diff --git a/src/lib/libc/hash/sha1.c b/src/lib/libc/hash/sha1.c
index 4a6cc325..81887e3e 100644
--- a/src/lib/libc/hash/sha1.c
+++ b/src/lib/libc/hash/sha1.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: sha1.c,v 1.26 2015/09/11 09:18:27 guenther Exp $	*/
+/*	$OpenBSD: sha1.c,v 1.27 2019/06/07 22:56:36 dtucker Exp $	*/
 
 /*
  * SHA-1 in C
@@ -128,7 +128,7 @@ SHA1Update(SHA1_CTX *context, const u_int8_t *data, size_t len)
 	size_t i, j;
 
 	j = (size_t)((context->count >> 3) & 63);
-	context->count += (len << 3);
+	context->count += ((u_int64_t)len << 3);
 	if ((j + len) > 63) {
 		(void)memcpy(&context->buffer[j], data, (i = 64-j));
 		SHA1Transform(context->state, context->buffer);
diff --git a/src/lib/libc/hash/sha2.c b/src/lib/libc/hash/sha2.c
index 80fa50aa..f16cf9cd 100644
--- a/src/lib/libc/hash/sha2.c
+++ b/src/lib/libc/hash/sha2.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: sha2.c,v 1.26 2017/05/27 15:32:51 naddy Exp $	*/
+/*	$OpenBSD: sha2.c,v 1.27 2019/06/07 22:56:36 dtucker Exp $	*/
 
 /*
  * FILE:	sha2.c
@@ -510,7 +510,7 @@ DEF_WEAK(SHA256Transform);
 void
 SHA256Update(SHA2_CTX *context, const u_int8_t *data, size_t len)
 {
-	size_t	freespace, usedspace;
+	u_int64_t	freespace, usedspace;
 
 	/* Calling with no data is valid (we do nothing) */
 	if (len == 0)
@@ -531,7 +531,7 @@ SHA256Update(SHA2_CTX *context, const u_int8_t *data, size_t len)
 		} else {
 			/* The buffer is not yet full */
 			memcpy(&context->buffer[usedspace], data, len);
-			context->bitcount[0] += len << 3;
+			context->bitcount[0] += (u_int64_t)len << 3;
 			/* Clean up: */
 			usedspace = freespace = 0;
 			return;