diff options
author | Sybren A. Stüvel <sybren@stuvel.eu> | 2016-01-22 15:01:31 +0100 |
---|---|---|
committer | Sybren A. Stüvel <sybren@stuvel.eu> | 2016-01-22 15:01:31 +0100 |
commit | 6e5655d79e5e757217a90afad9cbe51dde08ba84 (patch) | |
tree | 5f15780dfc6185db0c5745af5466fb948c2f07d7 /rsa/key.py | |
parent | 10bf544b641bba6370b7c503e17ae2442958e53b (diff) | |
download | rsa-git-6e5655d79e5e757217a90afad9cbe51dde08ba84.tar.gz |
Another pass at blinding.
Diffstat (limited to 'rsa/key.py')
-rw-r--r-- | rsa/key.py | 35 |
1 files changed, 18 insertions, 17 deletions
@@ -94,8 +94,11 @@ class AbstractKey(object): """Performs blinding on the message using random number 'r'. :param message: the message, as integer, to blind. + :type message: int :param r: the random number to blind with. + :type r: int :return: the blinded message. + :rtype: int The blinding is such that message = unblind(decrypt(blind(encrypt(message))). @@ -171,23 +174,6 @@ class PublicKey(AbstractKey): def __ne__(self, other): return not (self == other) - def blinded_decrypt(self, encrypted): - """Decrypts the message using blinding to prevent side-channel attacks. - - :param encrypted: the encrypted message - :type encrypted: int - - :returns: the decrypted message - :rtype: int - """ - - # return self._blinded_decrypt(encrypted, self.e) - blind_r = rsa.randnum.randint(self.n - 1) - blinded = self.unblind(encrypted, blind_r) # blind before decrypting - decrypted = rsa.core.decrypt_int(blinded, self.e, self.n) - - return self.blind(decrypted, blind_r) - @classmethod def _load_pkcs1_der(cls, keyfile): """Loads a key in PKCS#1 DER format. @@ -394,6 +380,21 @@ class PrivateKey(AbstractKey): return self.unblind(decrypted, blind_r) + def blinded_encrypt(self, message): + """Encrypts the message using blinding to prevent side-channel attacks. + + :param message: the message to encrypt + :type message: int + + :returns: the encrypted message + :rtype: int + """ + + blind_r = rsa.randnum.randint(self.n - 1) + blinded = self.blind(message, blind_r) # blind before encrypting + encrypted = rsa.core.encrypt_int(blinded, self.d, self.n) + return self.unblind(encrypted, blind_r) + @classmethod def _load_pkcs1_der(cls, keyfile): """Loads a key in PKCS#1 DER format. |