mirror of
https://github.com/wolfSSL/wolfssl.git
synced 2026-07-05 15:20:49 +02:00
add sanity check on AES key length
This commit is contained in:
@@ -317,10 +317,18 @@ int Tropic01_CryptoCb(int devId, wc_CryptoInfo* info, void* ctx)
|
||||
word32 keyLen = info->cipher.enc
|
||||
? info->cipher.aesgcm_enc.aes->keylen
|
||||
: info->cipher.aesgcm_dec.aes->keylen;
|
||||
if (keyLen != AES_128_KEY_SIZE &&
|
||||
keyLen != AES_192_KEY_SIZE &&
|
||||
keyLen != AES_256_KEY_SIZE) {
|
||||
WOLFSSL_MSG_EX(
|
||||
"TROPIC01: CryptoCB: invalid AES key length %u",
|
||||
keyLen);
|
||||
return BAD_FUNC_ARG;
|
||||
}
|
||||
ret = Tropic01_GetKeyAES(
|
||||
lt_key,
|
||||
TROPIC01_AES_KEY_RMEM_SLOT,
|
||||
keyLen);
|
||||
TROPIC01_AES_MAX_KEY_SIZE);
|
||||
if (ret != 0) {
|
||||
WOLFSSL_MSG_EX(
|
||||
"TROPIC01: CryptoCB: Failed to get AES key,ret=%d",
|
||||
@@ -401,10 +409,17 @@ int Tropic01_CryptoCb(int devId, wc_CryptoInfo* info, void* ctx)
|
||||
#ifdef HAVE_AES_CBC
|
||||
if (info->cipher.type == WC_CIPHER_AES_CBC) {
|
||||
word32 keyLen = info->cipher.aescbc.aes->keylen;
|
||||
if (keyLen != AES_128_KEY_SIZE &&
|
||||
keyLen != AES_192_KEY_SIZE &&
|
||||
keyLen != AES_256_KEY_SIZE) {
|
||||
WOLFSSL_MSG_EX(
|
||||
"TROPIC01: CryptoCB: invalid AES key length %u", keyLen);
|
||||
return BAD_FUNC_ARG;
|
||||
}
|
||||
ret = Tropic01_GetKeyAES(
|
||||
lt_key,
|
||||
TROPIC01_AES_KEY_RMEM_SLOT,
|
||||
keyLen);
|
||||
TROPIC01_AES_MAX_KEY_SIZE);
|
||||
if (ret != 0) {
|
||||
WOLFSSL_MSG_EX(
|
||||
"TROPIC01: CryptoCB: Failed to get AES key,ret=%d", ret);
|
||||
|
||||
Reference in New Issue
Block a user