main/openssl: fix padlock sha1/256 oneshot finalizing update

We want to handle bytes upto next block boundary, to work with
hardware from block boundary. The code incorrectly fed just the
amount of bytes in the block.

1 files changed, 2 insertions, 2 deletions

diff --git a/main/openssl/0004-engines-e_padlock-implement-sha1-sha224-sha256-accel.patch b/main/openssl/0004-engines-e_padlock-implement-sha1-sha224-sha256-accel.patch
index d1bb3704b7..1ace35936f 100644
--- a/main/openssl/0004-engines-e_padlock-implement-sha1-sha224-sha256-accel.patch
+++ b/main/openssl/0004-engines-e_padlock-implement-sha1-sha224-sha256-accel.patch
@@ -298,7 +298,7 @@ index 4300f35..3591c59 100644
 +	if ((ctx->flags & EVP_MD_CTX_FLAG_ONESHOT) &&
 +	    (total <= PADLOCK_MAX_FINALIZING_LENGTH)) {
 +		if (c->num != 0) {
-+			l = (len < SHA_CBLOCK) ? len : SHA_CBLOCK;
++			l = (len < SHA_CBLOCK - c->num) ? len : (SHA_CBLOCK - c->num);
 +			if (!SHA1_Update(c, data, l))
 +				return 0;
 +			p += l;
@@ -489,7 +489,7 @@ index 4300f35..3591c59 100644
 +	if ((ctx->flags & EVP_MD_CTX_FLAG_ONESHOT) &&
 +	    (total <= PADLOCK_MAX_FINALIZING_LENGTH)) {
 +		if (c->num != 0) {
-+			l = (len < SHA256_CBLOCK) ? len : SHA256_CBLOCK;
++			l = (len < SHA256_CBLOCK - c->num) ? len : (SHA256_CBLOCK - c->num);
 +			if (!SHA256_Update(c, data, l))
 +				return 0;
 +			p += l;