mirror/zig
1
0
Fork 0
mirror of https://github.com/ziglang/zig.git synced 2025-12-06 06:13:07 +00:00
Code Issues Packages Projects Releases Wiki Activity

crypto.ml_kem: avoid redundant assignment & fix K-PKE.KeyGen (#26031)

Browse Source 
FIPS-203 algorithm 13 for deterministic key generation uses
(𝜌, 𝜎) ← G(𝑑 β€– π‘˜) , not (𝜌, 𝜎) ← G(k β€– d)
This commit is contained in:
Frank Denis 2025-11-24 19:45:48 +01:00 committed by GitHub
parent 289f2f0d34
commit 3c647ca6bb
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 1 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
lib/std/crypto/ml_kem.zig
View File

@ -376,7 +376,6 @@ fn Kyber(comptime p: Params) type {
/// Except in tests, applications should generally call `generate()` instead of this function. /// Except in tests, applications should generally call `generate()` instead of this function.
pub fn generateDeterministic(seed: [seed_length]u8) !KeyPair { pub fn generateDeterministic(seed: [seed_length]u8) !KeyPair {
var ret: KeyPair = undefined; var ret: KeyPair = undefined;
ret.secret_key.z = seed[inner_seed_length..seed_length].*;
// Generate inner key // Generate inner key
innerKeyFromSeed( innerKeyFromSeed(
@ -507,8 +506,8 @@ fn Kyber(comptime p: Params) type {
fn innerKeyFromSeed(seed: [inner_seed_length]u8, pk: *InnerPk, sk: *InnerSk) void { fn innerKeyFromSeed(seed: [inner_seed_length]u8, pk: *InnerPk, sk: *InnerSk) void {
var expanded_seed: [64]u8 = undefined; var expanded_seed: [64]u8 = undefined;
var h = sha3.Sha3_512.init(.{}); var h = sha3.Sha3_512.init(.{});
if (p.ml_kem) h.update(&[1]u8{p.k});
h.update(&seed); h.update(&seed);
if (p.ml_kem) h.update(&[1]u8{p.k});
h.final(&expanded_seed); h.final(&expanded_seed);
pk.rho = expanded_seed[0..32].*; pk.rho = expanded_seed[0..32].*;
const sigma = expanded_seed[32..64]; const sigma = expanded_seed[32..64];