diff --git a/sys/crypto/modes/ocb.c b/sys/crypto/modes/ocb.c
index d7d0b6840e..e9dcf26a66 100644
--- a/sys/crypto/modes/ocb.c
+++ b/sys/crypto/modes/ocb.c
@@ -319,8 +319,7 @@ int32_t cipher_decrypt_ocb(cipher_t *cipher, uint8_t *auth_data,
                            uint8_t tag_len, uint8_t *nonce, size_t nonce_len,
                            uint8_t *input, size_t input_len, uint8_t *output)
 {
-
-    if (input_len - tag_len > INT32_MAX) {
+    if (input_len > (uint32_t)(INT32_MAX + tag_len)) {
         // We would not be able to return the proper output length for data this long
         return OCB_ERR_INVALID_DATA_LENGTH;
     }
diff --git a/tests/sys_crypto/Makefile b/tests/sys_crypto/Makefile
index 5cac356f5a..d8526a0330 100644
--- a/tests/sys_crypto/Makefile
+++ b/tests/sys_crypto/Makefile
@@ -1,26 +1,5 @@
 include ../Makefile.tests_common
 
-# Issue with integer width
-BOARD_BLACKLIST += arduino-duemilanove
-BOARD_BLACKLIST += arduino-leonardo
-BOARD_BLACKLIST += arduino-mega2560
-BOARD_BLACKLIST += arduino-nano
-BOARD_BLACKLIST += arduino-uno
-BOARD_BLACKLIST += atmega256rfr2-xpro
-BOARD_BLACKLIST += avr-rss2
-BOARD_BLACKLIST += atmega328p
-BOARD_BLACKLIST += atmega1284p
-BOARD_BLACKLIST += chronos
-BOARD_BLACKLIST += mega-xplained
-BOARD_BLACKLIST += microduino-corerf
-BOARD_BLACKLIST += msb-430
-BOARD_BLACKLIST += msb-430h
-BOARD_BLACKLIST += telosb
-BOARD_BLACKLIST += waspmote-pro
-BOARD_BLACKLIST += wsn430-v1_3b
-BOARD_BLACKLIST += wsn430-v1_4
-BOARD_BLACKLIST += z1
-
 USEMODULE += embunit
 
 USEMODULE += crypto
diff --git a/tests/sys_crypto/Makefile.ci b/tests/sys_crypto/Makefile.ci
index 08786ba109..447c6158a4 100644
--- a/tests/sys_crypto/Makefile.ci
+++ b/tests/sys_crypto/Makefile.ci
@@ -1,6 +1,14 @@
 BOARD_INSUFFICIENT_MEMORY := \
+    arduino-duemilanove \
+    arduino-leonardo \
+    arduino-mega2560 \
+    arduino-nano \
+    arduino-uno \
+    atmega328p \
+    chronos \
     nucleo-f031k6 \
     nucleo-f042k6 \
     nucleo-l031k6 \
     stm32f030f4-demo \
+    waspmote-pro \
     #
diff --git a/tests/sys_crypto/tests-crypto-modes-ccm.c b/tests/sys_crypto/tests-crypto-modes-ccm.c
index ac2096dc73..84f15a8f4e 100644
--- a/tests/sys_crypto/tests-crypto-modes-ccm.c
+++ b/tests/sys_crypto/tests-crypto-modes-ccm.c
@@ -1009,6 +1009,9 @@ static void test_crypto_modes_ccm_check_len(void)
 {
     int ret;
 
+/* Using length_encoding above UINT16_MAX doesn't work on 8/16 bit
+   architectures, SIZE_MAX is equal to UINT16_MAX there */
+#if SIZE_MAX > UINT16_MAX
     /* Just 1 to big to fit */
     ret = _test_ccm_len(cipher_encrypt_ccm, 2, NULL, 1 << 16, 0);
     TEST_ASSERT_EQUAL_INT(CCM_ERR_INVALID_LENGTH_ENCODING, ret);
@@ -1020,6 +1023,11 @@ static void test_crypto_modes_ccm_check_len(void)
     TEST_ASSERT_EQUAL_INT(CCM_ERR_INVALID_LENGTH_ENCODING, ret);
     ret = _test_ccm_len(cipher_decrypt_ccm, 2, NULL, 1 << 16, 65535);
     TEST_ASSERT_EQUAL_INT(CCM_ERR_INVALID_LENGTH_ENCODING, ret);
+#endif
+
+    /* Invalid length when length_encoding < 2 */
+    ret = _test_ccm_len(cipher_encrypt_ccm, 1, NULL, 8, 0);
+    TEST_ASSERT_EQUAL_INT(CCM_ERR_INVALID_LENGTH_ENCODING, ret);
 
     /* Valid length that were wrongly checked */
     /* Check should work with len_encoding >= 4, test with 8 */