From a94775925595bf21c849af6eca1a833e51d12e4e Mon Sep 17 00:00:00 2001 From: Alex Gaynor Date: Mon, 30 Jun 2014 10:03:22 -0700 Subject: Simplify code and add test --- cryptography/hazmat/primitives/ciphers/modes.py | 2 ++ tests/hazmat/primitives/test_aes.py | 4 ++-- tests/hazmat/primitives/utils.py | 3 +++ 3 files changed, 7 insertions(+), 2 deletions(-) diff --git a/cryptography/hazmat/primitives/ciphers/modes.py b/cryptography/hazmat/primitives/ciphers/modes.py index f09478fc..509b4de2 100644 --- a/cryptography/hazmat/primitives/ciphers/modes.py +++ b/cryptography/hazmat/primitives/ciphers/modes.py @@ -101,6 +101,8 @@ class GCM(object): # len(initialization_vector) must in [1, 2 ** 64), but it's impossible # to actually construct a bytes object that large, so we don't check # for it + if min_tag_length < 4: + raise ValueError("min_tag_length must be >= 4") if tag is not None and len(tag) < min_tag_length: raise ValueError( "Authentication tag must be {0} bytes or longer.".format( diff --git a/tests/hazmat/primitives/test_aes.py b/tests/hazmat/primitives/test_aes.py index 003b3ba0..5bde7d3c 100644 --- a/tests/hazmat/primitives/test_aes.py +++ b/tests/hazmat/primitives/test_aes.py @@ -225,6 +225,6 @@ class TestAESModeGCM(object): "gcmEncryptExtIV192.rsp", "gcmEncryptExtIV256.rsp", ], - lambda key: algorithms.AES(key), - lambda iv, tag, min_tag_length=16: modes.GCM(iv, tag, min_tag_length), + algorithms.AES, + modes.GCM, ) diff --git a/tests/hazmat/primitives/utils.py b/tests/hazmat/primitives/utils.py index 4640c2ea..6428b03e 100644 --- a/tests/hazmat/primitives/utils.py +++ b/tests/hazmat/primitives/utils.py @@ -311,6 +311,9 @@ def aead_tag_exception_test(backend, cipher_factory, mode_factory): with pytest.raises(ValueError): mode_factory(binascii.unhexlify(b"0" * 24), b"000") + with pytest.raises(ValueError): + mode_factory(binascii.unhexlify(b"0" * 24), b"000000", 2) + cipher = Cipher( cipher_factory(binascii.unhexlify(b"0" * 32)), mode_factory(binascii.unhexlify(b"0" * 24), b"0" * 16), -- cgit v1.2.3