PDA

View Full Version : how does certificate generation work ?


p_2001
December 7th, 2008, 07:01
how can we generate a key file to a certificate already made
actually is the process used to generate cert from a key file reversible
this kind of protection is used in signing a symbian sis file


certificate i really want to reverse is sha1rsa

JMI
December 7th, 2008, 10:55
How about YOU do some of you own basic research as you are directed by the FAQ to do yourself. You DID READ THE FAQ, didn't you? You DID notice the BIG RED LETTERS at the top of the FORUMS on your way in!

How about YOU put something like:

reverse sha1rsa

and/or

reversing sha1rsa

into YOUR favorite search engine and YOU read some of the information YOU will find. Once YOU do that, as is required, YOU will have a better idea of the possibilities and will not look like someone who is too lazy to do even the minimum required by our Rules.


Regards,

Aimless
December 7th, 2008, 13:01
AND.... another one bites the dust.

Doubtful we'll ever see him/her again...

Have Phun

upb
January 3rd, 2009, 06:27
generating a key for a ceritifacate is very different from reversing sha1rsa so the help you gave doesnt really work :P

p_2001
March 12th, 2009, 10:24
well i have googled a lot and never found any thing at all
my motive is to create a key for a certificate which is already generated and i dont have a key of

i did google it before any post , yet failed to get a result ........

simply answer it that is it really possible to generate a key from a certificate ..... ( without taking many years )

i really promise that i have used google upto about 20 pages and did not find a solution

r3aper
March 12th, 2009, 10:54
It's theoretically impossible to derive a private key from the public key embedded in the certificate, even though the keys are somewhat related and it's possible to find the public key from the private.

--UPDATE--
Btw, I forgot to mention there are a few factors that can make the RSA easily broken. Of the top of my head:
- If the primes, p and q, are not large enough;
- If the primes, p and q, are relatively close to each other (even if they are very big numbers);
- The current standard states that the key length must be 2048bits, so I guess that any lower length must be somewhat breakable by BF.
I'm sure there are some more ways of attacking the cipher, but these are the ones I can recall. Just search for RSA Security.
A good site to search for attacking vectors on ciphers is Google Scholar. There are plenty of research papers written about the matter.
-----------

regards,
r3aper

disavowed
March 12th, 2009, 12:23
If you're looking for a tool to brute force the private key, you can use http://quequero.org/uicwiki/images/RSATool2.rar

p_2001
March 13th, 2009, 06:17
there are certs already stored in a symbian phone
the device and the signing tool check if the key used is correct or not .... thus my logic is that if i m able to generate a key which "fits" my certificate , then i can i can sign any app which i develop and wont need the symbian signed every time . there must be a way that is used by a device to recognize the key used , so i just need to fool it .
the key length is 1024 bits

Aimless
March 13th, 2009, 10:51
Why don't you replace the public key in the certificate (assuming the public key is not used for encrypting the soft) with the one generate from YOUR own keypair... Then decrypt using YOUR own private key?

Or maybe I've hit the bottle once too many, heh!

Have Phun

r3aper
March 13th, 2009, 14:33
Aimless, I suppose that wouldn't work. I think you cannot change the public key from the root certificates, even if you did the certificate signature would appear invalid!

Quote:
[Originally Posted by "P_2001";79667]thus my logic is that if i m able to generate a key which "fits" my certificate , then i can i can sign any app which i develop and wont need the symbian signed every time . there must be a way that is used by a device to recognize the key used , so i just need to fool it .


Easier said than done!
When you sign an application, the mobile device will check with it's certificates trying to validate the signature. So if the private key used to sign the application can't be related to any of the public keys of the certificates stored in the mobile device, the application is flagged as invalid.
So you would have to get a certificate from some CA which has a chain linked to any other CA which already have a certificate on your device (the so-called root certificates) (actually this process is what you do using symbian signed).

Bottom line is, if you want to sign your application with your keys and don't want to get a certificate from any CA, you have to generate a self-signed certificate, this is possible with tools like openssl, then you would have to insert that certificate on your mobile device as a root certificate and that's the hard part.

How you insert a certificate as root on your mobile device that's something you must research, can't help you there, but I'm guessing if it's possible is via some exploit.

cheers,
r3aper

p_2001
March 13th, 2009, 14:59
yes
thats the only way right now available ...
we make a cert using openssl and then use exploits to place them in resource folders in the memory

now what i wanted was , that i copied a rootcert from my phones rom , but i dont have the key to it ..

so , i wanted to forge a key for the cert ....

actually , i have difficulty understanding the verification method used by phone to verify the key.

since it only has the public key that is placed in cert file ..... how does it verifies

r3aper
March 13th, 2009, 21:00
The Certificate, in it's most basic form, is composed by a Public Key, user identity (which is irrelevant in this case) and a Digital Signature.

As I told you before in my first post, the relation between the Public Key and the Private Key is purely mathematical and it's made in such a way that is trivial to relate both keys. Nevertheless it is impossible (unless the generated parameters of RSA are weak) to derive the Public Key from the Private Key.

So if you sign something with a Private Key the mobile device just needs to do some computation with the Public Key to verify the validity of the content. So the device doesn't really care about the Private Key.

Now you can try to do what Aimless told you, you generate a KeyPair and substitute the Public Key of the certificate with your own. But then you would have also to replace the Digital Signature, which I guess from your first post is SHA-1. So you hash the whole new certificate and voilą you have a new Digital Signature.

But then again you would have to exploit the mobile device to add this new certificate, so I don't know why you would want to modify an existing certificate as opposed to create a new one, if the end result is the same.

regards,
r3aper

disavowed
March 13th, 2009, 22:03
Too bad about your Symbian phone... it's ridiculously easy to install new root certificates on Windows Mobile devices: http://support.microsoft.com/kb/915840

disavowed
March 13th, 2009, 22:05
Actually, did you even try to search for this info for Symbian? It looks rather painless to install a new root cert on Symbian: http://www.google.com/search?q=symbian+%22root+certificate%22+import+OR+install ("http://www.google.com/search?q=symbian+%22root+certificate%22+import+OR+install")

p_2001
March 14th, 2009, 16:28
well...... no it isnt easy .....
nokia doesnt allow it . u cannot store ur own root certs ... ( only by using exploits ..... which are eventually closed in upgrades and new devices )

the exploits we use break the warranty .... * imagine damaging ur screen and now u r unable to remove the certs u installed by exploits because u cannot see the screen at all *

i wanted to create a valid key for existing cert found in the rom and sign app with it .. ( no warranty broken )

also if anyone wants to distribute their app as freeware they have to get a publisher i d for $ 200 and then go through testing app for $20
when the app is free why is symbiansigned bothered with money ( only to destroy freeware ) ...
also there are cool apps developed by people which are free (and apps which are not free are hyped and overpriced and have lesser functionality in some cases ) but are limited to a single imei , or the user must sign it himself ....( most are noobs ) and dont understand even the meaning of signing ....... ( scares them away )

while i bought a phone why a part of it is locked by ......... ( its not theirs anymore since i bought and i must be free to do anything i want to )
on name of virus protection ( by signing process ) they are shielding their inept protections against cracking of an app
and also killing freeware ( win win condition @ our money )

and i really promise i did search google about placing a rootcert in nokia

( there are entire forums based on using exploits to hack a phone )
till date hacks are available ( one is no longer valid , fixed by .......) .

personmans
March 17th, 2009, 11:57
I've never used a symbian, but in my experience most exploits (especially replacing root certs on a phone) do not use the screen. So if your screen gets damaged, you hook the phone to the computer, reverse changes, and send it in for repair. Then restore changes when you get the phone back.

Yeah it's a pain, but that's the price you pay for 'added features' like this.

That said, I don't think you will be able to forge a key, otherwise I would be signing certs all day long as verisign.