From 3744e2122ff77c84b9ec26ac9020ab5808d85c09 Mon Sep 17 00:00:00 2001
From: toddouska <todd@yassl.com>
Date: Fri, 2 Mar 2012 11:16:12 -0800
Subject: [PATCH] fix digest hiLen using modded loLen on greater than 2^29 bits

---
 ctaocrypt/src/md4.c    | 2 +-
 ctaocrypt/src/md5.c    | 2 +-
 ctaocrypt/src/sha.c    | 2 +-
 ctaocrypt/src/sha256.c | 2 +-
 ctaocrypt/src/sha512.c | 2 +-
 5 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/ctaocrypt/src/md4.c b/ctaocrypt/src/md4.c
index 7482f2c14..e47c43277 100644
--- a/ctaocrypt/src/md4.c
+++ b/ctaocrypt/src/md4.c
@@ -192,9 +192,9 @@ void Md4Final(Md4* md4, byte* hash)
     XMEMSET(&local[md4->buffLen], 0, MD4_PAD_SIZE - md4->buffLen);
    
     /* put lengths in bits */
-    md4->loLen = md4->loLen << 3;
     md4->hiLen = (md4->loLen >> (8*sizeof(md4->loLen) - 3)) + 
                  (md4->hiLen << 3);
+    md4->loLen = md4->loLen << 3;
 
     /* store lengths */
     #ifdef BIG_ENDIAN_ORDER
diff --git a/ctaocrypt/src/md5.c b/ctaocrypt/src/md5.c
index 7e089f567..f735c74d2 100644
--- a/ctaocrypt/src/md5.c
+++ b/ctaocrypt/src/md5.c
@@ -203,9 +203,9 @@ void Md5Final(Md5* md5, byte* hash)
     XMEMSET(&local[md5->buffLen], 0, MD5_PAD_SIZE - md5->buffLen);
    
     /* put lengths in bits */
-    md5->loLen = md5->loLen << 3;
     md5->hiLen = (md5->loLen >> (8*sizeof(md5->loLen) - 3)) + 
                  (md5->hiLen << 3);
+    md5->loLen = md5->loLen << 3;
 
     /* store lengths */
     #ifdef BIG_ENDIAN_ORDER
diff --git a/ctaocrypt/src/sha.c b/ctaocrypt/src/sha.c
index 5f3fa42e3..bad8c9f79 100644
--- a/ctaocrypt/src/sha.c
+++ b/ctaocrypt/src/sha.c
@@ -178,9 +178,9 @@ void ShaFinal(Sha* sha, byte* hash)
     XMEMSET(&local[sha->buffLen], 0, SHA_PAD_SIZE - sha->buffLen);
    
     /* put lengths in bits */
-    sha->loLen = sha->loLen << 3;
     sha->hiLen = (sha->loLen >> (8*sizeof(sha->loLen) - 3)) + 
                  (sha->hiLen << 3);
+    sha->loLen = sha->loLen << 3;
 
     /* store lengths */
     #ifdef LITTLE_ENDIAN_ORDER
diff --git a/ctaocrypt/src/sha256.c b/ctaocrypt/src/sha256.c
index 25f8acff7..9291dbc9c 100644
--- a/ctaocrypt/src/sha256.c
+++ b/ctaocrypt/src/sha256.c
@@ -182,9 +182,9 @@ void Sha256Final(Sha256* sha256, byte* hash)
     XMEMSET(&local[sha256->buffLen], 0, SHA256_PAD_SIZE - sha256->buffLen);
 
     /* put lengths in bits */
-    sha256->loLen = sha256->loLen << 3;
     sha256->hiLen = (sha256->loLen >> (8*sizeof(sha256->loLen) - 3)) +
                  (sha256->hiLen << 3);
+    sha256->loLen = sha256->loLen << 3;
 
     /* store lengths */
     #ifdef LITTLE_ENDIAN_ORDER
diff --git a/ctaocrypt/src/sha512.c b/ctaocrypt/src/sha512.c
index dc8c1210e..551927a0a 100644
--- a/ctaocrypt/src/sha512.c
+++ b/ctaocrypt/src/sha512.c
@@ -221,9 +221,9 @@ void Sha512Final(Sha512* sha512, byte* hash)
     XMEMSET(&local[sha512->buffLen], 0, SHA512_PAD_SIZE - sha512->buffLen);
    
     /* put lengths in bits */
-    sha512->loLen = sha512->loLen << 3;
     sha512->hiLen = (sha512->loLen >> (8*sizeof(sha512->loLen) - 3)) + 
                  (sha512->hiLen << 3);
+    sha512->loLen = sha512->loLen << 3;
 
     /* store lengths */
     #ifdef LITTLE_ENDIAN_ORDER