{
public:
static const size_t DEFAULT_AES_IV_LEN = 16; // max acceptable size of IV
+ static const size_t DEFAULT_AES_GCM_IV_LEN = 12; // default size of IV in GCM mode
static const int DEFAULT_AES_GCM_TAG_LEN_BYTES = 16; // length of AES GCM tag
static const int DEFAULT_AES_GCM_TAG_LEN_BITS = DEFAULT_AES_GCM_TAG_LEN_BYTES * 8;
static const int DERIVED_KEY_LENGTH = 16; // length of AES key derived from password in bytes
// wrong iv
auto wrongIv = iv;
- wrongIv[0] ^= 0x1;
+ wrongIv[iv.size() - 1] ^= 0x1;
ca2.setParam(ParamName::ED_IV, wrongIv);
BOOST_REQUIRE_THROW(key->decrypt(ca2, encrypted), Exc::Crypto::InputParam);
+
+ // shortened iv
+ auto shortenedIv = iv;
+ static_assert(Params::DEFAULT_AES_GCM_IV_LEN < Params::DEFAULT_AES_IV_LEN);
+ shortenedIv.resize(Params::DEFAULT_AES_GCM_IV_LEN);
+ ca2.setParam(ParamName::ED_IV, shortenedIv);
+ BOOST_REQUIRE_THROW(key->decrypt(ca2, encrypted), Exc::Crypto::InputParam);
+
ca2.setParam(ParamName::ED_IV, iv);
// wrong ciphertext