Add tests for disable-encryption

Not-Nik · Not-Nik · commit b692d6819523 · 2026-04-21T10:58:52.000+02:00
diff --git a/src/aead.rs b/src/aead.rs
@@ -361,6 +361,95 @@ mod recprot {
             write!(f, "[NULL AEAD]")
         }
     }
+
+    #[cfg(test)]
+    #[cfg_attr(coverage_nightly, coverage(off))]
+    mod tests {
+        use super::{AEAD_NULL_TAG, RecordProtection};
+
+        fn aead() -> RecordProtection {
+            RecordProtection {}
+        }
+
+        #[test]
+        fn expansion() {
+            assert_eq!(aead().expansion(), AEAD_NULL_TAG.len());
+        }
+
+        #[test]
+        fn debug() {
+            assert_eq!(format!("{:?}", aead()), "[NULL AEAD]");
+        }
+
+        #[test]
+        fn encrypt_decrypt_roundtrip() {
+            let a = aead();
+            let plaintext = b"hello world";
+            let mut out = vec![0u8; plaintext.len() + a.expansion()];
+            let encrypted = a.encrypt(0, b"aad", plaintext, &mut out).unwrap();
+            assert_eq!(encrypted.len(), plaintext.len() + a.expansion());
+            assert_eq!(&encrypted[..plaintext.len()], plaintext);
+            assert_eq!(&encrypted[plaintext.len()..], AEAD_NULL_TAG);
+
+            let mut dec_out = vec![0u8; plaintext.len()];
+            let decrypted = a.decrypt(0, b"aad", encrypted, &mut dec_out).unwrap();
+            assert_eq!(decrypted, plaintext);
+        }
+
+        #[test]
+        fn encrypt_in_place_roundtrip() {
+            let a = aead();
+            let plaintext = b"hello";
+            let mut buf = plaintext.to_vec();
+            buf.resize(plaintext.len() + a.expansion(), 0);
+            let len = a.encrypt_in_place(0, b"", &mut buf).unwrap();
+            assert_eq!(len, buf.len());
+            assert_eq!(&buf[plaintext.len()..], AEAD_NULL_TAG);
+
+            let dec_len = a.decrypt_in_place(0, b"", &mut buf).unwrap();
+            assert_eq!(dec_len, plaintext.len());
+            assert_eq!(&buf[..dec_len], plaintext);
+        }
+
+        #[test]
+        fn decrypt_empty_plaintext() {
+            // Zero-length plaintext (just the tag) is valid.
+            let a = aead();
+            let mut out = vec![0u8; a.expansion()];
+            a.encrypt(0, b"", b"", &mut out).unwrap();
+            let mut dec = vec![];
+            let res = a.decrypt(0, b"", &out, &mut dec).unwrap();
+            assert_eq!(res, b"");
+        }
+
+        #[test]
+        fn decrypt_fails_too_short() {
+            let a = aead();
+            let short = &AEAD_NULL_TAG[..a.expansion() - 1];
+            assert!(a.decrypt(0, b"", short, &mut []).is_err());
+        }
+
+        #[test]
+        fn decrypt_fails_bad_tag() {
+            let a = aead();
+            let plaintext = b"test";
+            let mut buf = vec![0u8; plaintext.len() + a.expansion()];
+            a.encrypt(0, b"", plaintext, &mut buf).unwrap();
+            // Corrupt the tag.
+            let tag_start = plaintext.len();
+            buf[tag_start] ^= 0xff;
+            assert!(a.decrypt(0, b"", &buf, &mut []).is_err());
+        }
+
+        #[test]
+        fn decrypt_rejects_all_zero_data_bytes() {
+            // All-zero plaintext with correct tag should fail (looks like padding).
+            let a = aead();
+            let mut buf = vec![0u8; 4 + a.expansion()];
+            buf[4..].copy_from_slice(AEAD_NULL_TAG);
+            assert!(a.decrypt(0, b"", &buf, &mut []).is_err());
+        }
+    }
 }
 
 /// All the nonces are the same length.  Exploit that.
