2 files changed, 17 insertions, 5 deletions

diff --git a/src/leap/soledad/backends/leap_backend.py b/src/leap/soledad/backends/leap_backend.py
index c0a22feb..c3c52ee6 100644
--- a/src/leap/soledad/backends/leap_backend.py
+++ b/src/leap/soledad/backends/leap_backend.py
@@ -20,6 +20,10 @@ class NoSoledadInstance(Exception):
     pass
 
 
+class DocumentEncryptionFailed(Exception):
+    pass
+
+
 class LeapDocument(Document):
     """
     Encryptable and syncable document.
@@ -164,9 +168,17 @@ class LeapSyncTarget(HTTPSyncTarget):
         comma = ','
         for doc, gen, trans_id in docs_by_generations:
             if doc.syncable:
-                # encrypt before sending to server.
+                # encrypt and verify before sending to server.
+                doc_content = doc.get_encrypted_json()
+                if doc_content == doc.get_json():
+                    raise DocumentEncryptionFailed
+                enc_doc = LeapDocument(doc.doc_id, doc.rev,
+                                       encrypted_json=doc_content,
+                                       soledad=self._soledad)
+                if doc.get_json() != enc_doc.get_json():
+                    raise DocumentEncryptionFailed
                 size += prepare(id=doc.doc_id, rev=doc.rev,
-                                content=doc.get_encrypted_json(),
+                                content=doc_content,
                                 gen=gen, trans_id=trans_id)
         entries.append('\r\n]')
         size += len(entries[-1])
diff --git a/src/leap/soledad/tests/test_couch.py b/src/leap/soledad/tests/test_couch.py
index 09c7269e..3482b035 100644
--- a/src/leap/soledad/tests/test_couch.py
+++ b/src/leap/soledad/tests/test_couch.py
@@ -115,7 +115,7 @@ class CouchDBTestCase(unittest.TestCase):
 class TestCouchBackendImpl(CouchDBTestCase):
 
     def test__allocate_doc_id(self):
-        db = couch.CouchDatabase('http://localhost:'+str(self.wrapper.port),
+        db = couch.CouchDatabase('http://localhost:' + str(self.wrapper.port),
                                  'u1db_tests')
         doc_id1 = db._allocate_doc_id()
         self.assertTrue(doc_id1.startswith('D-'))
@@ -130,13 +130,13 @@ class TestCouchBackendImpl(CouchDBTestCase):
 
 def make_couch_database_for_test(test, replica_uid):
     port = str(test.wrapper.port)
-    return couch.CouchDatabase('http://localhost:'+port, replica_uid,
+    return couch.CouchDatabase('http://localhost:' + port, replica_uid,
                                replica_uid=replica_uid or 'test')
 
 
 def copy_couch_database_for_test(test, db):
     port = str(test.wrapper.port)
-    new_db = couch.CouchDatabase('http://localhost:'+port,
+    new_db = couch.CouchDatabase('http://localhost:' + port,
                                  db._replica_uid + '_copy',
                                  replica_uid=db._replica_uid or 'test')
     gen, docs = db.get_all_docs(include_deleted=True)