Document that the returned size by gnutls_cipher_get_iv_size() might not be the correct size for the nonce
In case of AES-CCM 12 is returned, which is in most cases wrong.
The RFC states:
- A nonce N of 15-L octets. Within the scope of any encryption key K, the nonce value MUST be unique. That is, the set of nonce values used with any given key MUST NOT contain any duplicate values. Using the same nonce for two different messages encrypted with the same key destroys the security properties of this mode.
Valid values of L range between 2 octets and 8 octets (the value L=1 is reserved).
So the documentation of the function should tell the user to check the RFC and implementation if the size is fixed or needs to be calculated differently!