_gcry_md_hash_buffers_extract can be used instead of _gcry_md_open&write&extract&close.

[falko-strenzke]

from Jussi's review

mlkem-common.c: _gcry_mlkem_mlkem_shake256_rkprf: gcry_md_hash_buffers_extract can be used here instead of _gcry_md_open&write&extract&close.

mlkem-symmetric.c: _gcry_mlkem_shake256_prf: _gcry_md_hash_buffers_extract can be used here instead of _gcry_md_open&write&extract&close. Temporary buffer > usage can be avoided by passing input buffers through two IOV to _gcry_md_hash_buffers_extract.

[falko-strenzke]

in the code of _gcry_md_hash_buffers_extract it says:

The only supported flag in FLAGS is GCRY_MD_FLAG_HMAC which turns this function into a HMAC function; the first item in IOV is then used as the key."

The flag GCRY_MD_FLAG_SECURE that we need is thus not supported. Also I don't see much saving in code lines, as also the buffer object would have to be initialized.

This is the code I used to test it which gave a runtime error (Invalid Argument):

static gcry_err_code_t
_gcry_mlkem_mlkem_shake256_rkprf (uint8_t out[GCRY_MLKEM_SSBYTES],
                                  const uint8_t key[GCRY_MLKEM_SYMBYTES],
                                  const uint8_t *input,
                                  size_t input_length)
{
    gcry_buffer_t buf;
    buf.data = (void*) input;
    buf.off = 0;
    buf.len = input_length;
    buf.size = input_length;
return _gcry_md_hash_buffers_extract(GCRY_MD_SHAKE256, GCRY_MD_FLAG_SECURE, out, GCRY_MLKEM_SSBYTES, &buf, 1);
}