language correction and speed-up

sybrenstuvel · Apr 25, 2023 · 771a0b0 · 771a0b0
1 parent c0d8670
commit 771a0b0
Show file tree

Hide file tree

Showing 2 changed files with 5 additions and 18 deletions.
diff --git a/rsa/key.py b/rsa/key.py
@@ -491,19 +491,6 @@ def blinded_decrypt(self, encrypted: int) -> int:
 
         return self.unblind(decrypted, blindfac_inverse)
 
-    def blinded_encrypt(self, message: int) -> int:
-        """Encrypts the message using blinding to prevent side-channel attacks.
-
-        :param message: the message to encrypt
-        :type message: int
-
-        :returns: the encrypted message
-        :rtype: int
-        """
-
-        blinded, blindfac_inverse = self.blind(message)
-        encrypted = rsa.core.encrypt_int(blinded, self.d, self.n)
-        return self.unblind(encrypted, blindfac_inverse)
 
     @classmethod
     def _load_pkcs1_der(cls, keyfile: bytes) -> "PrivateKey":

diff --git a/rsa/pkcs1.py b/rsa/pkcs1.py
@@ -311,7 +311,7 @@ def sign_hash(hash_value: bytes, priv_key: key.PrivateKey, hash_method: str) ->
     padded = _pad_for_signing(cleartext, keylength)
 
     payload = transform.bytes2int(padded)
-    encrypted = priv_key.blinded_encrypt(payload)
+    encrypted = priv_key.blinded_decrypt(payload)
     block = transform.int2bytes(encrypted, keylength)
 
     return block
@@ -355,8 +355,11 @@ def verify(message: bytes, signature: bytes, pub_key: key.PublicKey) -> str:
     """
 
     keylength = common.byte_size(pub_key.n)
+    if len(signature) != keylength:
+        raise VerificationError("Verification failed")
+
     encrypted = transform.bytes2int(signature)
-    decrypted = core.decrypt_int(encrypted, pub_key.e, pub_key.n)
+    decrypted = core.encrypt_int(encrypted, pub_key.e, pub_key.n)
     clearsig = transform.int2bytes(decrypted, keylength)
 
     # Get the hash method
@@ -367,9 +370,6 @@ def verify(message: bytes, signature: bytes, pub_key: key.PublicKey) -> str:
     cleartext = HASH_ASN1[method_name] + message_hash
     expected = _pad_for_signing(cleartext, keylength)
 
-    if len(signature) != keylength:
-        raise VerificationError("Verification failed")
-
     # Compare with the signed one
     if expected != clearsig:
         raise VerificationError("Verification failed")