Validate tag in AEAD decryption when the plaintext is empty

Sources/CryptoSwift/BlockDecryptor.swift

@@ -66,6 +66,10 @@ public class BlockDecryptor: Cryptor, Updatable {
     accumulated.removeFirst(processedBytesCount) // super-slow
 
     if isLast {
+      if accumulatedWithoutSuffix.isEmpty, var finalizingWorker = worker as? FinalizingDecryptModeWorker {
+        try finalizingWorker.willDecryptLast(bytes: self.accumulated.suffix(self.worker.additionalBufferSize))
+        plaintext = Array(try finalizingWorker.didDecryptLast(bytes: plaintext.slice))
+      }
       plaintext = self.padding.remove(from: plaintext, blockSize: self.blockSize)
     }
 

Tests/CryptoSwiftTests/AESOCBTests.swift

@@ -133,9 +133,6 @@ final class OCBTests: XCTestCase {
     }
 
     func testInvalidTag(fixture: TestFixture) -> Bool {
-      if fixture.P.isEmpty {
-        return true // TODO: solve the verification with empty plaintext
-      }
       let ocb = OCB(nonce: fixture.N, additionalAuthenticatedData: fixture.A, mode: .combined)
       let aes = try! AES(key: K, blockMode: ocb, padding: .noPadding)
       var C_ = fixture.C.slice