From 44755e3090b99e37f92d276d152035cf00b34754 Mon Sep 17 00:00:00 2001
From: John Safranek <john@wolfssl.com>
Date: Wed, 17 Jun 2026 15:18:46 -0700
Subject: [PATCH] Init AES contexts in SshInit

The encrypt/decrypt Aes contexts were only zeroed by the struct-wide
WMEMSET, then passed to wc_AesSetKey/wc_AesGcmSetKey and freed with
wc_AesFree without ever calling wc_AesInit. Add calls to wc_AesInit.
---
 src/internal.c | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/src/internal.c b/src/internal.c
index 744536993..075bfe2d6 100644
--- a/src/internal.c
+++ b/src/internal.c
@@ -1321,6 +1321,14 @@ WOLFSSH* SshInit(WOLFSSH* ssh, WOLFSSH_CTX* ctx)
 
     ssh->keyingCompletionCtx = (void*)ssh;
 
+    if (wc_AesInit(&ssh->encryptCipher.aes, heap, INVALID_DEVID) != 0 ||
+        wc_AesInit(&ssh->decryptCipher.aes, heap, INVALID_DEVID) != 0) {
+
+        WLOG(WS_LOG_DEBUG, "SshInit: Cannot initialize ciphers.\n");
+        wolfSSH_free(ssh);
+        return NULL;
+    }
+
     if (BufferInit(&ssh->inputBuffer, 0, ctx->heap) != WS_SUCCESS  ||
         BufferInit(&ssh->outputBuffer, 0, ctx->heap) != WS_SUCCESS ||
         BufferInit(&ssh->extDataBuffer, 0, ctx->heap) != WS_SUCCESS) {