invalidtag exception for gcm

This exception is probably not safe. It depends on the assumption that
if ERR_get_error returns a 0 then it is an AEAD tag error.

2 files changed, 7 insertions, 2 deletions

diff --git a/cryptography/exceptions.py b/cryptography/exceptions.py
index d56db214..e9d88199 100644
--- a/cryptography/exceptions.py
+++ b/cryptography/exceptions.py
@@ -26,3 +26,7 @@ class AlreadyUpdated(Exception):
 
 class NotYetFinalized(Exception):
     pass
+
+
+class InvalidTag(Exception):
+    pass
diff --git a/cryptography/hazmat/bindings/openssl/backend.py b/cryptography/hazmat/bindings/openssl/backend.py
index fdb67628..527706bc 100644
--- a/cryptography/hazmat/bindings/openssl/backend.py
+++ b/cryptography/hazmat/bindings/openssl/backend.py
@@ -19,7 +19,7 @@ import sys
 import cffi
 
 from cryptography import utils
-from cryptography.exceptions import UnsupportedAlgorithm
+from cryptography.exceptions import UnsupportedAlgorithm, InvalidTag
 from cryptography.hazmat.bindings.interfaces import (
     CipherBackend, HashBackend, HMACBackend
 )
@@ -200,7 +200,8 @@ class Backend(object):
 
     def _handle_error(self):
         code = self.lib.ERR_get_error()
-        assert code != 0
+        if not code:
+            raise InvalidTag
         lib = self.lib.ERR_GET_LIB(code)
         func = self.lib.ERR_GET_FUNC(code)
         reason = self.lib.ERR_GET_REASON(code)