From a6f244ec761ba468b2a645db48171195f862270f Mon Sep 17 00:00:00 2001 From: Eric Wustrow Date: Thu, 12 Jul 2012 14:54:39 -0400 Subject: [PATCH] use M2Crypto for encrypting (Crypto.PublicKey uses unpaded RSA\!) --- server-ca/chocolate.py | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/server-ca/chocolate.py b/server-ca/chocolate.py index 8132be60f..0a7996530 100755 --- a/server-ca/chocolate.py +++ b/server-ca/chocolate.py @@ -300,7 +300,8 @@ class session(object): chall.succeeded = (c["satisfied"] == "True") # TODO: this contradicts comment in protocol about meaning of "succeeded" # Calculate y dvsni_r = c["dvsni:r"] - y = RSA.importKey(self.pubkey()).encrypt(dvsni_r, None)[0] + pubkey = M2Crypto.RSA.load_key_string(self.pubkey()) + y = pubkey.public_encrypt(dvsni_r, M2Crypto.RSA.pkcs1_oaep_padding) # In dvsni, we send nonce, y, ext chall.data.append(c["dvsni:nonce"]) chall.data.append(y)