@@ -131,7 +131,7 @@ fn test_json_transcryption_with_builder() {
131131 #[ cfg( feature = "elgamal3" ) ]
132132 let decrypted_transcrypted = transcrypted. decrypt ( & session_keys) . unwrap ( ) ;
133133 #[ cfg( not( feature = "elgamal3" ) ) ]
134- let decrypted_transcrypted = transcrypted . decrypt ( & session_keys) ;
134+ let decrypted_transcrypted = decrypt ( & transcrypted , & session_keys) ;
135135 let json_transcrypted = decrypted_transcrypted
136136 . to_value ( )
137137 . expect ( "Should convert to JSON" ) ;
@@ -329,3 +329,86 @@ fn test_json_batch_transcryption_different_structures() {
329329 _ => panic ! ( "Expected InconsistentStructure error" ) ,
330330 }
331331}
332+
333+ #[ test]
334+ fn test_json_transcryption_with_client_and_transcryptor ( ) {
335+ let mut rng = rand:: rng ( ) ;
336+
337+ // Setup keys and secrets
338+ let ( _global_public, global_secret) = make_global_keys ( & mut rng) ;
339+ let pseudo_secret = PseudonymizationSecret :: from ( "pseudo-secret" . as_bytes ( ) . to_vec ( ) ) ;
340+ let enc_secret = EncryptionSecret :: from ( "encryption-secret" . as_bytes ( ) . to_vec ( ) ) ;
341+
342+ let domain_a = PseudonymizationDomain :: from ( "hospital-a" ) ;
343+ let domain_b = PseudonymizationDomain :: from ( "hospital-b" ) ;
344+ let session = EncryptionContext :: from ( "session-1" ) ;
345+
346+ let session_keys = make_session_keys ( & global_secret, & session, & enc_secret) ;
347+
348+ // Create client and transcryptor
349+ let client = libpep:: client:: Client :: new ( session_keys) ;
350+ let transcryptor =
351+ libpep:: transcryptor:: Transcryptor :: new ( pseudo_secret. clone ( ) , enc_secret. clone ( ) ) ;
352+
353+ // Create patient record JSON data
354+ let patient_data = json ! ( {
355+ "patient_id" : "patient-54321" ,
356+ "name" : "John Doe" ,
357+ "diagnosis" : "Healthy" ,
358+ "temperature" : 36.6
359+ } ) ;
360+
361+ // Convert to PEP JSON, marking "patient_id" as a pseudonym field
362+ let patient_record = PEPJSONBuilder :: from_json ( & patient_data, & [ "patient_id" ] )
363+ . expect ( "Should create PEP JSON from existing JSON" )
364+ . build ( ) ;
365+
366+ // Encrypt using the client
367+ let encrypted = client. encrypt ( & patient_record, & mut rng) ;
368+
369+ // Decrypt to verify original
370+ #[ cfg( feature = "elgamal3" ) ]
371+ let decrypted_original = client. decrypt ( & encrypted) . unwrap ( ) ;
372+ #[ cfg( not( feature = "elgamal3" ) ) ]
373+ let decrypted_original = client. decrypt ( & encrypted) ;
374+
375+ let json_original = decrypted_original
376+ . to_value ( )
377+ . expect ( "Should convert to JSON" ) ;
378+ assert_eq ! ( json_original[ "patient_id" ] , "patient-54321" ) ;
379+ assert_eq ! ( json_original[ "name" ] , "John Doe" ) ;
380+ assert_eq ! ( json_original[ "diagnosis" ] , "Healthy" ) ;
381+ assert_eq ! ( json_original[ "temperature" ] . as_f64( ) . unwrap( ) , 36.6 ) ;
382+
383+ // Transcrypt from hospital A to hospital B using the transcryptor
384+ let transcryption_info =
385+ transcryptor. transcryption_info ( & domain_a, & domain_b, & session, & session) ;
386+
387+ let transcrypted = transcryptor. transcrypt ( & encrypted, & transcryption_info) ;
388+
389+ // Verify that the encrypted structures are different after transcryption
390+ assert_ne ! (
391+ format!( "{:?}" , encrypted) ,
392+ format!( "{:?}" , transcrypted) ,
393+ "Encrypted values should be different after transcryption"
394+ ) ;
395+
396+ // Decrypt transcrypted data
397+ #[ cfg( feature = "elgamal3" ) ]
398+ let decrypted_transcrypted = client. decrypt ( & transcrypted) . unwrap ( ) ;
399+ #[ cfg( not( feature = "elgamal3" ) ) ]
400+ let decrypted_transcrypted = client. decrypt ( & transcrypted) ;
401+
402+ let json_transcrypted = decrypted_transcrypted
403+ . to_value ( )
404+ . expect ( "Should convert to JSON" ) ;
405+
406+ // Attributes should remain the same, but pseudonym should be different
407+ assert_eq ! ( json_transcrypted[ "name" ] , "John Doe" ) ;
408+ assert_eq ! ( json_transcrypted[ "diagnosis" ] , "Healthy" ) ;
409+ assert_eq ! ( json_transcrypted[ "temperature" ] . as_f64( ) . unwrap( ) , 36.6 ) ;
410+ assert_ne ! (
411+ json_transcrypted[ "patient_id" ] , "patient-54321" ,
412+ "Pseudonym should be different after cross-domain transcryption"
413+ ) ;
414+ }
0 commit comments