From ff4a19a471bfcb80ddd11b491b181589e324a52f Mon Sep 17 00:00:00 2001
From: "Dr. Stephen Henson" <steve@openssl.org>
Date: Sun, 6 Mar 2011 13:10:37 +0000
Subject: [PATCH] Fix couple of bugs in CTR DRBG implementation.

---
 fips/rand/fips_drbg_ctr.c | 21 ++++++++++++---------
 1 file changed, 12 insertions(+), 9 deletions(-)

diff --git a/fips/rand/fips_drbg_ctr.c b/fips/rand/fips_drbg_ctr.c
index 212bcf8df6..2b2d226c53 100644
--- a/fips/rand/fips_drbg_ctr.c
+++ b/fips/rand/fips_drbg_ctr.c
@@ -360,12 +360,15 @@ int fips_drbg_ctr_init(DRBG_CTX *dctx)
 		{
 		case NID_aes_128_ctr:
 		keylen = 16;
+		break;
 
 		case NID_aes_192_ctr:
 		keylen = 24;
+		break;
 
 		case NID_aes_256_ctr:
 		keylen = 32;
+		break;
 
 		default:
 		return -2;
@@ -394,6 +397,15 @@ int fips_drbg_ctr_init(DRBG_CTX *dctx)
 		/* Set key schedule for df_key */
 		AES_set_encrypt_key(df_key, dctx->strength, &cctx->df_ks);
 
+		dctx->min_entropy = cctx->keylen;
+		dctx->max_entropy = DRBG_MAX_ENTROPY;
+		dctx->min_nonce = dctx->min_entropy / 2;
+		dctx->max_nonce = DRBG_MAX_NONCE;
+		dctx->max_pers = DRBG_MAX_LENGTH;
+		dctx->max_adin = DRBG_MAX_LENGTH;
+		}
+	else
+		{
 		dctx->min_entropy = dctx->seedlen;
 		dctx->max_entropy = dctx->seedlen;
 		/* Nonce not used */
@@ -402,15 +414,6 @@ int fips_drbg_ctr_init(DRBG_CTX *dctx)
 		dctx->max_pers = dctx->seedlen;
 		dctx->max_adin = dctx->seedlen;
 		}
-	else
-		{
-		dctx->min_entropy = cctx->keylen;
-		dctx->max_entropy = DRBG_MAX_ENTROPY;
-		dctx->min_nonce = dctx->min_entropy / 2;
-		dctx->max_nonce = DRBG_MAX_NONCE;
-		dctx->max_pers = DRBG_MAX_LENGTH;
-		dctx->max_adin = DRBG_MAX_LENGTH;
-		}
 
 	dctx->max_request = 1<<19;
 	dctx->reseed_counter = DRBG_MAX_LENGTH;
-- 
2.40.0