Rijndael, AES: adjustments to what key sizes are and aren't allowed

phpseclib/Crypt/AES.php

@@ -152,4 +152,56 @@ class Crypt_AES extends Crypt_Rijndael
     {
         return;
     }
+
+    /**
+     * Sets the key length
+     *
+     * Valid key lengths are 128, 192, and 256.  If the length is less than 128, it will be rounded up to
+     * 128.  If the length is greater than 128 and invalid, it will be rounded down to the closest valid amount.
+     *
+     * @see Crypt_Rijndael:setKeyLength()
+     * @access public
+     * @param Integer $length
+     */
+    function setKeyLength($length)
+    {
+        switch ($length) {
+            case 160:
+                $length = 192;
+                break;
+            case 224:
+                $length = 256;
+        }
+        parent::setKeyLength($length);
+    }
+
+    /**
+     * Sets the key.
+     *
+     * Rijndael supports 5x different key lengths, AES only supports 3x different key lengths.
+     *
+     * @see Crypt_Rijndael:setKey()
+     * @see setKeyLength()
+     * @access public
+     * @param String $key
+     */
+    function setKey($key)
+    {
+        parent::setKey($key);
+
+        if (!$this->explicit_key_length) {
+            $length = strlen($key);
+            switch (true) {
+                case $length <= 16:
+                    $this->key_size = 16;
+                    break;
+                case $length <= 24:
+                    $this->key_size = 24;
+                    break;
+                default:
+                    $this->key_size = 32;
+            }
+            $this->_setupEngine();
+        }
+    }
 }

phpseclib/Crypt/Rijndael.php

@@ -702,9 +702,15 @@ class Crypt_Rijndael extends Crypt_Base
                 case $length <= 16:
                     $this->key_size = 16;
                     break;
+                case $length <= 20:
+                    $this->key_size = 20;
+                    break;
                 case $length <= 24:
                     $this->key_size = 24;
                     break;
+                case $length <= 28:
+                    $this->key_size = 28;
+                    break;
                 default:
                     $this->key_size = 32;
             }