From 92eaf52c21089f1c4e4efee2a848556dad9796a3 Mon Sep 17 00:00:00 2001
From: Jakob Borg <jakob@kastelo.net>
Date: Mon, 4 Oct 2021 14:36:26 +0200
Subject: [PATCH] lib/protocol: Test to lock down encryption key derivation

So that we don't inadvertently change how these things work.
---
 lib/protocol/encryption_test.go | 20 ++++++++++++++++++++
 1 file changed, 20 insertions(+)

diff --git a/lib/protocol/encryption_test.go b/lib/protocol/encryption_test.go
index c2e8a03f4..d0ae23e33 100644
--- a/lib/protocol/encryption_test.go
+++ b/lib/protocol/encryption_test.go
@@ -71,6 +71,26 @@ func TestEnDecryptName(t *testing.T) {
 	}
 }
 
+func TestKeyDerivation(t *testing.T) {
+	folderKey := KeyFromPassword("my folder", "my password")
+	encryptedName := encryptDeterministic([]byte("filename.txt"), folderKey, nil)
+	if base32Hex.EncodeToString(encryptedName) != "3T5957I4IOA20VEIEER6JSQG0PEPIRV862II3K7LOF75Q" {
+		t.Error("encrypted name mismatch")
+	}
+
+	fileKey := FileKey("filename.txt", folderKey)
+	// fmt.Println(base32Hex.EncodeToString(encryptBytes([]byte("hello world"), fileKey))) => A1IPD...
+	const encrypted = `A1IPD28ISL7VNPRSSSQM2L31L3IJPC08283RO89J5UG0TI9P38DO9RFGK12DK0KD7PKQP6U51UL2B6H96O`
+	bs, _ := base32Hex.DecodeString(encrypted)
+	dec, err := DecryptBytes(bs, fileKey)
+	if err != nil {
+		t.Error(err)
+	}
+	if string(dec) != "hello world" {
+		t.Error("decryption mismatch")
+	}
+}
+
 func TestDecryptNameInvalid(t *testing.T) {
 	key := new([32]byte)
 	for _, c := range []string{