riot-ci/RIOT
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

crypto: aes_init(): Fail correctly when called with bad key length

Browse Source 
A proper error code is returned if a key with unsupported (either by the implementation or the AES algorithm) length is passed to aes_init.
This fixes Issue #10175
This commit is contained in:
Mathias Tausig 2018-10-26 16:21:50 +02:00 committed by Mathias Tausig
parent 0352c7406d
commit 66edeeb9c6
2 changed files with 7 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
sys/crypto/aes.c
View File

@ -800,6 +800,11 @@ int aes_init(cipher_context_t *context, const uint8_t *key, uint8_t keySize)
{ {
uint8_t i; uint8_t i;
/* This implementation only supports a single key size (defined in AES_KEY_SIZE) */
if (keySize != AES_KEY_SIZE) {
return CIPHER_ERR_INVALID_KEY_SIZE;
}
/* Make sure that context is large enough. If this is not the case, /* Make sure that context is large enough. If this is not the case,
you should build with -DAES */ you should build with -DAES */
if (CIPHER_MAX_CONTEXT_SIZE < AES_KEY_SIZE) { if (CIPHER_MAX_CONTEXT_SIZE < AES_KEY_SIZE) {

2
sys/include/crypto/aes.h
View File

@ -75,6 +75,8 @@ typedef struct {
* @param context the cipher_context_t-struct to save the * @param context the cipher_context_t-struct to save the
* initialization of the cipher in * initialization of the cipher in
* @param keySize the size of the key * @param keySize the size of the key
* Must be 16, since this implementation does not
* support key lengths of 24 or 32 bytes
* @param key a pointer to the key * @param key a pointer to the key
* *
* @return CIPHER_INIT_SUCCESS if the initialization was successful. * @return CIPHER_INIT_SUCCESS if the initialization was successful.