From 7bebee1d5e4b7e74e6afe6b188da3f0d485269cb Mon Sep 17 00:00:00 2001
From: Stephan Mueller <smueller@chronox.de>
Date: Fri, 18 Nov 2016 12:27:56 +0100
Subject: crypto: drbg - advance output buffer pointer

The CTR DRBG segments the number of random bytes to be generated into
128 byte blocks. The current code misses the advancement of the output
buffer pointer when the requestor asks for more than 128 bytes of data.
In this case, the next 128 byte block of random numbers is copied to
the beginning of the output buffer again. This implies that only the
first 128 bytes of the output buffer would ever be filled.

The patch adds the advancement of the buffer pointer to fill the entire
buffer.

Signed-off-by: Stephan Mueller <smueller@chronox.de>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
---
 crypto/drbg.c | 1 +
 1 file changed, 1 insertion(+)

(limited to 'crypto')

diff --git a/crypto/drbg.c b/crypto/drbg.c
index fb33f7d3..9a95b619 100644
--- a/crypto/drbg.c
+++ b/crypto/drbg.c
@@ -1766,6 +1766,7 @@ static int drbg_kcapi_sym_ctr(struct drbg_state *drbg,
 		init_completion(&drbg->ctr_completion);
 
 		outlen -= cryptlen;
+		outbuf += cryptlen;
 	}
 
 	return 0;
-- 
cgit v1.2.3