From 216b6f6f4e377fe23513976c6ad65a3c373fc759 Mon Sep 17 00:00:00 2001
From: tmdeveloper007 <tmdeveloper007@users.noreply.github.com>
Date: Fri, 26 Jun 2026 19:04:02 +0000
Subject: [PATCH] test: add unit tests for crypto-edge.ts

---
 test/crypto-edge.test.ts | 41 ++++++++++++++++++++++++++++++++++++++++
 1 file changed, 41 insertions(+)
 create mode 100644 test/crypto-edge.test.ts

diff --git a/test/crypto-edge.test.ts b/test/crypto-edge.test.ts
new file mode 100644
index 000000000..af0e88486
--- /dev/null
+++ b/test/crypto-edge.test.ts
@@ -0,0 +1,41 @@
+import { describe, it, expect, beforeEach } from "vitest";
+const TEST_KEY = "a".repeat(64);
+describe("decryptTokenEdge", () => {
+  beforeEach(() => { process.env.ENCRYPTION_KEY = TEST_KEY; });
+  it("returns null when ENCRYPTION_KEY is missing", async () => {
+    delete process.env.ENCRYPTION_KEY;
+    const { decryptTokenEdge } = await import("../src/lib/crypto-edge");
+    expect(await decryptTokenEdge("deadbeef", "a".repeat(24))).toBeNull();
+  });
+  it("returns null when ENCRYPTION_KEY is invalid format", async () => {
+    process.env.ENCRYPTION_KEY = "short";
+    const { decryptTokenEdge } = await import("../src/lib/crypto-edge");
+    expect(await decryptTokenEdge("deadbeef", "a".repeat(24))).toBeNull();
+  });
+  it("returns null for non-hex encrypted string", async () => {
+    const { decryptTokenEdge } = await import("../src/lib/crypto-edge");
+    expect(await decryptTokenEdge("not-hex!", "a".repeat(24))).toBeNull();
+  });
+  it("returns null for odd-length encrypted string", async () => {
+    const { decryptTokenEdge } = await import("../src/lib/crypto-edge");
+    expect(await decryptTokenEdge("deadbeef", "a".repeat(24))).toBeNull();
+  });
+  it("returns null for non-hex iv", async () => {
+    const { decryptTokenEdge } = await import("../src/lib/crypto-edge");
+    expect(await decryptTokenEdge("a".repeat(64), "not-hex!")).toBeNull();
+  });
+  it("returns null when iv is not 24 chars", async () => {
+    const { decryptTokenEdge } = await import("../src/lib/crypto-edge");
+    expect(await decryptTokenEdge("a".repeat(64), "a".repeat(20))).toBeNull();
+  });
+  it("returns null for tampered ciphertext", async () => {
+    const { decryptTokenEdge } = await import("../src/lib/crypto-edge");
+    const { encryptToken } = await import("../src/lib/crypto");
+    const { encrypted, iv } = encryptToken("hello world");
+    expect(await decryptTokenEdge(encrypted.slice(0,-2)+"ff", iv)).toBeNull();
+  });
+  it("returns null for hex with invalid characters", async () => {
+    const { decryptTokenEdge } = await import("../src/lib/crypto-edge");
+    expect(await decryptTokenEdge("g".repeat(64), "a".repeat(24))).toBeNull();
+  });
+});