crypto: aes_init(): Fail correctly when called with bad key length

A proper error code is returned if a key with unsupported (either by the implementation or the AES algorithm) length is passed to aes_init. This fixes Issue #10175
2024-12-29 04:50:03 +01:00 · 2018-10-26 16:21:50 +02:00 · 2018-10-26 16:21:50 +02:00 · 66edeeb9c6
commit 66edeeb9c6
parent 0352c7406d
2 changed files with 7 additions and 0 deletions
--- a/sys/crypto/aes.c
+++ b/sys/crypto/aes.c
@ -800,6 +800,11 @@ int aes_init(cipher_context_t *context, const uint8_t *key, uint8_t keySize)
 {
    uint8_t i;

+    /* This implementation only supports a single key size (defined in AES_KEY_SIZE) */
+    if (keySize != AES_KEY_SIZE) {
+        return CIPHER_ERR_INVALID_KEY_SIZE;
+    }
+
    /* Make sure that context is large enough. If this is not the case,
       you should build with -DAES */
    if (CIPHER_MAX_CONTEXT_SIZE < AES_KEY_SIZE) {
--- a/sys/include/crypto/aes.h
+++ b/sys/include/crypto/aes.h
@ -75,6 +75,8 @@ typedef struct {
 * @param       context   the cipher_context_t-struct to save the
 *                        initialization of the cipher in
 * @param       keySize   the size of the key
+ *                        Must be 16, since this implementation does not
+ *                        support key lengths of 24 or 32 bytes
 * @param       key       a pointer to the key
 *
 * @return  CIPHER_INIT_SUCCESS if the initialization was successful.