@@ -54,6 +54,11 @@ def test_aes_gcm(backend, wycheproof):
5454 msg = binascii .unhexlify (wycheproof .testcase ["msg" ])
5555 ct = binascii .unhexlify (wycheproof .testcase ["ct" ])
5656 tag = binascii .unhexlify (wycheproof .testcase ["tag" ])
57+ if len (iv ) < 8 or len (iv ) > 128 :
58+ pytest .skip (
59+ "Less than 64-bit IVs (and greater than 1024-bit) are no longer "
60+ "supported"
61+ )
5762 if backend ._fips_enabled and len (iv ) != 12 :
5863 # Red Hat disables non-96-bit IV support as part of its FIPS
5964 # patches.
@@ -73,9 +78,6 @@ def test_aes_gcm(backend, wycheproof):
7378 dec .authenticate_additional_data (aad )
7479 computed_msg = dec .update (ct ) + dec .finalize ()
7580 assert computed_msg == msg
76- elif len (iv ) == 0 :
77- with pytest .raises (ValueError ):
78- Cipher (algorithms .AES (key ), modes .GCM (iv ), backend )
7981 else :
8082 dec = Cipher (
8183 algorithms .AES (key ),
@@ -97,6 +99,12 @@ def test_aes_gcm_aead_api(backend, wycheproof):
9799 msg = binascii .unhexlify (wycheproof .testcase ["msg" ])
98100 ct = binascii .unhexlify (wycheproof .testcase ["ct" ])
99101 tag = binascii .unhexlify (wycheproof .testcase ["tag" ])
102+ if len (iv ) < 8 or len (iv ) > 128 :
103+ pytest .skip (
104+ "Less than 64-bit IVs (and greater than 1024-bit) are no longer "
105+ "supported"
106+ )
107+
100108 if backend ._fips_enabled and len (iv ) != 12 :
101109 # Red Hat disables non-96-bit IV support as part of its FIPS
102110 # patches.
@@ -107,9 +115,6 @@ def test_aes_gcm_aead_api(backend, wycheproof):
107115 assert computed_ct == ct + tag
108116 computed_msg = aesgcm .decrypt (iv , ct + tag , aad )
109117 assert computed_msg == msg
110- elif len (iv ) == 0 :
111- with pytest .raises (ValueError ):
112- aesgcm .encrypt (iv , msg , aad )
113118 else :
114119 with pytest .raises (InvalidTag ):
115120 aesgcm .decrypt (iv , ct + tag , aad )
0 commit comments