Remove all instances of DECAF_API_VIS

#include "curve448utils.h"

int X448(uint8_t out_shared_key[56], const uint8_t private_key[56],

         const uint8_t peer_public_value[56]) DECAF_API_VIS;

         const uint8_t peer_public_value[56]);

void X448_public_from_private(uint8_t out_public_value[56],

                              const uint8_t private_key[56]) DECAF_API_VIS;

                              const uint8_t private_key[56]);

extern "C" {

#endif

/* Goldilocks' build flags default to hidden and stripping executables. */

/** @cond internal */

#if defined(DOXYGEN) && !defined(__attribute__)

#define __attribute__((x))

#endif

#define DECAF_API_VIS __attribute__((visibility("default")))

#define DECAF_NOINLINE  __attribute__((noinline))

#define DECAF_NONNULL __attribute__((nonnull))

/** @endcond */

void decaf_ed448_derive_public_key (

    uint8_t pubkey[DECAF_EDDSA_448_PUBLIC_BYTES],

    const uint8_t privkey[DECAF_EDDSA_448_PRIVATE_BYTES]

) DECAF_API_VIS DECAF_NONNULL DECAF_NOINLINE;

) DECAF_NONNULL DECAF_NOINLINE;

/**

 * @brief EdDSA signing.

    uint8_t prehashed,

    const uint8_t *context,

    uint8_t context_len

) DECAF_API_VIS __attribute__((nonnull(1,2,3))) DECAF_NOINLINE;

) __attribute__((nonnull(1,2,3))) DECAF_NOINLINE;

/**

 * @brief EdDSA signing with prehash.

    const decaf_ed448_prehash_ctx_t hash,

    const uint8_t *context,

    uint8_t context_len

) DECAF_API_VIS __attribute__((nonnull(1,2,3,4))) DECAF_NOINLINE;

) __attribute__((nonnull(1,2,3,4))) DECAF_NOINLINE;

/**

 * @brief Prehash initialization, with contexts if supported.

 */

void decaf_ed448_prehash_init (

    decaf_ed448_prehash_ctx_t hash

) DECAF_API_VIS __attribute__((nonnull(1))) DECAF_NOINLINE;

) __attribute__((nonnull(1))) DECAF_NOINLINE;

/**

 * @brief EdDSA signature verification.

    uint8_t prehashed,

    const uint8_t *context,

    uint8_t context_len

) DECAF_API_VIS __attribute__((nonnull(1,2))) DECAF_NOINLINE;

) __attribute__((nonnull(1,2))) DECAF_NOINLINE;

/**

 * @brief EdDSA signature verification.

    const decaf_ed448_prehash_ctx_t hash,

    const uint8_t *context,

    uint8_t context_len

) DECAF_API_VIS __attribute__((nonnull(1,2))) DECAF_NOINLINE;

) __attribute__((nonnull(1,2))) DECAF_NOINLINE;

/**

 * @brief EdDSA point encoding.  Used internally, exposed externally.

void curve448_point_mul_by_ratio_and_encode_like_eddsa (

    uint8_t enc[DECAF_EDDSA_448_PUBLIC_BYTES],

    const curve448_point_t p

) DECAF_API_VIS DECAF_NONNULL DECAF_NOINLINE;

) DECAF_NONNULL DECAF_NOINLINE;

/**

 * @brief EdDSA point decoding.  Multiplies by DECAF_448_EDDSA_DECODE_RATIO,

decaf_error_t curve448_point_decode_like_eddsa_and_mul_by_ratio (

    curve448_point_t p,

    const uint8_t enc[DECAF_EDDSA_448_PUBLIC_BYTES]

) DECAF_API_VIS DECAF_NONNULL DECAF_NOINLINE;

) DECAF_NONNULL DECAF_NOINLINE;

/**

 * @brief EdDSA to ECDH public key conversion

void decaf_ed448_convert_public_key_to_x448 (

    uint8_t x[DECAF_X448_PUBLIC_BYTES],

    const uint8_t ed[DECAF_EDDSA_448_PUBLIC_BYTES]

) DECAF_API_VIS DECAF_NONNULL DECAF_NOINLINE;

) DECAF_NONNULL DECAF_NOINLINE;

/**

 * @brief EdDSA to ECDH private key conversion

void decaf_ed448_convert_private_key_to_x448 (

    uint8_t x[DECAF_X448_PRIVATE_BYTES],

    const uint8_t ed[DECAF_EDDSA_448_PRIVATE_BYTES]

) DECAF_API_VIS DECAF_NONNULL DECAF_NOINLINE;

) DECAF_NONNULL DECAF_NOINLINE;

#ifdef __cplusplus

} /* extern "C" */

} curve448_scalar_t[1];

/** A scalar equal to 1. */

extern const curve448_scalar_t curve448_scalar_one DECAF_API_VIS;

extern const curve448_scalar_t curve448_scalar_one;

/** A scalar equal to 0. */

extern const curve448_scalar_t curve448_scalar_zero DECAF_API_VIS;

extern const curve448_scalar_t curve448_scalar_zero;

/** The identity point on the curve. */

extern const curve448_point_t curve448_point_identity DECAF_API_VIS;

extern const curve448_point_t curve448_point_identity;

/** An arbitrarily chosen base point on the curve. */

extern const curve448_point_t curve448_point_base DECAF_API_VIS;

extern const curve448_point_t curve448_point_base;

/** Precomputed table for the base point on the curve. */

extern const struct curve448_precomputed_s *curve448_precomputed_base DECAF_API_VIS;

extern const struct curve448_precomputed_s *curve448_precomputed_base;

/**

 * @brief Read a scalar from wire format or from bytes.

__owur decaf_error_t curve448_scalar_decode (

    curve448_scalar_t out,

    const unsigned char ser[DECAF_448_SCALAR_BYTES]

) DECAF_API_VIS DECAF_NONNULL DECAF_NOINLINE;

) DECAF_NONNULL DECAF_NOINLINE;

/**

 * @brief Read a scalar from wire format or from bytes.  Reduces mod

    curve448_scalar_t out,

    const unsigned char *ser,

    size_t ser_len

) DECAF_API_VIS DECAF_NONNULL DECAF_NOINLINE;

) DECAF_NONNULL DECAF_NOINLINE;

/**

 * @brief Serialize a scalar to wire format.

void curve448_scalar_encode (

    unsigned char ser[DECAF_448_SCALAR_BYTES],

    const curve448_scalar_t s

) DECAF_API_VIS DECAF_NONNULL DECAF_NOINLINE DECAF_NOINLINE;

) DECAF_NONNULL DECAF_NOINLINE DECAF_NOINLINE;

/**

 * @brief Add two scalars.  The scalars may use the same memory.

    curve448_scalar_t out,

    const curve448_scalar_t a,

    const curve448_scalar_t b

) DECAF_API_VIS DECAF_NONNULL DECAF_NOINLINE;

) DECAF_NONNULL DECAF_NOINLINE;

/**

 * @brief Subtract two scalars.  The scalars may use the same memory.

    curve448_scalar_t out,

    const curve448_scalar_t a,

    const curve448_scalar_t b

) DECAF_API_VIS DECAF_NONNULL DECAF_NOINLINE;

) DECAF_NONNULL DECAF_NOINLINE;

/**

 * @brief Multiply two scalars.  The scalars may use the same memory.

    curve448_scalar_t out,

    const curve448_scalar_t a,

    const curve448_scalar_t b

) DECAF_API_VIS DECAF_NONNULL DECAF_NOINLINE;

) DECAF_NONNULL DECAF_NOINLINE;

/**

* @brief Halve a scalar.  The scalars may use the same memory.

void curve448_scalar_halve (

   curve448_scalar_t out,

   const curve448_scalar_t a

) DECAF_API_VIS DECAF_NONNULL DECAF_NOINLINE;

) DECAF_NONNULL DECAF_NOINLINE;

/**

 * @brief Copy a scalar.  The scalars may use the same memory, in which

__owur decaf_bool_t curve448_point_eq (

    const curve448_point_t a,

    const curve448_point_t b

) DECAF_API_VIS DECAF_NONNULL DECAF_NOINLINE;

) DECAF_NONNULL DECAF_NOINLINE;

/**

 * @brief Double a point.  Equivalent to

void curve448_point_double (

    curve448_point_t two_a,

    const curve448_point_t a

) DECAF_API_VIS DECAF_NONNULL;

) DECAF_NONNULL;

/**

 * @brief RFC 7748 Diffie-Hellman scalarmul.  This function uses a different

    uint8_t out[DECAF_X448_PUBLIC_BYTES],

    const uint8_t base[DECAF_X448_PUBLIC_BYTES],

    const uint8_t scalar[DECAF_X448_PRIVATE_BYTES]

) DECAF_API_VIS DECAF_NONNULL DECAF_NOINLINE;

) DECAF_NONNULL DECAF_NOINLINE;

/**

 * @brief Multiply a point by DECAF_X448_ENCODE_RATIO,

void curve448_point_mul_by_ratio_and_encode_like_x448 (

    uint8_t out[DECAF_X448_PUBLIC_BYTES],

    const curve448_point_t p

) DECAF_API_VIS DECAF_NONNULL;

) DECAF_NONNULL;

/** The base point for X448 Diffie-Hellman */

extern const uint8_t decaf_x448_base_point[DECAF_X448_PUBLIC_BYTES] DECAF_API_VIS;

extern const uint8_t decaf_x448_base_point[DECAF_X448_PUBLIC_BYTES];

/**

 * @brief RFC 7748 Diffie-Hellman base point scalarmul.  This function uses

void decaf_x448_derive_public_key (

    uint8_t out[DECAF_X448_PUBLIC_BYTES],

    const uint8_t scalar[DECAF_X448_PRIVATE_BYTES]

) DECAF_API_VIS DECAF_NONNULL DECAF_NOINLINE;

) DECAF_NONNULL DECAF_NOINLINE;

/**

    curve448_point_t scaled,

    const curve448_precomputed_s *base,

    const curve448_scalar_t scalar

) DECAF_API_VIS DECAF_NONNULL DECAF_NOINLINE;

) DECAF_NONNULL DECAF_NOINLINE;

/**

    const curve448_scalar_t scalar1,

    const curve448_point_t base2,

    const curve448_scalar_t scalar2

) DECAF_API_VIS DECAF_NONNULL DECAF_NOINLINE;

) DECAF_NONNULL DECAF_NOINLINE;

/**

 * @brief Test that a point is valid, for debugging purposes.

 */

__owur decaf_bool_t curve448_point_valid (

    const curve448_point_t to_test

) DECAF_API_VIS DECAF_NONNULL DECAF_NOINLINE;

) DECAF_NONNULL DECAF_NOINLINE;

/**

 * @brief Overwrite scalar with zeros.

 */

void curve448_scalar_destroy (

    curve448_scalar_t scalar

) DECAF_NONNULL DECAF_API_VIS;

) DECAF_NONNULL;

/**

 * @brief Overwrite point with zeros.

 */

void curve448_point_destroy (

    curve448_point_t point

) DECAF_NONNULL DECAF_API_VIS;

) DECAF_NONNULL;

#ifdef __cplusplus

} /* extern "C" */

void decaf_sha3_init (

    decaf_keccak_sponge_t sponge,

    const struct decaf_kparams_s *params

) DECAF_API_VIS;

);

/**

 * @brief Absorb data into a DECAF_SHA3 or DECAF_SHAKE hash context.

    struct decaf_keccak_sponge_s * __restrict__ sponge,

    const uint8_t *in,

    size_t len

) DECAF_API_VIS;

);

/**

 * @brief Squeeze output data from a DECAF_SHA3 or DECAF_SHAKE hash context.

    decaf_keccak_sponge_t sponge,

    uint8_t * __restrict__ out,

    size_t len

) DECAF_API_VIS;

);

/**

 * @brief Squeeze output data from a DECAF_SHA3 or DECAF_SHAKE hash context.

    decaf_keccak_sponge_t sponge,

    uint8_t * __restrict__ out,

    size_t len

) DECAF_API_VIS;

);

/**

 * @brief Reset the sponge to the empty string.

 */  

void decaf_sha3_reset (

    decaf_keccak_sponge_t sponge

) DECAF_API_VIS;

);

/**

 * @brief Return the default output length of the sponge construction,

 */  

size_t decaf_sha3_default_output_bytes (

    const decaf_keccak_sponge_t sponge /**< [inout] The context. */

) DECAF_API_VIS;

);

/**

 * @brief Return the default output length of the sponge construction,

 */  

size_t decaf_sha3_max_output_bytes (

    const decaf_keccak_sponge_t sponge /**< [inout] The context. */

) DECAF_API_VIS;

);

/**

 * @brief Destroy a DECAF_SHA3 or DECAF_SHAKE sponge context by overwriting it with 0.

 */  

void decaf_sha3_destroy (

    decaf_keccak_sponge_t sponge

) DECAF_API_VIS;

);

/**

 * @brief Hash (in) to (out)

    const uint8_t *in,

    size_t inlen,

    const struct decaf_kparams_s *params

) DECAF_API_VIS;

);

/* FUTURE: expand/doxygenate individual DECAF_SHAKE/DECAF_SHA3 instances? */

/** @cond internal */

#define DECAF_DEC_SHAKE(n) \

    extern const struct decaf_kparams_s DECAF_SHAKE##n##_params_s DECAF_API_VIS; \

    extern const struct decaf_kparams_s DECAF_SHAKE##n##_params_s; \

    typedef struct decaf_shake##n##_ctx_s { decaf_keccak_sponge_t s; } decaf_shake##n##_ctx_t[1]; \

    static inline void DECAF_NONNULL decaf_shake##n##_init(decaf_shake##n##_ctx_t sponge) { \

        decaf_sha3_init(sponge->s, &DECAF_SHAKE##n##_params_s); \

    }

#define DECAF_DEC_SHA3(n) \

    extern const struct decaf_kparams_s DECAF_SHA3_##n##_params_s DECAF_API_VIS; \

    extern const struct decaf_kparams_s DECAF_SHA3_##n##_params_s; \

    typedef struct decaf_sha3_##n##_ctx_s { decaf_keccak_sponge_t s; } decaf_sha3_##n##_ctx_t[1]; \

    static inline void DECAF_NONNULL decaf_sha3_##n##_init(decaf_sha3_##n##_ctx_t sponge) { \

        decaf_sha3_init(sponge->s, &DECAF_SHA3_##n##_params_s); \