stupidgcm: add testWipe test

After looking at the cover profile, this was the only untested
code except panic cases.

1 files changed, 28 insertions, 6 deletions

diff --git a/internal/stupidgcm/common_test.go b/internal/stupidgcm/common_test.go
index 27ca7cc..ded6273 100644
--- a/internal/stupidgcm/common_test.go
+++ b/internal/stupidgcm/common_test.go
@@ -9,12 +9,13 @@ import (
 	"testing"
 )
 
-func testCiphers(t *testing.T, c1 cipher.AEAD, c2 cipher.AEAD) {
-	t.Run("testEncryptDecrypt", func(t *testing.T) { testEncryptDecrypt(t, c1, c2) })
-	t.Run("testInplaceSeal", func(t *testing.T) { testInplaceSeal(t, c1, c2) })
-	t.Run("testInplaceOpen", func(t *testing.T) { testInplaceOpen(t, c1, c2) })
-	t.Run("testCorruption_c1", func(t *testing.T) { testCorruption(t, c1) })
-	t.Run("testCorruption_c2", func(t *testing.T) { testCorruption(t, c2) })
+func testCiphers(t *testing.T, our cipher.AEAD, ref cipher.AEAD) {
+	t.Run("testEncryptDecrypt", func(t *testing.T) { testEncryptDecrypt(t, our, ref) })
+	t.Run("testInplaceSeal", func(t *testing.T) { testInplaceSeal(t, our, ref) })
+	t.Run("testInplaceOpen", func(t *testing.T) { testInplaceOpen(t, our, ref) })
+	t.Run("testCorruption_c1", func(t *testing.T) { testCorruption(t, our) })
+	t.Run("testCorruption_c2", func(t *testing.T) { testCorruption(t, ref) })
+	t.Run("testWipe", func(t *testing.T) { testWipe(t, our) })
 }
 
 // testEncryptDecrypt encrypts and decrypts using both stupidgcm and Go's built-in
@@ -161,6 +162,27 @@ func testCorruption(t *testing.T, c cipher.AEAD) {
 	}
 }
 
+type Wiper interface {
+	Wipe()
+}
+
+func testWipe(t *testing.T, c cipher.AEAD) {
+	var key []byte
+	switch c2 := c.(type) {
+	case *StupidGCM:
+		c2.Wipe()
+		key = c2.key
+	case *stupidChacha20poly1305:
+		c2.Wipe()
+		key = c2.key
+	default:
+		t.Fatalf("BUG: unhandled type %t", c2)
+	}
+	if key != nil {
+		t.Fatal("key is not nil")
+	}
+}
+
 // Get "n" random bytes from /dev/urandom or panic
 func randBytes(n int) []byte {
 	b := make([]byte, n)