Skip to content
This repository was archived by the owner on Apr 20, 2025. It is now read-only.

Commit 771a0b0

Browse files
myheroyukisybrenstuvel
myheroyuki
authored and
sybrenstuvel
committed
language correction and speed-up
1 parent c0d8670 commit 771a0b0

File tree

2 files changed

+5
-18
lines changed

2 files changed

+5
-18
lines changed

rsa/key.py

Lines changed: 0 additions & 13 deletions
Original file line numberDiff line numberDiff line change
@@ -491,19 +491,6 @@ def blinded_decrypt(self, encrypted: int) -> int:
491491

492492
return self.unblind(decrypted, blindfac_inverse)
493493

494-
def blinded_encrypt(self, message: int) -> int:
495-
"""Encrypts the message using blinding to prevent side-channel attacks.
496-
497-
:param message: the message to encrypt
498-
:type message: int
499-
500-
:returns: the encrypted message
501-
:rtype: int
502-
"""
503-
504-
blinded, blindfac_inverse = self.blind(message)
505-
encrypted = rsa.core.encrypt_int(blinded, self.d, self.n)
506-
return self.unblind(encrypted, blindfac_inverse)
507494

508495
@classmethod
509496
def _load_pkcs1_der(cls, keyfile: bytes) -> "PrivateKey":

rsa/pkcs1.py

Lines changed: 5 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -311,7 +311,7 @@ def sign_hash(hash_value: bytes, priv_key: key.PrivateKey, hash_method: str) ->
311311
padded = _pad_for_signing(cleartext, keylength)
312312

313313
payload = transform.bytes2int(padded)
314-
encrypted = priv_key.blinded_encrypt(payload)
314+
encrypted = priv_key.blinded_decrypt(payload)
315315
block = transform.int2bytes(encrypted, keylength)
316316

317317
return block
@@ -355,8 +355,11 @@ def verify(message: bytes, signature: bytes, pub_key: key.PublicKey) -> str:
355355
"""
356356

357357
keylength = common.byte_size(pub_key.n)
358+
if len(signature) != keylength:
359+
raise VerificationError("Verification failed")
360+
358361
encrypted = transform.bytes2int(signature)
359-
decrypted = core.decrypt_int(encrypted, pub_key.e, pub_key.n)
362+
decrypted = core.encrypt_int(encrypted, pub_key.e, pub_key.n)
360363
clearsig = transform.int2bytes(decrypted, keylength)
361364

362365
# Get the hash method
@@ -367,9 +370,6 @@ def verify(message: bytes, signature: bytes, pub_key: key.PublicKey) -> str:
367370
cleartext = HASH_ASN1[method_name] + message_hash
368371
expected = _pad_for_signing(cleartext, keylength)
369372

370-
if len(signature) != keylength:
371-
raise VerificationError("Verification failed")
372-
373373
# Compare with the signed one
374374
if expected != clearsig:
375375
raise VerificationError("Verification failed")

0 commit comments

Comments
 (0)