From db62ec9967d95e666eb6898766944d9e50532b2d Mon Sep 17 00:00:00 2001
From: Paul Kehrer <paul.l.kehrer@gmail.com>
Date: Wed, 18 Jul 2018 00:06:10 +0800
Subject: also check iv length for GCM nonce in AEAD (#4350)

* also check iv length for GCM nonce in AEAD

* ugh
---
 src/cryptography/hazmat/primitives/ciphers/aead.py | 2 ++
 tests/hazmat/primitives/test_aead.py               | 6 ++++++
 2 files changed, 8 insertions(+)

diff --git a/src/cryptography/hazmat/primitives/ciphers/aead.py b/src/cryptography/hazmat/primitives/ciphers/aead.py
index 9794d768..e5197653 100644
--- a/src/cryptography/hazmat/primitives/ciphers/aead.py
+++ b/src/cryptography/hazmat/primitives/ciphers/aead.py
@@ -184,3 +184,5 @@ class AESGCM(object):
         utils._check_bytes("nonce", nonce)
         utils._check_bytes("data", data)
         utils._check_bytes("associated_data", associated_data)
+        if len(nonce) == 0:
+            raise ValueError("Nonce must be at least 1 byte")
diff --git a/tests/hazmat/primitives/test_aead.py b/tests/hazmat/primitives/test_aead.py
index a0cc79e1..5a518558 100644
--- a/tests/hazmat/primitives/test_aead.py
+++ b/tests/hazmat/primitives/test_aead.py
@@ -383,6 +383,12 @@ class TestAESGCM(object):
         with pytest.raises(TypeError):
             aesgcm.decrypt(nonce, data, associated_data)
 
+    def test_invalid_nonce_length(self, backend):
+        key = AESGCM.generate_key(128)
+        aesgcm = AESGCM(key)
+        with pytest.raises(ValueError):
+            aesgcm.encrypt(b"", b"hi", None)
+
     def test_bad_key(self, backend):
         with pytest.raises(TypeError):
             AESGCM(object())
-- 
cgit v1.2.3