also check iv length for GCM nonce in AEAD (#4350) * also check iv length for GCM nonce in AEAD * ugh

commit: db62ec9967d95e666eb6898766944d9e50532b2d [log] [tgz]
author: Paul Kehrer <paul.l.kehrer@gmail.com> Wed Jul 18 00:06:10 2018 +0800
committer: Alex Gaynor <alex.gaynor@gmail.com> Tue Jul 17 12:06:10 2018 -0400
tree: 9cf70453fad72b31c074d45e43d33298e2640166
parent: 12a1cacb6ae6de51a003dcc884e769854a1345a8 [diff]
diff --git a/src/cryptography/hazmat/primitives/ciphers/aead.py b/src/cryptography/hazmat/primitives/ciphers/aead.py
index 9794d76..e519765 100644
--- a/src/cryptography/hazmat/primitives/ciphers/aead.py
+++ b/src/cryptography/hazmat/primitives/ciphers/aead.py

@@ -184,3 +184,5 @@
         utils._check_bytes("nonce", nonce)
         utils._check_bytes("data", data)
         utils._check_bytes("associated_data", associated_data)
+        if len(nonce) == 0:
+            raise ValueError("Nonce must be at least 1 byte")

diff --git a/tests/hazmat/primitives/test_aead.py b/tests/hazmat/primitives/test_aead.py
index a0cc79e..5a51855 100644
--- a/tests/hazmat/primitives/test_aead.py
+++ b/tests/hazmat/primitives/test_aead.py

@@ -383,6 +383,12 @@
         with pytest.raises(TypeError):
             aesgcm.decrypt(nonce, data, associated_data)
 
+    def test_invalid_nonce_length(self, backend):
+        key = AESGCM.generate_key(128)
+        aesgcm = AESGCM(key)
+        with pytest.raises(ValueError):
+            aesgcm.encrypt(b"", b"hi", None)
+
     def test_bad_key(self, backend):
         with pytest.raises(TypeError):
             AESGCM(object())
commit	db62ec9967d95e666eb6898766944d9e50532b2d	[log] [tgz]
author	Paul Kehrer <paul.l.kehrer@gmail.com>	Wed Jul 18 00:06:10 2018 +0800
committer	Alex Gaynor <alex.gaynor@gmail.com>	Tue Jul 17 12:06:10 2018 -0400
tree	9cf70453fad72b31c074d45e43d33298e2640166
parent	12a1cacb6ae6de51a003dcc884e769854a1345a8 [diff]