From e674be0399a624c4159a789cc93d254f18897b57 Mon Sep 17 00:00:00 2001
From: Dustin Stiles <duwstiles@pm.me>
Date: Sun, 9 Mar 2025 18:04:03 -0400
Subject: [PATCH] improve docs

---
 pkg/crypto/encryption/aead.go      |  2 ++
 pkg/crypto/encryption/aead_test.go | 35 ++++++++++++++++++++++++++++++
 pkg/crypto/identity/ecdsa_test.go  |  2 --
 3 files changed, 37 insertions(+), 2 deletions(-)
 create mode 100644 pkg/crypto/encryption/aead_test.go

diff --git a/pkg/crypto/encryption/aead.go b/pkg/crypto/encryption/aead.go
index d57eb00..18c15f5 100644
--- a/pkg/crypto/encryption/aead.go
+++ b/pkg/crypto/encryption/aead.go
@@ -12,6 +12,8 @@ import (
 
 // Encrypt uses AES-GCM to encrypt the given plaintext with the given key. The
 // plaintext is sealed with a 12-byte nonce, which is prepended to the ciphertext.
+// The nonce adds 28 bytes to the ciphertext, so the total length of the ciphertext
+// is the length of the plaintext plus 28 bytes.
 func Encrypt(key, plaintext []byte) ([]byte, error) {
 	switch len(key) {
 	case 16, 24, 32: // AES-128, AES-192, AES-256
diff --git a/pkg/crypto/encryption/aead_test.go b/pkg/crypto/encryption/aead_test.go
new file mode 100644
index 0000000..7e37026
--- /dev/null
+++ b/pkg/crypto/encryption/aead_test.go
@@ -0,0 +1,35 @@
+package encryption_test
+
+import (
+	"crypto/rand"
+	"testing"
+
+	"koti.casa/numenor-labs/dsfx/pkg/crypto/encryption"
+)
+
+func TestEncryptDecrypt(t *testing.T) {
+	key := make([]byte, 32)
+	_, err := rand.Read(key)
+	if err != nil {
+		t.Fatal(err)
+		return
+	}
+
+	plaintext := []byte("Hello, Worlskljfsjflskfjlskjfjslkfjsfjslkfjsfd!")
+	ciphertext, err := encryption.Encrypt(key, plaintext)
+	if err != nil {
+		t.Fatal(err)
+		return
+	}
+
+	decrypted, err := encryption.Decrypt(key, ciphertext)
+	if err != nil {
+		t.Fatal(err)
+		return
+	}
+
+	if string(decrypted) != string(plaintext) {
+		t.Errorf("decrypted text does not match original plaintext")
+		return
+	}
+}
diff --git a/pkg/crypto/identity/ecdsa_test.go b/pkg/crypto/identity/ecdsa_test.go
index 65ae29c..c3c5648 100644
--- a/pkg/crypto/identity/ecdsa_test.go
+++ b/pkg/crypto/identity/ecdsa_test.go
@@ -4,7 +4,6 @@ import (
 	"crypto/ecdsa"
 	"crypto/elliptic"
 	"crypto/rand"
-	"log"
 	"testing"
 
 	"koti.casa/numenor-labs/dsfx/pkg/crypto/identity"
@@ -48,7 +47,6 @@ func TestImportExportPublic(t *testing.T) {
 		return
 	}
 
-	log.Println("keylen", len(exported))
 	imported, err := identity.ImportPublicKey(exported)
 	if err != nil {
 		t.Fatalf("failed to import key: %v", err)