Skip to content

Commit

Permalink
Merge pull request #111 from muawiakh/update_cc_b58_crypto
Browse files Browse the repository at this point in the history
Problem: cryptoconditions dependency updated because of vulnerability
  • Loading branch information
ttmc authored Aug 31, 2018
2 parents ca4d62a + de6efbf commit 18915dc
Showing 1 changed file with 11 additions and 13 deletions.
24 changes: 11 additions & 13 deletions cryptoconditions/types/rsa.py
Original file line number Diff line number Diff line change
Expand Up @@ -142,15 +142,14 @@ def sign(self, message, private_key):
(m_int.bit_length() + 7) // 8, 'big')
self._set_public_modulus(m_bytes)

signer = private_key_obj.signer(
self.signature = private_key_obj.sign(
message,
padding.PSS(
mgf=padding.MGF1(hashes.SHA256()),
salt_length=SALT_LENGTH,
),
hashes.SHA256(),
)
signer.update(message)
self.signature = signer.finalize()

def calculate_cost(self):
"""Calculate the cost of fulfilling self condition.
Expand Down Expand Up @@ -198,17 +197,16 @@ def validate(self, message):
int.from_bytes(self.modulus, byteorder='big'),
)
public_key = public_numbers.public_key(default_backend())
verifier = public_key.verifier(
self.signature,
padding.PSS(
mgf=padding.MGF1(hashes.SHA256()),
salt_length=SALT_LENGTH,
),
hashes.SHA256()
)
verifier.update(message)
try:
verifier.verify()
public_key.verify(
self.signature,
message,
padding.PSS(
mgf=padding.MGF1(hashes.SHA256()),
salt_length=SALT_LENGTH,
),
hashes.SHA256()
)
except InvalidSignature as exc:
raise ValidationError('Invalid RSA signature') from exc

Expand Down

0 comments on commit 18915dc

Please sign in to comment.