def unblind(self, msg, blind):
"""
Unblinds a msg.
Args:
msg: A string - a blinded message.
len(msg) must equal self.size
blind: The blind that was used on the msg. instance of Blind
Returns:
A byte string of the unblinded msg on success, None otherwise
"""
if (len(msg) != self.size or blind is None):
return None
ctx = _ssl.BN_CTX_new()
f = _ssl.BN_bin2bn(msg, len(msg), _ssl.BN_new())
if _ssl.BN_mod_mul(f, f, blind.bn_Ai, self.bn_n, ctx) != 1:
logging.debug("Failed to unblind msg")
_ssl.BN_free(f)
_ssl.BN_CTX_free(ctx)
return None
unblinded_msg = BNToBin(f, self.size)
# Cleanup
_ssl.BN_free(f)
_ssl.BN_CTX_free(ctx)
return unblinded_msg
def compare_mod(self, rand):
""" Returns the result of comparing rand to the rsa mod"""
# Convert to bn
rand_bn = _ssl.BN_new()
rand_bn = _ssl.BN_bin2bn(rand, self.size, rand_bn)
result = _ssl.BN_ucmp(rand_bn, self.bn_n)
_ssl.BN_free(rand_bn)
return result
def _get_mod(self):
""" Returns the modulus of the RSA key in bn form."""
buf = ctypes.create_string_buffer(1024)
pBuf = ctypes.c_char_p(ctypes.addressof(buf))
n = _ssl.i2d_RSAPublicKey(self.key, ctypes.byref(pBuf))
s = buf.raw[:n]
seq = asn1.DerSequence()
seq.decode(s) # s[0] is n, s[1] is e
# Convert to bn
self.bn_n = _ssl.BN_new()
seq_bytes = ctypes.c_char_p(seq[0].to_bytes(256, byteorder='big'))
return _ssl.BN_bin2bn(seq_bytes, self.size, self.bn_n)
def __init__(self, r, e, mod):
assert r is not None
assert e is not None
assert mod is not None
ctx = _ssl.BN_CTX_new()
self._free = []
self.r = r
self.bn_r = _ssl.BN_bin2bn(r, len(r), _ssl.BN_new()) # r
self.bn_Ai = _ssl.BN_mod_inverse(None, self.bn_r, mod, ctx) # r^-1
self.bn_A = _ssl.BN_new() # r^pk
if _ssl.BN_mod_exp(self.bn_A, self.bn_r, e, mod, ctx) != 1:
logging.debug("Failed to get r^pk")
self.bn_ri = _ssl.BN_new() # (r^-1)^pk
if _ssl.BN_mod_exp(self.bn_ri, self.bn_Ai, e, mod, ctx) != 1:
logging.debug("Failed to get (r^-1)^pk")
_ssl.BN_CTX_free(ctx)
self._free = [self.bn_r, self.bn_ri, self.bn_A, self.bn_Ai]