From db62ec9967d95e666eb6898766944d9e50532b2d Mon Sep 17 00:00:00 2001
From: Paul Kehrer <paul.l.kehrer@gmail.com>
Date: Wed, 18 Jul 2018 00:06:10 +0800
Subject: also check iv length for GCM nonce in AEAD (#4350)

* also check iv length for GCM nonce in AEAD

* ugh
---
 src/cryptography/hazmat/primitives/ciphers/aead.py | 2 ++
 1 file changed, 2 insertions(+)

(limited to 'src')

diff --git a/src/cryptography/hazmat/primitives/ciphers/aead.py b/src/cryptography/hazmat/primitives/ciphers/aead.py
index 9794d768..e5197653 100644
--- a/src/cryptography/hazmat/primitives/ciphers/aead.py
+++ b/src/cryptography/hazmat/primitives/ciphers/aead.py
@@ -184,3 +184,5 @@ class AESGCM(object):
         utils._check_bytes("nonce", nonce)
         utils._check_bytes("data", data)
         utils._check_bytes("associated_data", associated_data)
+        if len(nonce) == 0:
+            raise ValueError("Nonce must be at least 1 byte")
-- 
cgit v1.2.3