def blind(self, msg, blind):
"""
Blinds a msg.
Args:
msg (bytes): Message to be blinded.
blind: The blind that was used on the msg. instance of Blind
Returns:
A byte string of the blinded msg on success, None otherwise
"""
if len(msg) != self.size or blind is None:
return None
ctx = _ssl.BN_CTX_new()
f = _ssl.BN_bin2bn(msg, len(msg), _ssl.BN_new())
if _ssl.BN_mod_mul(f, f, blind.bn_A, self.bn_n, ctx) != 1:
logging.debug('Failed to blind msg')
_ssl.BN_free(f)
_ssl.BN_CTX_free(ctx)
return None
blinded_msg = BNToBin(f, self.size)
# Free
_ssl.BN_free(f)
_ssl.BN_CTX_free(ctx)
return blinded_msg
def revert_blind(self, msg, blind):
"""
Removes a blind r from the message.
Args:
msg (bytes): A blinded message.
blind: The blind that was used on the msg. instance of Blind
Returns:
A byte string of the unblinded msg on success, None otherwise
"""
if len(msg) != self.size or blind is None:
return None
ctx = _ssl.BN_CTX_new()
f = _ssl.BN_bin2bn(msg, len(msg), _ssl.BN_new())
if _ssl.BN_mod_mul(f, f, blind.bn_ri, self.bn_n, ctx) != 1:
logging.debug('Failed to unblind msg')
_ssl.BN_free(f)
_ssl.BN_CTX_free(ctx)
return None
unblinded_msg = BNToBin(f, self.size)
# Cleanup
_ssl.BN_free(f)
_ssl.BN_CTX_free(ctx)
return unblinded_msg
def unblind(self, msg, blind):
"""
Unblinds a msg.
Args:
msg: A string - a blinded message.
len(msg) must equal self.size
blind: The blind that was used on the msg. instance of Blind
Returns:
A byte string of the unblinded msg on success, None otherwise
"""
if (len(msg) != self.size or blind is None):
return None
ctx = _ssl.BN_CTX_new()
f = _ssl.BN_bin2bn(msg, len(msg), _ssl.BN_new())
if _ssl.BN_mod_mul(f, f, blind.bn_Ai, self.bn_n, ctx) != 1:
logging.debug("Failed to unblind msg")
_ssl.BN_free(f)
_ssl.BN_CTX_free(ctx)
return None
unblinded_msg = BNToBin(f, self.size)
# Cleanup
_ssl.BN_free(f)
_ssl.BN_CTX_free(ctx)
return unblinded_msg
def __init__(self, path="", suffix=""):
"""
Initalizes the RSA class.
If path and suffix aren't provided, a key can't be saved or load.
Args:
path: The path to the folder that the key should be loaded/saved to
suffix: The suffix added to the private and public keys
(e.g. public_suffix.pem)
"""
self.key = _ssl.RSA_new()
self.bn_e = _ssl.BN_new()
self.bn_n = None
self.size = 0
self.is_private = False
self.path = path
self.suffix = suffix
e = ctypes.c_ulong(RSA_F4)
if _ssl.BN_set_word(self.bn_e, e) != 1:
logging.debug('Failed to set exponent')
_ssl.BN_free(self.bn_e)
self.bn_list = [self.bn_n, self.bn_e]
def compare_mod(self, rand):
""" Returns the result of comparing rand to the rsa mod"""
# Convert to bn
rand_bn = _ssl.BN_new()
rand_bn = _ssl.BN_bin2bn(rand, self.size, rand_bn)
result = _ssl.BN_ucmp(rand_bn, self.bn_n)
_ssl.BN_free(rand_bn)
return result
def get_random(bits, mod=None):
"""
Returns a random byte string of size `bits`/8 bytes.
Args:
bits (int): The number of bits the random string should have.
mod (:obj:`ctypes.c_void_p`, optional): A pointer to a BN instance
Returns:
A byte strings of length `bits`/8 or None if an error occured
If mod is set the random byte string will have a value < mod
"""
ctx = _ssl.BN_CTX_new()
_ssl.BN_CTX_start(ctx)
r = _ssl.BN_CTX_get(ctx)
ret = _ssl.BN_CTX_get(ctx)
if mod:
if _ssl.BN_rand_range(r, mod) == 0:
logging.debug("get_random: failed to generate random number")
return None
while _ssl.BN_gcd(ret, r, mod, ctx) != 1:
logging.debug("R is not a relative prime")
if _ssl.BN_rand_range(r, mod) == 0:
logging.debug("get_random: failed to generate random number")
return None
else:
if _ssl.BN_rand(r, bits, 0, 1) == 0:
logging.debug("get_random: failed to generate random number")
return None
rand = BNToBin(r, bits // 8)
_ssl.BN_free(r)
_ssl.BN_free(ret)
_ssl.BN_CTX_end(ctx)
_ssl.BN_CTX_free(ctx)
return rand
def multiply(self, z1, q2):
""" Computes `z1` * `q2^e` mod `n`
`e` is the rsa key public exponent
`n` is the rsa key modulus
Returns:
A byte string representing the result of the computation
"""
# Convert to BN
z1_bn = BinToBN(z1)
q2_bn = BinToBN(q2)
# Prep context
ctx = _ssl.BN_CTX_new()
_ssl.BN_CTX_start(ctx)
# Get q2 ^ e
ret = _ssl.BN_mod_exp(q2_bn, q2_bn, self.rsa_key.bn_e,
self.rsa_key.bn_n, ctx)
if ret != 1:
return None
# Multiply z1 * (q2 ^ e) mod n
ret = _ssl.BN_mod_mul(z1_bn, z1_bn, q2_bn, self.rsa_key.bn_n, ctx)
if ret != 1:
return None
result = BNToBin(z1_bn, self.rsa_key.size)
_ssl.BN_free(z1_bn)
_ssl.BN_free(q2_bn)
_ssl.BN_CTX_end(ctx)
_ssl.BN_CTX_free(ctx)
return result
def get_quotient(self, q1, q2):
""" Computes (`q2` / `q1`) mod `n`
`n` is the rsa key modulus
Returns:
A byte string representing the result of the computation
"""
# Convert to BN
q1_bn = BinToBN(q1)
q2_bn = BinToBN(q2)
if q1_bn is None or q2_bn is None:
return None
# Prep context
ctx = _ssl.BN_CTX_new()
_ssl.BN_CTX_start(ctx)
# Invert q1
_ssl.BN_mod_inverse(q1_bn, q1_bn, self.rsa_key.bn_n, ctx)
# Multiplty q2 * (q1)^-1
ret = _ssl.BN_mod_mul(q1_bn, q1_bn, q2_bn, self.rsa_key.bn_n, ctx)
if ret != 1:
return None
quotient = BNToBin(q1_bn, self.rsa_key.size)
_ssl.BN_free(q1_bn)
_ssl.BN_free(q2_bn)
_ssl.BN_CTX_end(ctx)
_ssl.BN_CTX_free(ctx)
return quotient