diff --git a/wolfcrypt/src/port/af_alg/afalg_aes.c b/wolfcrypt/src/port/af_alg/afalg_aes.c
index 9eecbf31a..5497549c9 100644
--- a/wolfcrypt/src/port/af_alg/afalg_aes.c
+++ b/wolfcrypt/src/port/af_alg/afalg_aes.c
@@ -538,8 +538,12 @@ int wc_AesGcmEncrypt(Aes* aes, byte* out, const byte* in, word32 sz,
         return BAD_FUNC_ARG;
     }
 
-    if (ivSz != WC_SYSTEM_AESGCM_IV || authTagSz > WOLFSSL_MAX_AUTH_TAG_SZ) {
-        WOLFSSL_MSG("IV/AAD size not supported on system");
+    if (ivSz != WC_SYSTEM_AESGCM_IV) {
+        WOLFSSL_MSG("IV size not supported on system");
+        return BAD_FUNC_ARG;
+    }
+    if (authTagSz > WOLFSSL_MAX_AUTH_TAG_SZ) {
+        WOLFSSL_MSG("Authentication tag size not supported on system");
         return BAD_FUNC_ARG;
     }
 
@@ -722,8 +726,12 @@ int wc_AesGcmDecrypt(Aes* aes, byte* out, const byte* in, word32 sz,
         return BAD_FUNC_ARG;
     }
 
-    if (ivSz != WC_SYSTEM_AESGCM_IV || authTagSz > WOLFSSL_MAX_AUTH_TAG_SZ) {
-        WOLFSSL_MSG("IV/AAD size not supported on system");
+    if (ivSz != WC_SYSTEM_AESGCM_IV) {
+        WOLFSSL_MSG("IV size not supported on system");
+        return BAD_FUNC_ARG;
+    }
+    if (authTagSz > WOLFSSL_MAX_AUTH_TAG_SZ) {
+        WOLFSSL_MSG("Authentication tag size not supported on system");
         return BAD_FUNC_ARG;
     }