From 66edeeb9c69a4991bae7e03d70846679f09b253f Mon Sep 17 00:00:00 2001
From: Mathias Tausig <mathias@tausig.at>
Date: Fri, 26 Oct 2018 16:21:50 +0200
Subject: [PATCH] crypto: aes_init(): Fail correctly when called with bad key
 length

A proper error code is returned if a key with unsupported (either by the implementation or the AES algorithm) length is passed to aes_init.
This fixes Issue #10175
---
 sys/crypto/aes.c         | 5 +++++
 sys/include/crypto/aes.h | 2 ++
 2 files changed, 7 insertions(+)

diff --git a/sys/crypto/aes.c b/sys/crypto/aes.c
index 064d251b7e..0e7fd6a75d 100644
--- a/sys/crypto/aes.c
+++ b/sys/crypto/aes.c
@@ -800,6 +800,11 @@ int aes_init(cipher_context_t *context, const uint8_t *key, uint8_t keySize)
 {
     uint8_t i;
 
+    /* This implementation only supports a single key size (defined in AES_KEY_SIZE) */
+    if (keySize != AES_KEY_SIZE) {
+        return CIPHER_ERR_INVALID_KEY_SIZE;
+    }
+
     /* Make sure that context is large enough. If this is not the case,
        you should build with -DAES */
     if (CIPHER_MAX_CONTEXT_SIZE < AES_KEY_SIZE) {
diff --git a/sys/include/crypto/aes.h b/sys/include/crypto/aes.h
index b8756b10ce..5a57d33f75 100644
--- a/sys/include/crypto/aes.h
+++ b/sys/include/crypto/aes.h
@@ -75,6 +75,8 @@ typedef struct {
  * @param       context   the cipher_context_t-struct to save the
  *                        initialization of the cipher in
  * @param       keySize   the size of the key
+ *                        Must be 16, since this implementation does not
+ *                        support key lengths of 24 or 32 bytes
  * @param       key       a pointer to the key
  *
  * @return  CIPHER_INIT_SUCCESS if the initialization was successful.