def _maybe_encrypt_doc_inline(doc_json):
if doc_json is None:
# the document is not marked as tombstone, but we got
# nothing from the sync db. As it is not encrypted
# yet, we force inline encryption.
return encrypt_doc(self._crypto, doc)
return doc_json
def _maybe_encrypt_doc_inline(doc_json):
if doc_json is None:
# the document is not marked as tombstone, but we got
# nothing from the sync db. As it is not encrypted
# yet, we force inline encryption.
return encrypt_doc(self._crypto, doc)
return doc_json
def test_decrypt_with_unknown_mac_method_raises(self):
"""
Trying to decrypt a document with unknown MAC method should raise.
"""
simpledoc = {'key': 'val'}
doc = SoledadDocument(doc_id='id')
doc.content = simpledoc
# encrypt doc
doc.set_json(crypto.encrypt_doc(self._soledad._crypto, doc))
self.assertTrue(crypto.MAC_KEY in doc.content)
self.assertTrue(crypto.MAC_METHOD_KEY in doc.content)
# mess with MAC method
doc.content[crypto.MAC_METHOD_KEY] = 'mymac'
# try to decrypt doc
self.assertRaises(UnknownMacMethod, crypto.decrypt_doc,
self._soledad._crypto, doc)
def test_decrypt_with_wrong_mac_raises(self):
"""
Trying to decrypt a document with wrong MAC should raise.
"""
simpledoc = {'key': 'val'}
doc = SoledadDocument(doc_id='id')
doc.content = simpledoc
# encrypt doc
doc.set_json(crypto.encrypt_doc(self._soledad._crypto, doc))
self.assertTrue(crypto.MAC_KEY in doc.content)
self.assertTrue(crypto.MAC_METHOD_KEY in doc.content)
# mess with MAC
doc.content[crypto.MAC_KEY] = '1234567890ABCDEF'
# try to decrypt doc
self.assertRaises(WrongMac, crypto.decrypt_doc, self._soledad._crypto,
doc)
def test_decrypt_with_unknown_mac_method_raises(self):
"""
Trying to decrypt a document with unknown MAC method should raise.
"""
simpledoc = {'key': 'val'}
doc = SoledadDocument(doc_id='id')
doc.content = simpledoc
# encrypt doc
doc.set_json(crypto.encrypt_doc(self._soledad._crypto, doc))
self.assertTrue(MAC_KEY in doc.content)
self.assertTrue(MAC_METHOD_KEY in doc.content)
# mess with MAC method
doc.content[MAC_METHOD_KEY] = 'mymac'
# try to decrypt doc
self.assertRaises(
UnknownMacMethodError,
crypto.decrypt_doc, self._soledad._crypto, doc)
def test_decrypt_with_wrong_mac_raises(self):
"""
Trying to decrypt a document with wrong MAC should raise.
"""
simpledoc = {'key': 'val'}
doc = SoledadDocument(doc_id='id')
doc.content = simpledoc
# encrypt doc
doc.set_json(crypto.encrypt_doc(self._soledad._crypto, doc))
self.assertTrue(MAC_KEY in doc.content)
self.assertTrue(MAC_METHOD_KEY in doc.content)
# mess with MAC
doc.content[MAC_KEY] = '1234567890ABCDEF'
# try to decrypt doc
self.assertRaises(
WrongMacError,
crypto.decrypt_doc, self._soledad._crypto, doc)
def test_encrypt_decrypt_json(self):
"""
Test encrypting and decrypting documents.
"""
simpledoc = {'key': 'val'}
doc1 = SoledadDocument(doc_id='id')
doc1.content = simpledoc
# encrypt doc
doc1.set_json(crypto.encrypt_doc(self._soledad._crypto, doc1))
# assert content is different and includes keys
self.assertNotEqual(simpledoc, doc1.content,
'incorrect document encryption')
self.assertTrue(crypto.ENC_JSON_KEY in doc1.content)
self.assertTrue(crypto.ENC_SCHEME_KEY in doc1.content)
# decrypt doc
doc1.set_json(crypto.decrypt_doc(self._soledad._crypto, doc1))
self.assertEqual(simpledoc, doc1.content,
'incorrect document encryption')
def test_encrypt_decrypt_json(self):
"""
Test encrypting and decrypting documents.
"""
simpledoc = {'key': 'val'}
doc1 = SoledadDocument(doc_id='id')
doc1.content = simpledoc
# encrypt doc
doc1.set_json(crypto.encrypt_doc(self._soledad._crypto, doc1))
# assert content is different and includes keys
self.assertNotEqual(
simpledoc, doc1.content,
'incorrect document encryption')
self.assertTrue(ENC_JSON_KEY in doc1.content)
self.assertTrue(ENC_SCHEME_KEY in doc1.content)
# decrypt doc
doc1.set_json(crypto.decrypt_doc(self._soledad._crypto, doc1))
self.assertEqual(
simpledoc, doc1.content, 'incorrect document encryption')
def _encrypt_doc(self, doc):
d = None
if doc.is_tombstone():
d = defer.succeed(None)
elif not self._defer_encryption:
# fallback case, for tests
d = defer.succeed(encrypt_doc(self._crypto, doc))
else:
def _maybe_encrypt_doc_inline(doc_json):
if doc_json is None:
# the document is not marked as tombstone, but we got
# nothing from the sync db. As it is not encrypted
# yet, we force inline encryption.
return encrypt_doc(self._crypto, doc)
return doc_json
d = self._sync_enc_pool.get_encrypted_doc(doc.doc_id, doc.rev)
d.addCallback(_maybe_encrypt_doc_inline)
return d
def _encrypt_doc(self, doc):
d = None
if doc.is_tombstone():
d = defer.succeed(None)
elif not self._defer_encryption:
# fallback case, for tests
d = defer.succeed(encrypt_doc(self._crypto, doc))
else:
def _maybe_encrypt_doc_inline(doc_json):
if doc_json is None:
# the document is not marked as tombstone, but we got
# nothing from the sync db. As it is not encrypted
# yet, we force inline encryption.
return encrypt_doc(self._crypto, doc)
return doc_json
d = self._sync_enc_pool.get_encrypted_doc(doc.doc_id, doc.rev)
d.addCallback(_maybe_encrypt_doc_inline)
return d
