Module: kamailio
Branch: master
Commit: 35a3a38e2262426e9cea65961ad3c3c91c096aef
URL: 
https://github.com/kamailio/kamailio/commit/35a3a38e2262426e9cea65961ad3c3c91c096aef

Author: Daniel-Constantin Mierla <[email protected]>
Committer: Daniel-Constantin Mierla <[email protected]>
Date: 2026-06-19T12:17:40+02:00

crypto: check key data len for aes init

---

Modified: src/modules/crypto/crypto_aes.c

---

Diff:  
https://github.com/kamailio/kamailio/commit/35a3a38e2262426e9cea65961ad3c3c91c096aef.diff
Patch: 
https://github.com/kamailio/kamailio/commit/35a3a38e2262426e9cea65961ad3c3c91c096aef.patch

---

diff --git a/src/modules/crypto/crypto_aes.c b/src/modules/crypto/crypto_aes.c
index 8ae4ac29f21..a1925c2d133 100644
--- a/src/modules/crypto/crypto_aes.c
+++ b/src/modules/crypto/crypto_aes.c
@@ -107,6 +107,11 @@ int crypto_aes_init(unsigned char *key_data, int 
key_data_len,
                        LM_DBG("salt: %x\n", salt[x]);
                cipher = EVP_aes_256_cbc();
        } else {
+               if(key_data_len != 16 && key_data_len != 32) {
+                       LM_ERR("invalid raw AES key length %d - expected 16 or 
32 bytes\n",
+                                       key_data_len);
+                       return -1;
+               }
                cipher = (key_data_len == 16) ? EVP_aes_128_cbc() : 
EVP_aes_256_cbc();
                LM_DBG("got %d bytes key\n", key_data_len * 8);
                memcpy(key, key_data, key_data_len);
@@ -205,4 +210,4 @@ unsigned char *crypto_aes_decrypt(
 
        *len = p_len + f_len;
        return plaintext;
-}
\ No newline at end of file
+}

_______________________________________________
Kamailio - Development Mailing List -- [email protected]
To unsubscribe send an email to [email protected]
Important: keep the mailing list in the recipients, do not reply only to the 
sender!

Reply via email to