Skip to content

Commit

Permalink
crypto: drbg - advance output buffer pointer
Browse files Browse the repository at this point in the history 
The CTR DRBG segments the number of random bytes to be generated into
128 byte blocks. The current code misses the advancement of the output
buffer pointer when the requestor asks for more than 128 bytes of data.
In this case, the next 128 byte block of random numbers is copied to
the beginning of the output buffer again. This implies that only the
first 128 bytes of the output buffer would ever be filled.

The patch adds the advancement of the buffer pointer to fill the entire
buffer.

Signed-off-by: Stephan Mueller <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
  • Loading branch information
@smuellerDD @herbertx
smuellerDD authored and herbertx committed Nov 21, 2016
1 parent 18f47f5 commit 8ff4c19
Showing 1 changed file with 1 addition and 0 deletions.
1 change: 1 addition & 0 deletions crypto/drbg.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1766,6 +1766,7 @@ static int drbg_kcapi_sym_ctr(struct drbg_state *drbg,
init_completion(&drbg->ctr_completion);

outlen -= cryptlen;
outbuf += cryptlen;
}

return 0;
Expand Down

0 comments on commit 8ff4c19

Please sign in to comment.