Verify the tag len for GCM

author: Alex Gaynor <alex.gaynor@gmail.com> 2014-01-12 14:25:49 -0800
committer: Alex Gaynor <alex.gaynor@gmail.com> 2014-01-12 14:25:49 -0800
commit: 007e5e11d761a9d05adf7f074c8fdda427c38b10 (patch)
tree: e95ecbbf787fd990e543fbbcc63b68ce7ea50aa6 /docs/hazmat
parent: 64209e1303481488925bb39bcc63feb186d643f6 (diff)
download: cryptography-007e5e11d761a9d05adf7f074c8fdda427c38b10.tar.gz
cryptography-007e5e11d761a9d05adf7f074c8fdda427c38b10.tar.bz2
cryptography-007e5e11d761a9d05adf7f074c8fdda427c38b10.zip
1 files changed, 5 insertions, 0 deletions
diff --git a/docs/hazmat/primitives/symmetric-encryption.rst b/docs/hazmat/primitives/symmetric-encryption.rst
index 83165690..7d954046 100644
--- a/docs/hazmat/primitives/symmetric-encryption.rst
+++ b/docs/hazmat/primitives/symmetric-encryption.rst
@@ -324,6 +324,11 @@ Modes
             return (iv, ciphertext, encryptor.tag)
 
         def decrypt(key, associated_data, iv, ciphertext, tag):
+            if len(tag) != 16:
+                raise ValueError(
+                    "tag must be 16 bytes -- truncation not supported"
+                )
+
             # Construct a Cipher object, with the key, iv, and additionally the
             # GCM tag used for authenticating the message.
             decryptor = Cipher(
author	Alex Gaynor <alex.gaynor@gmail.com>	2014-01-12 14:25:49 -0800
committer	Alex Gaynor <alex.gaynor@gmail.com>	2014-01-12 14:25:49 -0800
commit	007e5e11d761a9d05adf7f074c8fdda427c38b10 (patch)
tree	e95ecbbf787fd990e543fbbcc63b68ce7ea50aa6 /docs/hazmat
parent	64209e1303481488925bb39bcc63feb186d643f6 (diff)
download	cryptography-007e5e11d761a9d05adf7f074c8fdda427c38b10.tar.gz cryptography-007e5e11d761a9d05adf7f074c8fdda427c38b10.tar.bz2 cryptography-007e5e11d761a9d05adf7f074c8fdda427c38b10.zip