🧪 [testing improvement] Add tests for decrypt_handoff_blob

src/api/rest_tests.rs

@@ -1,7 +1,14 @@
-use super::key_bytes_from_string;
+use super::{decrypt_handoff_blob, key_bytes_from_string};
 use base64::engine::general_purpose::{STANDARD, URL_SAFE_NO_PAD};
 use base64::Engine;
 
+// We need these for internal encryption in tests to ensure fixtures match the implementation
+use aes_gcm::aead::generic_array::typenum::U16;
+use aes_gcm::aead::{Aead, KeyInit};
+use aes_gcm::aes::Aes256;
+use aes_gcm::AesGcm;
+type Aes256Gcm16 = AesGcm<Aes256, U16>;
+
 #[test]
 fn decodes_base64url_no_pad() {
     // A 32-byte key that, when base64url-encoded, contains both `-` and `_`.
@@ -45,3 +52,114 @@
     let err = key_bytes_from_string("tooshort").unwrap_err();
     assert!(err.to_string().contains("must decode to 32 raw bytes"));
 }
+
+#[test]
+fn decrypts_valid_blob() {
+    let key_bytes = [0x42u8; 32];
+    let iv_bytes = [0x24u8; 16];
+    let plain = "hello world";
+
+    let cipher = Aes256Gcm16::new_from_slice(&key_bytes).unwrap();
+    let nonce = aes_gcm::aead::generic_array::GenericArray::from_slice(&iv_bytes);
+    let encrypted = cipher.encrypt(nonce, plain.as_bytes()).unwrap();
+    let (ciphertext, tag) = encrypted.split_at(encrypted.len() - 16);
+
+    let mut combined = Vec::new();
+    combined.extend_from_slice(&iv_bytes);
+    combined.extend_from_slice(tag);
+    combined.extend_from_slice(ciphertext);
+
+    let b64 = STANDARD.encode(combined);
+    let key_str = STANDARD.encode(key_bytes);
+
+    let decrypted = decrypt_handoff_blob(&b64, &key_str).unwrap();
+    assert_eq!(decrypted, plain);
+}
+
+#[test]
+fn decrypt_fails_if_too_short() {
+    let key = "QkJCQkJCQkJCQkJCQkJCQkJCQkJCQkJCQkJCQkJCQkI=";
+    let b64 = STANDARD.encode([0u8; 31]);
+    let err = decrypt_handoff_blob(&b64, key).unwrap_err();
+    assert!(err.to_string().contains("encrypted payload too short"));
+}
+
+#[test]
+fn decrypt_fails_on_invalid_base64() {
+    let key = "QkJCQkJCQkJCQkJCQkJCQkJCQkJCQkJCQkJCQkJCQkI=";
+    let err = decrypt_handoff_blob("not-base64!!!", key).unwrap_err();
+    assert!(err.to_string().contains("base64-decode encrypted payload"));
+}
+
+#[test]
+fn decrypt_fails_on_wrong_key() {
+    let key_bytes = [0x42u8; 32];
+    let iv_bytes = [0x24u8; 16];
+    let plain = "hello world";
+
+    let cipher = Aes256Gcm16::new_from_slice(&key_bytes).unwrap();
+    let nonce = aes_gcm::aead::generic_array::GenericArray::from_slice(&iv_bytes);
+    let encrypted = cipher.encrypt(nonce, plain.as_bytes()).unwrap();
+    let (ciphertext, tag) = encrypted.split_at(encrypted.len() - 16);
+
+    let mut combined = Vec::new();
+    combined.extend_from_slice(&iv_bytes);
+    combined.extend_from_slice(tag);
+    combined.extend_from_slice(ciphertext);
+
+    let b64 = STANDARD.encode(combined);
+    let wrong_key = STANDARD.encode([0u8; 32]);
+
+    let err = decrypt_handoff_blob(&b64, &wrong_key).unwrap_err();
+    assert!(err.to_string().contains("AES-GCM decrypt failed"));
+}
+
+#[test]
+fn decrypt_fails_on_tampered_ciphertext() {
+    let key_bytes = [0x42u8; 32];
+    let iv_bytes = [0x24u8; 16];
+    let plain = "hello world";
+
+    let cipher = Aes256Gcm16::new_from_slice(&key_bytes).unwrap();
+    let nonce = aes_gcm::aead::generic_array::GenericArray::from_slice(&iv_bytes);
+    let encrypted = cipher.encrypt(nonce, plain.as_bytes()).unwrap();
+    let (ciphertext, tag) = encrypted.split_at(encrypted.len() - 16);
+
+    let mut combined = Vec::new();
+    combined.extend_from_slice(&iv_bytes);
+    combined.extend_from_slice(tag);
+    combined.extend_from_slice(ciphertext);
+
+    // Tamper with the last byte of ciphertext
+    let last = combined.len() - 1;
+    combined[last] ^= 0xFF;
+
+    let b64 = STANDARD.encode(combined);
+    let key_str = STANDARD.encode(key_bytes);
+
+    let err = decrypt_handoff_blob(&b64, &key_str).unwrap_err();
+    assert!(err.to_string().contains("AES-GCM decrypt failed"));
+}
+
+#[test]
+fn decrypt_fails_on_invalid_utf8() {
+    let key_bytes = [0x42u8; 32];
+    let iv_bytes = [0x24u8; 16];
+    let plain = [0xFFu8, 0xFE, 0xFD];
+
+    let cipher = Aes256Gcm16::new_from_slice(&key_bytes).unwrap();
+    let nonce = aes_gcm::aead::generic_array::GenericArray::from_slice(&iv_bytes);
+    let encrypted = cipher.encrypt(nonce, plain.as_ref()).unwrap();
+    let (ciphertext, tag) = encrypted.split_at(encrypted.len() - 16);
+
+    let mut combined = Vec::new();
+    combined.extend_from_slice(&iv_bytes);
+    combined.extend_from_slice(tag);
+    combined.extend_from_slice(ciphertext);
+
+    let b64 = STANDARD.encode(combined);
+    let key_str = STANDARD.encode(key_bytes);
+
+    let err = decrypt_handoff_blob(&b64, &key_str).unwrap_err();
+    assert!(err.to_string().contains("handoff plaintext is not UTF-8"));
+}

test_anyhow.rs

@@ -0,0 +1,8 @@
+use anyhow::{Context, Result};
+
+fn main() -> Result<()> {
+    let err = anyhow::anyhow!("inner").context("outer");
+    println!("to_string: {}", err.to_string());
+    println!("Display: {}");
+    Ok(())
+}