Fixed up mocking of crypto in test and tag to encrypted content (#40)

Covata · Feb 24, 2017 · aa0f223 · aa0f223
1 parent 722a7f8
commit aa0f223
Show file tree

Hide file tree

Showing 2 changed files with 42 additions and 41 deletions.
diff --git a/src/main/python/covata/delta/client.py b/src/main/python/covata/delta/client.py
@@ -94,10 +94,10 @@ def get_identity(self, identity_id, identity_to_retrieve=None):
             identity_to_retrieve if identity_to_retrieve else identity_id)
 
         return Identity(self,
-                        response.get("id"),
-                        response.get("cryptoPublicKey"),
-                        response.get("externalId"),
-                        response.get("metadata"))
+                        response["id"],
+                        response["cryptoPublicKey"],
+                        response["externalId"],
+                        response["metadata"])
 
     def create_secret(self, identity_id, content):
         """
@@ -111,21 +111,21 @@ def create_secret(self, identity_id, content):
         secret_key = crypto.generate_secret_key()
         iv = crypto.generate_initialisation_vector()
 
-        crypto.encrypt(content, secret_key, iv)
-
-        public_encryption_key = self.key_store.get_private_encryption_key(
+        public_key = self.key_store.get_private_encryption_key(
             identity_id).public_key()
 
-        encrypted_key = crypto.encrypt_key_with_public_key(
-            secret_key, public_encryption_key)
-
+        encrypted_key = crypto.encrypt_key_with_public_key(secret_key,
+                                                           public_key)
+        cipher_text, tag = crypto.encrypt(content, secret_key, iv)
         response = self.api_client.create_secret(
-            identity_id,
-            content,
-            {"symmetricKey": encrypted_key,
-             "initialisationVector": iv})
+            requestor_id=id,
+            content=cipher_text + tag,
+            encryption_details=dict(
+                symmetricKey=encrypted_key,
+                initialisationVector=iv
+            ))
 
-        return self.get_secret(identity_id, response.get("id"))
+        return self.get_secret(identity_id, response["id"])
 
     def get_secret(self, identity_id, secret_id):
         """
@@ -139,14 +139,13 @@ def get_secret(self, identity_id, secret_id):
         response = self.api_client.get_secret(identity_id, secret_id)
 
         return Secret(self,
-                      response.get("id"),
-                      response.get("created"),
-                      response.get("rsaKeyOwner"),
-                      response.get("createdBy"),
+                      response["id"],
+                      response["created"],
+                      response["rsaKeyOwner"],
+                      response["createdBy"],
                       EncryptionDetails(
-                          response.get("encryptionDetails").get("symmetricKey"),
-                          response.get(
-                              "encryptionDetails").get("initialisationVector")
+                          response["encryptionDetails"]["symmetricKey"],
+                          response["encryptionDetails"]["initialisationVector"]
                       ))
 
 

diff --git a/src/test/python/test_client.py b/src/test/python/test_client.py
@@ -12,18 +12,13 @@
 #   See the License for the specific language governing permissions and
 #   limitations under the License.
 
-
 import pytest
 import uuid
 
 from covata.delta import Client
 from covata.delta import ApiClient
 
 
-iv = "01234567".encode('utf-8')
-key = "0123456789abcdef".encode('utf-8')
-
-
 @pytest.fixture(scope="function")
 def client(api_client, key_store):
     return Client(dict(api_client=api_client,
@@ -37,17 +32,23 @@ def api_client(key_store):
 
 @pytest.fixture(scope="function")
 def mock_crypto(mocker):
+    iv = "01234567".encode('utf-8')
+    key = "0123456789abcdef".encode('utf-8')
+
     mocker.patch('covata.delta.crypto.generate_secret_key',
-                 return_value=bytes(key))
+                 return_value=key)
 
     mocker.patch('covata.delta.crypto.generate_initialisation_vector',
-                 return_value=bytes(iv))
+                 return_value=iv)
 
     mocker.patch('covata.delta.crypto.encrypt',
-                 return_value=bytes('encrypted secret'.encode('utf-8')))
+                 return_value=('encrypted secret'.encode('utf-8'),
+                               'tag'.encode('utf-8')))
 
     mocker.patch('covata.delta.crypto.encrypt_key_with_public_key',
-                 return_value=bytes('encrypted key'.encode('utf-8')))
+                 return_value='encrypted key'.encode('utf-8'))
+
+    return {"iv": iv, "key": key}
 
 
 def test_create_identity(mocker, client, api_client, key_store, private_key,
@@ -111,7 +112,8 @@ def test_get_identity_different_target(mocker, client, api_client):
     assert identity.public_encryption_key == "crypto_public_key"
 
 
-def test_create_secret(mocker, client, api_client, key_store, private_key):
+def test_create_secret(mocker, client, api_client, key_store, private_key,
+                       mock_crypto):
     expected_id = str(uuid.uuid4())
     rsa_key_owner_id = str(uuid.uuid4())
     created_by_id = str(uuid.uuid4())
@@ -129,8 +131,8 @@ def test_create_secret(mocker, client, api_client, key_store, private_key):
                             rsaKeyOwner=rsa_key_owner_id,
                             createdBy=created_by_id,
                             encryptionDetails=dict(
-                                initialisationVector=iv,
-                                symmetricKey=key)))
+                                initialisationVector=mock_crypto["iv"],
+                                symmetricKey=mock_crypto["key"])))
 
     secret = client.create_secret(created_by_id,
                                   "this is my secret".encode('utf-8'))
@@ -140,12 +142,12 @@ def test_create_secret(mocker, client, api_client, key_store, private_key):
     assert secret.created == "12345"
     assert secret.rsa_key_owner == rsa_key_owner_id
     assert secret.created_by == created_by_id
-    assert secret.encryption_details.initialisation_vector == iv
-    assert secret.encryption_details.symmetric_key == key
+    assert secret.encryption_details.initialisation_vector == mock_crypto["iv"]
+    assert secret.encryption_details.symmetric_key == mock_crypto["key"]
 
 
 def test_create_secret_via_identity(mocker, client, api_client, key_store,
-                                    private_key):
+                                    private_key, mock_crypto):
     expected_id = str(uuid.uuid4())
     created_by_id = str(uuid.uuid4())
 
@@ -169,8 +171,8 @@ def test_create_secret_via_identity(mocker, client, api_client, key_store,
                             rsaKeyOwner=created_by_id,
                             createdBy=created_by_id,
                             encryptionDetails=dict(
-                                initialisationVector=iv,
-                                symmetricKey=key)))
+                                initialisationVector=mock_crypto["iv"],
+                                symmetricKey=mock_crypto["key"])))
 
     identity = client.get_identity(created_by_id)
 
@@ -181,5 +183,5 @@ def test_create_secret_via_identity(mocker, client, api_client, key_store,
     assert secret.created == "12345"
     assert secret.rsa_key_owner == created_by_id
     assert secret.created_by == created_by_id
-    assert secret.encryption_details.initialisation_vector == iv
-    assert secret.encryption_details.symmetric_key == key
+    assert secret.encryption_details.initialisation_vector == mock_crypto["iv"]
+    assert secret.encryption_details.symmetric_key == mock_crypto["key"]