Increment the input and output position for EVP AES CFB1.

The length is decremented, however the input is repeatedly read from and
output written to the same position. Correct this by actually incrementing
the input and output pointers.

Found via OpenSSL 604e591ed7,

ok tb@

1 files changed, 3 insertions, 1 deletions

diff --git a/src/lib/libcrypto/evp/e_aes.c b/src/lib/libcrypto/evp/e_aes.c
index e6bba2b952..3661abcbfe 100644
--- a/src/lib/libcrypto/evp/e_aes.c
+++ b/src/lib/libcrypto/evp/e_aes.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: e_aes.c,v 1.47 2022/09/06 06:38:26 jsing Exp $ */
+/* $OpenBSD: e_aes.c,v 1.48 2022/09/10 17:45:10 jsing Exp $ */
 /* ====================================================================
  * Copyright (c) 2001-2011 The OpenSSL Project.  All rights reserved.
  *
@@ -511,6 +511,8 @@ aes_cfb1_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
                 CRYPTO_cfb128_1_encrypt(in, out, MAXBITCHUNK*8, &dat->ks,
                     ctx->iv, &ctx->num, ctx->encrypt, dat->block);
                 len -= MAXBITCHUNK;
+                in += MAXBITCHUNK;
+                out += MAXBITCHUNK;
         }
         if (len)
                 CRYPTO_cfb128_1_encrypt(in, out, len*8, &dat->ks,