def blind(publicKey, sigTime, data):
keyID = publicKey.packets[TAG_PUBKEY].keyID()
n = publicKey.packets[TAG_PUBKEY].n
e = publicKey.packets[TAG_PUBKEY].e
if sigTime is None:
sigTime = _randomTime(publicKey.creationTime(), publicKey.expirationTime())
sigPacket = _prepareSignature(crypto.HASH_SHA256, sigTime, keyID)
sigdata = data + sigPacket.hashdata()
plainhash = crypto.hash(sigdata, sigPacket.hashAlgorithm.value)
codedhash = encoding.pkcs15(plainhash, n.bits(), sigPacket.hashAlgorithm.value)
m = elements.ScalarElement(codedhash).value
while True:
r = elements.ScalarElement(crypto.randomBytes(n.octets())).value
if r > 1 and r < n.value and crypto.gcd(n.value, r) == 1:
break
packet = packets.BlindMessagePacket()
packet.m = elements.MPIElement(crypto.rsaBlind(m, r, e.value, n.value))
return r, plainhash[0:2], sigTime, messages.BlindMessageMessage.fromPackets((packet,))
def testGcd(self):
self.assertEqual(crypto.gcd(3, 9), 3)
self.assertEqual(crypto.gcd(4, 10), 2)
self.assertEqual(crypto.gcd(3, 11), 1)