From cc830bfa1cf3af6d23230ffa7243c9d3dd6832bd Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?David=20N=C3=BA=C3=B1ez?= <david@nucypher.com>
Date: Tue, 1 Aug 2023 11:47:21 +0200
Subject: [PATCH] Test for bad AAD input

---
 tpke/src/ciphertext.rs | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/tpke/src/ciphertext.rs b/tpke/src/ciphertext.rs
index a358ff93..42c12727 100644
--- a/tpke/src/ciphertext.rs
+++ b/tpke/src/ciphertext.rs
@@ -61,6 +61,7 @@ impl<E: Pairing> Ciphertext<E> {
         }
     }
 
+    // FIXME: Remove?
     pub fn serialized_length(&self) -> usize {
         self.commitment.serialized_size(Compress::No)
             + self.auth_tag.serialized_size(Compress::No)
@@ -201,6 +202,7 @@ fn hash_to_g2<T: ark_serialize::CanonicalDeserialize>(
 ) -> Result<T> {
     let point = htp_bls12381_g2(message);
     let mut point_ser: Vec<u8> = Vec::new();
+    // TODO: ????
     point.serialize_compressed(&mut point_ser)?;
     T::deserialize_compressed(&point_ser[..]).map_err(Error::ArkSerializeError)
 }
@@ -244,7 +246,11 @@ mod tests {
         let plaintext =
             decrypt_symmetric(&ciphertext, aad, &privkey, g_inv).unwrap();
 
-        assert_eq!(msg, plaintext)
+        assert_eq!(msg, plaintext);
+
+        let bad: &[u8] = "bad-aad".as_bytes();
+
+        assert!(decrypt_symmetric(&ciphertext, bad, &privkey, g_inv).is_err());
     }
 
     #[test]