@@ -203,11 +203,11 @@ let MLKEM_POLY_TOBYTES_CORRECT = prove
203203 (\s. aligned_bytes_loaded s (word pc) mlkem_poly_tobytes_mc / \
204204 read PC s = word (pc + MLKEM_POLY_TOBYTES_CORE_START ) / \
205205 C_ARGUMENTS [r;a] s / \
206+ LENGTH l = 256 / \
206207 read (memory :> bytes(a,512 )) s = num_of_wordlist l)
207208 (\s. read PC s = word(pc + MLKEM_POLY_TOBYTES_CORE_END ) / \
208- (LENGTH l = 256
209- ==> read(memory :> bytes(r,384 )) s =
210- num_of_wordlist (MAP word_zx l:(12 word )list )))
209+ read(memory :> bytes(r,384 )) s =
210+ num_of_wordlist (MAP word_zx l:(12 word )list ))
211211 (MAYCHANGE_REGS_AND_FLAGS_PERMITTED_BY_ABI ,,
212212 MAYCHANGE [memory :> bytes(r,384 )])`,
213213 CONV_TAC LENGTH_SIMPLIFY_CONV THEN
@@ -216,12 +216,7 @@ let MLKEM_POLY_TOBYTES_CORRECT = prove
216216 NONOVERLAPPING_CLAUSES ; ALL ] THEN
217217 DISCH_THEN (REPEAT_TCL CONJUNCTS_THEN ASSUME_TAC ) THEN
218218
219- (* ** Globalize the LENGTH l = 256 hypothesis ***)
220-
221- ASM_CASES_TAC `LENGTH (l:int16 list ) = 256 ` THENL
222- [ASM_REWRITE_TAC [] THEN ENSURES_INIT_TAC " s0"
223- ARM_QUICKSIM_TAC MLKEM_POLY_TOBYTES_EXEC
224- [`read X0 s = a`; `read X1 s = z`; `read X2 s = i`] (1 -- 169 )] THEN
219+ ASM_REWRITE_TAC [] THEN ENSURES_INIT_TAC " s0" THEN
225220
226221 (* ** Digitize and tweak the input digits to match 128-bit load size ****)
227222
@@ -283,11 +278,11 @@ let MLKEM_POLY_TOBYTES_SUBROUTINE_CORRECT = prove
283278 read PC s = word pc / \
284279 read X30 s = returnaddress / \
285280 C_ARGUMENTS [r;a] s / \
281+ LENGTH l = 256 / \
286282 read (memory :> bytes(a,512 )) s = num_of_wordlist l)
287283 (\s. read PC s = returnaddress / \
288- (LENGTH l = 256
289- ==> read(memory :> bytes(r,384 )) s =
290- num_of_wordlist (MAP word_zx l:(12 word )list )))
284+ read(memory :> bytes(r,384 )) s =
285+ num_of_wordlist (MAP word_zx l:(12 word )list ))
291286 (MAYCHANGE_REGS_AND_FLAGS_PERMITTED_BY_ABI ,,
292287 MAYCHANGE [memory :> bytes(r,384 )])`,
293288 CONV_TAC LENGTH_SIMPLIFY_CONV THEN
0 commit comments