Prepare for round 3 update with packaging script

2024-11-22 15:39:07 +00:00 · 2020-10-26 20:05:07 -04:00 · 2020-10-26 20:05:07 -04:00 · 60111b36b2
commit 60111b36b2
parent 7df37208d6
344 changed files with 3564 additions and 2443 deletions
--- a/crypto_kem/kyber1024-90s/META.yml
+++ b/crypto_kem/kyber1024-90s/META.yml
@ -21,14 +21,14 @@ auxiliary-submitters:
  - Damien Stehlé
 implementations:
    - name: clean
-      version: https://github.com/pq-crystals/kyber/commit/46e283ab575ec92dfe82fb12229ae2d9d6246682
+      version: https://github.com/pq-crystals/kyber/commit/844057468e69527bd15b17fbe03f4b61f9a22065 via https://github.com/jschanck/package-pqclean/tree/b45068b8/kyber
    - name: avx2
-      version: https://github.com/pq-crystals/kyber/commit/46e283ab575ec92dfe82fb12229ae2d9d6246682
+      version: https://github.com/pq-crystals/kyber/commit/844057468e69527bd15b17fbe03f4b61f9a22065 via https://github.com/jschanck/package-pqclean/tree/b45068b8/kyber
      supported_platforms:
        - architecture: x86_64
          operating_systems:
-            - Linux
+              - Linux
-            - Darwin
+              - Darwin
          required_flags:
              - aes
              - avx2
--- a/crypto_kem/kyber1024-90s/avx2/Makefile
+++ b/crypto_kem/kyber1024-90s/avx2/Makefile
@ -1,44 +1,11 @@
 # This Makefile can be used with GNU Make or BSD Make
 LIB=libkyber1024-90s_avx2.a
-HEADERS=		   \
+HEADERS=aes256ctr.h align.h api.h cbd.h cdecl.h consts.h indcpa.h kem.h ntt.h params.h poly.h polyvec.h reduce.h rejsample.h symmetric.h verify.h  fq.inc shuffle.inc 
-	aes256ctr.h	   \
+OBJECTS=aes256ctr.o cbd.o consts.o indcpa.o kem.o poly.o polyvec.o rejsample.o verify.o  basemul.o fq.o invntt.o ntt.o shuffle.o 
 	align.h        \
 	api.h          \
 	cbd.h          \
 	cdecl.inc      \
 	consts.h       \
 	fq.inc         \
 	indcpa.h       \
 	kem.h          \
 	ntt.h          \
 	params.h       \
 	poly.h         \
 	polyvec.h      \
 	reduce.h       \
 	rejsample.h    \
 	shuffle.inc    \
 	symmetric.h    \
 	verify.h
 OBJECTS=		   \
 	aes256ctr.o    \
 	basemul.o      \
 	cbd.o          \
 	consts.o       \
 	fq.o           \
 	indcpa.o       \
 	invntt.o       \
 	kem.o          \
 	ntt.o          \
 	poly.o         \
 	polyvec.o      \
 	rejsample.o    \
 	shuffle.o      \
 	verify.o
 CFLAGS=-mavx2 -maes -mbmi2 -mpopcnt -O3 -Wall -Wextra -Wpedantic -Werror \
-	   -Wmissing-prototypes -Wredundant-decls -std=c99 \
+          -Wmissing-prototypes -Wredundant-decls -std=c99 \
-	   -I../../../common $(EXTRAFLAGS)
+          -I../../../common $(EXTRAFLAGS)
 all: $(LIB)
--- a/crypto_kem/kyber1024-90s/avx2/aes256ctr.c
+++ b/crypto_kem/kyber1024-90s/avx2/aes256ctr.c
@ -1,3 +1,7 @@
 #include "aes256ctr.h"
 #include <immintrin.h>
 #include <stddef.h>
 #include <stdint.h>
 /*
  Based heavily on public-domain code by Romain Dolbeau
  Different handling of nonce+counter than original version
@ -5,10 +9,6 @@
  Public Domain
 */
 #include "aes256ctr.h"
 #include <immintrin.h>
 #include <stddef.h>
 #include <stdint.h>
 static inline void aesni_encrypt4(uint8_t out[64],
                                  __m128i *n,
@ -114,7 +114,7 @@ void PQCLEAN_KYBER102490S_AVX2_aes256ctr_init(aes256ctr_ctx *state, const uint8_
 void PQCLEAN_KYBER102490S_AVX2_aes256ctr_squeezeblocks(uint8_t *out,
        size_t nblocks,
        aes256ctr_ctx *state) {
-    size_t i = 0;
+    size_t i;
    for (i = 0; i < nblocks; i++) {
        aesni_encrypt4(out, &state->n, state->rkeys);
        out += 64;
@ -123,13 +123,13 @@ void PQCLEAN_KYBER102490S_AVX2_aes256ctr_squeezeblocks(uint8_t *out,
 void PQCLEAN_KYBER102490S_AVX2_aes256ctr_prf(uint8_t *out,
        size_t outlen,
-        const uint8_t seed[32],
+        const uint8_t key[32],
        uint64_t nonce) {
-    unsigned int i = 0;
+    unsigned int i;
    uint8_t buf[64];
    aes256ctr_ctx state;
-    PQCLEAN_KYBER102490S_AVX2_aes256ctr_init(&state, seed, nonce);
+    PQCLEAN_KYBER102490S_AVX2_aes256ctr_init(&state, key, nonce);
    while (outlen >= 64) {
        aesni_encrypt4(out, &state.n, state.rkeys);
--- a/crypto_kem/kyber1024-90s/avx2/aes256ctr.h
+++ b/crypto_kem/kyber1024-90s/avx2/aes256ctr.h
@ -1,11 +1,10 @@
-#ifndef AES256CTR_H
+#ifndef PQCLEAN_KYBER102490S_AVX2_AES256CTR_H
-#define AES256CTR_H
+#define PQCLEAN_KYBER102490S_AVX2_AES256CTR_H
 #include <immintrin.h>
 #include <stddef.h>
 #include <stdint.h>
 #define AES256CTR_NAMESPACE(s) pqcrystals_aes256ctr_avx2##s
 #define AES256CTR_BLOCKBYTES 64
@ -14,8 +13,17 @@ typedef struct {
    __m128i n;
 } aes256ctr_ctx;
-void PQCLEAN_KYBER102490S_AVX2_aes256ctr_init(aes256ctr_ctx *state, const uint8_t key[32], uint64_t nonce);
+void PQCLEAN_KYBER102490S_AVX2_aes256ctr_init(aes256ctr_ctx *state,
-void PQCLEAN_KYBER102490S_AVX2_aes256ctr_squeezeblocks(uint8_t *out, size_t nblocks, aes256ctr_ctx *state);
+        const uint8_t key[32],
-void PQCLEAN_KYBER102490S_AVX2_aes256ctr_prf(uint8_t *out, size_t outlen, const uint8_t seed[32], uint64_t nonce);
+        uint64_t nonce);
 void PQCLEAN_KYBER102490S_AVX2_aes256ctr_squeezeblocks(uint8_t *out,
        size_t nblocks,
        aes256ctr_ctx *state);
 void PQCLEAN_KYBER102490S_AVX2_aes256ctr_prf(uint8_t *out,
        size_t outlen,
        const uint8_t key[32],
        uint64_t nonce);
 #endif
--- a/crypto_kem/kyber1024-90s/avx2/align.h
+++ b/crypto_kem/kyber1024-90s/avx2/align.h
@ -1,5 +1,6 @@
 #ifndef PQCLEAN_KYBER102490S_AVX2_ALIGN_H
 #define PQCLEAN_KYBER102490S_AVX2_ALIGN_H
 #include <immintrin.h>
 #define ALIGN16_TYPE(t) \
--- a/crypto_kem/kyber1024-90s/avx2/api.h
+++ b/crypto_kem/kyber1024-90s/avx2/api.h
@ -15,5 +15,4 @@ int PQCLEAN_KYBER102490S_AVX2_crypto_kem_enc(uint8_t *ct, uint8_t *ss, const uin
 int PQCLEAN_KYBER102490S_AVX2_crypto_kem_dec(uint8_t *ss, const uint8_t *ct, const uint8_t *sk);
 #endif
--- a/crypto_kem/kyber1024-90s/avx2/basemul.S
+++ b/crypto_kem/kyber1024-90s/avx2/basemul.S
@ -1,5 +1,5 @@
 #include "cdecl.h"
 #include "params.h"
 #include "cdecl.inc"
 .macro schoolbook off,sign
 #load
@ -165,7 +165,9 @@ vmovdqa		%ymm5,96(%rdi)
 ret
 .global cdecl(PQCLEAN_KYBER102490S_AVX2_basemul_acc_avx)
 .global _cdecl(PQCLEAN_KYBER102490S_AVX2_basemul_acc_avx)
 cdecl(PQCLEAN_KYBER102490S_AVX2_basemul_acc_avx):
 _cdecl(PQCLEAN_KYBER102490S_AVX2_basemul_acc_avx):
 #consts
 vmovdqa		_16XQ*2(%rcx),%ymm0
 vmovdqa		_16XQINV*2(%rcx),%ymm1
@ -215,7 +217,9 @@ vmovdqa		%ymm12,96(%rdi)
 ret
 .global cdecl(PQCLEAN_KYBER102490S_AVX2_basemul_avx)
 .global _cdecl(PQCLEAN_KYBER102490S_AVX2_basemul_avx)
 cdecl(PQCLEAN_KYBER102490S_AVX2_basemul_avx):
 _cdecl(PQCLEAN_KYBER102490S_AVX2_basemul_avx):
 #consts
 vmovdqa		_16XQ*2(%rcx),%ymm0
 vmovdqa		_16XQINV*2(%rcx),%ymm1
--- a/crypto_kem/kyber1024-90s/avx2/cbd.c
+++ b/crypto_kem/kyber1024-90s/avx2/cbd.c
@ -1,5 +1,5 @@
 #include "params.h"
 #include "cbd.h"
 #include "params.h"
 #include <immintrin.h>
 #include <stdint.h>
@ -14,7 +14,7 @@
 *              - const unsigned char *buf: pointer to input byte array
 **************************************************/
 void PQCLEAN_KYBER102490S_AVX2_cbd(poly *restrict r, const uint8_t *restrict buf) {
-    unsigned int i = 0;
+    unsigned int i;
    __m256i vec0, vec1, vec2, vec3, tmp;
    const __m256i mask55 = _mm256_set1_epi32(0x55555555);
    const __m256i mask33 = _mm256_set1_epi32(0x33333333);
--- a/crypto_kem/kyber1024-90s/avx2/cbd.h
+++ b/crypto_kem/kyber1024-90s/avx2/cbd.h
@ -1,11 +1,9 @@
 #ifndef PQCLEAN_KYBER102490S_AVX2_CBD_H
 #define PQCLEAN_KYBER102490S_AVX2_CBD_H
 #include "params.h"
 #include "poly.h"
 #include <stdint.h>
 void PQCLEAN_KYBER102490S_AVX2_cbd(poly *r, const uint8_t buf[KYBER_ETA * KYBER_N / 4]);
 #endif
--- a/crypto_kem/kyber1024-90s/avx2/cdecl.inc
+++ b/crypto_kem/kyber1024-90s/avx2/cdecl.inc
@ -1,5 +1,5 @@
-#ifndef PQCLEAN_DILITHIUM2_AVX2_CDECL
+#ifndef PQCLEAN_KYBER102490S_AVX2_CDECL_H
-#define PQCLEAN_DILITHIUM2_AVX2_CDECL
+#define PQCLEAN_KYBER102490S_AVX2_CDECL_H
 #define _16XQ            0
 #define _16XQINV        16
@ -21,10 +21,6 @@
 * This define helps us get around this
 */
-#if defined(__WIN32__) || defined(__APPLE__)
+#define _cdecl(s) _##s
 #define cdecl(s) _##s
 #else
 #define cdecl(s) s
 #endif
 #endif
--- a/crypto_kem/kyber1024-90s/avx2/consts.c
+++ b/crypto_kem/kyber1024-90s/avx2/consts.c
@ -1,5 +1,5 @@
 #include "params.h"
 #include "consts.h"
 #include "params.h"
 #include <stdint.h>
 #define Q KYBER_Q
--- a/crypto_kem/kyber1024-90s/avx2/consts.h
+++ b/crypto_kem/kyber1024-90s/avx2/consts.h
@ -1,12 +1,11 @@
 #ifndef PQCLEAN_KYBER102490S_AVX2_CONSTS_H
 #define PQCLEAN_KYBER102490S_AVX2_CONSTS_H
-
+#include "cdecl.h"
 #include "cdecl.inc"
 #include "params.h"
 #include <immintrin.h>
 #include <stdint.h>
 #define ALIGNED_UINT16_T(N) \
    union   {                   \
        __m256i as_vec;         \
--- a/crypto_kem/kyber1024-90s/avx2/fq.S
+++ b/crypto_kem/kyber1024-90s/avx2/fq.S
@ -1,4 +1,4 @@
-#include "cdecl.inc"
+#include "cdecl.h"
 .include "fq.inc"
 .text
@ -35,7 +35,9 @@ vmovdqa		%ymm9,224(%rdi)
 ret
 .global cdecl(PQCLEAN_KYBER102490S_AVX2_reduce_avx)
 .global _cdecl(PQCLEAN_KYBER102490S_AVX2_reduce_avx)
 cdecl(PQCLEAN_KYBER102490S_AVX2_reduce_avx):
 _cdecl(PQCLEAN_KYBER102490S_AVX2_reduce_avx):
 #consts
 vmovdqa		_16XQ*2(%rsi),%ymm0
 vmovdqa		_16XV*2(%rsi),%ymm1
@ -77,7 +79,9 @@ vmovdqa		%ymm8,224(%rdi)
 ret
 .global cdecl(PQCLEAN_KYBER102490S_AVX2_csubq_avx)
 .global _cdecl(PQCLEAN_KYBER102490S_AVX2_csubq_avx)
 cdecl(PQCLEAN_KYBER102490S_AVX2_csubq_avx):
 _cdecl(PQCLEAN_KYBER102490S_AVX2_csubq_avx):
 #consts
 vmovdqa		_16XQ*2(%rsi),%ymm0
 call		csubq128_avx
@ -118,7 +122,9 @@ vmovdqa		%ymm10,224(%rdi)
 ret
 .global cdecl(PQCLEAN_KYBER102490S_AVX2_tomont_avx)
 .global _cdecl(PQCLEAN_KYBER102490S_AVX2_tomont_avx)
 cdecl(PQCLEAN_KYBER102490S_AVX2_tomont_avx):
 _cdecl(PQCLEAN_KYBER102490S_AVX2_tomont_avx):
 #consts
 vmovdqa		_16XQ*2(%rsi),%ymm0
 vmovdqa		_16XMONTSQLO*2(%rsi),%ymm1
--- a/crypto_kem/kyber1024-90s/avx2/indcpa.c
+++ b/crypto_kem/kyber1024-90s/avx2/indcpa.c
@ -25,7 +25,7 @@
 static void pack_pk(uint8_t r[KYBER_INDCPA_PUBLICKEYBYTES],
                    polyvec *pk,
                    const uint8_t seed[KYBER_SYMBYTES]) {
-    size_t i = 0;
+    size_t i;
    PQCLEAN_KYBER102490S_AVX2_polyvec_tobytes(r, pk);
    for (i = 0; i < KYBER_SYMBYTES; i++) {
        r[i + KYBER_POLYVECBYTES] = seed[i];
@ -45,7 +45,7 @@ static void pack_pk(uint8_t r[KYBER_INDCPA_PUBLICKEYBYTES],
 static void unpack_pk(polyvec *pk,
                      uint8_t seed[KYBER_SYMBYTES],
                      const uint8_t packedpk[KYBER_INDCPA_PUBLICKEYBYTES]) {
-    size_t i = 0;
+    size_t i;
    PQCLEAN_KYBER102490S_AVX2_polyvec_frombytes(pk, packedpk);
    for (i = 0; i < KYBER_SYMBYTES; i++) {
        seed[i] = packedpk[i + KYBER_POLYVECBYTES];
@ -133,8 +133,8 @@ static unsigned int rej_uniform(int16_t *r,
                                unsigned int len,
                                const uint8_t *buf,
                                unsigned int buflen) {
-    unsigned int ctr = 0, pos = 0;
+    unsigned int ctr, pos;
-    uint16_t val = 0;
+    uint16_t val;
    ctr = pos = 0;
    while (ctr < len && pos + 2 <= buflen) {
@ -168,7 +168,7 @@ static unsigned int rej_uniform(int16_t *r,
 #define GEN_MATRIX_NBLOCKS ((2*KYBER_N*(1U << 16)/(19*KYBER_Q) \
                             + XOF_BLOCKBYTES)/XOF_BLOCKBYTES)
 void PQCLEAN_KYBER102490S_AVX2_gen_matrix(polyvec *a, const uint8_t seed[KYBER_SYMBYTES], int transposed) {
-    unsigned int ctr = 0, i = 0, j = 0;
+    unsigned int ctr, i, j;
    ALIGN16_TYPE(uint64_t) nonce = {.orig = 0};
    ALIGN32_ARRAY(uint8_t, GEN_MATRIX_NBLOCKS * XOF_BLOCKBYTES) buf;
    aes256ctr_ctx state;
@ -211,7 +211,7 @@ void PQCLEAN_KYBER102490S_AVX2_gen_matrix(polyvec *a, const uint8_t seed[KYBER_S
 **************************************************/
 void PQCLEAN_KYBER102490S_AVX2_indcpa_keypair(uint8_t pk[KYBER_INDCPA_PUBLICKEYBYTES],
        uint8_t sk[KYBER_INDCPA_SECRETKEYBYTES]) {
-    unsigned int i = 0;
+    unsigned int i;
    ALIGN32_ARRAY(uint8_t, 2 * KYBER_SYMBYTES) buf;
    const uint8_t *publicseed = buf.arr;
    const uint8_t *noiseseed = buf.arr + KYBER_SYMBYTES;
@ -276,7 +276,7 @@ void PQCLEAN_KYBER102490S_AVX2_indcpa_enc(uint8_t c[KYBER_INDCPA_BYTES],
        const uint8_t m[KYBER_INDCPA_MSGBYTES],
        const uint8_t pk[KYBER_INDCPA_PUBLICKEYBYTES],
        const uint8_t coins[KYBER_SYMBYTES]) {
-    unsigned int i = 0;
+    unsigned int i;
    ALIGN32_ARRAY(uint8_t, KYBER_SYMBYTES) seed;
    polyvec sp, pkpv, ep, at[KYBER_K], bp;
    poly v, k, epp;
--- a/crypto_kem/kyber1024-90s/avx2/indcpa.h
+++ b/crypto_kem/kyber1024-90s/avx2/indcpa.h
@ -1,16 +1,20 @@
 #ifndef PQCLEAN_KYBER102490S_AVX2_INDCPA_H
 #define PQCLEAN_KYBER102490S_AVX2_INDCPA_H
 #include "params.h"
 #include "polyvec.h"
 #include <stdint.h>
 void PQCLEAN_KYBER102490S_AVX2_gen_matrix(polyvec *a, const uint8_t seed[KYBER_SYMBYTES], int transposed);
 void PQCLEAN_KYBER102490S_AVX2_indcpa_keypair(uint8_t pk[KYBER_INDCPA_PUBLICKEYBYTES],
        uint8_t sk[KYBER_INDCPA_SECRETKEYBYTES]);
-void PQCLEAN_KYBER102490S_AVX2_indcpa_keypair(uint8_t pk[KYBER_INDCPA_PUBLICKEYBYTES], uint8_t sk[KYBER_INDCPA_SECRETKEYBYTES]);
+void PQCLEAN_KYBER102490S_AVX2_indcpa_enc(uint8_t c[KYBER_INDCPA_BYTES],
        const uint8_t m[KYBER_INDCPA_MSGBYTES],
        const uint8_t pk[KYBER_INDCPA_PUBLICKEYBYTES],
        const uint8_t coins[KYBER_SYMBYTES]);
-void PQCLEAN_KYBER102490S_AVX2_indcpa_enc(uint8_t c[KYBER_INDCPA_BYTES], const uint8_t m[KYBER_INDCPA_MSGBYTES], const uint8_t pk[KYBER_INDCPA_PUBLICKEYBYTES], const uint8_t coins[KYBER_SYMBYTES]);
+void PQCLEAN_KYBER102490S_AVX2_indcpa_dec(uint8_t m[KYBER_INDCPA_MSGBYTES],
-
+        const uint8_t c[KYBER_INDCPA_BYTES],
-void PQCLEAN_KYBER102490S_AVX2_indcpa_dec(uint8_t m[KYBER_INDCPA_MSGBYTES], const uint8_t c[KYBER_INDCPA_BYTES], const uint8_t sk[KYBER_INDCPA_SECRETKEYBYTES]);
+        const uint8_t sk[KYBER_INDCPA_SECRETKEYBYTES]);
 #endif
--- a/crypto_kem/kyber1024-90s/avx2/invntt.S
+++ b/crypto_kem/kyber1024-90s/avx2/invntt.S
@ -1,4 +1,4 @@
-#include "cdecl.inc"
+#include "cdecl.h"
 .include "shuffle.inc"
 .include "fq.inc"
@ -210,7 +210,9 @@ vmovdqa		%ymm7,224(%rdi)
 ret
 .global cdecl(PQCLEAN_KYBER102490S_AVX2_invntt_avx)
 .global _cdecl(PQCLEAN_KYBER102490S_AVX2_invntt_avx)
 cdecl(PQCLEAN_KYBER102490S_AVX2_invntt_avx):
 _cdecl(PQCLEAN_KYBER102490S_AVX2_invntt_avx):
 #consts
 vmovdqa         _16XQ*2(%rsi),%ymm0
 mov		%rsi,%rdx
--- a/crypto_kem/kyber1024-90s/avx2/kem.c
+++ b/crypto_kem/kyber1024-90s/avx2/kem.c
@ -8,7 +8,6 @@
 #include <stddef.h>
 #include <stdint.h>
 /*************************************************
 * Name:        PQCLEAN_KYBER102490S_AVX2_crypto_kem_keypair
 *
@ -23,7 +22,7 @@
 * Returns 0 (success)
 **************************************************/
 int PQCLEAN_KYBER102490S_AVX2_crypto_kem_keypair(unsigned char *pk, unsigned char *sk) {
-    size_t i = 0;
+    size_t i;
    PQCLEAN_KYBER102490S_AVX2_indcpa_keypair(pk, sk);
    for (i = 0; i < KYBER_INDCPA_PUBLICKEYBYTES; i++) {
        sk[i + KYBER_INDCPA_SECRETKEYBYTES] = pk[i];
@ -94,8 +93,8 @@ int PQCLEAN_KYBER102490S_AVX2_crypto_kem_enc(unsigned char *ct,
 int PQCLEAN_KYBER102490S_AVX2_crypto_kem_dec(unsigned char *ss,
        const unsigned char *ct,
        const unsigned char *sk) {
-    size_t i = 0;
+    size_t i;
-    int fail = 0;
+    int fail;
    ALIGN32_ARRAY(uint8_t, 2 * KYBER_SYMBYTES) buf;
    /* Will contain key, coins */
    ALIGN32_ARRAY(uint8_t, 2 * KYBER_SYMBYTES) kr;
@ -119,7 +118,7 @@ int PQCLEAN_KYBER102490S_AVX2_crypto_kem_dec(unsigned char *ss,
    hash_h(kr.arr + KYBER_SYMBYTES, ct, KYBER_CIPHERTEXTBYTES);
    /* Overwrite pre-k with z on re-encryption failure */
-    PQCLEAN_KYBER102490S_AVX2_cmov(kr.arr, sk + KYBER_SECRETKEYBYTES - KYBER_SYMBYTES, KYBER_SYMBYTES, fail);
+    PQCLEAN_KYBER102490S_AVX2_cmov(kr.arr, sk + KYBER_SECRETKEYBYTES - KYBER_SYMBYTES, KYBER_SYMBYTES, (uint8_t)fail);
    /* hash concatenation of pre-k and H(c) to k */
    kdf(ss, kr.arr, 2 * KYBER_SYMBYTES);
--- a/crypto_kem/kyber1024-90s/avx2/kem.h
+++ b/crypto_kem/kyber1024-90s/avx2/kem.h
@ -1,17 +1,14 @@
 #ifndef PQCLEAN_KYBER102490S_AVX2_KEM_H
 #define PQCLEAN_KYBER102490S_AVX2_KEM_H
 #include "params.h"
 int PQCLEAN_KYBER102490S_AVX2_crypto_kem_keypair(unsigned char *pk, unsigned char *sk);
 int PQCLEAN_KYBER102490S_AVX2_crypto_kem_enc(unsigned char *ct,
        unsigned char *ss,
        const unsigned char *pk);
 int PQCLEAN_KYBER102490S_AVX2_crypto_kem_dec(unsigned char *ss,
        const unsigned char *ct,
        const unsigned char *sk);
--- a/crypto_kem/kyber1024-90s/avx2/ntt.S
+++ b/crypto_kem/kyber1024-90s/avx2/ntt.S
@ -1,4 +1,4 @@
-#include "cdecl.inc"
+#include "cdecl.h"
 .include "shuffle.inc"
 .include "fq.inc"
@ -203,7 +203,9 @@ vmovdqa		%ymm11,224(%rdi)
 ret
 .global cdecl(PQCLEAN_KYBER102490S_AVX2_ntt_avx)
 .global _cdecl(PQCLEAN_KYBER102490S_AVX2_ntt_avx)
 cdecl(PQCLEAN_KYBER102490S_AVX2_ntt_avx):
 _cdecl(PQCLEAN_KYBER102490S_AVX2_ntt_avx):
 #consts
 vmovdqa		_16XQ*2(%rsi),%ymm0
 mov		%rsi,%rdx
--- a/crypto_kem/kyber1024-90s/avx2/ntt.h
+++ b/crypto_kem/kyber1024-90s/avx2/ntt.h
@ -1,28 +1,24 @@
-#ifndef NTT_H
+#ifndef PQCLEAN_KYBER102490S_AVX2_NTT_H
-#define NTT_H
+#define PQCLEAN_KYBER102490S_AVX2_NTT_H
 #include "consts.h"
 #include "params.h"
 #include <stdint.h>
 void PQCLEAN_KYBER102490S_AVX2_ntt_avx(int16_t *r, const qdata_t *PQCLEAN_KYBER102490S_AVX2_qdata);
 void PQCLEAN_KYBER102490S_AVX2_invntt_avx(int16_t *r, const qdata_t *PQCLEAN_KYBER102490S_AVX2_qdata);
-
+void PQCLEAN_KYBER102490S_AVX2_nttpack_avx(int16_t *r, const qdata_t *PQCLEAN_KYBER102490S_AVX2_qdata);
 void nttpack_avx(int16_t *r, const qdata_t *PQCLEAN_KYBER102490S_AVX2_qdata);
 void PQCLEAN_KYBER102490S_AVX2_nttunpack_avx(int16_t *r, const qdata_t *PQCLEAN_KYBER102490S_AVX2_qdata);
-
+void PQCLEAN_KYBER102490S_AVX2_basemul_avx(int16_t *r,
-void PQCLEAN_KYBER102490S_AVX2_basemul_avx(int16_t *r, const int16_t *a, const int16_t *b, const qdata_t *PQCLEAN_KYBER102490S_AVX2_qdata);
+        const int16_t *a,
-
+        const int16_t *b,
-void PQCLEAN_KYBER102490S_AVX2_basemul_acc_avx(int16_t *r, const int16_t *a, const int16_t *b, const qdata_t *PQCLEAN_KYBER102490S_AVX2_qdata);
+        const qdata_t *PQCLEAN_KYBER102490S_AVX2_qdata);
-
+void PQCLEAN_KYBER102490S_AVX2_basemul_acc_avx(int16_t *r,
        const int16_t *a,
        const int16_t *b,
        const qdata_t *PQCLEAN_KYBER102490S_AVX2_qdata);
 void PQCLEAN_KYBER102490S_AVX2_ntttobytes_avx(uint8_t *r, const int16_t *a, const qdata_t *PQCLEAN_KYBER102490S_AVX2_qdata);
 void PQCLEAN_KYBER102490S_AVX2_nttfrombytes_avx(int16_t *r, const uint8_t *a, const qdata_t *PQCLEAN_KYBER102490S_AVX2_qdata);
 #endif
--- a/crypto_kem/kyber1024-90s/avx2/params.h
+++ b/crypto_kem/kyber1024-90s/avx2/params.h
@ -1,6 +1,9 @@
 #ifndef PQCLEAN_KYBER102490S_AVX2_PARAMS_H
 #define PQCLEAN_KYBER102490S_AVX2_PARAMS_H
 #define KYBER_N 256
 #define KYBER_Q 3329
--- a/crypto_kem/kyber1024-90s/avx2/poly.c
+++ b/crypto_kem/kyber1024-90s/avx2/poly.c
@ -19,7 +19,7 @@
 *              - poly *a:    pointer to input polynomial
 **************************************************/
 void PQCLEAN_KYBER102490S_AVX2_poly_compress(uint8_t r[KYBER_POLYCOMPRESSEDBYTES], poly *restrict a) {
-    unsigned int i = 0, j = 0;
+    unsigned int i, j;
    uint8_t t[8];
    PQCLEAN_KYBER102490S_AVX2_poly_csubq(a);
@ -50,9 +50,9 @@ void PQCLEAN_KYBER102490S_AVX2_poly_compress(uint8_t r[KYBER_POLYCOMPRESSEDBYTES
 **************************************************/
 void PQCLEAN_KYBER102490S_AVX2_poly_decompress(poly *restrict r,
        const uint8_t a[KYBER_POLYCOMPRESSEDBYTES]) {
-    unsigned int i = 0;
+    unsigned int i;
-    unsigned int j = 0;
+    unsigned int j;
    uint8_t t[8];
    for (i = 0; i < KYBER_N / 8; i++) {
        t[0] = (a[0] >> 0);
@ -114,7 +114,7 @@ void PQCLEAN_KYBER102490S_AVX2_poly_frommsg(poly *restrict r,
    const __m256i hqs = _mm256_set1_epi16((KYBER_Q + 1) / 2);
 #define FROMMSG64(i)                        \
-    g3 = _mm256_shuffle_epi32(f,0x55*(i));              \
+    g3 = _mm256_shuffle_epi32(f,0x55*(i));                \
    g3 = _mm256_sllv_epi32(g3,shift);             \
    g3 = _mm256_shuffle_epi8(g3,idx);             \
    g0 = _mm256_slli_epi16(g3,12);                \
@ -136,9 +136,9 @@ void PQCLEAN_KYBER102490S_AVX2_poly_frommsg(poly *restrict r,
    g2 = _mm256_permute2x128_si256(h0,h1,0x31);           \
    g1 = _mm256_permute2x128_si256(h2,h3,0x20);           \
    g3 = _mm256_permute2x128_si256(h2,h3,0x31);           \
-    _mm256_store_si256((__m256i *)&r->coeffs[  0+32*(i)+ 0],g0);    \
+    _mm256_store_si256((__m256i *)&r->coeffs[  0+32*(i)+ 0],g0);  \
-    _mm256_store_si256((__m256i *)&r->coeffs[  0+32*(i)+16],g1);    \
+    _mm256_store_si256((__m256i *)&r->coeffs[  0+32*(i)+16],g1);  \
-    _mm256_store_si256((__m256i *)&r->coeffs[128+32*(i)+ 0],g2);    \
+    _mm256_store_si256((__m256i *)&r->coeffs[128+32*(i)+ 0],g2);  \
    _mm256_store_si256((__m256i *)&r->coeffs[128+32*(i)+16],g3)
    f = _mm256_load_si256((__m256i *)msg);
@ -157,8 +157,8 @@ void PQCLEAN_KYBER102490S_AVX2_poly_frommsg(poly *restrict r,
 *              - poly *a:      pointer to input polynomial
 **************************************************/
 void PQCLEAN_KYBER102490S_AVX2_poly_tomsg(uint8_t msg[KYBER_INDCPA_MSGBYTES], poly *restrict a) {
-    unsigned int i = 0;
+    unsigned int i;
-    uint32_t small = 0;
+    uint32_t small;
    __m256i f0, f1, g0, g1;
    const __m256i hqs = _mm256_set1_epi16((KYBER_Q - 1) / 2);
    const __m256i hhqs = _mm256_set1_epi16((KYBER_Q - 5) / 4);
@ -293,7 +293,7 @@ void PQCLEAN_KYBER102490S_AVX2_poly_csubq(poly *r) {
 *            - const poly *b: pointer to second input polynomial
 **************************************************/
 void PQCLEAN_KYBER102490S_AVX2_poly_add(poly *r, const poly *a, const poly *b) {
-    unsigned int i = 0;
+    unsigned int i;
    __m256i f0, f1;
    for (i = 0; i < KYBER_N; i += 16) {
@ -314,7 +314,7 @@ void PQCLEAN_KYBER102490S_AVX2_poly_add(poly *r, const poly *a, const poly *b) {
 *            - const poly *b: pointer to second input polynomial
 **************************************************/
 void PQCLEAN_KYBER102490S_AVX2_poly_sub(poly *r, const poly *a, const poly *b) {
-    unsigned int i = 0;
+    unsigned int i;
    __m256i f0, f1;
    for (i = 0; i < KYBER_N; i += 16) {
--- a/crypto_kem/kyber1024-90s/avx2/poly.h
+++ b/crypto_kem/kyber1024-90s/avx2/poly.h
@ -1,6 +1,5 @@
 #ifndef PQCLEAN_KYBER102490S_AVX2_POLY_H
 #define PQCLEAN_KYBER102490S_AVX2_POLY_H
 #include "params.h"
 #include <immintrin.h>
 #include <stdint.h>
@ -14,43 +13,27 @@ typedef union {
    int16_t coeffs[KYBER_N];
 } poly;
 void PQCLEAN_KYBER102490S_AVX2_poly_compress(uint8_t r[KYBER_POLYCOMPRESSEDBYTES], poly *a);
 void PQCLEAN_KYBER102490S_AVX2_poly_decompress(poly *r, const uint8_t a[KYBER_POLYCOMPRESSEDBYTES]);
 void PQCLEAN_KYBER102490S_AVX2_poly_tobytes(uint8_t r[KYBER_POLYBYTES], poly *a);
 void PQCLEAN_KYBER102490S_AVX2_poly_frombytes(poly *r, const uint8_t a[KYBER_POLYBYTES]);
 void PQCLEAN_KYBER102490S_AVX2_poly_frommsg(poly *r, const uint8_t msg[KYBER_INDCPA_MSGBYTES]);
 void PQCLEAN_KYBER102490S_AVX2_poly_tomsg(uint8_t msg[KYBER_INDCPA_MSGBYTES], poly *a);
 void PQCLEAN_KYBER102490S_AVX2_poly_getnoise(poly *r, const uint8_t seed[KYBER_SYMBYTES], uint8_t nonce);
 void PQCLEAN_KYBER102490S_AVX2_poly_ntt(poly *r);
 void PQCLEAN_KYBER102490S_AVX2_poly_invntt_tomont(poly *r);
 void PQCLEAN_KYBER102490S_AVX2_poly_nttunpack(poly *r);
 void PQCLEAN_KYBER102490S_AVX2_poly_basemul_montgomery(poly *r, const poly *a, const poly *b);
 void PQCLEAN_KYBER102490S_AVX2_poly_tomont(poly *r);
 void PQCLEAN_KYBER102490S_AVX2_poly_reduce(poly *r);
 void PQCLEAN_KYBER102490S_AVX2_poly_csubq(poly *r);
 void PQCLEAN_KYBER102490S_AVX2_poly_add(poly *r, const poly *a, const poly *b);
 void PQCLEAN_KYBER102490S_AVX2_poly_sub(poly *r, const poly *a, const poly *b);
 #endif
--- a/crypto_kem/kyber1024-90s/avx2/polyvec.c
+++ b/crypto_kem/kyber1024-90s/avx2/polyvec.c
@ -1,6 +1,6 @@
 #include "params.h"
 #include "consts.h"
 #include "ntt.h"
 #include "params.h"
 #include "poly.h"
 #include "polyvec.h"
 #include <stdint.h>
@ -16,7 +16,7 @@
 **************************************************/
 void PQCLEAN_KYBER102490S_AVX2_polyvec_compress(uint8_t r[KYBER_POLYVECCOMPRESSEDBYTES],
        polyvec *restrict a) {
-    unsigned int i = 0, j = 0, k = 0;
+    size_t i, j, k;
    PQCLEAN_KYBER102490S_AVX2_polyvec_csubq(a);
@ -24,10 +24,8 @@ void PQCLEAN_KYBER102490S_AVX2_polyvec_compress(uint8_t r[KYBER_POLYVECCOMPRESSE
    for (i = 0; i < KYBER_K; i++) {
        for (j = 0; j < KYBER_N / 8; j++) {
            for (k = 0; k < 8; k++) {
-                {
+                t[k] = ((((uint32_t)a->vec[i].coeffs[8 * j + k] << 11) + KYBER_Q / 2)
-                    t[k] = ((((uint32_t)a->vec[i].coeffs[8 * j + k] << 11) + KYBER_Q / 2)
+                        / KYBER_Q) & 0x7ff;
                            / KYBER_Q) & 0x7ff;
                }
            }
            r[ 0] = (t[0] >>  0);
@ -58,7 +56,7 @@ void PQCLEAN_KYBER102490S_AVX2_polyvec_compress(uint8_t r[KYBER_POLYVECCOMPRESSE
 **************************************************/
 void PQCLEAN_KYBER102490S_AVX2_polyvec_decompress(polyvec *restrict r,
        const uint8_t a[KYBER_POLYVECCOMPRESSEDBYTES]) {
-    unsigned int i = 0, j = 0, k = 0;
+    size_t i, j, k;
    uint16_t t[8];
    for (i = 0; i < KYBER_K; i++) {
@ -90,7 +88,7 @@ void PQCLEAN_KYBER102490S_AVX2_polyvec_decompress(polyvec *restrict r,
 *              - polyvec *a: pointer to input vector of polynomials
 **************************************************/
 void PQCLEAN_KYBER102490S_AVX2_polyvec_tobytes(uint8_t r[KYBER_POLYVECBYTES], polyvec *a) {
-    unsigned int i = 0;
+    size_t i;
    for (i = 0; i < KYBER_K; i++) {
        PQCLEAN_KYBER102490S_AVX2_poly_tobytes(r + i * KYBER_POLYBYTES, &a->vec[i]);
    }
@ -107,7 +105,7 @@ void PQCLEAN_KYBER102490S_AVX2_polyvec_tobytes(uint8_t r[KYBER_POLYVECBYTES], po
 *                                  (of length KYBER_POLYVECBYTES)
 **************************************************/
 void PQCLEAN_KYBER102490S_AVX2_polyvec_frombytes(polyvec *r, const uint8_t a[KYBER_POLYVECBYTES]) {
-    unsigned int i = 0;
+    size_t i;
    for (i = 0; i < KYBER_K; i++) {
        PQCLEAN_KYBER102490S_AVX2_poly_frombytes(&r->vec[i], a + i * KYBER_POLYBYTES);
    }
@ -121,7 +119,7 @@ void PQCLEAN_KYBER102490S_AVX2_polyvec_frombytes(polyvec *r, const uint8_t a[KYB
 * Arguments:   - polyvec *r: pointer to in/output vector of polynomials
 **************************************************/
 void PQCLEAN_KYBER102490S_AVX2_polyvec_ntt(polyvec *r) {
-    unsigned int i = 0;
+    size_t i;
    for (i = 0; i < KYBER_K; i++) {
        PQCLEAN_KYBER102490S_AVX2_poly_ntt(&r->vec[i]);
    }
@ -136,7 +134,7 @@ void PQCLEAN_KYBER102490S_AVX2_polyvec_ntt(polyvec *r) {
 * Arguments:   - polyvec *r: pointer to in/output vector of polynomials
 **************************************************/
 void PQCLEAN_KYBER102490S_AVX2_polyvec_invntt_tomont(polyvec *r) {
-    unsigned int i = 0;
+    size_t i;
    for (i = 0; i < KYBER_K; i++) {
        PQCLEAN_KYBER102490S_AVX2_poly_invntt_tomont(&r->vec[i]);
    }
@ -155,7 +153,7 @@ void PQCLEAN_KYBER102490S_AVX2_polyvec_invntt_tomont(polyvec *r) {
 void PQCLEAN_KYBER102490S_AVX2_polyvec_pointwise_acc_montgomery(poly *r,
        const polyvec *a,
        const polyvec *b) {
-    PQCLEAN_KYBER102490S_AVX2_basemul_acc_avx(r->coeffs, a->vec->coeffs, b->vec->coeffs, &PQCLEAN_KYBER102490S_AVX2_qdata);
+    PQCLEAN_KYBER102490S_AVX2_basemul_acc_avx(r->coeffs, a->vec->coeffs, b->vec->coeffs, & PQCLEAN_KYBER102490S_AVX2_qdata);
 }
 /*************************************************
@ -168,7 +166,7 @@ void PQCLEAN_KYBER102490S_AVX2_polyvec_pointwise_acc_montgomery(poly *r,
 * Arguments:   - poly *r: pointer to input/output polynomial
 **************************************************/
 void PQCLEAN_KYBER102490S_AVX2_polyvec_reduce(polyvec *r) {
-    unsigned int i = 0;
+    size_t i;
    for (i = 0; i < KYBER_K; i++) {
        PQCLEAN_KYBER102490S_AVX2_poly_reduce(&r->vec[i]);
    }
@ -185,7 +183,7 @@ void PQCLEAN_KYBER102490S_AVX2_polyvec_reduce(polyvec *r) {
 * Arguments:   - poly *r: pointer to input/output polynomial
 **************************************************/
 void PQCLEAN_KYBER102490S_AVX2_polyvec_csubq(polyvec *r) {
-    unsigned int i = 0;
+    size_t i;
    for (i = 0; i < KYBER_K; i++) {
        PQCLEAN_KYBER102490S_AVX2_poly_csubq(&r->vec[i]);
    }
@ -201,7 +199,7 @@ void PQCLEAN_KYBER102490S_AVX2_polyvec_csubq(polyvec *r) {
 *            - const polyvec *b: pointer to second input vector of polynomials
 **************************************************/
 void PQCLEAN_KYBER102490S_AVX2_polyvec_add(polyvec *r, const polyvec *a, const polyvec *b) {
-    unsigned int i = 0;
+    size_t i;
    for (i = 0; i < KYBER_K; i++) {
        PQCLEAN_KYBER102490S_AVX2_poly_add(&r->vec[i], &a->vec[i], &b->vec[i]);
    }
--- a/crypto_kem/kyber1024-90s/avx2/polyvec.h
+++ b/crypto_kem/kyber1024-90s/avx2/polyvec.h
@ -1,6 +1,5 @@
 #ifndef PQCLEAN_KYBER102490S_AVX2_POLYVEC_H
 #define PQCLEAN_KYBER102490S_AVX2_POLYVEC_H
 #include "params.h"
 #include "poly.h"
 #include <stdint.h>
@ -9,33 +8,23 @@ typedef struct {
    poly vec[KYBER_K];
 } polyvec;
 void PQCLEAN_KYBER102490S_AVX2_polyvec_compress(uint8_t r[KYBER_POLYVECCOMPRESSEDBYTES], polyvec *a);
 void PQCLEAN_KYBER102490S_AVX2_polyvec_decompress(polyvec *r,
        const uint8_t a[KYBER_POLYVECCOMPRESSEDBYTES]);
 void PQCLEAN_KYBER102490S_AVX2_polyvec_tobytes(uint8_t r[KYBER_POLYVECBYTES], polyvec *a);
 void PQCLEAN_KYBER102490S_AVX2_polyvec_frombytes(polyvec *r, const uint8_t a[KYBER_POLYVECBYTES]);
 void PQCLEAN_KYBER102490S_AVX2_polyvec_ntt(polyvec *r);
 void PQCLEAN_KYBER102490S_AVX2_polyvec_invntt_tomont(polyvec *r);
 void PQCLEAN_KYBER102490S_AVX2_polyvec_pointwise_acc_montgomery(poly *r,
        const polyvec *a,
        const polyvec *b);
 void PQCLEAN_KYBER102490S_AVX2_polyvec_reduce(polyvec *r);
 void PQCLEAN_KYBER102490S_AVX2_polyvec_csubq(polyvec *r);
 void PQCLEAN_KYBER102490S_AVX2_polyvec_add(polyvec *r, const polyvec *a, const polyvec *b);
 #endif
--- a/crypto_kem/kyber1024-90s/avx2/reduce.h
+++ b/crypto_kem/kyber1024-90s/avx2/reduce.h
@ -1,16 +1,10 @@
-#ifndef REDUCE_H
+#ifndef PQCLEAN_KYBER102490S_AVX2_REDUCE_H
-#define REDUCE_H
+#define PQCLEAN_KYBER102490S_AVX2_REDUCE_H
-
+#include "consts.h"
 #include <stdint.h>
 #include "consts.h"
 #include "params.h"
 int16_t PQCLEAN_KYBER102490S_AVX2_reduce_avx(int16_t *r, const qdata_t *PQCLEAN_KYBER102490S_AVX2_qdata);
 int16_t PQCLEAN_KYBER102490S_AVX2_csubq_avx(int16_t *r, const qdata_t *PQCLEAN_KYBER102490S_AVX2_qdata);
 int16_t PQCLEAN_KYBER102490S_AVX2_tomont_avx(int16_t *r, const qdata_t *PQCLEAN_KYBER102490S_AVX2_qdata);
 #endif
--- a/crypto_kem/kyber1024-90s/avx2/rejsample.c
+++ b/crypto_kem/kyber1024-90s/avx2/rejsample.c
@ -2,6 +2,7 @@
 #include "consts.h"
 #include "params.h"
 #include "rejsample.h"
 #include <immintrin.h>
 #include <stdint.h>
 static const ALIGN32_ARRAY_2D(uint8_t, 256, 8) idx = {.arr = {
@ -270,9 +271,9 @@ static const ALIGN32_ARRAY_2D(uint8_t, 256, 8) idx = {.arr = {
 #define REJ_UNIFORM_BUFLEN 576
 unsigned int PQCLEAN_KYBER102490S_AVX2_rej_uniform_avx(int16_t *restrict r,
        const uint8_t *restrict buf) {
-    unsigned int ctr = 0, pos = 0;
+    unsigned int ctr, pos;
-    uint16_t val = 0;
+    uint16_t val;
-    uint32_t good = 0;
+    uint32_t good;
    const __m256i bound  = _mm256_set1_epi16((int16_t)(19 * KYBER_Q - 1));
    const __m256i ones   = _mm256_set1_epi8(1);
    const __m256i kyberq = _mm256_load_si256((__m256i *)&PQCLEAN_KYBER102490S_AVX2_qdata.as_arr[_16XQ]);
@ -297,7 +298,7 @@ unsigned int PQCLEAN_KYBER102490S_AVX2_rej_uniform_avx(int16_t *restrict r,
        g1 = _mm256_inserti128_si256(g1, _mm_loadl_epi64((__m128i *)&idx.arr[(good >> 24) & 0xFF]), 1);
        //g0 = _mm256_cvtepu8_epi64(_mm_loadl_epi64((__m128i *)&good));
-        //g1 = _mm256_i64gather_epi64((long long *)idx, g0, 8);
+        //g1 = _mm256_i64gather_epi64((long long *)idx.arr, g0, 8);
        /* Barrett reduction of (still unsigned) values */
        g2 = _mm256_mulhi_epu16(f0, v);
--- a/crypto_kem/kyber1024-90s/avx2/rejsample.h
+++ b/crypto_kem/kyber1024-90s/avx2/rejsample.h
@ -1,10 +1,8 @@
-#ifndef REJSAMPLE_H
+#ifndef PQCLEAN_KYBER102490S_AVX2_REJSAMPLE_H
-#define REJSAMPLE_H
+#define PQCLEAN_KYBER102490S_AVX2_REJSAMPLE_H
 #include "params.h"
 #include <stdint.h>
 unsigned int PQCLEAN_KYBER102490S_AVX2_rej_uniform_avx(int16_t *r,
        const unsigned char *buf);
--- a/crypto_kem/kyber1024-90s/avx2/shuffle.S
+++ b/crypto_kem/kyber1024-90s/avx2/shuffle.S
@ -1,4 +1,4 @@
-#include "cdecl.inc"
+#include "cdecl.h"
 .include "fq.inc"
 .include "shuffle.inc"
@ -92,7 +92,9 @@ vmovdqa		%ymm11,224(%rdi)
 ret
 .global cdecl(PQCLEAN_KYBER102490S_AVX2_nttunpack_avx)
 .global _cdecl(PQCLEAN_KYBER102490S_AVX2_nttunpack_avx)
 cdecl(PQCLEAN_KYBER102490S_AVX2_nttunpack_avx):
 _cdecl(PQCLEAN_KYBER102490S_AVX2_nttunpack_avx):
 call		nttunpack128_avx
 add		$256,%rdi
 call		nttunpack128_avx
@ -169,7 +171,9 @@ vmovdqu		%ymm9,160(%rdi)
 ret
 .global cdecl(PQCLEAN_KYBER102490S_AVX2_ntttobytes_avx)
 .global _cdecl(PQCLEAN_KYBER102490S_AVX2_ntttobytes_avx)
 cdecl(PQCLEAN_KYBER102490S_AVX2_ntttobytes_avx):
 _cdecl(PQCLEAN_KYBER102490S_AVX2_ntttobytes_avx):
 #consts
 vmovdqa		_16XQ*2(%rdx),%ymm0
 call		ntttobytes128_avx
@ -245,7 +249,9 @@ vmovdqa		%ymm1,224(%rdi)
 ret
 .global cdecl(PQCLEAN_KYBER102490S_AVX2_nttfrombytes_avx)
 .global _cdecl(PQCLEAN_KYBER102490S_AVX2_nttfrombytes_avx)
 cdecl(PQCLEAN_KYBER102490S_AVX2_nttfrombytes_avx):
 _cdecl(PQCLEAN_KYBER102490S_AVX2_nttfrombytes_avx):
 #consts
 vmovdqa		_16XMASK*2(%rdx),%ymm0
 call		nttfrombytes128_avx
--- a/crypto_kem/kyber1024-90s/avx2/symmetric.h
+++ b/crypto_kem/kyber1024-90s/avx2/symmetric.h
@ -1,13 +1,12 @@
-#ifndef SYMMETRIC_H
+#ifndef PQCLEAN_KYBER102490S_AVX2_SYMMETRIC_H
-#define SYMMETRIC_H
+#define PQCLEAN_KYBER102490S_AVX2_SYMMETRIC_H
-
+#include "aes256ctr.h"
 #include "params.h"
 #include "sha2.h"
 #include <stddef.h>
 #include <stdint.h>
 #include "aes256ctr.h"
 #include "sha2.h"
 typedef aes256ctr_ctx xof_state;
--- a/crypto_kem/kyber1024-90s/avx2/verify.c
+++ b/crypto_kem/kyber1024-90s/avx2/verify.c
@ -15,8 +15,8 @@
 * Returns 0 if the byte arrays are equal, 1 otherwise
 **************************************************/
 int PQCLEAN_KYBER102490S_AVX2_verify(const uint8_t *a, const uint8_t *b, size_t len) {
-    size_t pos = 0;
+    size_t pos;
-    uint64_t r = 0;
+    uint64_t r;
    __m256i avec, bvec, cvec;
    cvec = _mm256_setzero_si256();
@ -53,7 +53,7 @@ int PQCLEAN_KYBER102490S_AVX2_verify(const uint8_t *a, const uint8_t *b, size_t
 *              unsigned char b:        Condition bit; has to be in {0,1}
 **************************************************/
 void PQCLEAN_KYBER102490S_AVX2_cmov(uint8_t *restrict r, const uint8_t *restrict x, size_t len, uint8_t b) {
-    size_t pos = 0;
+    size_t pos;
    __m256i xvec, rvec, bvec;
    b = -b;
--- a/crypto_kem/kyber1024-90s/avx2/verify.h
+++ b/crypto_kem/kyber1024-90s/avx2/verify.h
@ -1,14 +1,11 @@
 #ifndef PQCLEAN_KYBER102490S_AVX2_VERIFY_H
 #define PQCLEAN_KYBER102490S_AVX2_VERIFY_H
 #include "params.h"
 #include <stddef.h>
 #include <stdint.h>
 int PQCLEAN_KYBER102490S_AVX2_verify(const uint8_t *a, const uint8_t *b, size_t len);
 void PQCLEAN_KYBER102490S_AVX2_cmov(uint8_t *r, const uint8_t *x, size_t len, uint8_t b);
 #endif
--- a/crypto_kem/kyber1024-90s/clean/Makefile
+++ b/crypto_kem/kyber1024-90s/clean/Makefile
@ -1,29 +1,8 @@
 # This Makefile can be used with GNU Make or BSD Make
 LIB=libkyber1024-90s_clean.a
-HEADERS=				\
+HEADERS=api.h cbd.h indcpa.h kem.h ntt.h params.h poly.h polyvec.h reduce.h symmetric-aes.h symmetric.h verify.h 
-	api.h               \
+OBJECTS=cbd.o indcpa.o kem.o ntt.o poly.o polyvec.o reduce.o symmetric-aes.o verify.o 
 	cbd.h               \
 	indcpa.h            \
 	kem.h               \
 	ntt.h               \
 	params.h            \
 	poly.h              \
 	polyvec.h           \
 	reduce.h            \
 	symmetric-aes.h     \
 	symmetric.h         \
 	verify.h
 OBJECTS=				\
 	cbd.o               \
 	indcpa.o            \
 	kem.o               \
 	ntt.o               \
 	poly.o              \
 	polyvec.o           \
 	reduce.o            \
 	verify.o            \
 	symmetric-aes.o
 CFLAGS=-O3 -Wall -Wextra -Wpedantic -Werror -Wmissing-prototypes -Wredundant-decls -std=c99 -I../../../common $(EXTRAFLAGS)
--- a/crypto_kem/kyber1024-90s/clean/Makefile.Microsoft_nmake
+++ b/crypto_kem/kyber1024-90s/clean/Makefile.Microsoft_nmake
@ -2,7 +2,7 @@
 #    nmake /f Makefile.Microsoft_nmake
 LIBRARY=libkyber1024-90s_clean.lib
-OBJECTS=cbd.obj indcpa.obj kem.obj ntt.obj poly.obj polyvec.obj reduce.obj verify.obj symmetric-aes.obj
+OBJECTS=cbd.obj indcpa.obj kem.obj ntt.obj poly.obj polyvec.obj reduce.obj symmetric-aes.obj verify.obj 
 # Warning C4146 is raised when a unary minus operator is applied to an
 # unsigned type; this has nonetheless been standard and portable for as
--- a/crypto_kem/kyber1024-90s/clean/api.h
+++ b/crypto_kem/kyber1024-90s/clean/api.h
@ -15,5 +15,4 @@ int PQCLEAN_KYBER102490S_CLEAN_crypto_kem_enc(uint8_t *ct, uint8_t *ss, const ui
 int PQCLEAN_KYBER102490S_CLEAN_crypto_kem_dec(uint8_t *ss, const uint8_t *ct, const uint8_t *sk);
 #endif
--- a/crypto_kem/kyber1024-90s/clean/cbd.c
+++ b/crypto_kem/kyber1024-90s/clean/cbd.c
@ -1,5 +1,5 @@
 #include "params.h"
 #include "cbd.h"
 #include "params.h"
 #include <stdint.h>
 /*************************************************
@ -13,7 +13,7 @@
 * Returns 32-bit unsigned integer loaded from x
 **************************************************/
 static uint32_t load32_littleendian(const uint8_t x[4]) {
-    uint32_t r = 0;
+    uint32_t r;
    r  = (uint32_t)x[0];
    r |= (uint32_t)x[1] << 8;
    r |= (uint32_t)x[2] << 16;
@ -32,9 +32,9 @@ static uint32_t load32_littleendian(const uint8_t x[4]) {
 *              - const uint8_t *buf: pointer to input byte array
 **************************************************/
 void PQCLEAN_KYBER102490S_CLEAN_cbd(poly *r, const uint8_t buf[KYBER_ETA * KYBER_N / 4]) {
-    unsigned int i = 0, j = 0;
+    unsigned int i, j;
-    uint32_t t = 0, d = 0;
+    uint32_t t, d;
-    int16_t a = 0, b = 0;
+    int16_t a, b;
    for (i = 0; i < KYBER_N / 8; i++) {
        t  = load32_littleendian(buf + 4 * i);
--- a/crypto_kem/kyber1024-90s/clean/cbd.h
+++ b/crypto_kem/kyber1024-90s/clean/cbd.h
@ -1,11 +1,9 @@
 #ifndef PQCLEAN_KYBER102490S_CLEAN_CBD_H
 #define PQCLEAN_KYBER102490S_CLEAN_CBD_H
 #include "params.h"
 #include "poly.h"
 #include <stdint.h>
 void PQCLEAN_KYBER102490S_CLEAN_cbd(poly *r, const uint8_t buf[KYBER_ETA * KYBER_N / 4]);
 #endif
--- a/crypto_kem/kyber1024-90s/clean/indcpa.c
+++ b/crypto_kem/kyber1024-90s/clean/indcpa.c
@ -22,7 +22,7 @@
 static void pack_pk(uint8_t r[KYBER_INDCPA_PUBLICKEYBYTES],
                    polyvec *pk,
                    const uint8_t seed[KYBER_SYMBYTES]) {
-    size_t i = 0;
+    size_t i;
    PQCLEAN_KYBER102490S_CLEAN_polyvec_tobytes(r, pk);
    for (i = 0; i < KYBER_SYMBYTES; i++) {
        r[i + KYBER_POLYVECBYTES] = seed[i];
@ -44,7 +44,7 @@ static void pack_pk(uint8_t r[KYBER_INDCPA_PUBLICKEYBYTES],
 static void unpack_pk(polyvec *pk,
                      uint8_t seed[KYBER_SYMBYTES],
                      const uint8_t packedpk[KYBER_INDCPA_PUBLICKEYBYTES]) {
-    size_t i = 0;
+    size_t i;
    PQCLEAN_KYBER102490S_CLEAN_polyvec_frombytes(pk, packedpk);
    for (i = 0; i < KYBER_SYMBYTES; i++) {
        seed[i] = packedpk[i + KYBER_POLYVECBYTES];
@ -132,8 +132,8 @@ static unsigned int rej_uniform(int16_t *r,
                                unsigned int len,
                                const uint8_t *buf,
                                unsigned int buflen) {
-    unsigned int ctr = 0, pos = 0;
+    unsigned int ctr, pos;
-    uint16_t val = 0;
+    uint16_t val;
    ctr = pos = 0;
    while (ctr < len && pos + 2 <= buflen) {
@ -169,8 +169,7 @@ static unsigned int rej_uniform(int16_t *r,
                             + XOF_BLOCKBYTES)/XOF_BLOCKBYTES)
 // Not static for benchmarking
 void PQCLEAN_KYBER102490S_CLEAN_gen_matrix(polyvec *a, const uint8_t seed[KYBER_SYMBYTES], int transposed) {
-    unsigned int ctr = 0;
+    unsigned int ctr, i, j;
    uint8_t i = 0, j = 0;
    uint8_t buf[GEN_MATRIX_NBLOCKS * XOF_BLOCKBYTES];
    xof_state state;
@ -208,7 +207,7 @@ void PQCLEAN_KYBER102490S_CLEAN_gen_matrix(polyvec *a, const uint8_t seed[KYBER_
 **************************************************/
 void PQCLEAN_KYBER102490S_CLEAN_indcpa_keypair(uint8_t pk[KYBER_INDCPA_PUBLICKEYBYTES],
        uint8_t sk[KYBER_INDCPA_SECRETKEYBYTES]) {
-    unsigned int i = 0;
+    unsigned int i;
    uint8_t buf[2 * KYBER_SYMBYTES];
    const uint8_t *publicseed = buf;
    const uint8_t *noiseseed = buf + KYBER_SYMBYTES;
@ -264,7 +263,7 @@ void PQCLEAN_KYBER102490S_CLEAN_indcpa_enc(uint8_t c[KYBER_INDCPA_BYTES],
        const uint8_t m[KYBER_INDCPA_MSGBYTES],
        const uint8_t pk[KYBER_INDCPA_PUBLICKEYBYTES],
        const uint8_t coins[KYBER_SYMBYTES]) {
-    unsigned int i = 0;
+    unsigned int i;
    uint8_t seed[KYBER_SYMBYTES];
    uint8_t nonce = 0;
    polyvec sp, pkpv, ep, at[KYBER_K], bp;
--- a/crypto_kem/kyber1024-90s/clean/indcpa.h
+++ b/crypto_kem/kyber1024-90s/clean/indcpa.h
@ -1,16 +1,20 @@
 #ifndef PQCLEAN_KYBER102490S_CLEAN_INDCPA_H
 #define PQCLEAN_KYBER102490S_CLEAN_INDCPA_H
 #include "params.h"
 #include "polyvec.h"
 #include <stdint.h>
 void PQCLEAN_KYBER102490S_CLEAN_gen_matrix(polyvec *a, const uint8_t seed[KYBER_SYMBYTES], int transposed);
 void PQCLEAN_KYBER102490S_CLEAN_indcpa_keypair(uint8_t pk[KYBER_INDCPA_PUBLICKEYBYTES],
        uint8_t sk[KYBER_INDCPA_SECRETKEYBYTES]);
-void PQCLEAN_KYBER102490S_CLEAN_indcpa_keypair(uint8_t pk[KYBER_INDCPA_PUBLICKEYBYTES], uint8_t sk[KYBER_INDCPA_SECRETKEYBYTES]);
+void PQCLEAN_KYBER102490S_CLEAN_indcpa_enc(uint8_t c[KYBER_INDCPA_BYTES],
        const uint8_t m[KYBER_INDCPA_MSGBYTES],
        const uint8_t pk[KYBER_INDCPA_PUBLICKEYBYTES],
        const uint8_t coins[KYBER_SYMBYTES]);
-void PQCLEAN_KYBER102490S_CLEAN_indcpa_enc(uint8_t c[KYBER_INDCPA_BYTES], const uint8_t m[KYBER_INDCPA_MSGBYTES], const uint8_t pk[KYBER_INDCPA_PUBLICKEYBYTES], const uint8_t coins[KYBER_SYMBYTES]);
+void PQCLEAN_KYBER102490S_CLEAN_indcpa_dec(uint8_t m[KYBER_INDCPA_MSGBYTES],
-
+        const uint8_t c[KYBER_INDCPA_BYTES],
-void PQCLEAN_KYBER102490S_CLEAN_indcpa_dec(uint8_t m[KYBER_INDCPA_MSGBYTES], const uint8_t c[KYBER_INDCPA_BYTES], const uint8_t sk[KYBER_INDCPA_SECRETKEYBYTES]);
+        const uint8_t sk[KYBER_INDCPA_SECRETKEYBYTES]);
 #endif
--- a/crypto_kem/kyber1024-90s/clean/kem.c
+++ b/crypto_kem/kyber1024-90s/clean/kem.c
@ -21,7 +21,7 @@
 * Returns 0 (success)
 **************************************************/
 int PQCLEAN_KYBER102490S_CLEAN_crypto_kem_keypair(unsigned char *pk, unsigned char *sk) {
-    size_t i = 0;
+    size_t i;
    PQCLEAN_KYBER102490S_CLEAN_indcpa_keypair(pk, sk);
    for (i = 0; i < KYBER_INDCPA_PUBLICKEYBYTES; i++) {
        sk[i + KYBER_INDCPA_SECRETKEYBYTES] = pk[i];
@ -92,8 +92,8 @@ int PQCLEAN_KYBER102490S_CLEAN_crypto_kem_enc(unsigned char *ct,
 int PQCLEAN_KYBER102490S_CLEAN_crypto_kem_dec(unsigned char *ss,
        const unsigned char *ct,
        const unsigned char *sk) {
-    size_t i = 0;
+    size_t i;
-    int fail = 0;
+    int fail;
    uint8_t buf[2 * KYBER_SYMBYTES];
    /* Will contain key, coins */
    uint8_t kr[2 * KYBER_SYMBYTES];
--- a/crypto_kem/kyber1024-90s/clean/kem.h
+++ b/crypto_kem/kyber1024-90s/clean/kem.h
@ -1,17 +1,14 @@
 #ifndef PQCLEAN_KYBER102490S_CLEAN_KEM_H
 #define PQCLEAN_KYBER102490S_CLEAN_KEM_H
 #include "params.h"
 int PQCLEAN_KYBER102490S_CLEAN_crypto_kem_keypair(unsigned char *pk, unsigned char *sk);
 int PQCLEAN_KYBER102490S_CLEAN_crypto_kem_enc(unsigned char *ct,
        unsigned char *ss,
        const unsigned char *pk);
 int PQCLEAN_KYBER102490S_CLEAN_crypto_kem_dec(unsigned char *ss,
        const unsigned char *ct,
        const unsigned char *sk);
--- a/crypto_kem/kyber1024-90s/clean/ntt.c
+++ b/crypto_kem/kyber1024-90s/clean/ntt.c
@ -1,5 +1,5 @@
 #include "params.h"
 #include "ntt.h"
 #include "params.h"
 #include "reduce.h"
 #include <stdint.h>
@ -89,8 +89,8 @@ static int16_t fqmul(int16_t a, int16_t b) {
 *                                of Zq
 **************************************************/
 void PQCLEAN_KYBER102490S_CLEAN_ntt(int16_t r[256]) {
-    unsigned int len = 0, start = 0, j = 0, k = 0;
+    unsigned int len, start, j, k;
-    int16_t t = 0, zeta = 0;
+    int16_t t, zeta;
    k = 1;
    for (len = 128; len >= 2; len >>= 1) {
@ -116,8 +116,8 @@ void PQCLEAN_KYBER102490S_CLEAN_ntt(int16_t r[256]) {
 *                                of Zq
 **************************************************/
 void PQCLEAN_KYBER102490S_CLEAN_invntt(int16_t r[256]) {
-    unsigned int start = 0, len = 0, j = 0, k = 0;
+    unsigned int start, len, j, k;
-    int16_t t = 0, zeta = 0;
+    int16_t t, zeta;
    k = 0;
    for (len = 2; len <= 128; len <<= 1) {
@ -148,7 +148,10 @@ void PQCLEAN_KYBER102490S_CLEAN_invntt(int16_t r[256]) {
 *              - const int16_t b[2]: pointer to the second factor
 *              - int16_t zeta:       integer defining the reduction polynomial
 **************************************************/
-void PQCLEAN_KYBER102490S_CLEAN_basemul(int16_t r[2], const int16_t a[2], const int16_t b[2], int16_t zeta) {
+void PQCLEAN_KYBER102490S_CLEAN_basemul(int16_t r[2],
                                        const int16_t a[2],
                                        const int16_t b[2],
                                        int16_t zeta) {
    r[0]  = fqmul(a[1], b[1]);
    r[0]  = fqmul(r[0], zeta);
    r[0] += fqmul(a[0], b[0]);
--- a/crypto_kem/kyber1024-90s/clean/ntt.h
+++ b/crypto_kem/kyber1024-90s/clean/ntt.h
@ -1,22 +1,19 @@
 #ifndef PQCLEAN_KYBER102490S_CLEAN_NTT_H
 #define PQCLEAN_KYBER102490S_CLEAN_NTT_H
 #include "params.h"
 #include <stdint.h>
 extern const int16_t PQCLEAN_KYBER102490S_CLEAN_zetas[128];
 extern const int16_t PQCLEAN_KYBER102490S_CLEAN_zetas_inv[128];
 void PQCLEAN_KYBER102490S_CLEAN_ntt(int16_t r[256]);
 void PQCLEAN_KYBER102490S_CLEAN_invntt(int16_t r[256]);
-
+void PQCLEAN_KYBER102490S_CLEAN_basemul(int16_t r[2],
-void PQCLEAN_KYBER102490S_CLEAN_basemul(int16_t r[2], const int16_t a[2], const int16_t b[2], int16_t zeta);
+                                        const int16_t a[2],
                                        const int16_t b[2],
                                        int16_t zeta);
 #endif
--- a/crypto_kem/kyber1024-90s/clean/params.h
+++ b/crypto_kem/kyber1024-90s/clean/params.h
@ -1,6 +1,9 @@
 #ifndef PQCLEAN_KYBER102490S_CLEAN_PARAMS_H
 #define PQCLEAN_KYBER102490S_CLEAN_PARAMS_H
 #define KYBER_N 256
 #define KYBER_Q 3329
--- a/crypto_kem/kyber1024-90s/clean/poly.c
+++ b/crypto_kem/kyber1024-90s/clean/poly.c
@ -1,6 +1,6 @@
 #include "params.h"
 #include "cbd.h"
 #include "ntt.h"
 #include "params.h"
 #include "poly.h"
 #include "reduce.h"
 #include "symmetric.h"
@ -16,7 +16,7 @@
 *              - poly *a:    pointer to input polynomial
 **************************************************/
 void PQCLEAN_KYBER102490S_CLEAN_poly_compress(uint8_t r[KYBER_POLYCOMPRESSEDBYTES], poly *a) {
-    unsigned int i = 0, j = 0;
+    size_t i, j;
    uint8_t t[8];
    PQCLEAN_KYBER102490S_CLEAN_poly_csubq(a);
@ -46,9 +46,9 @@ void PQCLEAN_KYBER102490S_CLEAN_poly_compress(uint8_t r[KYBER_POLYCOMPRESSEDBYTE
 *                                  (of length KYBER_POLYCOMPRESSEDBYTES bytes)
 **************************************************/
 void PQCLEAN_KYBER102490S_CLEAN_poly_decompress(poly *r, const uint8_t a[KYBER_POLYCOMPRESSEDBYTES]) {
-    unsigned int i = 0;
+    size_t i;
-    unsigned int j = 0;
+    size_t j;
    uint8_t t[8];
    for (i = 0; i < KYBER_N / 8; i++) {
        t[0] = (a[0] >> 0);
@ -77,8 +77,8 @@ void PQCLEAN_KYBER102490S_CLEAN_poly_decompress(poly *r, const uint8_t a[KYBER_P
 *              - poly *a:    pointer to input polynomial
 **************************************************/
 void PQCLEAN_KYBER102490S_CLEAN_poly_tobytes(uint8_t r[KYBER_POLYBYTES], poly *a) {
-    unsigned int i = 0;
+    size_t i;
-    uint16_t t0 = 0, t1 = 0;
+    uint16_t t0, t1;
    PQCLEAN_KYBER102490S_CLEAN_poly_csubq(a);
@ -102,7 +102,7 @@ void PQCLEAN_KYBER102490S_CLEAN_poly_tobytes(uint8_t r[KYBER_POLYBYTES], poly *a
 *                                  (of KYBER_POLYBYTES bytes)
 **************************************************/
 void PQCLEAN_KYBER102490S_CLEAN_poly_frombytes(poly *r, const uint8_t a[KYBER_POLYBYTES]) {
-    unsigned int i = 0;
+    size_t i;
    for (i = 0; i < KYBER_N / 2; i++) {
        r->coeffs[2 * i]   = ((a[3 * i + 0] >> 0) | ((uint16_t)a[3 * i + 1] << 8)) & 0xFFF;
        r->coeffs[2 * i + 1] = ((a[3 * i + 1] >> 4) | ((uint16_t)a[3 * i + 2] << 4)) & 0xFFF;
@ -118,8 +118,8 @@ void PQCLEAN_KYBER102490S_CLEAN_poly_frombytes(poly *r, const uint8_t a[KYBER_PO
 *              - const uint8_t *msg: pointer to input message
 **************************************************/
 void PQCLEAN_KYBER102490S_CLEAN_poly_frommsg(poly *r, const uint8_t msg[KYBER_INDCPA_MSGBYTES]) {
-    unsigned int i = 0, j = 0;
+    size_t i, j;
-    int16_t mask = 0;
+    int16_t mask;
    for (i = 0; i < KYBER_N / 8; i++) {
        for (j = 0; j < 8; j++) {
@ -138,8 +138,8 @@ void PQCLEAN_KYBER102490S_CLEAN_poly_frommsg(poly *r, const uint8_t msg[KYBER_IN
 *              - poly *a:      pointer to input polynomial
 **************************************************/
 void PQCLEAN_KYBER102490S_CLEAN_poly_tomsg(uint8_t msg[KYBER_INDCPA_MSGBYTES], poly *a) {
-    unsigned int i = 0, j = 0;
+    size_t i, j;
-    uint16_t t = 0;
+    uint16_t t;
    PQCLEAN_KYBER102490S_CLEAN_poly_csubq(a);
@ -207,7 +207,7 @@ void PQCLEAN_KYBER102490S_CLEAN_poly_invntt_tomont(poly *r) {
 *              - const poly *b: pointer to second input polynomial
 **************************************************/
 void PQCLEAN_KYBER102490S_CLEAN_poly_basemul_montgomery(poly *r, const poly *a, const poly *b) {
-    unsigned int i = 0;
+    size_t i;
    for (i = 0; i < KYBER_N / 4; i++) {
        PQCLEAN_KYBER102490S_CLEAN_basemul(&r->coeffs[4 * i], &a->coeffs[4 * i], &b->coeffs[4 * i], PQCLEAN_KYBER102490S_CLEAN_zetas[64 + i]);
        PQCLEAN_KYBER102490S_CLEAN_basemul(&r->coeffs[4 * i + 2], &a->coeffs[4 * i + 2], &b->coeffs[4 * i + 2],
@ -224,7 +224,7 @@ void PQCLEAN_KYBER102490S_CLEAN_poly_basemul_montgomery(poly *r, const poly *a,
 * Arguments:   - poly *r: pointer to input/output polynomial
 **************************************************/
 void PQCLEAN_KYBER102490S_CLEAN_poly_tomont(poly *r) {
-    unsigned int i = 0;
+    size_t i;
    const int16_t f = (1ULL << 32) % KYBER_Q;
    for (i = 0; i < KYBER_N; i++) {
        r->coeffs[i] = PQCLEAN_KYBER102490S_CLEAN_montgomery_reduce((int32_t)r->coeffs[i] * f);
@ -240,7 +240,7 @@ void PQCLEAN_KYBER102490S_CLEAN_poly_tomont(poly *r) {
 * Arguments:   - poly *r: pointer to input/output polynomial
 **************************************************/
 void PQCLEAN_KYBER102490S_CLEAN_poly_reduce(poly *r) {
-    unsigned int i = 0;
+    size_t i;
    for (i = 0; i < KYBER_N; i++) {
        r->coeffs[i] = PQCLEAN_KYBER102490S_CLEAN_barrett_reduce(r->coeffs[i]);
    }
@ -256,7 +256,7 @@ void PQCLEAN_KYBER102490S_CLEAN_poly_reduce(poly *r) {
 * Arguments:   - poly *r: pointer to input/output polynomial
 **************************************************/
 void PQCLEAN_KYBER102490S_CLEAN_poly_csubq(poly *r) {
-    unsigned int i = 0;
+    size_t i;
    for (i = 0; i < KYBER_N; i++) {
        r->coeffs[i] = PQCLEAN_KYBER102490S_CLEAN_csubq(r->coeffs[i]);
    }
@ -272,7 +272,7 @@ void PQCLEAN_KYBER102490S_CLEAN_poly_csubq(poly *r) {
 *            - const poly *b: pointer to second input polynomial
 **************************************************/
 void PQCLEAN_KYBER102490S_CLEAN_poly_add(poly *r, const poly *a, const poly *b) {
-    unsigned int i = 0;
+    size_t i;
    for (i = 0; i < KYBER_N; i++) {
        r->coeffs[i] = a->coeffs[i] + b->coeffs[i];
    }
@ -288,7 +288,7 @@ void PQCLEAN_KYBER102490S_CLEAN_poly_add(poly *r, const poly *a, const poly *b)
 *            - const poly *b: pointer to second input polynomial
 **************************************************/
 void PQCLEAN_KYBER102490S_CLEAN_poly_sub(poly *r, const poly *a, const poly *b) {
-    unsigned int i = 0;
+    size_t i;
    for (i = 0; i < KYBER_N; i++) {
        r->coeffs[i] = a->coeffs[i] - b->coeffs[i];
    }
--- a/crypto_kem/kyber1024-90s/clean/poly.h
+++ b/crypto_kem/kyber1024-90s/clean/poly.h
@ -1,6 +1,5 @@
 #ifndef PQCLEAN_KYBER102490S_CLEAN_POLY_H
 #define PQCLEAN_KYBER102490S_CLEAN_POLY_H
 #include "params.h"
 #include <stdint.h>
@ -12,41 +11,26 @@ typedef struct {
    int16_t coeffs[KYBER_N];
 } poly;
 void PQCLEAN_KYBER102490S_CLEAN_poly_compress(uint8_t r[KYBER_POLYCOMPRESSEDBYTES], poly *a);
 void PQCLEAN_KYBER102490S_CLEAN_poly_decompress(poly *r, const uint8_t a[KYBER_POLYCOMPRESSEDBYTES]);
 void PQCLEAN_KYBER102490S_CLEAN_poly_tobytes(uint8_t r[KYBER_POLYBYTES], poly *a);
 void PQCLEAN_KYBER102490S_CLEAN_poly_frombytes(poly *r, const uint8_t a[KYBER_POLYBYTES]);
 void PQCLEAN_KYBER102490S_CLEAN_poly_frommsg(poly *r, const uint8_t msg[KYBER_INDCPA_MSGBYTES]);
 void PQCLEAN_KYBER102490S_CLEAN_poly_tomsg(uint8_t msg[KYBER_INDCPA_MSGBYTES], poly *a);
 void PQCLEAN_KYBER102490S_CLEAN_poly_getnoise(poly *r, const uint8_t seed[KYBER_SYMBYTES], uint8_t nonce);
 void PQCLEAN_KYBER102490S_CLEAN_poly_ntt(poly *r);
 void PQCLEAN_KYBER102490S_CLEAN_poly_invntt_tomont(poly *r);
 void PQCLEAN_KYBER102490S_CLEAN_poly_basemul_montgomery(poly *r, const poly *a, const poly *b);
 void PQCLEAN_KYBER102490S_CLEAN_poly_tomont(poly *r);
 void PQCLEAN_KYBER102490S_CLEAN_poly_reduce(poly *r);
 void PQCLEAN_KYBER102490S_CLEAN_poly_csubq(poly *r);
 void PQCLEAN_KYBER102490S_CLEAN_poly_add(poly *r, const poly *a, const poly *b);
 void PQCLEAN_KYBER102490S_CLEAN_poly_sub(poly *r, const poly *a, const poly *b);
 #endif
--- a/crypto_kem/kyber1024-90s/clean/polyvec.c
+++ b/crypto_kem/kyber1024-90s/clean/polyvec.c
@ -13,7 +13,7 @@
 *              - polyvec *a: pointer to input vector of polynomials
 **************************************************/
 void PQCLEAN_KYBER102490S_CLEAN_polyvec_compress(uint8_t r[KYBER_POLYVECCOMPRESSEDBYTES], polyvec *a) {
-    unsigned int i = 0, j = 0, k = 0;
+    unsigned int i, j, k;
    PQCLEAN_KYBER102490S_CLEAN_polyvec_csubq(a);
@ -21,10 +21,8 @@ void PQCLEAN_KYBER102490S_CLEAN_polyvec_compress(uint8_t r[KYBER_POLYVECCOMPRESS
    for (i = 0; i < KYBER_K; i++) {
        for (j = 0; j < KYBER_N / 8; j++) {
            for (k = 0; k < 8; k++) {
-                {
+                t[k] = ((((uint32_t)a->vec[i].coeffs[8 * j + k] << 11) + KYBER_Q / 2)
-                    t[k] = ((((uint32_t)a->vec[i].coeffs[8 * j + k] << 11) + KYBER_Q / 2)
+                        / KYBER_Q) & 0x7ff;
                            / KYBER_Q) & 0x7ff;
                }
            }
            r[ 0] = (uint8_t)(t[0] >>  0);
@ -55,7 +53,7 @@ void PQCLEAN_KYBER102490S_CLEAN_polyvec_compress(uint8_t r[KYBER_POLYVECCOMPRESS
 **************************************************/
 void PQCLEAN_KYBER102490S_CLEAN_polyvec_decompress(polyvec *r,
        const uint8_t a[KYBER_POLYVECCOMPRESSEDBYTES]) {
-    unsigned int i = 0, j = 0, k = 0;
+    unsigned int i, j, k;
    uint16_t t[8];
    for (i = 0; i < KYBER_K; i++) {
@ -87,7 +85,7 @@ void PQCLEAN_KYBER102490S_CLEAN_polyvec_decompress(polyvec *r,
 *              - polyvec *a: pointer to input vector of polynomials
 **************************************************/
 void PQCLEAN_KYBER102490S_CLEAN_polyvec_tobytes(uint8_t r[KYBER_POLYVECBYTES], polyvec *a) {
-    unsigned int i = 0;
+    unsigned int i;
    for (i = 0; i < KYBER_K; i++) {
        PQCLEAN_KYBER102490S_CLEAN_poly_tobytes(r + i * KYBER_POLYBYTES, &a->vec[i]);
    }
@ -104,7 +102,7 @@ void PQCLEAN_KYBER102490S_CLEAN_polyvec_tobytes(uint8_t r[KYBER_POLYVECBYTES], p
 *                                  (of length KYBER_POLYVECBYTES)
 **************************************************/
 void PQCLEAN_KYBER102490S_CLEAN_polyvec_frombytes(polyvec *r, const uint8_t a[KYBER_POLYVECBYTES]) {
-    unsigned int i = 0;
+    unsigned int i;
    for (i = 0; i < KYBER_K; i++) {
        PQCLEAN_KYBER102490S_CLEAN_poly_frombytes(&r->vec[i], a + i * KYBER_POLYBYTES);
    }
@ -118,7 +116,7 @@ void PQCLEAN_KYBER102490S_CLEAN_polyvec_frombytes(polyvec *r, const uint8_t a[KY
 * Arguments:   - polyvec *r: pointer to in/output vector of polynomials
 **************************************************/
 void PQCLEAN_KYBER102490S_CLEAN_polyvec_ntt(polyvec *r) {
-    unsigned int i = 0;
+    unsigned int i;
    for (i = 0; i < KYBER_K; i++) {
        PQCLEAN_KYBER102490S_CLEAN_poly_ntt(&r->vec[i]);
    }
@ -133,7 +131,7 @@ void PQCLEAN_KYBER102490S_CLEAN_polyvec_ntt(polyvec *r) {
 * Arguments:   - polyvec *r: pointer to in/output vector of polynomials
 **************************************************/
 void PQCLEAN_KYBER102490S_CLEAN_polyvec_invntt_tomont(polyvec *r) {
-    unsigned int i = 0;
+    unsigned int i;
    for (i = 0; i < KYBER_K; i++) {
        PQCLEAN_KYBER102490S_CLEAN_poly_invntt_tomont(&r->vec[i]);
    }
@ -152,7 +150,7 @@ void PQCLEAN_KYBER102490S_CLEAN_polyvec_invntt_tomont(polyvec *r) {
 void PQCLEAN_KYBER102490S_CLEAN_polyvec_pointwise_acc_montgomery(poly *r,
        const polyvec *a,
        const polyvec *b) {
-    unsigned int i = 0;
+    unsigned int i;
    poly t;
    PQCLEAN_KYBER102490S_CLEAN_poly_basemul_montgomery(r, &a->vec[0], &b->vec[0]);
@ -174,7 +172,7 @@ void PQCLEAN_KYBER102490S_CLEAN_polyvec_pointwise_acc_montgomery(poly *r,
 * Arguments:   - poly *r: pointer to input/output polynomial
 **************************************************/
 void PQCLEAN_KYBER102490S_CLEAN_polyvec_reduce(polyvec *r) {
-    unsigned int i = 0;
+    unsigned int i;
    for (i = 0; i < KYBER_K; i++) {
        PQCLEAN_KYBER102490S_CLEAN_poly_reduce(&r->vec[i]);
    }
@ -191,7 +189,7 @@ void PQCLEAN_KYBER102490S_CLEAN_polyvec_reduce(polyvec *r) {
 * Arguments:   - poly *r: pointer to input/output polynomial
 **************************************************/
 void PQCLEAN_KYBER102490S_CLEAN_polyvec_csubq(polyvec *r) {
-    unsigned int i = 0;
+    unsigned int i;
    for (i = 0; i < KYBER_K; i++) {
        PQCLEAN_KYBER102490S_CLEAN_poly_csubq(&r->vec[i]);
    }
@ -207,7 +205,7 @@ void PQCLEAN_KYBER102490S_CLEAN_polyvec_csubq(polyvec *r) {
 *            - const polyvec *b: pointer to second input vector of polynomials
 **************************************************/
 void PQCLEAN_KYBER102490S_CLEAN_polyvec_add(polyvec *r, const polyvec *a, const polyvec *b) {
-    unsigned int i = 0;
+    unsigned int i;
    for (i = 0; i < KYBER_K; i++) {
        PQCLEAN_KYBER102490S_CLEAN_poly_add(&r->vec[i], &a->vec[i], &b->vec[i]);
    }
--- a/crypto_kem/kyber1024-90s/clean/polyvec.h
+++ b/crypto_kem/kyber1024-90s/clean/polyvec.h
@ -1,6 +1,5 @@
 #ifndef PQCLEAN_KYBER102490S_CLEAN_POLYVEC_H
 #define PQCLEAN_KYBER102490S_CLEAN_POLYVEC_H
 #include "params.h"
 #include "poly.h"
 #include <stdint.h>
@ -9,33 +8,23 @@ typedef struct {
    poly vec[KYBER_K];
 } polyvec;
 void PQCLEAN_KYBER102490S_CLEAN_polyvec_compress(uint8_t r[KYBER_POLYVECCOMPRESSEDBYTES], polyvec *a);
 void PQCLEAN_KYBER102490S_CLEAN_polyvec_decompress(polyvec *r,
        const uint8_t a[KYBER_POLYVECCOMPRESSEDBYTES]);
 void PQCLEAN_KYBER102490S_CLEAN_polyvec_tobytes(uint8_t r[KYBER_POLYVECBYTES], polyvec *a);
 void PQCLEAN_KYBER102490S_CLEAN_polyvec_frombytes(polyvec *r, const uint8_t a[KYBER_POLYVECBYTES]);
 void PQCLEAN_KYBER102490S_CLEAN_polyvec_ntt(polyvec *r);
 void PQCLEAN_KYBER102490S_CLEAN_polyvec_invntt_tomont(polyvec *r);
 void PQCLEAN_KYBER102490S_CLEAN_polyvec_pointwise_acc_montgomery(poly *r,
        const polyvec *a,
        const polyvec *b);
 void PQCLEAN_KYBER102490S_CLEAN_polyvec_reduce(polyvec *r);
 void PQCLEAN_KYBER102490S_CLEAN_polyvec_csubq(polyvec *r);
 void PQCLEAN_KYBER102490S_CLEAN_polyvec_add(polyvec *r, const polyvec *a, const polyvec *b);
 #endif
--- a/crypto_kem/kyber1024-90s/clean/reduce.c
+++ b/crypto_kem/kyber1024-90s/clean/reduce.c
@ -15,8 +15,8 @@
 * Returns:     integer in {-q+1,...,q-1} congruent to a * R^-1 modulo q.
 **************************************************/
 int16_t PQCLEAN_KYBER102490S_CLEAN_montgomery_reduce(int32_t a) {
-    int32_t t = 0;
+    int32_t t;
-    int16_t u = 0;
+    int16_t u;
    u = (int16_t)(a * (int64_t)QINV);
    t = (int32_t)u * KYBER_Q;
@ -36,7 +36,7 @@ int16_t PQCLEAN_KYBER102490S_CLEAN_montgomery_reduce(int32_t a) {
 * Returns:     integer in {0,...,q} congruent to a modulo q.
 **************************************************/
 int16_t PQCLEAN_KYBER102490S_CLEAN_barrett_reduce(int16_t a) {
-    int16_t t = 0;
+    int16_t t;
    const int16_t v = ((1U << 26) + KYBER_Q / 2) / KYBER_Q;
    t  = (int32_t)v * a >> 26;
--- a/crypto_kem/kyber1024-90s/clean/reduce.h
+++ b/crypto_kem/kyber1024-90s/clean/reduce.h
@ -1,19 +1,15 @@
 #ifndef PQCLEAN_KYBER102490S_CLEAN_REDUCE_H
 #define PQCLEAN_KYBER102490S_CLEAN_REDUCE_H
 #include "params.h"
 #include <stdint.h>
 #define MONT 2285 // 2^16 mod q
 #define QINV 62209 // q^-1 mod 2^16
 int16_t PQCLEAN_KYBER102490S_CLEAN_montgomery_reduce(int32_t a);
 int16_t PQCLEAN_KYBER102490S_CLEAN_barrett_reduce(int16_t a);
 int16_t PQCLEAN_KYBER102490S_CLEAN_csubq(int16_t a);
 #endif
--- a/crypto_kem/kyber1024-90s/clean/symmetric-aes.c
+++ b/crypto_kem/kyber1024-90s/clean/symmetric-aes.c
@ -1,5 +1,6 @@
 #include "symmetric-aes.h"
 #include "aes.h"
 #include "params.h"
 #include "symmetric.h"
 #include <stddef.h>
 #include <stdint.h>
 #include <string.h>
@ -34,7 +35,7 @@ static void aes256_ctr_xof(unsigned char *out, size_t outlen, const unsigned cha
 }
 /*************************************************
-* Name:        aes256_prf
+* Name:        PQCLEAN_KYBER102490S_CLEAN_aes256_prf
 *
 * Description: AES256 stream generation in CTR mode using 32-bit counter,
 *              nonce is zero-padded to 12 bytes, counter starts at zero
@ -58,7 +59,7 @@ void PQCLEAN_KYBER102490S_CLEAN_aes256_prf(uint8_t *output, size_t outlen, const
 }
 /*************************************************
-* Name:        aes256xof_absorb
+* Name:        PQCLEAN_KYBER102490S_CLEAN_aes256xof_absorb
 *
 * Description: AES256 CTR used as a replacement for a XOF; this function
 *              "absorbs" a 32-byte key and two additional bytes that are zero-padded
@ -80,7 +81,7 @@ void PQCLEAN_KYBER102490S_CLEAN_aes256xof_absorb(aes256xof_ctx *s, const uint8_t
 }
 /*************************************************
-* Name:        aes256xof_squeezeblocks
+* Name:        PQCLEAN_KYBER102490S_CLEAN_aes256xof_squeezeblocks
 *
 * Description: AES256 CTR used as a replacement for a XOF; this function
 *              generates 4 blocks out AES256-CTR output
--- a/crypto_kem/kyber1024-90s/clean/symmetric-aes.h
+++ b/crypto_kem/kyber1024-90s/clean/symmetric-aes.h
@ -1,11 +1,10 @@
-#ifndef AES256CTR_H
+#ifndef PQCLEAN_KYBER102490S_CLEAN_SYMMETRIC_AES_H
-#define AES256CTR_H
+#define PQCLEAN_KYBER102490S_CLEAN_SYMMETRIC_AES_H
 #include "aes.h"
 #include <stddef.h>
 #include <stdint.h>
 typedef struct {
    aes256ctx sk_exp;
    uint8_t iv[12];
--- a/crypto_kem/kyber1024-90s/clean/symmetric.h
+++ b/crypto_kem/kyber1024-90s/clean/symmetric.h
@ -1,13 +1,12 @@
-#ifndef SYMMETRIC_H
+#ifndef PQCLEAN_KYBER102490S_CLEAN_SYMMETRIC_H
-#define SYMMETRIC_H
+#define PQCLEAN_KYBER102490S_CLEAN_SYMMETRIC_H
 #include "params.h"
 #include "sha2.h"
 #include "symmetric-aes.h"
 #include <stddef.h>
 #include <stdint.h>
 #include "sha2.h"
 #include "symmetric-aes.h"
 typedef aes256xof_ctx xof_state;
--- a/crypto_kem/kyber1024-90s/clean/verify.c
+++ b/crypto_kem/kyber1024-90s/clean/verify.c
@ -14,7 +14,7 @@
 * Returns 0 if the byte arrays are equal, 1 otherwise
 **************************************************/
 int PQCLEAN_KYBER102490S_CLEAN_verify(const uint8_t *a, const uint8_t *b, size_t len) {
-    size_t i = 0;
+    size_t i;
    uint8_t r = 0;
    for (i = 0; i < len; i++) {
@ -38,7 +38,7 @@ int PQCLEAN_KYBER102490S_CLEAN_verify(const uint8_t *a, const uint8_t *b, size_t
 *              uint8_t b:        Condition bit; has to be in {0,1}
 **************************************************/
 void PQCLEAN_KYBER102490S_CLEAN_cmov(uint8_t *r, const uint8_t *x, size_t len, uint8_t b) {
-    size_t i = 0;
+    size_t i;
    b = -b;
    for (i = 0; i < len; i++) {
--- a/crypto_kem/kyber1024-90s/clean/verify.h
+++ b/crypto_kem/kyber1024-90s/clean/verify.h
@ -1,14 +1,11 @@
 #ifndef PQCLEAN_KYBER102490S_CLEAN_VERIFY_H
 #define PQCLEAN_KYBER102490S_CLEAN_VERIFY_H
 #include "params.h"
 #include <stddef.h>
 #include <stdint.h>
 int PQCLEAN_KYBER102490S_CLEAN_verify(const uint8_t *a, const uint8_t *b, size_t len);
 void PQCLEAN_KYBER102490S_CLEAN_cmov(uint8_t *r, const uint8_t *x, size_t len, uint8_t b);
 #endif
--- a/crypto_kem/kyber1024/META.yml
+++ b/crypto_kem/kyber1024/META.yml
@ -21,15 +21,16 @@ auxiliary-submitters:
  - Damien Stehlé
 implementations:
    - name: clean
-      version: https://github.com/pq-crystals/kyber/commit/46e283ab575ec92dfe82fb12229ae2d9d6246682
+      version: https://github.com/pq-crystals/kyber/commit/844057468e69527bd15b17fbe03f4b61f9a22065 via https://github.com/jschanck/package-pqclean/tree/b45068b8/kyber
    - name: avx2
-      version: https://github.com/pq-crystals/kyber/commit/46e283ab575ec92dfe82fb12229ae2d9d6246682
+      version: https://github.com/pq-crystals/kyber/commit/844057468e69527bd15b17fbe03f4b61f9a22065 via https://github.com/jschanck/package-pqclean/tree/b45068b8/kyber
      supported_platforms:
        - architecture: x86_64
          operating_systems:
-            - Linux
+              - Linux
-            - Darwin
+              - Darwin
          required_flags:
              - aes
              - avx2
              - bmi2
              - popcnt
--- a/crypto_kem/kyber1024/avx2/Makefile
+++ b/crypto_kem/kyber1024/avx2/Makefile
@ -1,50 +1,16 @@
 # This Makefile can be used with GNU Make or BSD Make
 LIB=libkyber1024_avx2.a
-HEADERS=	 	\
+HEADERS=align.h api.h cbd.h cdecl.h consts.h fips202x4.h indcpa.h kem.h ntt.h params.h poly.h polyvec.h reduce.h rejsample.h symmetric.h verify.h  fq.inc shuffle.inc 
-	align.h     \
+OBJECTS=cbd.o consts.o fips202x4.o indcpa.o kem.o poly.o polyvec.o rejsample.o symmetric-shake.o verify.o  basemul.o fq.o invntt.o ntt.o shuffle.o 
 	api.h       \
 	cbd.h       \
 	cdecl.inc   \
 	consts.h    \
 	fips202x4.h \
 	fq.inc      \
 	indcpa.h    \
 	kem.h       \
 	ntt.h       \
 	params.h    \
 	poly.h      \
 	polyvec.h   \
 	reduce.h    \
 	rejsample.h \
 	shuffle.inc \
 	symmetric.h \
 	verify.h
 OBJECTS=				\
 	basemul.o           \
 	cbd.o               \
 	consts.o            \
 	fips202x4.o         \
 	fq.o                \
 	indcpa.o            \
 	invntt.o            \
 	kem.o               \
 	ntt.o               \
 	poly.o              \
 	polyvec.o           \
 	rejsample.o         \
 	shuffle.o           \
 	symmetric-shake.o   \
 	verify.o
 KECCAK4XDIR=../../../common/keccak4x
 KECCAK4XOBJ=KeccakP-1600-times4-SIMD256.o
 KECCAK4X=$(KECCAK4XDIR)/$(KECCAK4XOBJ)
 CFLAGS=-mavx2 -mbmi2 -mpopcnt -O3 -Wall -Wextra -Wpedantic -Werror \
-	   -Wmissing-prototypes -Wredundant-decls \
+          -Wmissing-prototypes -Wredundant-decls \
-	   -Wpointer-arith -Wshadow \
+          -Wpointer-arith -Wshadow \
-	   -std=c99 -I../../../common $(EXTRAFLAGS)
+          -std=c99 -I../../../common $(EXTRAFLAGS)
 all: $(LIB)
--- a/crypto_kem/kyber1024/avx2/align.h
+++ b/crypto_kem/kyber1024/avx2/align.h
@ -1,5 +1,6 @@
 #ifndef PQCLEAN_KYBER1024_AVX2_ALIGN_H
 #define PQCLEAN_KYBER1024_AVX2_ALIGN_H
 #include <immintrin.h>
 #define ALIGN16_TYPE(t) \
--- a/crypto_kem/kyber1024/avx2/api.h
+++ b/crypto_kem/kyber1024/avx2/api.h
@ -15,5 +15,4 @@ int PQCLEAN_KYBER1024_AVX2_crypto_kem_enc(uint8_t *ct, uint8_t *ss, const uint8_
 int PQCLEAN_KYBER1024_AVX2_crypto_kem_dec(uint8_t *ss, const uint8_t *ct, const uint8_t *sk);
 #endif
--- a/crypto_kem/kyber1024/avx2/basemul.S
+++ b/crypto_kem/kyber1024/avx2/basemul.S
@ -1,5 +1,5 @@
 #include "cdecl.h"
 #include "params.h"
 #include "cdecl.inc"
 .macro schoolbook off,sign
 #load
@ -165,7 +165,9 @@ vmovdqa		%ymm5,96(%rdi)
 ret
 .global cdecl(PQCLEAN_KYBER1024_AVX2_basemul_acc_avx)
 .global _cdecl(PQCLEAN_KYBER1024_AVX2_basemul_acc_avx)
 cdecl(PQCLEAN_KYBER1024_AVX2_basemul_acc_avx):
 _cdecl(PQCLEAN_KYBER1024_AVX2_basemul_acc_avx):
 #consts
 vmovdqa		_16XQ*2(%rcx),%ymm0
 vmovdqa		_16XQINV*2(%rcx),%ymm1
@ -215,7 +217,9 @@ vmovdqa		%ymm12,96(%rdi)
 ret
 .global cdecl(PQCLEAN_KYBER1024_AVX2_basemul_avx)
 .global _cdecl(PQCLEAN_KYBER1024_AVX2_basemul_avx)
 cdecl(PQCLEAN_KYBER1024_AVX2_basemul_avx):
 _cdecl(PQCLEAN_KYBER1024_AVX2_basemul_avx):
 #consts
 vmovdqa		_16XQ*2(%rcx),%ymm0
 vmovdqa		_16XQINV*2(%rcx),%ymm1
--- a/crypto_kem/kyber1024/avx2/cbd.c
+++ b/crypto_kem/kyber1024/avx2/cbd.c
@ -1,5 +1,5 @@
 #include "params.h"
 #include "cbd.h"
 #include "params.h"
 #include <immintrin.h>
 #include <stdint.h>
@ -14,7 +14,7 @@
 *              - const unsigned char *buf: pointer to input byte array
 **************************************************/
 void PQCLEAN_KYBER1024_AVX2_cbd(poly *restrict r, const uint8_t *restrict buf) {
-    unsigned int i = 0;
+    unsigned int i;
    __m256i vec0, vec1, vec2, vec3, tmp;
    const __m256i mask55 = _mm256_set1_epi32(0x55555555);
    const __m256i mask33 = _mm256_set1_epi32(0x33333333);
--- a/crypto_kem/kyber1024/avx2/cbd.h
+++ b/crypto_kem/kyber1024/avx2/cbd.h
@ -1,11 +1,9 @@
 #ifndef PQCLEAN_KYBER1024_AVX2_CBD_H
 #define PQCLEAN_KYBER1024_AVX2_CBD_H
 #include "params.h"
 #include "poly.h"
 #include <stdint.h>
 void PQCLEAN_KYBER1024_AVX2_cbd(poly *r, const uint8_t buf[KYBER_ETA * KYBER_N / 4]);
 #endif
--- a/crypto_kem/kyber1024/avx2/cdecl.inc
+++ b/crypto_kem/kyber1024/avx2/cdecl.inc
@ -1,5 +1,5 @@
-#ifndef PQCLEAN_DILITHIUM2_AVX2_CDECL
+#ifndef PQCLEAN_KYBER1024_AVX2_CDECL_H
-#define PQCLEAN_DILITHIUM2_AVX2_CDECL
+#define PQCLEAN_KYBER1024_AVX2_CDECL_H
 #define _16XQ            0
 #define _16XQINV        16
@ -21,10 +21,6 @@
 * This define helps us get around this
 */
-#if defined(__WIN32__) || defined(__APPLE__)
+#define _cdecl(s) _##s
 #define cdecl(s) _##s
 #else
 #define cdecl(s) s
 #endif
 #endif
--- a/crypto_kem/kyber1024/avx2/consts.c
+++ b/crypto_kem/kyber1024/avx2/consts.c
@ -1,5 +1,5 @@
 #include "params.h"
 #include "consts.h"
 #include "params.h"
 #include <stdint.h>
 #define Q KYBER_Q
--- a/crypto_kem/kyber1024/avx2/consts.h
+++ b/crypto_kem/kyber1024/avx2/consts.h
@ -1,12 +1,11 @@
 #ifndef PQCLEAN_KYBER1024_AVX2_CONSTS_H
 #define PQCLEAN_KYBER1024_AVX2_CONSTS_H
-
+#include "cdecl.h"
 #include "cdecl.inc"
 #include "params.h"
 #include <immintrin.h>
 #include <stdint.h>
 #define ALIGNED_UINT16_T(N) \
    union   {                   \
        __m256i as_vec;         \
--- a/crypto_kem/kyber1024/avx2/fips202x4.c
+++ b/crypto_kem/kyber1024/avx2/fips202x4.c
@ -10,7 +10,7 @@
 extern void KeccakF1600_StatePermute4x(__m256i *s);
 static inline void store64(uint8_t x[8], uint64_t u) {
-    unsigned int i = 0;
+    unsigned int i;
    for (i = 0; i < 8; i++) {
        x[i] = u >> 8 * i;
@ -25,7 +25,7 @@ static void keccakx4_absorb(__m256i s[25],
                            const uint8_t *in3,
                            size_t inlen,
                            uint8_t p) {
-    size_t i = 0, pos = 0;
+    size_t i, pos = 0;
    __m256i t, idx;
    for (i = 0; i < 25; ++i) {
@ -74,8 +74,8 @@ static void keccakx4_squeezeblocks(uint8_t *out0,
                                   size_t nblocks,
                                   unsigned int r,
                                   __m256i s[25]) {
-    unsigned int i = 0;
+    unsigned int i;
-    uint64_t f0 = 0, f1 = 0, f2 = 0, f3 = 0;
+    uint64_t f0, f1, f2, f3;
    while (nblocks > 0) {
        KeccakF1600_StatePermute4x(s);
@ -137,8 +137,17 @@ void PQCLEAN_KYBER1024_AVX2_shake256x4_squeezeblocks(uint8_t *out0,
                           state->s);
 }
-void PQCLEAN_KYBER1024_AVX2_shake128x4(uint8_t *out0, uint8_t *out1, uint8_t *out2, uint8_t *out3, size_t outlen, const uint8_t *in0, const uint8_t *in1, const uint8_t *in2, const uint8_t *in3, size_t inlen) {
+void PQCLEAN_KYBER1024_AVX2_shake128x4(uint8_t *out0,
-    unsigned int i = 0;
+                                       uint8_t *out1,
                                       uint8_t *out2,
                                       uint8_t *out3,
                                       size_t outlen,
                                       const uint8_t *in0,
                                       const uint8_t *in1,
                                       const uint8_t *in2,
                                       const uint8_t *in3,
                                       size_t inlen) {
    unsigned int i;
    size_t nblocks = outlen / SHAKE128_RATE;
    uint8_t t[4][SHAKE128_RATE];
    keccakx4_state state;
@ -163,8 +172,17 @@ void PQCLEAN_KYBER1024_AVX2_shake128x4(uint8_t *out0, uint8_t *out1, uint8_t *ou
    }
 }
-void PQCLEAN_KYBER1024_AVX2_shake256x4(uint8_t *out0, uint8_t *out1, uint8_t *out2, uint8_t *out3, size_t outlen, const uint8_t *in0, const uint8_t *in1, const uint8_t *in2, const uint8_t *in3, size_t inlen) {
+void PQCLEAN_KYBER1024_AVX2_shake256x4(uint8_t *out0,
-    unsigned int i = 0;
+                                       uint8_t *out1,
                                       uint8_t *out2,
                                       uint8_t *out3,
                                       size_t outlen,
                                       const uint8_t *in0,
                                       const uint8_t *in1,
                                       const uint8_t *in2,
                                       const uint8_t *in3,
                                       size_t inlen) {
    unsigned int i;
    size_t nblocks = outlen / SHAKE256_RATE;
    uint8_t t[4][SHAKE256_RATE];
    keccakx4_state state;
--- a/crypto_kem/kyber1024/avx2/fips202x4.h
+++ b/crypto_kem/kyber1024/avx2/fips202x4.h
@ -1,5 +1,5 @@
-#ifndef FIPS202X4_H
+#ifndef PQCLEAN_KYBER1024_AVX2_FIPS202X4_H
-#define FIPS202X4_H
+#define PQCLEAN_KYBER1024_AVX2_FIPS202X4_H
 #include <immintrin.h>
 #include <stddef.h>
@ -9,17 +9,54 @@ typedef struct {
    __m256i s[25];
 } keccakx4_state;
-void PQCLEAN_KYBER1024_AVX2_shake128x4_absorb(keccakx4_state *state, const uint8_t *in0, const uint8_t *in1, const uint8_t *in2, const uint8_t *in3, size_t inlen);
+void PQCLEAN_KYBER1024_AVX2_shake128x4_absorb(keccakx4_state *state,
        const uint8_t *in0,
        const uint8_t *in1,
        const uint8_t *in2,
        const uint8_t *in3,
        size_t inlen);
-void PQCLEAN_KYBER1024_AVX2_shake128x4_squeezeblocks(uint8_t *out0, uint8_t *out1, uint8_t *out2, uint8_t *out3, size_t nblocks, keccakx4_state *state);
+void PQCLEAN_KYBER1024_AVX2_shake128x4_squeezeblocks(uint8_t *out0,
-
+        uint8_t *out1,
-void PQCLEAN_KYBER1024_AVX2_shake256x4_absorb(keccakx4_state *state, const uint8_t *in0, const uint8_t *in1, const uint8_t *in2, const uint8_t *in3, size_t inlen);
+        uint8_t *out2,
-
+        uint8_t *out3,
-void PQCLEAN_KYBER1024_AVX2_shake256x4_squeezeblocks(uint8_t *out0, uint8_t *out1, uint8_t *out2, uint8_t *out3, size_t nblocks,
+        size_t nblocks,
        keccakx4_state *state);
-void PQCLEAN_KYBER1024_AVX2_shake128x4(uint8_t *out0, uint8_t *out1, uint8_t *out2, uint8_t *out3, size_t outlen, const uint8_t *in0, const uint8_t *in1, const uint8_t *in2, const uint8_t *in3, size_t inlen);
+void PQCLEAN_KYBER1024_AVX2_shake256x4_absorb(keccakx4_state *state,
        const uint8_t *in0,
        const uint8_t *in1,
        const uint8_t *in2,
        const uint8_t *in3,
        size_t inlen);
-void PQCLEAN_KYBER1024_AVX2_shake256x4(uint8_t *out0, uint8_t *out1, uint8_t *out2, uint8_t *out3, size_t outlen, const uint8_t *in0, const uint8_t *in1, const uint8_t *in2, const uint8_t *in3, size_t inlen);
+void PQCLEAN_KYBER1024_AVX2_shake256x4_squeezeblocks(uint8_t *out0,
        uint8_t *out1,
        uint8_t *out2,
        uint8_t *out3,
        size_t nblocks,
        keccakx4_state *state);
 void PQCLEAN_KYBER1024_AVX2_shake128x4(uint8_t *out0,
                                       uint8_t *out1,
                                       uint8_t *out2,
                                       uint8_t *out3,
                                       size_t outlen,
                                       const uint8_t *in0,
                                       const uint8_t *in1,
                                       const uint8_t *in2,
                                       const uint8_t *in3,
                                       size_t inlen);
 void PQCLEAN_KYBER1024_AVX2_shake256x4(uint8_t *out0,
                                       uint8_t *out1,
                                       uint8_t *out2,
                                       uint8_t *out3,
                                       size_t outlen,
                                       const uint8_t *in0,
                                       const uint8_t *in1,
                                       const uint8_t *in2,
                                       const uint8_t *in3,
                                       size_t inlen);
 #endif
--- a/crypto_kem/kyber1024/avx2/fq.S
+++ b/crypto_kem/kyber1024/avx2/fq.S
@ -1,4 +1,4 @@
-#include "cdecl.inc"
+#include "cdecl.h"
 .include "fq.inc"
 .text
@ -35,7 +35,9 @@ vmovdqa		%ymm9,224(%rdi)
 ret
 .global cdecl(PQCLEAN_KYBER1024_AVX2_reduce_avx)
 .global _cdecl(PQCLEAN_KYBER1024_AVX2_reduce_avx)
 cdecl(PQCLEAN_KYBER1024_AVX2_reduce_avx):
 _cdecl(PQCLEAN_KYBER1024_AVX2_reduce_avx):
 #consts
 vmovdqa		_16XQ*2(%rsi),%ymm0
 vmovdqa		_16XV*2(%rsi),%ymm1
@ -77,7 +79,9 @@ vmovdqa		%ymm8,224(%rdi)
 ret
 .global cdecl(PQCLEAN_KYBER1024_AVX2_csubq_avx)
 .global _cdecl(PQCLEAN_KYBER1024_AVX2_csubq_avx)
 cdecl(PQCLEAN_KYBER1024_AVX2_csubq_avx):
 _cdecl(PQCLEAN_KYBER1024_AVX2_csubq_avx):
 #consts
 vmovdqa		_16XQ*2(%rsi),%ymm0
 call		csubq128_avx
@ -118,7 +122,9 @@ vmovdqa		%ymm10,224(%rdi)
 ret
 .global cdecl(PQCLEAN_KYBER1024_AVX2_tomont_avx)
 .global _cdecl(PQCLEAN_KYBER1024_AVX2_tomont_avx)
 cdecl(PQCLEAN_KYBER1024_AVX2_tomont_avx):
 _cdecl(PQCLEAN_KYBER1024_AVX2_tomont_avx):
 #consts
 vmovdqa		_16XQ*2(%rsi),%ymm0
 vmovdqa		_16XMONTSQLO*2(%rsi),%ymm1
--- a/crypto_kem/kyber1024/avx2/indcpa.c
+++ b/crypto_kem/kyber1024/avx2/indcpa.c
@ -25,7 +25,7 @@
 static void pack_pk(uint8_t r[KYBER_INDCPA_PUBLICKEYBYTES],
                    polyvec *pk,
                    const uint8_t seed[KYBER_SYMBYTES]) {
-    size_t i = 0;
+    size_t i;
    PQCLEAN_KYBER1024_AVX2_polyvec_tobytes(r, pk);
    for (i = 0; i < KYBER_SYMBYTES; i++) {
        r[i + KYBER_POLYVECBYTES] = seed[i];
@ -45,7 +45,7 @@ static void pack_pk(uint8_t r[KYBER_INDCPA_PUBLICKEYBYTES],
 static void unpack_pk(polyvec *pk,
                      uint8_t seed[KYBER_SYMBYTES],
                      const uint8_t packedpk[KYBER_INDCPA_PUBLICKEYBYTES]) {
-    size_t i = 0;
+    size_t i;
    PQCLEAN_KYBER1024_AVX2_polyvec_frombytes(pk, packedpk);
    for (i = 0; i < KYBER_SYMBYTES; i++) {
        seed[i] = packedpk[i + KYBER_POLYVECBYTES];
@ -133,8 +133,8 @@ static unsigned int rej_uniform(int16_t *r,
                                unsigned int len,
                                const uint8_t *buf,
                                unsigned int buflen) {
-    unsigned int ctr = 0, pos = 0;
+    unsigned int ctr, pos;
-    uint16_t val = 0;
+    uint16_t val;
    ctr = pos = 0;
    while (ctr < len && pos + 2 <= buflen) {
@ -168,7 +168,7 @@ static unsigned int rej_uniform(int16_t *r,
 #define GEN_MATRIX_NBLOCKS ((2*KYBER_N*(1U << 16)/(19*KYBER_Q) \
                             + XOF_BLOCKBYTES)/XOF_BLOCKBYTES)
 void PQCLEAN_KYBER1024_AVX2_gen_matrix(polyvec *a, const uint8_t seed[32], int transposed) {
-    unsigned int i = 0, ctr0 = 0, ctr1 = 0, ctr2 = 0, ctr3 = 0;
+    unsigned int i, ctr0, ctr1, ctr2, ctr3;
    ALIGN32_ARRAY_2D(uint8_t, 4, (GEN_MATRIX_NBLOCKS * XOF_BLOCKBYTES + 31) / 32 * 32) buf;
    __m256i f;
    keccakx4_state state;
@ -242,7 +242,7 @@ void PQCLEAN_KYBER1024_AVX2_gen_matrix(polyvec *a, const uint8_t seed[32], int t
 **************************************************/
 void PQCLEAN_KYBER1024_AVX2_indcpa_keypair(uint8_t pk[KYBER_INDCPA_PUBLICKEYBYTES],
        uint8_t sk[KYBER_INDCPA_SECRETKEYBYTES]) {
-    unsigned int i = 0;
+    unsigned int i;
    ALIGN32_ARRAY(uint8_t, 2 * KYBER_SYMBYTES) buf;
    const uint8_t *publicseed = buf.arr;
    const uint8_t *noiseseed = buf.arr + KYBER_SYMBYTES;
@ -295,7 +295,7 @@ void PQCLEAN_KYBER1024_AVX2_indcpa_enc(uint8_t c[KYBER_INDCPA_BYTES],
                                       const uint8_t m[KYBER_INDCPA_MSGBYTES],
                                       const uint8_t pk[KYBER_INDCPA_PUBLICKEYBYTES],
                                       const uint8_t coins[KYBER_SYMBYTES]) {
-    unsigned int i = 0;
+    unsigned int i;
    ALIGN32_ARRAY(uint8_t, KYBER_SYMBYTES) seed;
    polyvec sp, pkpv, ep, at[KYBER_K], bp;
    poly v, k, epp;
--- a/crypto_kem/kyber1024/avx2/indcpa.h
+++ b/crypto_kem/kyber1024/avx2/indcpa.h
@ -1,16 +1,20 @@
 #ifndef PQCLEAN_KYBER1024_AVX2_INDCPA_H
 #define PQCLEAN_KYBER1024_AVX2_INDCPA_H
 #include "params.h"
 #include "polyvec.h"
 #include <stdint.h>
 void PQCLEAN_KYBER1024_AVX2_gen_matrix(polyvec *a, const uint8_t seed[KYBER_SYMBYTES], int transposed);
 void PQCLEAN_KYBER1024_AVX2_indcpa_keypair(uint8_t pk[KYBER_INDCPA_PUBLICKEYBYTES],
        uint8_t sk[KYBER_INDCPA_SECRETKEYBYTES]);
-void PQCLEAN_KYBER1024_AVX2_indcpa_keypair(uint8_t pk[KYBER_INDCPA_PUBLICKEYBYTES], uint8_t sk[KYBER_INDCPA_SECRETKEYBYTES]);
+void PQCLEAN_KYBER1024_AVX2_indcpa_enc(uint8_t c[KYBER_INDCPA_BYTES],
                                       const uint8_t m[KYBER_INDCPA_MSGBYTES],
                                       const uint8_t pk[KYBER_INDCPA_PUBLICKEYBYTES],
                                       const uint8_t coins[KYBER_SYMBYTES]);
-void PQCLEAN_KYBER1024_AVX2_indcpa_enc(uint8_t c[KYBER_INDCPA_BYTES], const uint8_t m[KYBER_INDCPA_MSGBYTES], const uint8_t pk[KYBER_INDCPA_PUBLICKEYBYTES], const uint8_t coins[KYBER_SYMBYTES]);
+void PQCLEAN_KYBER1024_AVX2_indcpa_dec(uint8_t m[KYBER_INDCPA_MSGBYTES],
-
+                                       const uint8_t c[KYBER_INDCPA_BYTES],
-void PQCLEAN_KYBER1024_AVX2_indcpa_dec(uint8_t m[KYBER_INDCPA_MSGBYTES], const uint8_t c[KYBER_INDCPA_BYTES], const uint8_t sk[KYBER_INDCPA_SECRETKEYBYTES]);
+                                       const uint8_t sk[KYBER_INDCPA_SECRETKEYBYTES]);
 #endif
--- a/crypto_kem/kyber1024/avx2/invntt.S
+++ b/crypto_kem/kyber1024/avx2/invntt.S
@ -1,4 +1,4 @@
-#include "cdecl.inc"
+#include "cdecl.h"
 .include "shuffle.inc"
 .include "fq.inc"
@ -210,7 +210,9 @@ vmovdqa		%ymm7,224(%rdi)
 ret
 .global cdecl(PQCLEAN_KYBER1024_AVX2_invntt_avx)
 .global _cdecl(PQCLEAN_KYBER1024_AVX2_invntt_avx)
 cdecl(PQCLEAN_KYBER1024_AVX2_invntt_avx):
 _cdecl(PQCLEAN_KYBER1024_AVX2_invntt_avx):
 #consts
 vmovdqa         _16XQ*2(%rsi),%ymm0
 mov		%rsi,%rdx
--- a/crypto_kem/kyber1024/avx2/kem.c
+++ b/crypto_kem/kyber1024/avx2/kem.c
@ -8,7 +8,6 @@
 #include <stddef.h>
 #include <stdint.h>
 /*************************************************
 * Name:        PQCLEAN_KYBER1024_AVX2_crypto_kem_keypair
 *
@ -23,7 +22,7 @@
 * Returns 0 (success)
 **************************************************/
 int PQCLEAN_KYBER1024_AVX2_crypto_kem_keypair(unsigned char *pk, unsigned char *sk) {
-    size_t i = 0;
+    size_t i;
    PQCLEAN_KYBER1024_AVX2_indcpa_keypair(pk, sk);
    for (i = 0; i < KYBER_INDCPA_PUBLICKEYBYTES; i++) {
        sk[i + KYBER_INDCPA_SECRETKEYBYTES] = pk[i];
@ -94,8 +93,8 @@ int PQCLEAN_KYBER1024_AVX2_crypto_kem_enc(unsigned char *ct,
 int PQCLEAN_KYBER1024_AVX2_crypto_kem_dec(unsigned char *ss,
        const unsigned char *ct,
        const unsigned char *sk) {
-    size_t i = 0;
+    size_t i;
-    int fail = 0;
+    int fail;
    ALIGN32_ARRAY(uint8_t, 2 * KYBER_SYMBYTES) buf;
    /* Will contain key, coins */
    ALIGN32_ARRAY(uint8_t, 2 * KYBER_SYMBYTES) kr;
@ -119,7 +118,7 @@ int PQCLEAN_KYBER1024_AVX2_crypto_kem_dec(unsigned char *ss,
    hash_h(kr.arr + KYBER_SYMBYTES, ct, KYBER_CIPHERTEXTBYTES);
    /* Overwrite pre-k with z on re-encryption failure */
-    PQCLEAN_KYBER1024_AVX2_cmov(kr.arr, sk + KYBER_SECRETKEYBYTES - KYBER_SYMBYTES, KYBER_SYMBYTES, fail);
+    PQCLEAN_KYBER1024_AVX2_cmov(kr.arr, sk + KYBER_SECRETKEYBYTES - KYBER_SYMBYTES, KYBER_SYMBYTES, (uint8_t)fail);
    /* hash concatenation of pre-k and H(c) to k */
    kdf(ss, kr.arr, 2 * KYBER_SYMBYTES);
--- a/crypto_kem/kyber1024/avx2/kem.h
+++ b/crypto_kem/kyber1024/avx2/kem.h
@ -1,17 +1,14 @@
 #ifndef PQCLEAN_KYBER1024_AVX2_KEM_H
 #define PQCLEAN_KYBER1024_AVX2_KEM_H
 #include "params.h"
 int PQCLEAN_KYBER1024_AVX2_crypto_kem_keypair(unsigned char *pk, unsigned char *sk);
 int PQCLEAN_KYBER1024_AVX2_crypto_kem_enc(unsigned char *ct,
        unsigned char *ss,
        const unsigned char *pk);
 int PQCLEAN_KYBER1024_AVX2_crypto_kem_dec(unsigned char *ss,
        const unsigned char *ct,
        const unsigned char *sk);
--- a/crypto_kem/kyber1024/avx2/ntt.S
+++ b/crypto_kem/kyber1024/avx2/ntt.S
@ -1,4 +1,4 @@
-#include "cdecl.inc"
+#include "cdecl.h"
 .include "shuffle.inc"
 .include "fq.inc"
@ -203,7 +203,9 @@ vmovdqa		%ymm11,224(%rdi)
 ret
 .global cdecl(PQCLEAN_KYBER1024_AVX2_ntt_avx)
 .global _cdecl(PQCLEAN_KYBER1024_AVX2_ntt_avx)
 cdecl(PQCLEAN_KYBER1024_AVX2_ntt_avx):
 _cdecl(PQCLEAN_KYBER1024_AVX2_ntt_avx):
 #consts
 vmovdqa		_16XQ*2(%rsi),%ymm0
 mov		%rsi,%rdx
--- a/crypto_kem/kyber1024/avx2/ntt.h
+++ b/crypto_kem/kyber1024/avx2/ntt.h
@ -1,28 +1,24 @@
-#ifndef NTT_H
+#ifndef PQCLEAN_KYBER1024_AVX2_NTT_H
-#define NTT_H
+#define PQCLEAN_KYBER1024_AVX2_NTT_H
 #include "consts.h"
 #include "params.h"
 #include <stdint.h>
 void PQCLEAN_KYBER1024_AVX2_ntt_avx(int16_t *r, const qdata_t *PQCLEAN_KYBER1024_AVX2_qdata);
 void PQCLEAN_KYBER1024_AVX2_invntt_avx(int16_t *r, const qdata_t *PQCLEAN_KYBER1024_AVX2_qdata);
-
+void PQCLEAN_KYBER1024_AVX2_nttpack_avx(int16_t *r, const qdata_t *PQCLEAN_KYBER1024_AVX2_qdata);
 void nttpack_avx(int16_t *r, const qdata_t *PQCLEAN_KYBER1024_AVX2_qdata);
 void PQCLEAN_KYBER1024_AVX2_nttunpack_avx(int16_t *r, const qdata_t *PQCLEAN_KYBER1024_AVX2_qdata);
-
+void PQCLEAN_KYBER1024_AVX2_basemul_avx(int16_t *r,
-void PQCLEAN_KYBER1024_AVX2_basemul_avx(int16_t *r, const int16_t *a, const int16_t *b, const qdata_t *PQCLEAN_KYBER1024_AVX2_qdata);
+                                        const int16_t *a,
-
+                                        const int16_t *b,
-void PQCLEAN_KYBER1024_AVX2_basemul_acc_avx(int16_t *r, const int16_t *a, const int16_t *b, const qdata_t *PQCLEAN_KYBER1024_AVX2_qdata);
+                                        const qdata_t *PQCLEAN_KYBER1024_AVX2_qdata);
-
+void PQCLEAN_KYBER1024_AVX2_basemul_acc_avx(int16_t *r,
        const int16_t *a,
        const int16_t *b,
        const qdata_t *PQCLEAN_KYBER1024_AVX2_qdata);
 void PQCLEAN_KYBER1024_AVX2_ntttobytes_avx(uint8_t *r, const int16_t *a, const qdata_t *PQCLEAN_KYBER1024_AVX2_qdata);
 void PQCLEAN_KYBER1024_AVX2_nttfrombytes_avx(int16_t *r, const uint8_t *a, const qdata_t *PQCLEAN_KYBER1024_AVX2_qdata);
 #endif
--- a/crypto_kem/kyber1024/avx2/params.h
+++ b/crypto_kem/kyber1024/avx2/params.h
@ -1,6 +1,9 @@
 #ifndef PQCLEAN_KYBER1024_AVX2_PARAMS_H
 #define PQCLEAN_KYBER1024_AVX2_PARAMS_H
 #define KYBER_N 256
 #define KYBER_Q 3329
--- a/crypto_kem/kyber1024/avx2/poly.c
+++ b/crypto_kem/kyber1024/avx2/poly.c
@ -19,7 +19,7 @@
 *              - poly *a:    pointer to input polynomial
 **************************************************/
 void PQCLEAN_KYBER1024_AVX2_poly_compress(uint8_t r[KYBER_POLYCOMPRESSEDBYTES], poly *restrict a) {
-    unsigned int i = 0, j = 0;
+    unsigned int i, j;
    uint8_t t[8];
    PQCLEAN_KYBER1024_AVX2_poly_csubq(a);
@ -50,9 +50,9 @@ void PQCLEAN_KYBER1024_AVX2_poly_compress(uint8_t r[KYBER_POLYCOMPRESSEDBYTES],
 **************************************************/
 void PQCLEAN_KYBER1024_AVX2_poly_decompress(poly *restrict r,
        const uint8_t a[KYBER_POLYCOMPRESSEDBYTES]) {
-    unsigned int i = 0;
+    unsigned int i;
-    unsigned int j = 0;
+    unsigned int j;
    uint8_t t[8];
    for (i = 0; i < KYBER_N / 8; i++) {
        t[0] = (a[0] >> 0);
@ -114,7 +114,7 @@ void PQCLEAN_KYBER1024_AVX2_poly_frommsg(poly *restrict r,
    const __m256i hqs = _mm256_set1_epi16((KYBER_Q + 1) / 2);
 #define FROMMSG64(i)                        \
-    g3 = _mm256_shuffle_epi32(f,0x55*(i));              \
+    g3 = _mm256_shuffle_epi32(f,0x55*(i));                \
    g3 = _mm256_sllv_epi32(g3,shift);             \
    g3 = _mm256_shuffle_epi8(g3,idx);             \
    g0 = _mm256_slli_epi16(g3,12);                \
@ -136,9 +136,9 @@ void PQCLEAN_KYBER1024_AVX2_poly_frommsg(poly *restrict r,
    g2 = _mm256_permute2x128_si256(h0,h1,0x31);           \
    g1 = _mm256_permute2x128_si256(h2,h3,0x20);           \
    g3 = _mm256_permute2x128_si256(h2,h3,0x31);           \
-    _mm256_store_si256((__m256i *)&r->coeffs[  0+32*(i)+ 0],g0);    \
+    _mm256_store_si256((__m256i *)&r->coeffs[  0+32*(i)+ 0],g0);  \
-    _mm256_store_si256((__m256i *)&r->coeffs[  0+32*(i)+16],g1);    \
+    _mm256_store_si256((__m256i *)&r->coeffs[  0+32*(i)+16],g1);  \
-    _mm256_store_si256((__m256i *)&r->coeffs[128+32*(i)+ 0],g2);    \
+    _mm256_store_si256((__m256i *)&r->coeffs[128+32*(i)+ 0],g2);  \
    _mm256_store_si256((__m256i *)&r->coeffs[128+32*(i)+16],g3)
    f = _mm256_load_si256((__m256i *)msg);
@ -157,8 +157,8 @@ void PQCLEAN_KYBER1024_AVX2_poly_frommsg(poly *restrict r,
 *              - poly *a:      pointer to input polynomial
 **************************************************/
 void PQCLEAN_KYBER1024_AVX2_poly_tomsg(uint8_t msg[KYBER_INDCPA_MSGBYTES], poly *restrict a) {
-    unsigned int i = 0;
+    unsigned int i;
-    uint32_t small = 0;
+    uint32_t small;
    __m256i f0, f1, g0, g1;
    const __m256i hqs = _mm256_set1_epi16((KYBER_Q - 1) / 2);
    const __m256i hhqs = _mm256_set1_epi16((KYBER_Q - 5) / 4);
@ -325,7 +325,7 @@ void PQCLEAN_KYBER1024_AVX2_poly_csubq(poly *r) {
 *            - const poly *b: pointer to second input polynomial
 **************************************************/
 void PQCLEAN_KYBER1024_AVX2_poly_add(poly *r, const poly *a, const poly *b) {
-    unsigned int i = 0;
+    unsigned int i;
    __m256i f0, f1;
    for (i = 0; i < KYBER_N; i += 16) {
@ -346,7 +346,7 @@ void PQCLEAN_KYBER1024_AVX2_poly_add(poly *r, const poly *a, const poly *b) {
 *            - const poly *b: pointer to second input polynomial
 **************************************************/
 void PQCLEAN_KYBER1024_AVX2_poly_sub(poly *r, const poly *a, const poly *b) {
-    unsigned int i = 0;
+    unsigned int i;
    __m256i f0, f1;
    for (i = 0; i < KYBER_N; i += 16) {
--- a/crypto_kem/kyber1024/avx2/poly.h
+++ b/crypto_kem/kyber1024/avx2/poly.h
@ -1,6 +1,5 @@
 #ifndef PQCLEAN_KYBER1024_AVX2_POLY_H
 #define PQCLEAN_KYBER1024_AVX2_POLY_H
 #include "params.h"
 #include <immintrin.h>
 #include <stdint.h>
@ -14,24 +13,16 @@ typedef union {
    int16_t coeffs[KYBER_N];
 } poly;
 void PQCLEAN_KYBER1024_AVX2_poly_compress(uint8_t r[KYBER_POLYCOMPRESSEDBYTES], poly *a);
 void PQCLEAN_KYBER1024_AVX2_poly_decompress(poly *r, const uint8_t a[KYBER_POLYCOMPRESSEDBYTES]);
 void PQCLEAN_KYBER1024_AVX2_poly_tobytes(uint8_t r[KYBER_POLYBYTES], poly *a);
 void PQCLEAN_KYBER1024_AVX2_poly_frombytes(poly *r, const uint8_t a[KYBER_POLYBYTES]);
 void PQCLEAN_KYBER1024_AVX2_poly_frommsg(poly *r, const uint8_t msg[KYBER_INDCPA_MSGBYTES]);
 void PQCLEAN_KYBER1024_AVX2_poly_tomsg(uint8_t msg[KYBER_INDCPA_MSGBYTES], poly *a);
 void PQCLEAN_KYBER1024_AVX2_poly_getnoise(poly *r, const uint8_t seed[KYBER_SYMBYTES], uint8_t nonce);
 void PQCLEAN_KYBER1024_AVX2_poly_getnoise4x(poly *r0,
        poly *r1,
        poly *r2,
@ -42,25 +33,16 @@ void PQCLEAN_KYBER1024_AVX2_poly_getnoise4x(poly *r0,
        uint8_t nonce2,
        uint8_t nonce3);
 void PQCLEAN_KYBER1024_AVX2_poly_ntt(poly *r);
 void PQCLEAN_KYBER1024_AVX2_poly_invntt_tomont(poly *r);
 void PQCLEAN_KYBER1024_AVX2_poly_nttunpack(poly *r);
 void PQCLEAN_KYBER1024_AVX2_poly_basemul_montgomery(poly *r, const poly *a, const poly *b);
 void PQCLEAN_KYBER1024_AVX2_poly_tomont(poly *r);
 void PQCLEAN_KYBER1024_AVX2_poly_reduce(poly *r);
 void PQCLEAN_KYBER1024_AVX2_poly_csubq(poly *r);
 void PQCLEAN_KYBER1024_AVX2_poly_add(poly *r, const poly *a, const poly *b);
 void PQCLEAN_KYBER1024_AVX2_poly_sub(poly *r, const poly *a, const poly *b);
 #endif
--- a/crypto_kem/kyber1024/avx2/polyvec.c
+++ b/crypto_kem/kyber1024/avx2/polyvec.c
@ -1,6 +1,6 @@
 #include "params.h"
 #include "consts.h"
 #include "ntt.h"
 #include "params.h"
 #include "poly.h"
 #include "polyvec.h"
 #include <stdint.h>
@ -16,7 +16,7 @@
 **************************************************/
 void PQCLEAN_KYBER1024_AVX2_polyvec_compress(uint8_t r[KYBER_POLYVECCOMPRESSEDBYTES],
        polyvec *restrict a) {
-    unsigned int i = 0, j = 0, k = 0;
+    size_t i, j, k;
    PQCLEAN_KYBER1024_AVX2_polyvec_csubq(a);
@ -24,10 +24,8 @@ void PQCLEAN_KYBER1024_AVX2_polyvec_compress(uint8_t r[KYBER_POLYVECCOMPRESSEDBY
    for (i = 0; i < KYBER_K; i++) {
        for (j = 0; j < KYBER_N / 8; j++) {
            for (k = 0; k < 8; k++) {
-                {
+                t[k] = ((((uint32_t)a->vec[i].coeffs[8 * j + k] << 11) + KYBER_Q / 2)
-                    t[k] = ((((uint32_t)a->vec[i].coeffs[8 * j + k] << 11) + KYBER_Q / 2)
+                        / KYBER_Q) & 0x7ff;
                            / KYBER_Q) & 0x7ff;
                }
            }
            r[ 0] = (t[0] >>  0);
@ -58,7 +56,7 @@ void PQCLEAN_KYBER1024_AVX2_polyvec_compress(uint8_t r[KYBER_POLYVECCOMPRESSEDBY
 **************************************************/
 void PQCLEAN_KYBER1024_AVX2_polyvec_decompress(polyvec *restrict r,
        const uint8_t a[KYBER_POLYVECCOMPRESSEDBYTES]) {
-    unsigned int i = 0, j = 0, k = 0;
+    size_t i, j, k;
    uint16_t t[8];
    for (i = 0; i < KYBER_K; i++) {
@ -90,7 +88,7 @@ void PQCLEAN_KYBER1024_AVX2_polyvec_decompress(polyvec *restrict r,
 *              - polyvec *a: pointer to input vector of polynomials
 **************************************************/
 void PQCLEAN_KYBER1024_AVX2_polyvec_tobytes(uint8_t r[KYBER_POLYVECBYTES], polyvec *a) {
-    unsigned int i = 0;
+    size_t i;
    for (i = 0; i < KYBER_K; i++) {
        PQCLEAN_KYBER1024_AVX2_poly_tobytes(r + i * KYBER_POLYBYTES, &a->vec[i]);
    }
@ -107,7 +105,7 @@ void PQCLEAN_KYBER1024_AVX2_polyvec_tobytes(uint8_t r[KYBER_POLYVECBYTES], polyv
 *                                  (of length KYBER_POLYVECBYTES)
 **************************************************/
 void PQCLEAN_KYBER1024_AVX2_polyvec_frombytes(polyvec *r, const uint8_t a[KYBER_POLYVECBYTES]) {
-    unsigned int i = 0;
+    size_t i;
    for (i = 0; i < KYBER_K; i++) {
        PQCLEAN_KYBER1024_AVX2_poly_frombytes(&r->vec[i], a + i * KYBER_POLYBYTES);
    }
@ -121,7 +119,7 @@ void PQCLEAN_KYBER1024_AVX2_polyvec_frombytes(polyvec *r, const uint8_t a[KYBER_
 * Arguments:   - polyvec *r: pointer to in/output vector of polynomials
 **************************************************/
 void PQCLEAN_KYBER1024_AVX2_polyvec_ntt(polyvec *r) {
-    unsigned int i = 0;
+    size_t i;
    for (i = 0; i < KYBER_K; i++) {
        PQCLEAN_KYBER1024_AVX2_poly_ntt(&r->vec[i]);
    }
@ -136,7 +134,7 @@ void PQCLEAN_KYBER1024_AVX2_polyvec_ntt(polyvec *r) {
 * Arguments:   - polyvec *r: pointer to in/output vector of polynomials
 **************************************************/
 void PQCLEAN_KYBER1024_AVX2_polyvec_invntt_tomont(polyvec *r) {
-    unsigned int i = 0;
+    size_t i;
    for (i = 0; i < KYBER_K; i++) {
        PQCLEAN_KYBER1024_AVX2_poly_invntt_tomont(&r->vec[i]);
    }
@ -155,7 +153,7 @@ void PQCLEAN_KYBER1024_AVX2_polyvec_invntt_tomont(polyvec *r) {
 void PQCLEAN_KYBER1024_AVX2_polyvec_pointwise_acc_montgomery(poly *r,
        const polyvec *a,
        const polyvec *b) {
-    PQCLEAN_KYBER1024_AVX2_basemul_acc_avx(r->coeffs, a->vec->coeffs, b->vec->coeffs, &PQCLEAN_KYBER1024_AVX2_qdata);
+    PQCLEAN_KYBER1024_AVX2_basemul_acc_avx(r->coeffs, a->vec->coeffs, b->vec->coeffs, & PQCLEAN_KYBER1024_AVX2_qdata);
 }
 /*************************************************
@ -168,7 +166,7 @@ void PQCLEAN_KYBER1024_AVX2_polyvec_pointwise_acc_montgomery(poly *r,
 * Arguments:   - poly *r: pointer to input/output polynomial
 **************************************************/
 void PQCLEAN_KYBER1024_AVX2_polyvec_reduce(polyvec *r) {
-    unsigned int i = 0;
+    size_t i;
    for (i = 0; i < KYBER_K; i++) {
        PQCLEAN_KYBER1024_AVX2_poly_reduce(&r->vec[i]);
    }
@ -185,7 +183,7 @@ void PQCLEAN_KYBER1024_AVX2_polyvec_reduce(polyvec *r) {
 * Arguments:   - poly *r: pointer to input/output polynomial
 **************************************************/
 void PQCLEAN_KYBER1024_AVX2_polyvec_csubq(polyvec *r) {
-    unsigned int i = 0;
+    size_t i;
    for (i = 0; i < KYBER_K; i++) {
        PQCLEAN_KYBER1024_AVX2_poly_csubq(&r->vec[i]);
    }
@ -201,7 +199,7 @@ void PQCLEAN_KYBER1024_AVX2_polyvec_csubq(polyvec *r) {
 *            - const polyvec *b: pointer to second input vector of polynomials
 **************************************************/
 void PQCLEAN_KYBER1024_AVX2_polyvec_add(polyvec *r, const polyvec *a, const polyvec *b) {
-    unsigned int i = 0;
+    size_t i;
    for (i = 0; i < KYBER_K; i++) {
        PQCLEAN_KYBER1024_AVX2_poly_add(&r->vec[i], &a->vec[i], &b->vec[i]);
    }
--- a/crypto_kem/kyber1024/avx2/polyvec.h
+++ b/crypto_kem/kyber1024/avx2/polyvec.h
@ -1,6 +1,5 @@
 #ifndef PQCLEAN_KYBER1024_AVX2_POLYVEC_H
 #define PQCLEAN_KYBER1024_AVX2_POLYVEC_H
 #include "params.h"
 #include "poly.h"
 #include <stdint.h>
@ -9,33 +8,23 @@ typedef struct {
    poly vec[KYBER_K];
 } polyvec;
 void PQCLEAN_KYBER1024_AVX2_polyvec_compress(uint8_t r[KYBER_POLYVECCOMPRESSEDBYTES], polyvec *a);
 void PQCLEAN_KYBER1024_AVX2_polyvec_decompress(polyvec *r,
        const uint8_t a[KYBER_POLYVECCOMPRESSEDBYTES]);
 void PQCLEAN_KYBER1024_AVX2_polyvec_tobytes(uint8_t r[KYBER_POLYVECBYTES], polyvec *a);
 void PQCLEAN_KYBER1024_AVX2_polyvec_frombytes(polyvec *r, const uint8_t a[KYBER_POLYVECBYTES]);
 void PQCLEAN_KYBER1024_AVX2_polyvec_ntt(polyvec *r);
 void PQCLEAN_KYBER1024_AVX2_polyvec_invntt_tomont(polyvec *r);
 void PQCLEAN_KYBER1024_AVX2_polyvec_pointwise_acc_montgomery(poly *r,
        const polyvec *a,
        const polyvec *b);
 void PQCLEAN_KYBER1024_AVX2_polyvec_reduce(polyvec *r);
 void PQCLEAN_KYBER1024_AVX2_polyvec_csubq(polyvec *r);
 void PQCLEAN_KYBER1024_AVX2_polyvec_add(polyvec *r, const polyvec *a, const polyvec *b);
 #endif
--- a/crypto_kem/kyber1024/avx2/reduce.h
+++ b/crypto_kem/kyber1024/avx2/reduce.h
@ -1,16 +1,10 @@
-#ifndef REDUCE_H
+#ifndef PQCLEAN_KYBER1024_AVX2_REDUCE_H
-#define REDUCE_H
+#define PQCLEAN_KYBER1024_AVX2_REDUCE_H
-
+#include "consts.h"
 #include <stdint.h>
 #include "consts.h"
 #include "params.h"
 int16_t PQCLEAN_KYBER1024_AVX2_reduce_avx(int16_t *r, const qdata_t *PQCLEAN_KYBER1024_AVX2_qdata);
 int16_t PQCLEAN_KYBER1024_AVX2_csubq_avx(int16_t *r, const qdata_t *PQCLEAN_KYBER1024_AVX2_qdata);
 int16_t PQCLEAN_KYBER1024_AVX2_tomont_avx(int16_t *r, const qdata_t *PQCLEAN_KYBER1024_AVX2_qdata);
 #endif
--- a/crypto_kem/kyber1024/avx2/rejsample.c
+++ b/crypto_kem/kyber1024/avx2/rejsample.c
@ -2,6 +2,7 @@
 #include "consts.h"
 #include "params.h"
 #include "rejsample.h"
 #include <immintrin.h>
 #include <stdint.h>
 static const ALIGN32_ARRAY_2D(uint8_t, 256, 8) idx = {.arr = {
@ -270,9 +271,9 @@ static const ALIGN32_ARRAY_2D(uint8_t, 256, 8) idx = {.arr = {
 #define REJ_UNIFORM_BUFLEN 672
 unsigned int PQCLEAN_KYBER1024_AVX2_rej_uniform_avx(int16_t *restrict r,
        const uint8_t *restrict buf) {
-    unsigned int ctr = 0, pos = 0;
+    unsigned int ctr, pos;
-    uint16_t val = 0;
+    uint16_t val;
-    uint32_t good = 0;
+    uint32_t good;
    const __m256i bound  = _mm256_set1_epi16((int16_t)(19 * KYBER_Q - 1));
    const __m256i ones   = _mm256_set1_epi8(1);
    const __m256i kyberq = _mm256_load_si256((__m256i *)&PQCLEAN_KYBER1024_AVX2_qdata.as_arr[_16XQ]);
@ -297,7 +298,7 @@ unsigned int PQCLEAN_KYBER1024_AVX2_rej_uniform_avx(int16_t *restrict r,
        g1 = _mm256_inserti128_si256(g1, _mm_loadl_epi64((__m128i *)&idx.arr[(good >> 24) & 0xFF]), 1);
        //g0 = _mm256_cvtepu8_epi64(_mm_loadl_epi64((__m128i *)&good));
-        //g1 = _mm256_i64gather_epi64((long long *)idx, g0, 8);
+        //g1 = _mm256_i64gather_epi64((long long *)idx.arr, g0, 8);
        /* Barrett reduction of (still unsigned) values */
        g2 = _mm256_mulhi_epu16(f0, v);
--- a/crypto_kem/kyber1024/avx2/rejsample.h
+++ b/crypto_kem/kyber1024/avx2/rejsample.h
@ -1,10 +1,8 @@
-#ifndef REJSAMPLE_H
+#ifndef PQCLEAN_KYBER1024_AVX2_REJSAMPLE_H
-#define REJSAMPLE_H
+#define PQCLEAN_KYBER1024_AVX2_REJSAMPLE_H
 #include "params.h"
 #include <stdint.h>
 unsigned int PQCLEAN_KYBER1024_AVX2_rej_uniform_avx(int16_t *r,
        const unsigned char *buf);
--- a/crypto_kem/kyber1024/avx2/shuffle.S
+++ b/crypto_kem/kyber1024/avx2/shuffle.S
@ -1,4 +1,4 @@
-#include "cdecl.inc"
+#include "cdecl.h"
 .include "fq.inc"
 .include "shuffle.inc"
@ -92,7 +92,9 @@ vmovdqa		%ymm11,224(%rdi)
 ret
 .global cdecl(PQCLEAN_KYBER1024_AVX2_nttunpack_avx)
 .global _cdecl(PQCLEAN_KYBER1024_AVX2_nttunpack_avx)
 cdecl(PQCLEAN_KYBER1024_AVX2_nttunpack_avx):
 _cdecl(PQCLEAN_KYBER1024_AVX2_nttunpack_avx):
 call		nttunpack128_avx
 add		$256,%rdi
 call		nttunpack128_avx
@ -169,7 +171,9 @@ vmovdqu		%ymm9,160(%rdi)
 ret
 .global cdecl(PQCLEAN_KYBER1024_AVX2_ntttobytes_avx)
 .global _cdecl(PQCLEAN_KYBER1024_AVX2_ntttobytes_avx)
 cdecl(PQCLEAN_KYBER1024_AVX2_ntttobytes_avx):
 _cdecl(PQCLEAN_KYBER1024_AVX2_ntttobytes_avx):
 #consts
 vmovdqa		_16XQ*2(%rdx),%ymm0
 call		ntttobytes128_avx
@ -245,7 +249,9 @@ vmovdqa		%ymm1,224(%rdi)
 ret
 .global cdecl(PQCLEAN_KYBER1024_AVX2_nttfrombytes_avx)
 .global _cdecl(PQCLEAN_KYBER1024_AVX2_nttfrombytes_avx)
 cdecl(PQCLEAN_KYBER1024_AVX2_nttfrombytes_avx):
 _cdecl(PQCLEAN_KYBER1024_AVX2_nttfrombytes_avx):
 #consts
 vmovdqa		_16XMASK*2(%rdx),%ymm0
 call		nttfrombytes128_avx
--- a/crypto_kem/kyber1024/avx2/symmetric-shake.c
+++ b/crypto_kem/kyber1024/avx2/symmetric-shake.c
@ -9,8 +9,8 @@
 *
 * Description: Absorb step of the SHAKE128 specialized for the Kyber context.
 *
-* Arguments:   - keccak_state *state: pointer to (uninitialized) output
+* Arguments:   - xof_state *state: pointer to (uninitialized) output
-*                                     Keccak state
+*                                  Keccak state
 *              - const uint8_t *seed: pointer to KYBER_SYMBYTES input
 *                                     to be absorbed into state
 *              - uint8_t i            additional byte of input
@ -20,7 +20,7 @@ void PQCLEAN_KYBER1024_AVX2_kyber_shake128_absorb(xof_state *state,
        const uint8_t seed[KYBER_SYMBYTES],
        uint8_t x,
        uint8_t y) {
-    unsigned int i = 0;
+    unsigned int i;
    uint8_t extseed[KYBER_SYMBYTES + 2];
    for (i = 0; i < KYBER_SYMBYTES; i++) {
@ -48,7 +48,7 @@ void PQCLEAN_KYBER1024_AVX2_kyber_shake256_prf(uint8_t *out,
        size_t outlen,
        const uint8_t key[KYBER_SYMBYTES],
        uint8_t nonce) {
-    unsigned int i = 0;
+    unsigned int i;
    uint8_t extkey[KYBER_SYMBYTES + 1];
    for (i = 0; i < KYBER_SYMBYTES; i++) {
--- a/crypto_kem/kyber1024/avx2/symmetric.h
+++ b/crypto_kem/kyber1024/avx2/symmetric.h
@ -1,17 +1,16 @@
-#ifndef SYMMETRIC_H
+#ifndef PQCLEAN_KYBER1024_AVX2_SYMMETRIC_H
-#define SYMMETRIC_H
+#define PQCLEAN_KYBER1024_AVX2_SYMMETRIC_H
-
+#include "fips202.h"
 #include "fips202x4.h"
 #include "params.h"
 #include <stddef.h>
 #include <stdint.h>
 #include "fips202.h"
 #include "fips202x4.h"
 typedef shake128ctx xof_state;
-void PQCLEAN_KYBER1024_AVX2_kyber_shake128_absorb(shake128ctx *s,
+void PQCLEAN_KYBER1024_AVX2_kyber_shake128_absorb(xof_state *s,
        const uint8_t seed[KYBER_SYMBYTES],
        uint8_t x,
        uint8_t y);
--- a/crypto_kem/kyber1024/avx2/verify.c
+++ b/crypto_kem/kyber1024/avx2/verify.c
@ -15,8 +15,8 @@
 * Returns 0 if the byte arrays are equal, 1 otherwise
 **************************************************/
 int PQCLEAN_KYBER1024_AVX2_verify(const uint8_t *a, const uint8_t *b, size_t len) {
-    size_t pos = 0;
+    size_t pos;
-    uint64_t r = 0;
+    uint64_t r;
    __m256i avec, bvec, cvec;
    cvec = _mm256_setzero_si256();
@ -53,7 +53,7 @@ int PQCLEAN_KYBER1024_AVX2_verify(const uint8_t *a, const uint8_t *b, size_t len
 *              unsigned char b:        Condition bit; has to be in {0,1}
 **************************************************/
 void PQCLEAN_KYBER1024_AVX2_cmov(uint8_t *restrict r, const uint8_t *restrict x, size_t len, uint8_t b) {
-    size_t pos = 0;
+    size_t pos;
    __m256i xvec, rvec, bvec;
    b = -b;
--- a/crypto_kem/kyber1024/avx2/verify.h
+++ b/crypto_kem/kyber1024/avx2/verify.h
@ -1,14 +1,11 @@
 #ifndef PQCLEAN_KYBER1024_AVX2_VERIFY_H
 #define PQCLEAN_KYBER1024_AVX2_VERIFY_H
 #include "params.h"
 #include <stddef.h>
 #include <stdint.h>
 int PQCLEAN_KYBER1024_AVX2_verify(const uint8_t *a, const uint8_t *b, size_t len);
 void PQCLEAN_KYBER1024_AVX2_cmov(uint8_t *r, const uint8_t *x, size_t len, uint8_t b);
 #endif
--- a/crypto_kem/kyber1024/clean/Makefile
+++ b/crypto_kem/kyber1024/clean/Makefile
@ -1,8 +1,8 @@
 # This Makefile can be used with GNU Make or BSD Make
 LIB=libkyber1024_clean.a
-HEADERS=api.h cbd.h indcpa.h kem.h ntt.h params.h poly.h polyvec.h reduce.h verify.h symmetric.h
+HEADERS=api.h cbd.h indcpa.h kem.h ntt.h params.h poly.h polyvec.h reduce.h symmetric.h verify.h 
-OBJECTS=cbd.o indcpa.o kem.o ntt.o poly.o polyvec.o reduce.o verify.o symmetric-shake.o
+OBJECTS=cbd.o indcpa.o kem.o ntt.o poly.o polyvec.o reduce.o symmetric-shake.o verify.o 
 CFLAGS=-O3 -Wall -Wextra -Wpedantic -Werror -Wmissing-prototypes -Wredundant-decls -std=c99 -I../../../common $(EXTRAFLAGS)
--- a/crypto_kem/kyber1024/clean/Makefile.Microsoft_nmake
+++ b/crypto_kem/kyber1024/clean/Makefile.Microsoft_nmake
@ -2,7 +2,7 @@
 #    nmake /f Makefile.Microsoft_nmake
 LIBRARY=libkyber1024_clean.lib
-OBJECTS=cbd.obj indcpa.obj kem.obj ntt.obj poly.obj polyvec.obj reduce.obj verify.obj symmetric-shake.obj
+OBJECTS=cbd.obj indcpa.obj kem.obj ntt.obj poly.obj polyvec.obj reduce.obj symmetric-shake.obj verify.obj 
 # Warning C4146 is raised when a unary minus operator is applied to an
 # unsigned type; this has nonetheless been standard and portable for as
--- a/crypto_kem/kyber1024/clean/api.h
+++ b/crypto_kem/kyber1024/clean/api.h
@ -15,5 +15,4 @@ int PQCLEAN_KYBER1024_CLEAN_crypto_kem_enc(uint8_t *ct, uint8_t *ss, const uint8
 int PQCLEAN_KYBER1024_CLEAN_crypto_kem_dec(uint8_t *ss, const uint8_t *ct, const uint8_t *sk);
 #endif
--- a/crypto_kem/kyber1024/clean/cbd.c
+++ b/crypto_kem/kyber1024/clean/cbd.c
@ -1,5 +1,5 @@
 #include "params.h"
 #include "cbd.h"
 #include "params.h"
 #include <stdint.h>
 /*************************************************
@ -13,7 +13,7 @@
 * Returns 32-bit unsigned integer loaded from x
 **************************************************/
 static uint32_t load32_littleendian(const uint8_t x[4]) {
-    uint32_t r = 0;
+    uint32_t r;
    r  = (uint32_t)x[0];
    r |= (uint32_t)x[1] << 8;
    r |= (uint32_t)x[2] << 16;
@ -32,9 +32,9 @@ static uint32_t load32_littleendian(const uint8_t x[4]) {
 *              - const uint8_t *buf: pointer to input byte array
 **************************************************/
 void PQCLEAN_KYBER1024_CLEAN_cbd(poly *r, const uint8_t buf[KYBER_ETA * KYBER_N / 4]) {
-    unsigned int i = 0, j = 0;
+    unsigned int i, j;
-    uint32_t t = 0, d = 0;
+    uint32_t t, d;
-    int16_t a = 0, b = 0;
+    int16_t a, b;
    for (i = 0; i < KYBER_N / 8; i++) {
        t  = load32_littleendian(buf + 4 * i);
--- a/crypto_kem/kyber1024/clean/cbd.h
+++ b/crypto_kem/kyber1024/clean/cbd.h
@ -1,11 +1,9 @@
 #ifndef PQCLEAN_KYBER1024_CLEAN_CBD_H
 #define PQCLEAN_KYBER1024_CLEAN_CBD_H
 #include "params.h"
 #include "poly.h"
 #include <stdint.h>
 void PQCLEAN_KYBER1024_CLEAN_cbd(poly *r, const uint8_t buf[KYBER_ETA * KYBER_N / 4]);
 #endif
--- a/crypto_kem/kyber1024/clean/indcpa.c
+++ b/crypto_kem/kyber1024/clean/indcpa.c
@ -22,7 +22,7 @@
 static void pack_pk(uint8_t r[KYBER_INDCPA_PUBLICKEYBYTES],
                    polyvec *pk,
                    const uint8_t seed[KYBER_SYMBYTES]) {
-    size_t i = 0;
+    size_t i;
    PQCLEAN_KYBER1024_CLEAN_polyvec_tobytes(r, pk);
    for (i = 0; i < KYBER_SYMBYTES; i++) {
        r[i + KYBER_POLYVECBYTES] = seed[i];
@ -44,7 +44,7 @@ static void pack_pk(uint8_t r[KYBER_INDCPA_PUBLICKEYBYTES],
 static void unpack_pk(polyvec *pk,
                      uint8_t seed[KYBER_SYMBYTES],
                      const uint8_t packedpk[KYBER_INDCPA_PUBLICKEYBYTES]) {
-    size_t i = 0;
+    size_t i;
    PQCLEAN_KYBER1024_CLEAN_polyvec_frombytes(pk, packedpk);
    for (i = 0; i < KYBER_SYMBYTES; i++) {
        seed[i] = packedpk[i + KYBER_POLYVECBYTES];
@ -132,8 +132,8 @@ static unsigned int rej_uniform(int16_t *r,
                                unsigned int len,
                                const uint8_t *buf,
                                unsigned int buflen) {
-    unsigned int ctr = 0, pos = 0;
+    unsigned int ctr, pos;
-    uint16_t val = 0;
+    uint16_t val;
    ctr = pos = 0;
    while (ctr < len && pos + 2 <= buflen) {
@ -169,8 +169,7 @@ static unsigned int rej_uniform(int16_t *r,
                             + XOF_BLOCKBYTES)/XOF_BLOCKBYTES)
 // Not static for benchmarking
 void PQCLEAN_KYBER1024_CLEAN_gen_matrix(polyvec *a, const uint8_t seed[KYBER_SYMBYTES], int transposed) {
-    unsigned int ctr = 0;
+    unsigned int ctr, i, j;
    uint8_t i = 0, j = 0;
    uint8_t buf[GEN_MATRIX_NBLOCKS * XOF_BLOCKBYTES];
    xof_state state;
@ -208,7 +207,7 @@ void PQCLEAN_KYBER1024_CLEAN_gen_matrix(polyvec *a, const uint8_t seed[KYBER_SYM
 **************************************************/
 void PQCLEAN_KYBER1024_CLEAN_indcpa_keypair(uint8_t pk[KYBER_INDCPA_PUBLICKEYBYTES],
        uint8_t sk[KYBER_INDCPA_SECRETKEYBYTES]) {
-    unsigned int i = 0;
+    unsigned int i;
    uint8_t buf[2 * KYBER_SYMBYTES];
    const uint8_t *publicseed = buf;
    const uint8_t *noiseseed = buf + KYBER_SYMBYTES;
@ -264,7 +263,7 @@ void PQCLEAN_KYBER1024_CLEAN_indcpa_enc(uint8_t c[KYBER_INDCPA_BYTES],
                                        const uint8_t m[KYBER_INDCPA_MSGBYTES],
                                        const uint8_t pk[KYBER_INDCPA_PUBLICKEYBYTES],
                                        const uint8_t coins[KYBER_SYMBYTES]) {
-    unsigned int i = 0;
+    unsigned int i;
    uint8_t seed[KYBER_SYMBYTES];
    uint8_t nonce = 0;
    polyvec sp, pkpv, ep, at[KYBER_K], bp;
--- a/crypto_kem/kyber1024/clean/indcpa.h
+++ b/crypto_kem/kyber1024/clean/indcpa.h
@ -1,16 +1,20 @@
 #ifndef PQCLEAN_KYBER1024_CLEAN_INDCPA_H
 #define PQCLEAN_KYBER1024_CLEAN_INDCPA_H
 #include "params.h"
 #include "polyvec.h"
 #include <stdint.h>
 void PQCLEAN_KYBER1024_CLEAN_gen_matrix(polyvec *a, const uint8_t seed[KYBER_SYMBYTES], int transposed);
 void PQCLEAN_KYBER1024_CLEAN_indcpa_keypair(uint8_t pk[KYBER_INDCPA_PUBLICKEYBYTES],
        uint8_t sk[KYBER_INDCPA_SECRETKEYBYTES]);
-void PQCLEAN_KYBER1024_CLEAN_indcpa_keypair(uint8_t pk[KYBER_INDCPA_PUBLICKEYBYTES], uint8_t sk[KYBER_INDCPA_SECRETKEYBYTES]);
+void PQCLEAN_KYBER1024_CLEAN_indcpa_enc(uint8_t c[KYBER_INDCPA_BYTES],
                                        const uint8_t m[KYBER_INDCPA_MSGBYTES],
                                        const uint8_t pk[KYBER_INDCPA_PUBLICKEYBYTES],
                                        const uint8_t coins[KYBER_SYMBYTES]);
-void PQCLEAN_KYBER1024_CLEAN_indcpa_enc(uint8_t c[KYBER_INDCPA_BYTES], const uint8_t m[KYBER_INDCPA_MSGBYTES], const uint8_t pk[KYBER_INDCPA_PUBLICKEYBYTES], const uint8_t coins[KYBER_SYMBYTES]);
+void PQCLEAN_KYBER1024_CLEAN_indcpa_dec(uint8_t m[KYBER_INDCPA_MSGBYTES],
-
+                                        const uint8_t c[KYBER_INDCPA_BYTES],
-void PQCLEAN_KYBER1024_CLEAN_indcpa_dec(uint8_t m[KYBER_INDCPA_MSGBYTES], const uint8_t c[KYBER_INDCPA_BYTES], const uint8_t sk[KYBER_INDCPA_SECRETKEYBYTES]);
+                                        const uint8_t sk[KYBER_INDCPA_SECRETKEYBYTES]);
 #endif
--- a/crypto_kem/kyber1024/clean/kem.c
+++ b/crypto_kem/kyber1024/clean/kem.c
@ -21,7 +21,7 @@
 * Returns 0 (success)
 **************************************************/
 int PQCLEAN_KYBER1024_CLEAN_crypto_kem_keypair(unsigned char *pk, unsigned char *sk) {
-    size_t i = 0;
+    size_t i;
    PQCLEAN_KYBER1024_CLEAN_indcpa_keypair(pk, sk);
    for (i = 0; i < KYBER_INDCPA_PUBLICKEYBYTES; i++) {
        sk[i + KYBER_INDCPA_SECRETKEYBYTES] = pk[i];
@ -92,8 +92,8 @@ int PQCLEAN_KYBER1024_CLEAN_crypto_kem_enc(unsigned char *ct,
 int PQCLEAN_KYBER1024_CLEAN_crypto_kem_dec(unsigned char *ss,
        const unsigned char *ct,
        const unsigned char *sk) {
-    size_t i = 0;
+    size_t i;
-    int fail = 0;
+    int fail;
    uint8_t buf[2 * KYBER_SYMBYTES];
    /* Will contain key, coins */
    uint8_t kr[2 * KYBER_SYMBYTES];
--- a/crypto_kem/kyber1024/clean/kem.h
+++ b/crypto_kem/kyber1024/clean/kem.h
@ -1,17 +1,14 @@
 #ifndef PQCLEAN_KYBER1024_CLEAN_KEM_H
 #define PQCLEAN_KYBER1024_CLEAN_KEM_H
 #include "params.h"
 int PQCLEAN_KYBER1024_CLEAN_crypto_kem_keypair(unsigned char *pk, unsigned char *sk);
 int PQCLEAN_KYBER1024_CLEAN_crypto_kem_enc(unsigned char *ct,
        unsigned char *ss,
        const unsigned char *pk);
 int PQCLEAN_KYBER1024_CLEAN_crypto_kem_dec(unsigned char *ss,
        const unsigned char *ct,
        const unsigned char *sk);
--- a/crypto_kem/kyber1024/clean/ntt.c
+++ b/crypto_kem/kyber1024/clean/ntt.c
@ -1,5 +1,5 @@
 #include "params.h"
 #include "ntt.h"
 #include "params.h"
 #include "reduce.h"
 #include <stdint.h>
@ -89,8 +89,8 @@ static int16_t fqmul(int16_t a, int16_t b) {
 *                                of Zq
 **************************************************/
 void PQCLEAN_KYBER1024_CLEAN_ntt(int16_t r[256]) {
-    unsigned int len = 0, start = 0, j = 0, k = 0;
+    unsigned int len, start, j, k;
-    int16_t t = 0, zeta = 0;
+    int16_t t, zeta;
    k = 1;
    for (len = 128; len >= 2; len >>= 1) {
@ -116,8 +116,8 @@ void PQCLEAN_KYBER1024_CLEAN_ntt(int16_t r[256]) {
 *                                of Zq
 **************************************************/
 void PQCLEAN_KYBER1024_CLEAN_invntt(int16_t r[256]) {
-    unsigned int start = 0, len = 0, j = 0, k = 0;
+    unsigned int start, len, j, k;
-    int16_t t = 0, zeta = 0;
+    int16_t t, zeta;
    k = 0;
    for (len = 2; len <= 128; len <<= 1) {
@ -148,7 +148,10 @@ void PQCLEAN_KYBER1024_CLEAN_invntt(int16_t r[256]) {
 *              - const int16_t b[2]: pointer to the second factor
 *              - int16_t zeta:       integer defining the reduction polynomial
 **************************************************/
-void PQCLEAN_KYBER1024_CLEAN_basemul(int16_t r[2], const int16_t a[2], const int16_t b[2], int16_t zeta) {
+void PQCLEAN_KYBER1024_CLEAN_basemul(int16_t r[2],
                                     const int16_t a[2],
                                     const int16_t b[2],
                                     int16_t zeta) {
    r[0]  = fqmul(a[1], b[1]);
    r[0]  = fqmul(r[0], zeta);
    r[0] += fqmul(a[0], b[0]);
--- a/crypto_kem/kyber1024/clean/ntt.h
+++ b/crypto_kem/kyber1024/clean/ntt.h
@ -1,22 +1,19 @@
 #ifndef PQCLEAN_KYBER1024_CLEAN_NTT_H
 #define PQCLEAN_KYBER1024_CLEAN_NTT_H
 #include "params.h"
 #include <stdint.h>
 extern const int16_t PQCLEAN_KYBER1024_CLEAN_zetas[128];
 extern const int16_t PQCLEAN_KYBER1024_CLEAN_zetas_inv[128];
 void PQCLEAN_KYBER1024_CLEAN_ntt(int16_t r[256]);
 void PQCLEAN_KYBER1024_CLEAN_invntt(int16_t r[256]);
-
+void PQCLEAN_KYBER1024_CLEAN_basemul(int16_t r[2],
-void PQCLEAN_KYBER1024_CLEAN_basemul(int16_t r[2], const int16_t a[2], const int16_t b[2], int16_t zeta);
+                                     const int16_t a[2],
                                     const int16_t b[2],
                                     int16_t zeta);
 #endif
--- a/crypto_kem/kyber1024/clean/params.h
+++ b/crypto_kem/kyber1024/clean/params.h
@ -1,6 +1,9 @@
 #ifndef PQCLEAN_KYBER1024_CLEAN_PARAMS_H
 #define PQCLEAN_KYBER1024_CLEAN_PARAMS_H
 #define KYBER_N 256
 #define KYBER_Q 3329
--- a/Show More
+++ b/Show More
`@ -15,5 +15,4 @@ int PQCLEAN_KYBER102490S_AVX2_crypto_kem_enc(uint8_t ct, uint8_t ss, const uin`

	`int PQCLEAN_KYBER102490S_AVX2_crypto_kem_dec(uint8_t ss, const uint8_t ct, const uint8_t *sk);`	`int PQCLEAN_KYBER102490S_AVX2_crypto_kem_dec(uint8_t ss, const uint8_t ct, const uint8_t *sk);`


	`#endif`	`#endif`
`@ -15,5 +15,4 @@ int PQCLEAN_KYBER102490S_CLEAN_crypto_kem_enc(uint8_t ct, uint8_t ss, const ui`

	`int PQCLEAN_KYBER102490S_CLEAN_crypto_kem_dec(uint8_t ss, const uint8_t ct, const uint8_t *sk);`	`int PQCLEAN_KYBER102490S_CLEAN_crypto_kem_dec(uint8_t ss, const uint8_t ct, const uint8_t *sk);`


	`#endif`	`#endif`
`@ -15,5 +15,4 @@ int PQCLEAN_KYBER1024_AVX2_crypto_kem_enc(uint8_t ct, uint8_t ss, const uint8_`

	`int PQCLEAN_KYBER1024_AVX2_crypto_kem_dec(uint8_t ss, const uint8_t ct, const uint8_t *sk);`	`int PQCLEAN_KYBER1024_AVX2_crypto_kem_dec(uint8_t ss, const uint8_t ct, const uint8_t *sk);`


	`#endif`	`#endif`
`@ -15,5 +15,4 @@ int PQCLEAN_KYBER1024_CLEAN_crypto_kem_enc(uint8_t ct, uint8_t ss, const uint8`

	`int PQCLEAN_KYBER1024_CLEAN_crypto_kem_dec(uint8_t ss, const uint8_t ct, const uint8_t *sk);`	`int PQCLEAN_KYBER1024_CLEAN_crypto_kem_dec(uint8_t ss, const uint8_t ct, const uint8_t *sk);`


	`#endif`	`#endif`