From 2dba5eaa6450a9cf1c0a3bc6ba2c26f4896f52b5 Mon Sep 17 00:00:00 2001
From: Frank Denis <github@pureftpd.org>
Date: Sun, 10 Mar 2024 19:54:38 +0100
Subject: [PATCH] Fix typo in an old comment, and avoid useless hash

---
 lib/std/crypto/ml_kem.zig | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/lib/std/crypto/ml_kem.zig b/lib/std/crypto/ml_kem.zig
index fde3e4b28c..4666148ed7 100644
--- a/lib/std/crypto/ml_kem.zig
+++ b/lib/std/crypto/ml_kem.zig
@@ -274,18 +274,18 @@ fn Kyber(comptime p: Params) type {
                 g.update(&pk.hpk);
                 g.final(&kr);
 
-                // c = innerEncrypy(pk, m, r)
+                // c = innerEncrypt(pk, m, r)
                 const ct = pk.pk.encrypt(&m, kr[32..64]);
 
-                // Compute H(c) and put in second slot of kr, which will be (K', H(c)).
-                sha3.Sha3_256.hash(&ct, kr[32..], .{});
-
                 if (p.ml_kem) {
                     return EncapsulatedSecret{
                         .shared_secret = kr[0..shared_length].*, // ML-KEM: K = K'
                         .ciphertext = ct,
                     };
                 } else {
+                    // Compute H(c) and put in second slot of kr, which will be (K', H(c)).
+                    sha3.Sha3_256.hash(&ct, kr[32..], .{});
+
                     var ss: [shared_length]u8 = undefined;
                     sha3.Shake256.hash(&kr, &ss, .{});
                     return EncapsulatedSecret{