From 385e1fd6b2ae64a46f13a84e60a8adb30464a10e Mon Sep 17 00:00:00 2001
From: Arthur Paulino <arthurleonardo.ap@gmail.com>
Date: Wed, 7 Feb 2024 12:43:33 -0300
Subject: [PATCH] fix: properly pad sha256 input

---
 src/coprocessor/sha256.rs | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/src/coprocessor/sha256.rs b/src/coprocessor/sha256.rs
index f17403eca4..b66b46cdbc 100644
--- a/src/coprocessor/sha256.rs
+++ b/src/coprocessor/sha256.rs
@@ -30,6 +30,10 @@ fn synthesize_sha256<F: LurkField, CS: ConstraintSystem<F>>(
 
     let mut bits = vec![];
 
+    let pad_to_next_len_multiple_of_8 = |bits: &mut Vec<_>| {
+        bits.resize((bits.len() + 7) / 8 * 8, zero.clone());
+    };
+
     for ptr in ptrs {
         let tag_bits = ptr
             .tag()
@@ -39,9 +43,9 @@ fn synthesize_sha256<F: LurkField, CS: ConstraintSystem<F>>(
             .to_bits_le_strict(&mut cs.namespace(|| "preimage_hash_bits"))?;
 
         bits.extend(tag_bits);
-        bits.push(zero.clone()); // need 256 bits (or some multiple of 8).
+        pad_to_next_len_multiple_of_8(&mut bits);
         bits.extend(hash_bits);
-        bits.push(zero.clone()); // need 256 bits (or some multiple of 8).
+        pad_to_next_len_multiple_of_8(&mut bits);
     }
 
     bits.reverse();