@@ -317,10 +317,18 @@ int Tropic01_CryptoCb(int devId, wc_CryptoInfo* info, void* ctx)
317317 word32 keyLen = info -> cipher .enc
318318 ? info -> cipher .aesgcm_enc .aes -> keylen
319319 : info -> cipher .aesgcm_dec .aes -> keylen ;
320+ if (keyLen != AES_128_KEY_SIZE &&
321+ keyLen != AES_192_KEY_SIZE &&
322+ keyLen != AES_256_KEY_SIZE ) {
323+ WOLFSSL_MSG_EX (
324+ "TROPIC01: CryptoCB: invalid AES key length %u" ,
325+ keyLen );
326+ return BAD_FUNC_ARG ;
327+ }
320328 ret = Tropic01_GetKeyAES (
321329 lt_key ,
322330 TROPIC01_AES_KEY_RMEM_SLOT ,
323- keyLen );
331+ TROPIC01_AES_MAX_KEY_SIZE );
324332 if (ret != 0 ) {
325333 WOLFSSL_MSG_EX (
326334 "TROPIC01: CryptoCB: Failed to get AES key,ret=%d" ,
@@ -401,10 +409,17 @@ int Tropic01_CryptoCb(int devId, wc_CryptoInfo* info, void* ctx)
401409 #ifdef HAVE_AES_CBC
402410 if (info -> cipher .type == WC_CIPHER_AES_CBC ) {
403411 word32 keyLen = info -> cipher .aescbc .aes -> keylen ;
412+ if (keyLen != AES_128_KEY_SIZE &&
413+ keyLen != AES_192_KEY_SIZE &&
414+ keyLen != AES_256_KEY_SIZE ) {
415+ WOLFSSL_MSG_EX (
416+ "TROPIC01: CryptoCB: invalid AES key length %u" , keyLen );
417+ return BAD_FUNC_ARG ;
418+ }
404419 ret = Tropic01_GetKeyAES (
405420 lt_key ,
406421 TROPIC01_AES_KEY_RMEM_SLOT ,
407- keyLen );
422+ TROPIC01_AES_MAX_KEY_SIZE );
408423 if (ret != 0 ) {
409424 WOLFSSL_MSG_EX (
410425 "TROPIC01: CryptoCB: Failed to get AES key,ret=%d" , ret );
0 commit comments