Example #1
0
    def testForge(self):
        e = 17
        n = 3233
        d = 2753

        m1 = 11
        m2 = 19

        bm1 = crypto.rsaBlind(m1, 11, e, n)
        bs1 = pow(bm1, d, n)
        s1 = crypto.rsaUnblind(11, n, bs1)
        self.assertTrue(crypto.rsaVerify(s1, m1, e, n))

        bm2 = crypto.rsaBlind(m2, 13, e, n)
        bs2 = pow(bm2, d, n)
        s2 = crypto.rsaUnblind(13, n, bs2)
        self.assertTrue(crypto.rsaVerify(s2, m2, e, n))
        
        self.assertTrue(crypto.rsaVerify((s1 * s2) % n, (m1 * m2) % n, e, n))
        self.assertTrue(crypto.rsaVerify(crypto.modInverse(s1, n),
                                         crypto.modInverse(m1, n), e, n))
Example #2
0
    def testRsa(self):
        e = 17
        n = 3233
        d = 2753
        m = 3000
        s = crypto.rsaSign(m, d, n)
        self.assertTrue(crypto.rsaVerify(s, m, e, n))

        r = 11
        bm = crypto.rsaBlind(m, r, e, n)
        bs = crypto.rsaSign(bm, d, n)
        s = crypto.rsaUnblind(r, n, bs)
        self.assertTrue(crypto.rsaVerify(s, m, e, n))
Example #3
0
def blind(publicKey, sigTime, data):
    keyID = publicKey.packets[TAG_PUBKEY].keyID()
    n = publicKey.packets[TAG_PUBKEY].n
    e = publicKey.packets[TAG_PUBKEY].e

    if sigTime is None:
        sigTime = _randomTime(publicKey.creationTime(), publicKey.expirationTime())

    sigPacket = _prepareSignature(crypto.HASH_SHA256, sigTime, keyID)
    sigdata = data + sigPacket.hashdata()
    plainhash = crypto.hash(sigdata, sigPacket.hashAlgorithm.value)
    codedhash = encoding.pkcs15(plainhash, n.bits(), sigPacket.hashAlgorithm.value)
    m = elements.ScalarElement(codedhash).value

    while True:
        r = elements.ScalarElement(crypto.randomBytes(n.octets())).value
        if r > 1 and r < n.value and crypto.gcd(n.value, r) == 1:
            break

    packet = packets.BlindMessagePacket()
    packet.m = elements.MPIElement(crypto.rsaBlind(m, r, e.value, n.value))
    return r, plainhash[0:2], sigTime, messages.BlindMessageMessage.fromPackets((packet,))