def test_encrypt(self):
private_key = get_dummy_private_key()
public_key = private_key.publickey()
encrypted = EncryptedPayload.encrypt("<spam>eggs</spam>", public_key)
assert "aes_key" in encrypted
assert "encrypted_magic_envelope" in encrypted
# See we can decrypt it too
decrypted = EncryptedPayload.decrypt(encrypted, private_key)
assert etree.tostring(decrypted).decode("utf-8") == "<spam>eggs</spam>"
def test_decrypt(self, mock_decode, mock_unpad, mock_aes, mock_pkcs1):
mock_decrypt = Mock(return_value=b'{"iv": "foo", "key": "bar"}')
mock_pkcs1.return_value = Mock(decrypt=mock_decrypt)
mock_encrypter = Mock(return_value="<foo>bar</foo>")
mock_aes.return_value = Mock(decrypt=mock_encrypter)
doc = EncryptedPayload.decrypt(
{"aes_key": '{"iv": "foo", "key": "bar"}', "encrypted_magic_envelope": "magically encrypted"},
"private_key",
)
mock_pkcs1.assert_called_once_with("private_key")
mock_decrypt.assert_called_once_with('{"iv": "foo", "key": "bar"}', sentinel=None)
assert mock_decode.call_count == 4
mock_aes.assert_called_once_with("bar", AES.MODE_CBC, "foo")
mock_encrypter.assert_called_once_with("magically encrypted")
assert doc.tag == "foo"
assert doc.text == "bar"
def build_send(self, entity: BaseEntity, from_user: UserType, to_user_key: RsaKey = None) -> Union[str, Dict]:
"""
Build POST data for sending out to remotes.
:param entity: The outbound ready entity for this protocol.
:param from_user: The user sending this payload. Must have ``private_key`` and ``id`` properties.
:param to_user_key: (Optional) Public key of user we're sending a private payload to.
:returns: dict or string depending on if private or public payload.
"""
if entity.outbound_doc is not None:
# Use pregenerated outbound document
xml = entity.outbound_doc
else:
xml = entity.to_xml()
me = MagicEnvelope(etree.tostring(xml), private_key=from_user.rsa_private_key, author_handle=from_user.handle)
rendered = me.render()
if to_user_key:
return EncryptedPayload.encrypt(rendered, to_user_key)
return rendered
def get_json_payload_magic_envelope(self, payload):
"""Encrypted JSON payload"""
private_key = self._get_user_key(self.user)
return EncryptedPayload.decrypt(payload=payload, private_key=private_key)