Start verifying that code which should be constant-time really is.

[catacomb] / symm / sha3.c

diff --git a/symm/sha3.c b/symm/sha3.c
index 97b41e3..97a3f7a 100644 (file)
--- a/symm/sha3.c
+++ b/symm/sha3.c
@@ -563,7 +563,7 @@ static gcipher *shake128_gcinit(const void *k, size_t sz)
 static gcipher *shake256_gcinit(const void *k, size_t sz)
 {
   shake_gcctx *cc = S_CREATE(shake_gcctx);
-  cc->gc.ops = &shake128_gcops;
+  cc->gc.ops = &shake256_gcops;
   shake256_init(&cc->c); shake_hash(&cc->c, k, sz); shake_xof(&cc->c);
   return (&cc->gc);
 }