Constant time decryption
Always try to decrypt with all keys.
This commit is contained in:
parent
0e59102f11
commit
0dae345ce5
|
@ -335,11 +335,13 @@ class objectProcessor(threading.Thread):
|
||||||
|
|
||||||
for key, cryptorObject in shared.myECCryptorObjects.items():
|
for key, cryptorObject in shared.myECCryptorObjects.items():
|
||||||
try:
|
try:
|
||||||
|
if initialDecryptionSuccessful: # continue decryption attempts to avoid timing attacks
|
||||||
|
cryptorObject.decrypt(data[readPosition:])
|
||||||
|
else:
|
||||||
decryptedData = cryptorObject.decrypt(data[readPosition:])
|
decryptedData = cryptorObject.decrypt(data[readPosition:])
|
||||||
toRipe = key # This is the RIPE hash of my pubkeys. We need this below to compare to the destination_ripe included in the encrypted data.
|
toRipe = key # This is the RIPE hash of my pubkeys. We need this below to compare to the destination_ripe included in the encrypted data.
|
||||||
initialDecryptionSuccessful = True
|
initialDecryptionSuccessful = True
|
||||||
logger.info('EC decryption successful using key associated with ripe hash: %s.' % key.encode('hex'))
|
logger.info('EC decryption successful using key associated with ripe hash: %s.' % key.encode('hex'))
|
||||||
break
|
|
||||||
except Exception as err:
|
except Exception as err:
|
||||||
pass
|
pass
|
||||||
if not initialDecryptionSuccessful:
|
if not initialDecryptionSuccessful:
|
||||||
|
@ -615,11 +617,13 @@ class objectProcessor(threading.Thread):
|
||||||
initialDecryptionSuccessful = False
|
initialDecryptionSuccessful = False
|
||||||
for key, cryptorObject in shared.MyECSubscriptionCryptorObjects.items():
|
for key, cryptorObject in shared.MyECSubscriptionCryptorObjects.items():
|
||||||
try:
|
try:
|
||||||
|
if initialDecryptionSuccessful: # continue decryption attempts to avoid timing attacks
|
||||||
|
cryptorObject.decrypt(data[readPosition:])
|
||||||
|
else:
|
||||||
decryptedData = cryptorObject.decrypt(data[readPosition:])
|
decryptedData = cryptorObject.decrypt(data[readPosition:])
|
||||||
toRipe = key # This is the RIPE hash of the sender's pubkey. We need this below to compare to the RIPE hash of the sender's address to verify that it was encrypted by with their key rather than some other key.
|
toRipe = key # This is the RIPE hash of the sender's pubkey. We need this below to compare to the RIPE hash of the sender's address to verify that it was encrypted by with their key rather than some other key.
|
||||||
initialDecryptionSuccessful = True
|
initialDecryptionSuccessful = True
|
||||||
logger.info('EC decryption successful using key associated with ripe hash: %s' % key.encode('hex'))
|
logger.info('EC decryption successful using key associated with ripe hash: %s' % key.encode('hex'))
|
||||||
break
|
|
||||||
except Exception as err:
|
except Exception as err:
|
||||||
pass
|
pass
|
||||||
# print 'cryptorObject.decrypt Exception:', err
|
# print 'cryptorObject.decrypt Exception:', err
|
||||||
|
|
Loading…
Reference in New Issue
Block a user