def unblind(publicKey, sigTime, r, hashTwo, blindsig): keyID = publicKey.packets[TAG_PUBKEY].keyID() n = publicKey.packets[TAG_PUBKEY].n e = publicKey.packets[TAG_PUBKEY].e bs = blindsig.packets[TAG_BLINDSIG].s.value s = crypto.rsaUnblind(r, n.value, bs) sigPacket = _prepareSignature(crypto.HASH_SHA256, sigTime, keyID) sigPacket.hashLeftTwo = hashTwo sigPacket.sig = elements.MPIElement(s) return messages.SignatureMessage().fromPackets((sigPacket,))
def testForge(self): e = 17 n = 3233 d = 2753 m1 = 11 m2 = 19 bm1 = crypto.rsaBlind(m1, 11, e, n) bs1 = pow(bm1, d, n) s1 = crypto.rsaUnblind(11, n, bs1) self.assertTrue(crypto.rsaVerify(s1, m1, e, n)) bm2 = crypto.rsaBlind(m2, 13, e, n) bs2 = pow(bm2, d, n) s2 = crypto.rsaUnblind(13, n, bs2) self.assertTrue(crypto.rsaVerify(s2, m2, e, n)) self.assertTrue(crypto.rsaVerify((s1 * s2) % n, (m1 * m2) % n, e, n)) self.assertTrue(crypto.rsaVerify(crypto.modInverse(s1, n), crypto.modInverse(m1, n), e, n))
def testRsa(self): e = 17 n = 3233 d = 2753 m = 3000 s = crypto.rsaSign(m, d, n) self.assertTrue(crypto.rsaVerify(s, m, e, n)) r = 11 bm = crypto.rsaBlind(m, r, e, n) bs = crypto.rsaSign(bm, d, n) s = crypto.rsaUnblind(r, n, bs) self.assertTrue(crypto.rsaVerify(s, m, e, n))