def unblind(publicKey, sigTime, r, hashTwo, blindsig):
keyID = publicKey.packets[TAG_PUBKEY].keyID()
n = publicKey.packets[TAG_PUBKEY].n
e = publicKey.packets[TAG_PUBKEY].e
bs = blindsig.packets[TAG_BLINDSIG].s.value
s = crypto.rsaUnblind(r, n.value, bs)
sigPacket = _prepareSignature(crypto.HASH_SHA256, sigTime, keyID)
sigPacket.hashLeftTwo = hashTwo
sigPacket.sig = elements.MPIElement(s)
return messages.SignatureMessage().fromPackets((sigPacket,))
def testForge(self):
e = 17
n = 3233
d = 2753
m1 = 11
m2 = 19
bm1 = crypto.rsaBlind(m1, 11, e, n)
bs1 = pow(bm1, d, n)
s1 = crypto.rsaUnblind(11, n, bs1)
self.assertTrue(crypto.rsaVerify(s1, m1, e, n))
bm2 = crypto.rsaBlind(m2, 13, e, n)
bs2 = pow(bm2, d, n)
s2 = crypto.rsaUnblind(13, n, bs2)
self.assertTrue(crypto.rsaVerify(s2, m2, e, n))
self.assertTrue(crypto.rsaVerify((s1 * s2) % n, (m1 * m2) % n, e, n))
self.assertTrue(crypto.rsaVerify(crypto.modInverse(s1, n),
crypto.modInverse(m1, n), e, n))
def testRsa(self):
e = 17
n = 3233
d = 2753
m = 3000
s = crypto.rsaSign(m, d, n)
self.assertTrue(crypto.rsaVerify(s, m, e, n))
r = 11
bm = crypto.rsaBlind(m, r, e, n)
bs = crypto.rsaSign(bm, d, n)
s = crypto.rsaUnblind(r, n, bs)
self.assertTrue(crypto.rsaVerify(s, m, e, n))
