summaryrefslogtreecommitdiff
path: root/src/leap/soledad/backends/leap_backend.py
diff options
context:
space:
mode:
authordrebs <drebs@leap.se>2013-01-28 11:48:32 -0200
committerdrebs <drebs@leap.se>2013-01-28 11:48:32 -0200
commit74797eea423aeeb3338b51d78c681bbbf27c8eba (patch)
tree44a3be1a31b0ab296e6e47762752b440fb961dca /src/leap/soledad/backends/leap_backend.py
parentf959dff71256b98d47bbcca2bdd9692bb4d848ac (diff)
LeapSyncTarget checks whether document has been correctly encrypted.
Diffstat (limited to 'src/leap/soledad/backends/leap_backend.py')
-rw-r--r--src/leap/soledad/backends/leap_backend.py16
1 files changed, 14 insertions, 2 deletions
diff --git a/src/leap/soledad/backends/leap_backend.py b/src/leap/soledad/backends/leap_backend.py
index ec26dca4..f73698f2 100644
--- a/src/leap/soledad/backends/leap_backend.py
+++ b/src/leap/soledad/backends/leap_backend.py
@@ -20,6 +20,10 @@ class NoSoledadInstance(Exception):
pass
+class DocumentEncryptionFailed(Exception):
+ pass
+
+
class LeapDocument(Document):
"""
LEAP Documents are standard u1db documents with cabability of returning an
@@ -181,9 +185,17 @@ class LeapSyncTarget(HTTPSyncTarget):
comma = ','
for doc, gen, trans_id in docs_by_generations:
if doc.syncable:
- # encrypt before sending to server.
+ # encrypt and verify before sending to server.
+ doc_content = doc.get_encrypted_json()
+ if doc_content == doc.get_json():
+ raise DocumentEncryptionFailed
+ enc_doc = LeapDocument(doc.doc_id, doc.rev,
+ encrypted_json=doc_content,
+ soledad=self._soledad)
+ if doc.get_json() != enc_doc.get_json():
+ raise DocumentEncryptionFailed
size += prepare(id=doc.doc_id, rev=doc.rev,
- content=doc.get_encrypted_json(),
+ content=doc_content,
gen=gen, trans_id=trans_id)
entries.append('\r\n]')
size += len(entries[-1])