hacl-star
diff --git a/‎code/sha3/Hacl.Hash.SHA3.Scalar.fst‎
Lines changed: 4 additions & 4 deletions b/‎code/sha3/Hacl.Hash.SHA3.Scalar.fst‎
Lines changed: 4 additions & 4 deletions
diff --git a/‎code/sha3/Hacl.Hash.SHA3.Simd256.fst‎
Lines changed: 7 additions & 7 deletions b/‎code/sha3/Hacl.Hash.SHA3.Simd256.fst‎
Lines changed: 7 additions & 7 deletions
diff --git a/‎code/sha3/Hacl.Impl.SHA3.Vec.fsti‎
Lines changed: 1 addition & 1 deletion b/‎code/sha3/Hacl.Impl.SHA3.Vec.fsti‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎code/sha3/Hacl.Spec.SHA3.Equiv.fst‎
Lines changed: 9 additions & 9 deletions b/‎code/sha3/Hacl.Spec.SHA3.Equiv.fst‎
Lines changed: 9 additions & 9 deletions
@@ -171,7 +171,7 @@ let state_free s =
 [@@ Comment "Absorb number of input blocks and write the output state
 
   This function is intended to receive a hash state and input buffer.
-  It prcoesses an input of multiple of 168-bytes (SHAKE128 block size),
+  It processes an input of multiple of 168-bytes (SHAKE128 block size),
   any additional bytes of final partial block are ignored.
 
   The argument `state` (IN/OUT) points to hash state, i.e., uint64_t[25]
@@ -194,14 +194,14 @@ let shake128_absorb_nblocks state input inputByteLen =
 [@@ Comment "Absorb a final partial block of input and write the output state
 
   This function is intended to receive a hash state and input buffer.
-  It prcoesses a sequence of bytes at end of input buffer that is less 
+  It processes a sequence of bytes at end of input buffer that is less
   than 168-bytes (SHAKE128 block size),
   any bytes of full blocks at start of input buffer are ignored.
 
   The argument `state` (IN/OUT) points to hash state, i.e., uint64_t[25]
   The argument `input` (IN) points to `inputByteLen` bytes of valid memory,
   i.e., uint8_t[inputByteLen]
-  
+
   Note: Full size of input buffer must be passed to `inputByteLen` including
   the number of full-block bytes at start of input buffer that are ignored"]
 val shake128_absorb_final:
@@ -236,7 +236,7 @@ val shake128_squeeze_nblocks:
        live h output /\ live h state /\ disjoint output state)
      (ensures  fun h0 _ h1 ->
        modifies (loc state |+| loc output) h0 h1 /\
-       (let s', b' = 
+       (let s', b' =
           V.squeeze_nblocks #M32 168 (v outputByteLen) (as_seq h0 state, as_seq_multi h0 (ntup1 output)) in
           as_seq h1 state == s' /\
           as_seq_multi h1 (ntup1 output) == b'))
 
@@ -359,12 +359,12 @@ let state_free s =
 [@@ Comment "Absorb number of blocks of 4 input buffers and write the output states
 
   This function is intended to receive a quadruple hash state and 4 input buffers.
-  It prcoesses an inputs of multiple of 168-bytes (SHAKE128 block size),
+  It processes an inputs of multiple of 168-bytes (SHAKE128 block size),
   any additional bytes of final partial block for each buffer are ignored.
 
   The argument `state` (IN/OUT) points to quadruple hash state,
   i.e., Lib_IntVector_Intrinsics_vec256[25]
-  The arguments `input0/input1/input2/input3` (IN) point to `inputByteLen` bytes 
+  The arguments `input0/input1/input2/input3` (IN) point to `inputByteLen` bytes
   of valid memory for each buffer, i.e., uint8_t[inputByteLen]"]
 val shake128_absorb_nblocks:
   state:lbuffer_t MUT (vec_t U64 4) 25ul
@@ -392,15 +392,15 @@ let shake128_absorb_nblocks state _ input0 input1 input2 input3 inputByteLen =
 [@@ Comment "Absorb a final partial blocks of 4 input buffers and write the output states
 
   This function is intended to receive a quadruple hash state and 4 input buffers.
-  It prcoesses a sequence of bytes at end of each input buffer that is less 
+  It processes a sequence of bytes at end of each input buffer that is less
   than 168-bytes (SHAKE128 block size),
   any bytes of full blocks at start of input buffers are ignored.
 
   The argument `state` (IN/OUT) points to quadruple hash state,
   i.e., Lib_IntVector_Intrinsics_vec256[25]
-  The arguments `input0/input1/input2/input3` (IN) point to `inputByteLen` bytes 
+  The arguments `input0/input1/input2/input3` (IN) point to `inputByteLen` bytes
   of valid memory for each buffer, i.e., uint8_t[inputByteLen]
-  
+
   Note: Full size of input buffers must be passed to `inputByteLen` including
   the number of full-block bytes at start of each input buffer that are ignored"]
 val shake128_absorb_final:
@@ -434,7 +434,7 @@ let shake128_absorb_final state _ input0 input1 input2 input3 inputByteLen =
 
   The argument `state` (IN) points to quadruple hash state,
   i.e., Lib_IntVector_Intrinsics_vec256[25]
-  The arguments `output0/output1/output2/output3` (OUT) point to `outputByteLen` bytes 
+  The arguments `output0/output1/output2/output3` (OUT) point to `outputByteLen` bytes
   of valid memory for each buffer, i.e., uint8_t[inputByteLen]"]
 val shake128_squeeze_nblocks:
   state:lbuffer_t MUT (vec_t U64 4) 25ul
@@ -460,7 +460,7 @@ val shake128_squeeze_nblocks:
        disjoint output3 state)
      (ensures  fun h0 _ h1 ->
        modifies (loc state |+| loc output0 |+| loc output1 |+| loc output2 |+| loc output3) h0 h1 /\
-       (let s', b' = 
+       (let s', b' =
           V.squeeze_nblocks #M256 168 (v outputByteLen) (as_seq h0 state, as_seq_multi h0 (ntup4 #(lbuffer uint8 outputByteLen) #4 (output0, (output1, (output2, output3))))) in
           as_seq h1 state == s' /\
           as_seq_multi h1 (ntup4 #(lbuffer uint8 outputByteLen) #4 (output0, (output1, (output2, output3)))) == b'))
 
@@ -104,7 +104,7 @@ val squeeze_nblocks: #m:m_spec
       disjoint_multi b s)
     (ensures  fun h0 _ h1 ->
       modifies (loc s |+| loc_multi b) h0 h1 /\
-      (let s', b' = 
+      (let s', b' =
         V.squeeze_nblocks #m (v rateInBytes) (v outputByteLen) (as_seq h0 s, as_seq_multi h0 b) in
         as_seq h1 s == s' /\
         as_seq_multi h1 b == b'))
 
@@ -556,7 +556,7 @@ val loadState_lemma_l:
   Lemma
   (requires
     forall l. l < lanes m ==> (forall j. (j >= r /\ j < 256) ==> Seq.index b.(|l|) j == u8 0))
-  (ensures 
+  (ensures
     (state_spec_v (loadState #m r b s)).[l] ==
       Spec.loadState r (Seq.slice b.(|l|) 0 r) (state_spec_v s).[l])
 
@@ -1043,7 +1043,7 @@ let storeState_update_b_last_lemma_l #m r outputByteLen outRem b s l =
 val absorb_inner_lemma_l:
   #m:m_spec
   -> r:size_nat{r > 0 /\ r <= 200}
-  -> input:multiseq (lanes m) 256{forall l. l < lanes m ==> 
+  -> input:multiseq (lanes m) 256{forall l. l < lanes m ==>
      (forall i. (i >= r /\ i < 256) ==> Seq.index input.(|l|) i == u8 0)}
   -> s:state_spec m
   -> l:nat{l < lanes m} ->
@@ -1163,12 +1163,12 @@ val load_last_block_lemma_helper:
         Seq.index b rem == byte_to_uint8 delimitedSuffix /\
         (forall i. (i >= (rem + 1) /\ i < r) ==> Seq.index b i == u8 0))
 
-let load_last_block_lemma_helper #m delimitedSuffix r rem input = 
+let load_last_block_lemma_helper #m delimitedSuffix r rem input =
   let b_0 = update_sub (create r (u8 0)) 0 rem input in
   let b = b_0.[rem] <- byte_to_uint8 delimitedSuffix in
   eq_intro (slice #uint8 #r b_0 (rem + 1) r)
         (create (r - (rem + 1)) (u8 0));
-  assert (forall j. (j >= 0 /\ j < (r - (rem + 1))) ==> 
+  assert (forall j. (j >= 0 /\ j < (r - (rem + 1))) ==>
         Seq.index (slice #uint8 #r b (rem + 1) r) j ==
           Seq.index b ((rem + 1) + j));
   assert (forall j. (j >= (rem + 1) /\ j < r) ==> (j - (rem + 1) >= 0))
@@ -1178,7 +1178,7 @@ let load_last_block_lemma_helper #m delimitedSuffix r rem input =
   -> delimitedSuffix:byte_t
   -> r:size_nat{r > 0 /\ r <= 200}
   -> rem:size_nat{rem < r}
-  -> input:multiseq (lanes m) 256{forall l. l < lanes m ==> 
+  -> input:multiseq (lanes m) 256{forall l. l < lanes m ==>
        (forall i. (i >= rem /\ i < 256) ==> Seq.index input.(|l|) i == u8 0)}
   -> l:nat{l < lanes m} ->
   Lemma
@@ -1197,7 +1197,7 @@ val absorb_last_lemma_l:
   -> delimitedSuffix:byte_t
   -> r:size_nat{r > 0 /\ r <= 200}
   -> rem:size_nat{rem < r}
-  -> input:multiseq (lanes m) 256{forall l. l < lanes m ==> 
+  -> input:multiseq (lanes m) 256{forall l. l < lanes m ==>
        (forall i. (i >= rem /\ i < 256) ==> Seq.index input.(|l|) i == u8 0)}
   -> s:state_spec m
   -> l:nat{l < lanes m} ->
@@ -1457,7 +1457,7 @@ let absorb_inner_repeat_blocks_multi_lemma r inputByteLen input s =
   reveal_vec_1 U64;
   let aux_s (i:nat{i < 25}) : Lemma (s.[i] == (vec_v #U64 #1 s.[i]).[0]) =
     reveal_vec_v_1 #U64 s.[i] in
-  let aux_n (i:nat{i < 25}) : Lemma ((absorb_inner_nblocks #M32 r inputByteLen input s).[i] == 
+  let aux_n (i:nat{i < 25}) : Lemma ((absorb_inner_nblocks #M32 r inputByteLen input s).[i] ==
     ((vec_v (absorb_inner_nblocks #M32 r inputByteLen input s).[i]).[0] <: vec_t U64 1)) =
     reveal_vec_v_1 (absorb_inner_nblocks #M32 r inputByteLen input s).[i] in
 
@@ -1473,7 +1473,7 @@ let absorb_inner_block_r_lemma r input s =
   reveal_vec_1 U64;
   let aux_s (i:nat{i < 25}) : Lemma (s.[i] == (vec_v #U64 #1 s.[i]).[0]) =
     reveal_vec_v_1 #U64 s.[i] in
-  let aux_n (i:nat{i < 25}) : Lemma ((absorb_inner_block #M32 r r input 0 s).[i] == 
+  let aux_n (i:nat{i < 25}) : Lemma ((absorb_inner_block #M32 r r input 0 s).[i] ==
     ((vec_v (absorb_inner_block #M32 r r input 0 s).[i]).[0] <: vec_t U64 1)) =
     reveal_vec_v_1 (absorb_inner_block #M32 r r input 0 s).[i] in
 
@@ -1491,7 +1491,7 @@ let absorb_last_r_lemma delimitedSuffix r inputByteLen input s =
   let aux_s (i:nat{i < 25}) : Lemma (s.[i] == (vec_v #U64 #1 s.[i]).[0]) =
     reveal_vec_v_1 #U64 s.[i] in
   let aux_n (i:nat{i < 25}) : Lemma
-    ((absorb_final #M32 s r inputByteLen input delimitedSuffix).[i] == 
+    ((absorb_final #M32 s r inputByteLen input delimitedSuffix).[i] ==
       ((vec_v (absorb_final #M32 s r inputByteLen input
       delimitedSuffix).[i]).[0] <: vec_t U64 1)) =
     reveal_vec_v_1 (absorb_final #M32 s r inputByteLen input delimitedSuffix).[i] in