add sanity check on AES key length

This commit is contained in:
JacobBarthelmeh
2026-05-12 14:23:59 -06:00
parent 6ac6e5065e
commit 70288b017f
+17 -2
View File
@@ -317,10 +317,18 @@ int Tropic01_CryptoCb(int devId, wc_CryptoInfo* info, void* ctx)
word32 keyLen = info->cipher.enc
? info->cipher.aesgcm_enc.aes->keylen
: info->cipher.aesgcm_dec.aes->keylen;
if (keyLen != AES_128_KEY_SIZE &&
keyLen != AES_192_KEY_SIZE &&
keyLen != AES_256_KEY_SIZE) {
WOLFSSL_MSG_EX(
"TROPIC01: CryptoCB: invalid AES key length %u",
keyLen);
return BAD_FUNC_ARG;
}
ret = Tropic01_GetKeyAES(
lt_key,
TROPIC01_AES_KEY_RMEM_SLOT,
keyLen);
TROPIC01_AES_MAX_KEY_SIZE);
if (ret != 0) {
WOLFSSL_MSG_EX(
"TROPIC01: CryptoCB: Failed to get AES key,ret=%d",
@@ -401,10 +409,17 @@ int Tropic01_CryptoCb(int devId, wc_CryptoInfo* info, void* ctx)
#ifdef HAVE_AES_CBC
if (info->cipher.type == WC_CIPHER_AES_CBC) {
word32 keyLen = info->cipher.aescbc.aes->keylen;
if (keyLen != AES_128_KEY_SIZE &&
keyLen != AES_192_KEY_SIZE &&
keyLen != AES_256_KEY_SIZE) {
WOLFSSL_MSG_EX(
"TROPIC01: CryptoCB: invalid AES key length %u", keyLen);
return BAD_FUNC_ARG;
}
ret = Tropic01_GetKeyAES(
lt_key,
TROPIC01_AES_KEY_RMEM_SLOT,
keyLen);
TROPIC01_AES_MAX_KEY_SIZE);
if (ret != 0) {
WOLFSSL_MSG_EX(
"TROPIC01: CryptoCB: Failed to get AES key,ret=%d", ret);