From 8e55b11da2bec4b576e85bd9ee56c30b04812c28 Mon Sep 17 00:00:00 2001
From: Muawia Khan <muawia@bigchaindb.com>
Date: Mon, 3 Sep 2018 13:25:58 +0200
Subject: [PATCH] Problem: cyrptoconditions dependency updated because of
 vulnerability (#2494)

* Problem: cyrptoconditions dependency updated because of vulnerability CVE-2018-10903

* update cc to ~=0.7.2

* Fix test using b58encode

* Fixing some more tests failing because of base58 update
---
 bigchaindb/common/transaction.py                  | 4 ++--
 bigchaindb/upsert_validator/validator_election.py | 2 +-
 setup.py                                          | 2 +-
 tests/common/test_transaction.py                  | 4 ++--
 4 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/bigchaindb/common/transaction.py b/bigchaindb/common/transaction.py
index d5b3eef8..8baf8196 100644
--- a/bigchaindb/common/transaction.py
+++ b/bigchaindb/common/transaction.py
@@ -94,7 +94,7 @@ class Input(object):
         """
         try:
             fulfillment = self.fulfillment.serialize_uri()
-        except (TypeError, AttributeError, ASN1EncodeError):
+        except (TypeError, AttributeError, ASN1EncodeError, ASN1DecodeError):
             fulfillment = _fulfillment_to_details(self.fulfillment)
 
         try:
@@ -161,7 +161,7 @@ def _fulfillment_to_details(fulfillment):
     if fulfillment.type_name == 'ed25519-sha-256':
         return {
             'type': 'ed25519-sha-256',
-            'public_key': base58.b58encode(fulfillment.public_key),
+            'public_key': base58.b58encode(fulfillment.public_key).decode(),
         }
 
     if fulfillment.type_name == 'threshold-sha-256':
diff --git a/bigchaindb/upsert_validator/validator_election.py b/bigchaindb/upsert_validator/validator_election.py
index 7d9a6fbc..95162442 100644
--- a/bigchaindb/upsert_validator/validator_election.py
+++ b/bigchaindb/upsert_validator/validator_election.py
@@ -172,7 +172,7 @@ class ValidatorElection(Transaction):
 
     @classmethod
     def to_public_key(cls, election_id):
-        return base58.b58encode(bytes.fromhex(election_id))
+        return base58.b58encode(bytes.fromhex(election_id)).decode()
 
     @classmethod
     def count_votes(cls, election_pk, transactions, getter=getattr):
diff --git a/setup.py b/setup.py
index dcecca51..071ddd45 100644
--- a/setup.py
+++ b/setup.py
@@ -79,7 +79,7 @@ install_requires = [
     # TODO Consider not installing the db drivers, or putting them in extras.
     'pymongo~=3.6',
     'pysha3~=1.0.2',
-    'cryptoconditions~=0.6.0.dev',
+    'cryptoconditions~=0.7.2',
     'python-rapidjson~=0.6.0',
     'logstats~=0.2.1',
     'flask>=0.10.1',
diff --git a/tests/common/test_transaction.py b/tests/common/test_transaction.py
index 7b8dde99..4a1586ca 100644
--- a/tests/common/test_transaction.py
+++ b/tests/common/test_transaction.py
@@ -93,7 +93,7 @@ def test_output_serialization(user_Ed25519, user_pub):
             'uri': user_Ed25519.condition_uri,
             'details': {
                 'type': 'ed25519-sha-256',
-                'public_key': b58encode(user_Ed25519.public_key),
+                'public_key': b58encode(user_Ed25519.public_key).decode(),
             },
         },
         'public_keys': [user_pub],
@@ -114,7 +114,7 @@ def test_output_deserialization(user_Ed25519, user_pub):
             'uri': user_Ed25519.condition_uri,
             'details': {
                 'type': 'ed25519-sha-256',
-                'public_key': b58encode(user_Ed25519.public_key),
+                'public_key': b58encode(user_Ed25519.public_key).decode(),
             },
         },
         'public_keys': [user_pub],