From 5452160ca800e7c2bbc40e144cf54a7ca9edcced Mon Sep 17 00:00:00 2001
From: Wu Tingfeng <wutingfeng@outlook.com>
Date: Wed, 22 Apr 2026 17:30:10 +0800
Subject: [PATCH] Change IV validation to require exactly 16 bytes for AES CBC
 mode

---
 lib/src/algorithms/aes_modes/cbc.dart | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/lib/src/algorithms/aes_modes/cbc.dart b/lib/src/algorithms/aes_modes/cbc.dart
index 8713894..21d012a 100644
--- a/lib/src/algorithms/aes_modes/cbc.dart
+++ b/lib/src/algorithms/aes_modes/cbc.dart
@@ -227,8 +227,8 @@ class AESInCBCMode extends CollateCipher with SaltedCipher {
     Padding padding = Padding.pkcs7,
   }) {
     iv ??= randomBytes(16);
-    if (iv.length < 16) {
-      throw StateError('IV must be at least 16-bytes');
+    if (iv.length != 16) {
+      throw StateError('IV must be exactly 16-bytes');
     }
     final iv8 = toUint8List(iv);
     final key8 = toUint8List(key);