diff --git a/include/crypto/aes.h b/include/crypto/aes.h index 8e0f4cf948e5..2090729701ab 100644 --- a/include/crypto/aes.h +++ b/include/crypto/aes.h @@ -31,6 +31,23 @@ struct crypto_aes_ctx { extern const u32 crypto_ft_tab[4][256] ____cacheline_aligned; extern const u32 crypto_it_tab[4][256] ____cacheline_aligned; +/* + * validate key length for AES algorithms + */ +static inline int aes_check_keylen(unsigned int keylen) +{ + switch (keylen) { + case AES_KEYSIZE_128: + case AES_KEYSIZE_192: + case AES_KEYSIZE_256: + break; + default: + return -EINVAL; + } + + return 0; +} + int crypto_aes_set_key(struct crypto_tfm *tfm, const u8 *in_key, unsigned int key_len); diff --git a/lib/crypto/aes.c b/lib/crypto/aes.c index 4e100af38c51..827fe89922ff 100644 --- a/lib/crypto/aes.c +++ b/lib/crypto/aes.c @@ -187,11 +187,11 @@ int aes_expandkey(struct crypto_aes_ctx *ctx, const u8 *in_key, { u32 kwords = key_len / sizeof(u32); u32 rc, i, j; + int err; - if (key_len != AES_KEYSIZE_128 && - key_len != AES_KEYSIZE_192 && - key_len != AES_KEYSIZE_256) - return -EINVAL; + err = aes_check_keylen(key_len); + if (err) + return err; ctx->key_length = key_len;