Fix typo in an old comment, and avoid useless hash

2026-02-21 16:54:52 +00:00 · 2024-03-10 19:54:38 +01:00 · 2024-03-10 19:54:38 +01:00 · 2dba5eaa64
commit 2dba5eaa64
parent 1ca3a48b87
1 changed files with 4 additions and 4 deletions
--- a/lib/std/crypto/ml_kem.zig
+++ b/lib/std/crypto/ml_kem.zig
@ -274,18 +274,18 @@ fn Kyber(comptime p: Params) type {
                g.update(&pk.hpk);
                g.final(&kr);

-                // c = innerEncrypy(pk, m, r)
+                // c = innerEncrypt(pk, m, r)
                const ct = pk.pk.encrypt(&m, kr[32..64]);

-                // Compute H(c) and put in second slot of kr, which will be (K', H(c)).
-                sha3.Sha3_256.hash(&ct, kr[32..], .{});
-
                if (p.ml_kem) {
                    return EncapsulatedSecret{
                        .shared_secret = kr[0..shared_length].*, // ML-KEM: K = K'
                        .ciphertext = ct,
                    };
                } else {
+                    // Compute H(c) and put in second slot of kr, which will be (K', H(c)).
+                    sha3.Sha3_256.hash(&ct, kr[32..], .{});
+
                    var ss: [shared_length]u8 = undefined;
                    sha3.Shake256.hash(&kr, &ss, .{});
                    return EncapsulatedSecret{