Skip to content

Commit 049e603

Browse files
mkannwischermkannwischer
committed
Rename xof_ to xof128_
The previous commit introduced xof256_ APIs as wrappers around shake256 APIs. This commit renames the existing shake128 wrappers from xof_ to xof128_ to make it clearer that it is shake128. Signed-off-by: Matthias J. Kannwischer <[email protected]>
1 parent aaaec00 commit 049e603

File tree

2 files changed

+24
-24
lines changed

2 files changed

+24
-24
lines changed

mldsa/poly.c

Lines changed: 11 additions & 11 deletions
Original file line numberDiff line numberDiff line change
@@ -332,11 +332,11 @@ void poly_uniform(poly *a, const uint8_t seed[MLDSA_SEEDBYTES + 2])
332332
unsigned int ctr;
333333
unsigned int buflen = POLY_UNIFORM_NBLOCKS * STREAM128_BLOCKBYTES;
334334
MLD_ALIGN uint8_t buf[POLY_UNIFORM_NBLOCKS * STREAM128_BLOCKBYTES];
335-
mld_xof_ctx state;
335+
mld_xof128_ctx state;
336336

337-
mld_xof_init(&state);
338-
mld_xof_absorb(&state, seed, MLDSA_SEEDBYTES + 2);
339-
mld_xof_squeezeblocks(buf, POLY_UNIFORM_NBLOCKS, &state);
337+
mld_xof128_init(&state);
338+
mld_xof128_absorb(&state, seed, MLDSA_SEEDBYTES + 2);
339+
mld_xof128_squeezeblocks(buf, POLY_UNIFORM_NBLOCKS, &state);
340340

341341
ctr = rej_uniform(a->coeffs, MLDSA_N, 0, buf, buflen);
342342
buflen = STREAM128_BLOCKBYTES;
@@ -347,7 +347,7 @@ void poly_uniform(poly *a, const uint8_t seed[MLDSA_SEEDBYTES + 2])
347347
invariant((&state)->pos <= SHAKE128_RATE)
348348
invariant(array_bound(a->coeffs, 0, ctr, 0, MLDSA_Q)))
349349
{
350-
mld_xof_squeezeblocks(buf, 1, &state);
350+
mld_xof128_squeezeblocks(buf, 1, &state);
351351
ctr = rej_uniform(a->coeffs, MLDSA_N, ctr, buf, buflen);
352352
}
353353
}
@@ -361,20 +361,20 @@ void poly_uniform_4x(poly *vec,
361361

362362
/* Tracks the number of coefficients we have already sampled */
363363
unsigned ctr[4];
364-
mld_xof_x4_ctx state;
364+
mld_xof128_x4_ctx state;
365365
unsigned buflen;
366366

367367

368-
mld_xof_x4_init(&state);
369-
mld_xof_x4_absorb(&state, seed, MLDSA_SEEDBYTES + 2);
368+
mld_xof128_x4_init(&state);
369+
mld_xof128_x4_absorb(&state, seed, MLDSA_SEEDBYTES + 2);
370370

371371
/*
372372
* Initially, squeeze heuristic number of POLY_UNIFORM_NBLOCKS.
373373
* This should generate the matrix entries with high probability.
374374
*/
375375

376376

377-
mld_xof_x4_squeezeblocks(buf, POLY_UNIFORM_NBLOCKS, &state);
377+
mld_xof128_x4_squeezeblocks(buf, POLY_UNIFORM_NBLOCKS, &state);
378378
buflen = POLY_UNIFORM_NBLOCKS * STREAM128_BLOCKBYTES;
379379
ctr[0] = rej_uniform(vec[0].coeffs, MLDSA_N, 0, buf[0], buflen);
380380
ctr[1] = rej_uniform(vec[1].coeffs, MLDSA_N, 0, buf[1], buflen);
@@ -390,13 +390,13 @@ void poly_uniform_4x(poly *vec,
390390
while (ctr[0] < MLDSA_N || ctr[1] < MLDSA_N || ctr[2] < MLDSA_N ||
391391
ctr[3] < MLDSA_N)
392392
{
393-
mld_xof_x4_squeezeblocks(buf, 1, &state);
393+
mld_xof128_x4_squeezeblocks(buf, 1, &state);
394394
ctr[0] = rej_uniform(vec[0].coeffs, MLDSA_N, ctr[0], buf[0], buflen);
395395
ctr[1] = rej_uniform(vec[1].coeffs, MLDSA_N, ctr[1], buf[1], buflen);
396396
ctr[2] = rej_uniform(vec[2].coeffs, MLDSA_N, ctr[2], buf[2], buflen);
397397
ctr[3] = rej_uniform(vec[3].coeffs, MLDSA_N, ctr[3], buf[3], buflen);
398398
}
399-
mld_xof_x4_release(&state);
399+
mld_xof128_x4_release(&state);
400400
}
401401

402402
/*************************************************

mldsa/symmetric.h

Lines changed: 13 additions & 13 deletions
Original file line numberDiff line numberDiff line change
@@ -32,17 +32,17 @@ __contract__(
3232
#define stream256_squeezeblocks(OUT, OUTBLOCKS, STATE) \
3333
shake256_squeezeblocks(OUT, OUTBLOCKS, STATE)
3434

35-
#define mld_xof_ctx keccak_state
36-
#define mld_xof_init(CTX) shake128_init(CTX)
37-
#define mld_xof_absorb(CTX, IN, INBYTES) \
38-
do \
39-
{ \
40-
shake128_absorb(CTX, IN, INBYTES); \
41-
shake128_finalize(CTX); \
35+
#define mld_xof128_ctx keccak_state
36+
#define mld_xof128_init(CTX) shake128_init(CTX)
37+
#define mld_xof128_absorb(CTX, IN, INBYTES) \
38+
do \
39+
{ \
40+
shake128_absorb(CTX, IN, INBYTES); \
41+
shake128_finalize(CTX); \
4242
} while (0)
4343

4444

45-
#define mld_xof_squeezeblocks(OUT, OUTBLOCKS, STATE) \
45+
#define mld_xof128_squeezeblocks(OUT, OUTBLOCKS, STATE) \
4646
shake128_squeezeblocks(OUT, OUTBLOCKS, STATE)
4747

4848
#define mld_xof256_x4_ctx mld_shake256x4ctx
@@ -55,14 +55,14 @@ __contract__(
5555
(NBLOCKS), (CTX))
5656
#define mld_xof256_x4_release(CTX) mld_shake256x4_release((CTX))
5757

58-
#define mld_xof_x4_ctx mld_shake128x4ctx
59-
#define mld_xof_x4_init(CTX) mld_shake128x4_init((CTX))
60-
#define mld_xof_x4_absorb(CTX, IN, INBYTES) \
58+
#define mld_xof128_x4_ctx mld_shake128x4ctx
59+
#define mld_xof128_x4_init(CTX) mld_shake128x4_init((CTX))
60+
#define mld_xof128_x4_absorb(CTX, IN, INBYTES) \
6161
mld_shake128x4_absorb_once((CTX), (IN)[0], (IN)[1], (IN)[2], (IN)[3], \
6262
(INBYTES))
63-
#define mld_xof_x4_squeezeblocks(BUF, NBLOCKS, CTX) \
63+
#define mld_xof128_x4_squeezeblocks(BUF, NBLOCKS, CTX) \
6464
mld_shake128x4_squeezeblocks((BUF)[0], (BUF)[1], (BUF)[2], (BUF)[3], \
6565
(NBLOCKS), (CTX))
66-
#define mld_xof_x4_release(CTX) mld_shake128x4_release((CTX))
66+
#define mld_xof128_x4_release(CTX) mld_shake128x4_release((CTX))
6767

6868
#endif /* !MLD_SYMMETRIC_H */

0 commit comments

Comments
 (0)