3 files changed, 21 insertions, 0 deletions

diff --git a/crypto/pgpainless/src/test/kotlin/app/passwordstore/crypto/PGPainlessCryptoHandlerTest.kt b/crypto/pgpainless/src/test/kotlin/app/passwordstore/crypto/PGPainlessCryptoHandlerTest.kt
index 4ec4b7fa..5de2bf4f 100644
--- a/crypto/pgpainless/src/test/kotlin/app/passwordstore/crypto/PGPainlessCryptoHandlerTest.kt
+++ b/crypto/pgpainless/src/test/kotlin/app/passwordstore/crypto/PGPainlessCryptoHandlerTest.kt
@@ -9,6 +9,7 @@ package app.passwordstore.crypto
 import app.passwordstore.crypto.CryptoConstants.KEY_PASSPHRASE
 import app.passwordstore.crypto.CryptoConstants.PLAIN_TEXT
 import app.passwordstore.crypto.errors.IncorrectPassphraseException
+import app.passwordstore.crypto.errors.NonStandardAEAD
 import com.github.michaelbull.result.getError
 import com.google.testing.junit.testparameterinjector.TestParameter
 import com.google.testing.junit.testparameterinjector.TestParameterInjector
@@ -138,6 +139,23 @@ class PGPainlessCryptoHandlerTest {
   }
 
   @Test
+  fun aeadEncryptedMaterialIsSurfacedProperly() {
+    val secKey = PGPKey(TestUtils.getAEADSecretKey())
+    val plaintextStream = ByteArrayOutputStream()
+    val ciphertextStream = TestUtils.getAEADEncryptedFile().inputStream()
+    val res =
+      cryptoHandler.decrypt(
+        listOf(secKey),
+        "Password",
+        ciphertextStream,
+        plaintextStream,
+        PGPDecryptOptions.Builder().build(),
+      )
+    assertTrue(res.isErr)
+    assertIs<NonStandardAEAD>(res.error, message = "${res.error.cause}")
+  }
+
+  @Test
   fun canHandleFiltersFormats() {
     assertFalse { cryptoHandler.canHandle("example.com") }
     assertTrue { cryptoHandler.canHandle("example.com.gpg") }
diff --git a/crypto/pgpainless/src/test/kotlin/app/passwordstore/crypto/TestUtils.kt b/crypto/pgpainless/src/test/kotlin/app/passwordstore/crypto/TestUtils.kt
index 90b98ac9..56c8c1d8 100644
--- a/crypto/pgpainless/src/test/kotlin/app/passwordstore/crypto/TestUtils.kt
+++ b/crypto/pgpainless/src/test/kotlin/app/passwordstore/crypto/TestUtils.kt
@@ -21,6 +21,9 @@ object TestUtils {
 
   fun getAEADSecretKey() = this::class.java.classLoader.getResource("aead_sec").readBytes()
 
+  fun getAEADEncryptedFile() =
+    this::class.java.classLoader.getResource("aead_encrypted_file").readBytes()
+
   enum class AllKeys(val keyMaterial: ByteArray) {
     ARMORED_SEC(getArmoredSecretKey()),
     ARMORED_PUB(getArmoredPublicKey()),
diff --git a/crypto/pgpainless/src/test/resources/aead_encrypted_file b/crypto/pgpainless/src/test/resources/aead_encrypted_file
new file mode 100644
index 00000000..d8547bdb
--- /dev/null
+++ b/crypto/pgpainless/src/test/resources/aead_encrypted_file