md: clear bctx.count at final function

* cipher/md4.c (md4_final): Set bctx.count zero after
finalizing.
* cipher/md5.c (md5_final): Ditto.
* cipher/rmd160.c (rmd160_final): Ditto.
* cipher/sha1.c (sha1_final): Ditto.
* cipher/sha256.c (sha256_final): Ditto.
* cipher/sha512.c (sha512_final): Ditto.
* cipher/sm3.c (sm3_final): Ditto.
* cipher/stribog.c (stribog_final): Ditto.
* cipher/tiger.c (tiger_final): Ditto.
--

Final functions used to use _gcry_md_block_write for passing
final blocks to transform function and thus set bctx.count
to zero in _gcry_md_block_write. Final functions were then
changed to use transform functions directly, but bctx.count
was not set zero after this change. Then later optimization
to final functions to pass two blocks to transform functions
in one call also changed values set to bctx.count, causing
bctx.count getting value larger than block-size of digest
algorithm.

Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi>

1 files changed, 2 insertions, 2 deletions

diff --git a/cipher/rmd160.c b/cipher/rmd160.c
index 0608f74c..e12ff017 100644
--- a/cipher/rmd160.c
+++ b/cipher/rmd160.c
@@ -434,7 +434,6 @@ rmd160_final( void *context )
       hd->bctx.buf[hd->bctx.count++] = 0x80; /* pad */
       if (hd->bctx.count < 56)
 	memset (&hd->bctx.buf[hd->bctx.count], 0, 56 - hd->bctx.count);
-      hd->bctx.count = 56;
 
       /* append the 64 bit count */
       buf_put_le32(hd->bctx.buf + 56, lsb);
@@ -446,7 +445,6 @@ rmd160_final( void *context )
       hd->bctx.buf[hd->bctx.count++] = 0x80; /* pad character */
       /* fill pad and next block with zeroes */
       memset (&hd->bctx.buf[hd->bctx.count], 0, 64 - hd->bctx.count + 56);
-      hd->bctx.count = 64 + 56;
 
       /* append the 64 bit count */
       buf_put_le32(hd->bctx.buf + 64 + 56, lsb);
@@ -463,6 +461,8 @@ rmd160_final( void *context )
   X(4);
 #undef X
 
+  hd->bctx.count = 0;
+
   _gcry_burn_stack (burn);
 }