_malloc _Py_LibHacl_Hacl_Hash_Blake2s_Simd128_malloc
#define Hacl_Hash_Blake2s_Simd128_malloc_internal_state_with_key _Py_LibHacl_Hacl_Hash_Blake2s_Simd128_malloc_internal_state_with_key
#define Hacl_Hash_Blake2s_Simd128_malloc_with_key _Py_LibHacl_Hacl_Hash_Blake2s_Simd128_malloc_with_key
-#define Hacl_Hash_Blake2s_Simd128_malloc_with_key0 _Py_LibHacl_Hacl_Hash_Blake2s_Simd128_malloc_with_key0
#define Hacl_Hash_Blake2s_Simd128_malloc_with_params_and_key _Py_LibHacl_Hacl_Hash_Blake2s_Simd128_malloc_with_params_and_key
#define Hacl_Hash_Blake2s_Simd128_reset _Py_LibHacl_Hacl_Hash_Blake2s_Simd128_reset
#define Hacl_Hash_Blake2s_Simd128_reset_with_key _Py_LibHacl_Hacl_Hash_Blake2s_Simd128_reset_with_key
@@ -156,37 +103,54 @@
#define Hacl_Hash_Blake2s_Simd128_update_last_no_inline _Py_LibHacl_Hacl_Hash_Blake2s_Simd128_update_last_no_inline
#define Hacl_Hash_Blake2s_Simd128_update_multi _Py_LibHacl_Hacl_Hash_Blake2s_Simd128_update_multi
#define Hacl_Hash_Blake2s_Simd128_update_multi_no_inline _Py_LibHacl_Hacl_Hash_Blake2s_Simd128_update_multi_no_inline
-#define Hacl_Hash_Blake2s_copy _Py_LibHacl_Hacl_Hash_Blake2s_copy
-#define Hacl_Hash_Blake2s_digest _Py_LibHacl_Hacl_Hash_Blake2s_digest
-#define Hacl_Hash_Blake2s_finish _Py_LibHacl_Hacl_Hash_Blake2s_finish
-#define Hacl_Hash_Blake2s_free _Py_LibHacl_Hacl_Hash_Blake2s_free
-#define Hacl_Hash_Blake2s_hash_with_key _Py_LibHacl_Hacl_Hash_Blake2s_hash_with_key
-#define Hacl_Hash_Blake2s_hash_with_key_and_params _Py_LibHacl_Hacl_Hash_Blake2s_hash_with_key_and_params
-#define Hacl_Hash_Blake2s_info _Py_LibHacl_Hacl_Hash_Blake2s_info
-#define Hacl_Hash_Blake2s_init _Py_LibHacl_Hacl_Hash_Blake2s_init
-#define Hacl_Hash_Blake2s_malloc _Py_LibHacl_Hacl_Hash_Blake2s_malloc
-#define Hacl_Hash_Blake2s_malloc_with_key _Py_LibHacl_Hacl_Hash_Blake2s_malloc_with_key
-#define Hacl_Hash_Blake2s_malloc_with_params_and_key _Py_LibHacl_Hacl_Hash_Blake2s_malloc_with_params_and_key
-#define Hacl_Hash_Blake2s_reset _Py_LibHacl_Hacl_Hash_Blake2s_reset
-#define Hacl_Hash_Blake2s_reset_with_key _Py_LibHacl_Hacl_Hash_Blake2s_reset_with_key
-#define Hacl_Hash_Blake2s_reset_with_key_and_params _Py_LibHacl_Hacl_Hash_Blake2s_reset_with_key_and_params
#define Hacl_Hash_Blake2s_update _Py_LibHacl_Hacl_Hash_Blake2s_update
#define Hacl_Hash_Blake2s_update_last _Py_LibHacl_Hacl_Hash_Blake2s_update_last
#define Hacl_Hash_Blake2s_update_multi _Py_LibHacl_Hacl_Hash_Blake2s_update_multi
+// --- HASH-MD5 ---------------------------------------------------------------
+#define Hacl_Hash_MD5_copy _Py_LibHacl_Hacl_Hash_MD5_copy
+#define Hacl_Hash_MD5_digest _Py_LibHacl_Hacl_Hash_MD5_digest
#define Hacl_Hash_MD5_finish _Py_LibHacl_Hacl_Hash_MD5_finish
+#define Hacl_Hash_MD5_free _Py_LibHacl_Hacl_Hash_MD5_free
+#define Hacl_Hash_MD5_hash _Py_LibHacl_Hacl_Hash_MD5_hash
#define Hacl_Hash_MD5_hash_oneshot _Py_LibHacl_Hacl_Hash_MD5_hash_oneshot
+#define Hacl_Hash_MD5_init _Py_LibHacl_Hacl_Hash_MD5_init
+#define Hacl_Hash_MD5_malloc _Py_LibHacl_Hacl_Hash_MD5_malloc
#define Hacl_Hash_MD5_reset _Py_LibHacl_Hacl_Hash_MD5_reset
+#define Hacl_Hash_MD5_update _Py_LibHacl_Hacl_Hash_MD5_update
#define Hacl_Hash_MD5_update_last _Py_LibHacl_Hacl_Hash_MD5_update_last
#define Hacl_Hash_MD5_update_multi _Py_LibHacl_Hacl_Hash_MD5_update_multi
+// --- HASH-SHA-1 -------------------------------------------------------------
+#define Hacl_Hash_SHA1_copy _Py_LibHacl_Hacl_Hash_SHA1_copy
+#define Hacl_Hash_SHA1_digest _Py_LibHacl_Hacl_Hash_SHA1_digest
#define Hacl_Hash_SHA1_finish _Py_LibHacl_Hacl_Hash_SHA1_finish
+#define Hacl_Hash_SHA1_free _Py_LibHacl_Hacl_Hash_SHA1_free
+#define Hacl_Hash_SHA1_hash _Py_LibHacl_Hacl_Hash_SHA1_hash
#define Hacl_Hash_SHA1_hash_oneshot _Py_LibHacl_Hacl_Hash_SHA1_hash_oneshot
+#define Hacl_Hash_SHA1_init _Py_LibHacl_Hacl_Hash_SHA1_init
+#define Hacl_Hash_SHA1_malloc _Py_LibHacl_Hacl_Hash_SHA1_malloc
#define Hacl_Hash_SHA1_reset _Py_LibHacl_Hacl_Hash_SHA1_reset
+#define Hacl_Hash_SHA1_update _Py_LibHacl_Hacl_Hash_SHA1_update
#define Hacl_Hash_SHA1_update_last _Py_LibHacl_Hacl_Hash_SHA1_update_last
#define Hacl_Hash_SHA1_update_multi _Py_LibHacl_Hacl_Hash_SHA1_update_multi
+// --- HASH-SHA-2 -------------------------------------------------------------
+#define Hacl_Hash_SHA2_copy_256 _Py_LibHacl_Hacl_Hash_SHA2_copy_256
+#define Hacl_Hash_SHA2_copy_512 _Py_LibHacl_Hacl_Hash_SHA2_copy_512
+#define Hacl_Hash_SHA2_digest_224 _Py_LibHacl_Hacl_Hash_SHA2_digest_224
+#define Hacl_Hash_SHA2_digest_256 _Py_LibHacl_Hacl_Hash_SHA2_digest_256
+#define Hacl_Hash_SHA2_digest_384 _Py_LibHacl_Hacl_Hash_SHA2_digest_384
+#define Hacl_Hash_SHA2_digest_512 _Py_LibHacl_Hacl_Hash_SHA2_digest_512
+#define Hacl_Hash_SHA2_free_224 _Py_LibHacl_Hacl_Hash_SHA2_free_224
+#define Hacl_Hash_SHA2_free_256 _Py_LibHacl_Hacl_Hash_SHA2_free_256
+#define Hacl_Hash_SHA2_free_384 _Py_LibHacl_Hacl_Hash_SHA2_free_384
+#define Hacl_Hash_SHA2_free_512 _Py_LibHacl_Hacl_Hash_SHA2_free_512
#define Hacl_Hash_SHA2_hash_224 _Py_LibHacl_Hacl_Hash_SHA2_hash_224
#define Hacl_Hash_SHA2_hash_256 _Py_LibHacl_Hacl_Hash_SHA2_hash_256
#define Hacl_Hash_SHA2_hash_384 _Py_LibHacl_Hacl_Hash_SHA2_hash_384
#define Hacl_Hash_SHA2_hash_512 _Py_LibHacl_Hacl_Hash_SHA2_hash_512
+#define Hacl_Hash_SHA2_malloc_224 _Py_LibHacl_Hacl_Hash_SHA2_malloc_224
+#define Hacl_Hash_SHA2_malloc_256 _Py_LibHacl_Hacl_Hash_SHA2_malloc_256
+#define Hacl_Hash_SHA2_malloc_384 _Py_LibHacl_Hacl_Hash_SHA2_malloc_384
+#define Hacl_Hash_SHA2_malloc_512 _Py_LibHacl_Hacl_Hash_SHA2_malloc_512
#define Hacl_Hash_SHA2_reset_224 _Py_LibHacl_Hacl_Hash_SHA2_reset_224
#define Hacl_Hash_SHA2_reset_256 _Py_LibHacl_Hacl_Hash_SHA2_reset_256
#define Hacl_Hash_SHA2_reset_384 _Py_LibHacl_Hacl_Hash_SHA2_reset_384
@@ -207,10 +171,25 @@
#define Hacl_Hash_SHA2_sha512_init _Py_LibHacl_Hacl_Hash_SHA2_sha512_init
#define Hacl_Hash_SHA2_sha512_update_last _Py_LibHacl_Hacl_Hash_SHA2_sha512_update_last
#define Hacl_Hash_SHA2_sha512_update_nblocks _Py_LibHacl_Hacl_Hash_SHA2_sha512_update_nblocks
+#define Hacl_Hash_SHA2_update_224 _Py_LibHacl_Hacl_Hash_SHA2_update_224
+#define Hacl_Hash_SHA2_update_256 _Py_LibHacl_Hacl_Hash_SHA2_update_256
+#define Hacl_Hash_SHA2_update_384 _Py_LibHacl_Hacl_Hash_SHA2_update_384
+#define Hacl_Hash_SHA2_update_512 _Py_LibHacl_Hacl_Hash_SHA2_update_512
+// --- HASH-SHA-3 -------------------------------------------------------------
#define Hacl_Hash_SHA3_absorb_inner_32 _Py_LibHacl_Hacl_Hash_SHA3_absorb_inner_32
+#define Hacl_Hash_SHA3_block_len _Py_LibHacl_Hacl_Hash_SHA3_block_len
+#define Hacl_Hash_SHA3_copy _Py_LibHacl_Hacl_Hash_SHA3_copy
+#define Hacl_Hash_SHA3_digest _Py_LibHacl_Hacl_Hash_SHA3_digest
+#define Hacl_Hash_SHA3_free _Py_LibHacl_Hacl_Hash_SHA3_free
+#define Hacl_Hash_SHA3_get_alg _Py_LibHacl_Hacl_Hash_SHA3_get_alg
+#define Hacl_Hash_SHA3_hash_len _Py_LibHacl_Hacl_Hash_SHA3_hash_len
+#define Hacl_Hash_SHA3_init_ _Py_LibHacl_Hacl_Hash_SHA3_init_
+#define Hacl_Hash_SHA3_is_shake _Py_LibHacl_Hacl_Hash_SHA3_is_shake
#define Hacl_Hash_SHA3_keccak_piln _Py_LibHacl_Hacl_Hash_SHA3_keccak_piln
#define Hacl_Hash_SHA3_keccak_rndc _Py_LibHacl_Hacl_Hash_SHA3_keccak_rndc
#define Hacl_Hash_SHA3_keccak_rotc _Py_LibHacl_Hacl_Hash_SHA3_keccak_rotc
+#define Hacl_Hash_SHA3_malloc _Py_LibHacl_Hacl_Hash_SHA3_malloc
+#define Hacl_Hash_SHA3_reset _Py_LibHacl_Hacl_Hash_SHA3_reset
#define Hacl_Hash_SHA3_sha3_224 _Py_LibHacl_Hacl_Hash_SHA3_sha3_224
#define Hacl_Hash_SHA3_sha3_256 _Py_LibHacl_Hacl_Hash_SHA3_sha3_256
#define Hacl_Hash_SHA3_sha3_384 _Py_LibHacl_Hacl_Hash_SHA3_sha3_384
@@ -220,37 +199,39 @@
#define Hacl_Hash_SHA3_shake128_absorb_nblocks _Py_LibHacl_Hacl_Hash_SHA3_shake128_absorb_nblocks
#define Hacl_Hash_SHA3_shake128_squeeze_nblocks _Py_LibHacl_Hacl_Hash_SHA3_shake128_squeeze_nblocks
#define Hacl_Hash_SHA3_shake256 _Py_LibHacl_Hacl_Hash_SHA3_shake256
+#define Hacl_Hash_SHA3_squeeze _Py_LibHacl_Hacl_Hash_SHA3_squeeze
#define Hacl_Hash_SHA3_state_free _Py_LibHacl_Hacl_Hash_SHA3_state_free
#define Hacl_Hash_SHA3_state_malloc _Py_LibHacl_Hacl_Hash_SHA3_state_malloc
-
-// Streaming HMAC
+#define Hacl_Hash_SHA3_update _Py_LibHacl_Hacl_Hash_SHA3_update
+#define Hacl_Hash_SHA3_update_last_sha3 _Py_LibHacl_Hacl_Hash_SHA3_update_last_sha3
+#define Hacl_Hash_SHA3_update_multi_sha3 _Py_LibHacl_Hacl_Hash_SHA3_update_multi_sha3
+// --- STREAMING-MAC ----------------------------------------------------------
+#define Hacl_Streaming_HMAC_copy _Py_LibHacl_Hacl_Streaming_HMAC_copy
+#define Hacl_Streaming_HMAC_digest _Py_LibHacl_Hacl_Streaming_HMAC_digest
+#define Hacl_Streaming_HMAC_free _Py_LibHacl_Hacl_Streaming_HMAC_free
+#define Hacl_Streaming_HMAC_get_impl _Py_LibHacl_Hacl_Streaming_HMAC_get_impl
#define Hacl_Streaming_HMAC_index_of_state _Py_LibHacl_Hacl_Streaming_HMAC_index_of_state
#define Hacl_Streaming_HMAC_malloc_ _Py_LibHacl_Hacl_Streaming_HMAC_malloc_
-#define Hacl_Streaming_HMAC_get_impl _Py_LibHacl_Hacl_Streaming_HMAC_get_impl
#define Hacl_Streaming_HMAC_reset _Py_LibHacl_Hacl_Streaming_HMAC_reset
-#define Hacl_Streaming_HMAC_update _Py_LibHacl_Hacl_Streaming_HMAC_update
-#define Hacl_Streaming_HMAC_digest _Py_LibHacl_Hacl_Streaming_HMAC_digest
-#define Hacl_Streaming_HMAC_copy _Py_LibHacl_Hacl_Streaming_HMAC_copy
-#define Hacl_Streaming_HMAC_free _Py_LibHacl_Hacl_Streaming_HMAC_free
#define Hacl_Streaming_HMAC_s1 _Py_LibHacl_Hacl_Streaming_HMAC_s1
#define Hacl_Streaming_HMAC_s2 _Py_LibHacl_Hacl_Streaming_HMAC_s2
-
-// HMAC-MD5
+#define Hacl_Streaming_HMAC_update _Py_LibHacl_Hacl_Streaming_HMAC_update
+// --- HMAC-MD5 ---------------------------------------------------------------
#define Hacl_HMAC_compute_md5 _Py_LibHacl_Hacl_HMAC_compute_md5
-// HMAC-SHA-1
+// --- HMAC-SHA-1 -------------------------------------------------------------
#define Hacl_HMAC_compute_sha1 _Py_LibHacl_Hacl_HMAC_compute_sha1
-// HMAC-SHA-2
+// --- HMAC-SHA-2 -------------------------------------------------------------
#define Hacl_HMAC_compute_sha2_224 _Py_LibHacl_Hacl_HMAC_compute_sha2_224
#define Hacl_HMAC_compute_sha2_256 _Py_LibHacl_Hacl_HMAC_compute_sha2_256
#define Hacl_HMAC_compute_sha2_384 _Py_LibHacl_Hacl_HMAC_compute_sha2_384
#define Hacl_HMAC_compute_sha2_512 _Py_LibHacl_Hacl_HMAC_compute_sha2_512
-// HMAC-SHA-3
+// --- HMAC-SHA-3 -------------------------------------------------------------
#define Hacl_HMAC_compute_sha3_224 _Py_LibHacl_Hacl_HMAC_compute_sha3_224
#define Hacl_HMAC_compute_sha3_256 _Py_LibHacl_Hacl_HMAC_compute_sha3_256
#define Hacl_HMAC_compute_sha3_384 _Py_LibHacl_Hacl_HMAC_compute_sha3_384
#define Hacl_HMAC_compute_sha3_512 _Py_LibHacl_Hacl_HMAC_compute_sha3_512
-// HMAC-BLAKE
-#define Hacl_HMAC_compute_blake2s_32 _Py_LibHacl_Hacl_HMAC_compute_blake2s_32
+// --- HMAC-BLAKE-2 -----------------------------------------------------------
#define Hacl_HMAC_compute_blake2b_32 _Py_LibHacl_Hacl_HMAC_compute_blake2b_32
+#define Hacl_HMAC_compute_blake2s_32 _Py_LibHacl_Hacl_HMAC_compute_blake2s_32
#endif // _PYTHON_HACL_NAMESPACES_H
diff --git a/Modules/_hacl/refresh.sh b/Modules/_hacl/refresh.sh
index b50c9288aa9..a6776282423 100755
--- a/Modules/_hacl/refresh.sh
+++ b/Modules/_hacl/refresh.sh
@@ -22,7 +22,7 @@ fi
# Update this when updating to a new version after verifying that the changes
# the update brings in are good.
-expected_hacl_star_rev=322f6d58290e0ed7f4ecb84fcce12917aa0f594b
+expected_hacl_star_rev=4ef25b547b377dcef855db4289c6a00580e7221c
hacl_dir="$(realpath "$1")"
cd "$(dirname "$0")"
generated by cgit v1.2.3 (git 2.39.1) at 2025-07-04 23:02:18 +0000