From 54cdab8005e2b9cf7d68610c464b61781dd49e90 Mon Sep 17 00:00:00 2001
From: Tesfa Mael <tesfa@wolfssl.com>
Date: Fri, 20 Sep 2019 10:17:08 -0700
Subject: [PATCH 1/2] Initialize AES GCM set key

---
 wolfcrypt/src/aes.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/wolfcrypt/src/aes.c b/wolfcrypt/src/aes.c
index d294f6236..db9b9b2cd 100644
--- a/wolfcrypt/src/aes.c
+++ b/wolfcrypt/src/aes.c
@@ -3601,6 +3601,7 @@ int wc_AesGcmSetKey(Aes* aes, const byte* key, word32 len)
     if (!((len == 16) || (len == 24) || (len == 32)))
         return BAD_FUNC_ARG;
 
+    XMEMSET(aes, 0, sizeof(Aes));
     XMEMSET(iv, 0, AES_BLOCK_SIZE);
     ret = wc_AesSetKey(aes, key, len, iv, AES_ENCRYPTION);
 

From 74386fd0d01b620a59f111a0fe9c506acabce232 Mon Sep 17 00:00:00 2001
From: Tesfa Mael <tesfa@wolfssl.com>
Date: Fri, 20 Sep 2019 12:04:33 -0700
Subject: [PATCH 2/2] Initialize GCM AAD in case wc_AesInit() wasn't called

---
 wolfcrypt/src/aes.c | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/wolfcrypt/src/aes.c b/wolfcrypt/src/aes.c
index db9b9b2cd..8e2ecfdd5 100644
--- a/wolfcrypt/src/aes.c
+++ b/wolfcrypt/src/aes.c
@@ -3601,7 +3601,12 @@ int wc_AesGcmSetKey(Aes* aes, const byte* key, word32 len)
     if (!((len == 16) || (len == 24) || (len == 32)))
         return BAD_FUNC_ARG;
 
-    XMEMSET(aes, 0, sizeof(Aes));
+#ifdef OPENSSL_EXTRA
+    if (aes != NULL) {
+        XMEMSET(aes->aadH, 0, sizeof(aes->aadH));
+        aes->aadLen = 0;
+    }
+#endif
     XMEMSET(iv, 0, AES_BLOCK_SIZE);
     ret = wc_AesSetKey(aes, key, len, iv, AES_ENCRYPTION);