def revert_blind(self, msg, blind):
"""
Removes a blind r from the message.
Args:
msg (bytes): A blinded message.
blind: The blind that was used on the msg. instance of Blind
Returns:
A byte string of the unblinded msg on success, None otherwise
"""
if len(msg) != self.size or blind is None:
return None
ctx = _ssl.BN_CTX_new()
f = _ssl.BN_bin2bn(msg, len(msg), _ssl.BN_new())
if _ssl.BN_mod_mul(f, f, blind.bn_ri, self.bn_n, ctx) != 1:
logging.debug('Failed to unblind msg')
_ssl.BN_free(f)
_ssl.BN_CTX_free(ctx)
return None
unblinded_msg = BNToBin(f, self.size)
# Cleanup
_ssl.BN_free(f)
_ssl.BN_CTX_free(ctx)
return unblinded_msg
def __init__(self, path="", suffix=""):
"""
Initalizes the RSA class.
If path and suffix aren't provided, a key can't be saved or load.
Args:
path: The path to the folder that the key should be loaded/saved to
suffix: The suffix added to the private and public keys
(e.g. public_suffix.pem)
"""
self.key = _ssl.RSA_new()
self.bn_e = _ssl.BN_new()
self.bn_n = None
self.size = 0
self.is_private = False
self.path = path
self.suffix = suffix
e = ctypes.c_ulong(RSA_F4)
if _ssl.BN_set_word(self.bn_e, e) != 1:
logging.debug('Failed to set exponent')
_ssl.BN_free(self.bn_e)
self.bn_list = [self.bn_n, self.bn_e]
def blind(self, msg, blind):
"""
Blinds a msg.
Args:
msg (bytes): Message to be blinded.
blind: The blind that was used on the msg. instance of Blind
Returns:
A byte string of the blinded msg on success, None otherwise
"""
if len(msg) != self.size or blind is None:
return None
ctx = _ssl.BN_CTX_new()
f = _ssl.BN_bin2bn(msg, len(msg), _ssl.BN_new())
if _ssl.BN_mod_mul(f, f, blind.bn_A, self.bn_n, ctx) != 1:
logging.debug('Failed to blind msg')
_ssl.BN_free(f)
_ssl.BN_CTX_free(ctx)
return None
blinded_msg = BNToBin(f, self.size)
# Free
_ssl.BN_free(f)
_ssl.BN_CTX_free(ctx)
return blinded_msg
def unblind(self, msg, blind):
"""
Unblinds a msg.
Args:
msg: A string - a blinded message.
len(msg) must equal self.size
blind: The blind that was used on the msg. instance of Blind
Returns:
A byte string of the unblinded msg on success, None otherwise
"""
if (len(msg) != self.size or blind is None):
return None
ctx = _ssl.BN_CTX_new()
f = _ssl.BN_bin2bn(msg, len(msg), _ssl.BN_new())
if _ssl.BN_mod_mul(f, f, blind.bn_Ai, self.bn_n, ctx) != 1:
logging.debug("Failed to unblind msg")
_ssl.BN_free(f)
_ssl.BN_CTX_free(ctx)
return None
unblinded_msg = BNToBin(f, self.size)
# Cleanup
_ssl.BN_free(f)
_ssl.BN_CTX_free(ctx)
return unblinded_msg
def compare_mod(self, rand):
""" Returns the result of comparing rand to the rsa mod"""
# Convert to bn
rand_bn = _ssl.BN_new()
rand_bn = _ssl.BN_bin2bn(rand, self.size, rand_bn)
result = _ssl.BN_ucmp(rand_bn, self.bn_n)
_ssl.BN_free(rand_bn)
return result
def __init__(self, r, e, mod):
assert r is not None
assert e is not None
assert mod is not None
ctx = _ssl.BN_CTX_new()
self._free = []
self.r = r
self.bn_r = _ssl.BN_bin2bn(r, len(r), _ssl.BN_new()) # r
self.bn_Ai = _ssl.BN_mod_inverse(None, self.bn_r, mod, ctx) # r^-1
self.bn_A = _ssl.BN_new() # r^pk
if _ssl.BN_mod_exp(self.bn_A, self.bn_r, e, mod, ctx) != 1:
logging.debug("Failed to get r^pk")
self.bn_ri = _ssl.BN_new() # (r^-1)^pk
if _ssl.BN_mod_exp(self.bn_ri, self.bn_Ai, e, mod, ctx) != 1:
logging.debug("Failed to get (r^-1)^pk")
_ssl.BN_CTX_free(ctx)
self._free = [self.bn_r, self.bn_ri, self.bn_A, self.bn_Ai]
def _get_mod(self):
""" Returns the modulus of the RSA key in bn form."""
buf = ctypes.create_string_buffer(1024)
pBuf = ctypes.c_char_p(ctypes.addressof(buf))
n = _ssl.i2d_RSAPublicKey(self.key, ctypes.byref(pBuf))
s = buf.raw[:n]
seq = asn1.DerSequence()
seq.decode(s) # s[0] is n, s[1] is e
# Convert to bn
self.bn_n = _ssl.BN_new()
seq_bytes = ctypes.c_char_p(seq[0].to_bytes(256, byteorder='big'))
return _ssl.BN_bin2bn(seq_bytes, self.size, self.bn_n)
