diff --git a/crypto/mbedtls/source/cmac_alt.c b/crypto/mbedtls/source/cmac_alt.c
index a72ef94b02b..c17d4ebdc89 100644
--- a/crypto/mbedtls/source/cmac_alt.c
+++ b/crypto/mbedtls/source/cmac_alt.c
@@ -107,7 +107,12 @@ int mbedtls_cipher_cmac_update(FAR mbedtls_cipher_context_t *ctx,
   ctx->cmac_ctx->dev.crypt.flags |= COP_FLAG_UPDATE;
   ctx->cmac_ctx->dev.crypt.src = (caddr_t)input;
   ctx->cmac_ctx->dev.crypt.len = ilen;
-  return cryptodev_crypt(&ctx->cmac_ctx->dev);
+  if (cryptodev_crypt(&ctx->cmac_ctx->dev) != 0)
+    {
+      return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA;
+    }
+
+  return 0;
 }
 
 int mbedtls_cipher_cmac_finish(FAR mbedtls_cipher_context_t *ctx,
@@ -123,6 +128,11 @@ int mbedtls_cipher_cmac_finish(FAR mbedtls_cipher_context_t *ctx,
   ctx->cmac_ctx->dev.crypt.flags = 0;
   ctx->cmac_ctx->dev.crypt.mac = (caddr_t)output;
   ret = cryptodev_crypt(&ctx->cmac_ctx->dev);
+  if (ret != 0)
+    {
+      ret = MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA;
+    }
+
   cryptodev_free_session(&ctx->cmac_ctx->dev);
   cryptodev_free(&ctx->cmac_ctx->dev);
   return ret;
diff --git a/crypto/mbedtls/source/poly1305_alt.c b/crypto/mbedtls/source/poly1305_alt.c
index 7c0e8110f66..0df9ddf3ea9 100644
--- a/crypto/mbedtls/source/poly1305_alt.c
+++ b/crypto/mbedtls/source/poly1305_alt.c
@@ -46,7 +46,12 @@ int mbedtls_poly1305_starts(FAR mbedtls_poly1305_context *ctx,
   ctx->session.mac = CRYPTO_POLY1305;
   ctx->session.mackey = (caddr_t)key;
   ctx->session.mackeylen = 32;
-  return cryptodev_get_session(ctx);
+  if (cryptodev_get_session(ctx) != 0)
+    {
+      return MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA;
+    }
+
+  return 0;
 }
 
 int mbedtls_poly1305_update(FAR mbedtls_poly1305_context *ctx,
@@ -57,7 +62,12 @@ int mbedtls_poly1305_update(FAR mbedtls_poly1305_context *ctx,
   ctx->crypt.flags |= COP_FLAG_UPDATE;
   ctx->crypt.src = (caddr_t)input;
   ctx->crypt.len = ilen;
-  return cryptodev_crypt(ctx);
+  if (cryptodev_crypt(ctx) != 0)
+    {
+      return MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA;
+    }
+
+  return 0;
 }
 
 int mbedtls_poly1305_finish(FAR mbedtls_poly1305_context *ctx,
@@ -69,6 +79,11 @@ int mbedtls_poly1305_finish(FAR mbedtls_poly1305_context *ctx,
   ctx->crypt.flags = 0;
   ctx->crypt.mac = (caddr_t)mac;
   ret = cryptodev_crypt(ctx);
+  if (ret != 0)
+    {
+      ret = MBEDTLS_ERR_POLY1305_BAD_INPUT_DATA;
+    }
+
   cryptodev_free_session(ctx);
   return ret;
 }
diff --git a/crypto/mbedtls/source/sha1_alt.c b/crypto/mbedtls/source/sha1_alt.c
index 8c3e6b353db..04e7c511a84 100644
--- a/crypto/mbedtls/source/sha1_alt.c
+++ b/crypto/mbedtls/source/sha1_alt.c
@@ -48,7 +48,12 @@ void mbedtls_sha1_free(FAR mbedtls_sha1_context *ctx)
 int mbedtls_sha1_starts(FAR mbedtls_sha1_context *ctx)
 {
   ctx->session.mac = CRYPTO_SHA1;
-  return cryptodev_get_session(ctx);
+  if (cryptodev_get_session(ctx) != 0)
+    {
+      return MBEDTLS_ERR_SHA1_BAD_INPUT_DATA;
+    }
+
+  return 0;
 }
 
 int mbedtls_sha1_update(FAR mbedtls_sha1_context *ctx,
@@ -59,7 +64,12 @@ int mbedtls_sha1_update(FAR mbedtls_sha1_context *ctx,
   ctx->crypt.flags |= COP_FLAG_UPDATE;
   ctx->crypt.src = (caddr_t)input;
   ctx->crypt.len = ilen;
-  return cryptodev_crypt(ctx);
+  if (cryptodev_crypt(ctx) != 0)
+    {
+      return MBEDTLS_ERR_SHA1_BAD_INPUT_DATA;
+    }
+
+  return 0;
 }
 
 int mbedtls_sha1_finish(FAR mbedtls_sha1_context *ctx,
@@ -71,6 +81,11 @@ int mbedtls_sha1_finish(FAR mbedtls_sha1_context *ctx,
   ctx->crypt.flags = 0;
   ctx->crypt.mac = (caddr_t)output;
   ret = cryptodev_crypt(ctx);
+  if (ret != 0)
+    {
+      ret = MBEDTLS_ERR_SHA1_BAD_INPUT_DATA;
+    }
+
   cryptodev_free_session(ctx);
   return ret;
 }
diff --git a/crypto/mbedtls/source/sha256_alt.c b/crypto/mbedtls/source/sha256_alt.c
index 7b716acb869..4de03a342ca 100644
--- a/crypto/mbedtls/source/sha256_alt.c
+++ b/crypto/mbedtls/source/sha256_alt.c
@@ -47,6 +47,11 @@ void mbedtls_sha256_free(FAR mbedtls_sha256_context *ctx)
 
 int mbedtls_sha256_starts(FAR mbedtls_sha256_context *ctx, int is224)
 {
+  if (is224 != 0 && is224 != 1)
+    {
+      return MBEDTLS_ERR_SHA256_BAD_INPUT_DATA;
+    }
+
   if (is224)
     {
       ctx->session.mac = CRYPTO_SHA2_224;
@@ -56,7 +61,12 @@ int mbedtls_sha256_starts(FAR mbedtls_sha256_context *ctx, int is224)
       ctx->session.mac = CRYPTO_SHA2_256;
     }
 
-  return cryptodev_get_session(ctx);
+  if (cryptodev_get_session(ctx) != 0)
+    {
+      return MBEDTLS_ERR_SHA256_BAD_INPUT_DATA;
+    }
+
+  return 0;
 }
 
 int mbedtls_sha256_update(FAR mbedtls_sha256_context *ctx,
@@ -67,7 +77,12 @@ int mbedtls_sha256_update(FAR mbedtls_sha256_context *ctx,
   ctx->crypt.flags |= COP_FLAG_UPDATE;
   ctx->crypt.src = (caddr_t)input;
   ctx->crypt.len = ilen;
-  return cryptodev_crypt(ctx);
+  if (cryptodev_crypt(ctx) != 0)
+    {
+      return MBEDTLS_ERR_SHA256_BAD_INPUT_DATA;
+    }
+
+  return 0;
 }
 
 int mbedtls_sha256_finish(FAR mbedtls_sha256_context *ctx,
@@ -79,6 +94,11 @@ int mbedtls_sha256_finish(FAR mbedtls_sha256_context *ctx,
   ctx->crypt.flags = 0;
   ctx->crypt.mac = (caddr_t)output;
   ret = cryptodev_crypt(ctx);
+  if (ret != 0)
+    {
+      ret = MBEDTLS_ERR_SHA256_BAD_INPUT_DATA;
+    }
+
   cryptodev_free_session(ctx);
   return ret;
 }
diff --git a/crypto/mbedtls/source/sha512_alt.c b/crypto/mbedtls/source/sha512_alt.c
index 2793b8426c1..4fb3ed85095 100644
--- a/crypto/mbedtls/source/sha512_alt.c
+++ b/crypto/mbedtls/source/sha512_alt.c
@@ -47,6 +47,11 @@ void mbedtls_sha512_free(FAR mbedtls_sha512_context *ctx)
 
 int mbedtls_sha512_starts(FAR mbedtls_sha512_context *ctx, int is384)
 {
+  if (is384 != 0 && is384 != 1)
+    {
+      return MBEDTLS_ERR_SHA512_BAD_INPUT_DATA;
+    }
+
   if (is384)
     {
       ctx->session.mac = CRYPTO_SHA2_384;
@@ -56,7 +61,12 @@ int mbedtls_sha512_starts(FAR mbedtls_sha512_context *ctx, int is384)
       ctx->session.mac = CRYPTO_SHA2_512;
     }
 
-  return cryptodev_get_session(ctx);
+  if (cryptodev_get_session(ctx) != 0)
+    {
+      return MBEDTLS_ERR_SHA512_BAD_INPUT_DATA;
+    }
+
+  return 0;
 }
 
 int mbedtls_sha512_update(FAR mbedtls_sha512_context *ctx,
@@ -67,7 +77,12 @@ int mbedtls_sha512_update(FAR mbedtls_sha512_context *ctx,
   ctx->crypt.flags |= COP_FLAG_UPDATE;
   ctx->crypt.src = (caddr_t)input;
   ctx->crypt.len = ilen;
-  return cryptodev_crypt(ctx);
+  if (cryptodev_crypt(ctx) != 0)
+    {
+      return MBEDTLS_ERR_SHA512_BAD_INPUT_DATA;
+    }
+
+  return 0;
 }
 
 int mbedtls_sha512_finish(FAR mbedtls_sha512_context *ctx,
@@ -79,6 +94,11 @@ int mbedtls_sha512_finish(FAR mbedtls_sha512_context *ctx,
   ctx->crypt.flags = 0;
   ctx->crypt.mac = (caddr_t)output;
   ret = cryptodev_crypt(ctx);
+  if (ret != 0)
+    {
+      ret = MBEDTLS_ERR_SHA512_BAD_INPUT_DATA;
+    }
+
   cryptodev_free_session(ctx);
   return ret;
 }