Added new test case for corner case of iv length

Author: pmathew92

auth0/src/main/java/com/auth0/android/authentication/storage/CryptoUtil.java

@@ -469,8 +469,8 @@ public byte[] decrypt(byte[] encryptedInput) throws CryptoException, Incompatibl
      * @param encryptedInput the encrypted data to check
      * @return true if new format, false if legacy format
      */
-    @VisibleForTesting
-    private boolean isNewFormat(byte[] encryptedInput) {
+    @VisibleForTesting(otherwise = VisibleForTesting.PRIVATE)
+    boolean isNewFormat(byte[] encryptedInput) {
 
         // Boundary check
         if (encryptedInput == null || encryptedInput.length < 2) {

auth0/src/test/java/com/auth0/android/authentication/storage/CryptoUtilTest.java

@@ -1245,6 +1245,34 @@ public void shouldVerifyMinimumLengthRequirements() {
         assertThat(cryptoUtil.isNewFormat(tooShort16), is(false));
     }
 
+    @Test
+    public void shouldRejectInvalidIVLengthsInNewFormat() {
+        byte[] ivLength0 = new byte[19];
+        ivLength0[0] = 0x01;
+        ivLength0[1] = 0;
+        assertThat(cryptoUtil.isNewFormat(ivLength0), is(false));
+
+        byte[] ivLength13 = new byte[32];
+        ivLength13[0] = 0x01;
+        ivLength13[1] = 13;
+        assertThat(cryptoUtil.isNewFormat(ivLength13), is(false));
+
+        byte[] ivLength14 = new byte[33];
+        ivLength14[0] = 0x01;
+        ivLength14[1] = 14;
+        assertThat(cryptoUtil.isNewFormat(ivLength14), is(false));
+
+        byte[] ivLength15 = new byte[34];
+        ivLength15[0] = 0x01;
+        ivLength15[1] = 15;
+        assertThat(cryptoUtil.isNewFormat(ivLength15), is(false));
+
+        byte[] ivLength255 = new byte[274];
+        ivLength255[0] = 0x01;
+        ivLength255[1] = (byte) 255;   
+        assertThat(cryptoUtil.isNewFormat(ivLength255), is(false));
+    }
+
     /*
      * MIGRATION SCENARIO tests - Testing backward compatibility and format coexistence
      */