PDA

View Full Version : decrypt with RSA?


joblack
July 25th, 2010, 05:36
<key1 xsi:type="soapenc:string"><!-- BASE64 Encoded -->
i3/ZILiePzco8S6nPQ1lIJTzYrCepqZRCr6beYCcHE9O1+VWjplnl+455H7xh6zjI46WgrvvH9FU0eag8jHRuQ==
</key1>

<key2 xsi:type="soapenc:string">
yEDJlFM/UJON9lyLkY0JKoxYYaOYuH58CG6bpQ6OIwbkJr31H0Fv82reQ+G81EFmR5cz9zija5fxJ7Es/9djcdFKZeybHdXL07jGKVq1gg=
</key2>

I've got two base64 (possible) rsa keys. The first one is 64 bytes and the second one 80 bytes long (after 'de-base64ing'). I would like to use pycrypto to input them as a rsa key. Any advice how to do that exactly (pycrypto documentation wasn't informative) and if I have to convert it somehow (possible pkcs conversion)?

Darkelf
July 25th, 2010, 12:40
If you only want to en/decrypt with Python, you won't need PyCrypto.
Python has everything you need built in.
Here is an example with simple 64bit RSA:

E = 0x10001
N = 0xBEB128542A228E39
D = 0xBA6970A36F738149
K = 76 (which is 0x3736) -> our cleartext - we want to encrypt that
C is our resulting encrypted message

the encryption:
C = K**E % N -> in Python:

C = hex(pow(K,E,N))

the result is: C = 0x25FC077C52595154

the decryption:
K = C**D % N -> in Python

K = hex(pow(C,D,N))

the result is: K = 0x3736

As you can see, the pow function in Python can take a third parameter. It uses it to do a modulo operation with the result of 1. parameter to power 2. parameter.
That's all you need.

Regards
darkelf

sikke
July 26th, 2010, 14:11
Sure. But the problem might be the padding. One should never use plain RSA, as in your example, but only with PKCS padding, with extra randomness added.

Version 1.5 is pretty simple, also to strip: after decryption the highest order byte is 00 then 02, then random != 0, and we stop at the first 00 byte.

The data after that is the actual payload. There are some demands on the number of
random bytes etc.

Version 2 is harder to get right, and involves some hashing with SHA1, so
this is best done in the context of a library that has it.

I don't know the pycrypto library, I'd do it with the openssl command line tool
or a C-program using libcrypto. Just be warned that RSA is not just the modular
exponentiation, in practice the PKCS (or other) paddings are used...

sikke
December 20th, 2010, 14:32
Quote:
[Originally Posted by joblack;87374]<key1 xsi:type="soapenc:string"><!-- BASE64 Encoded -->
i3/ZILiePzco8S6nPQ1lIJTzYrCepqZRCr6beYCcHE9O1+VWjplnl+455H7xh6zjI46WgrvvH9FU0eag8jHRuQ==
</key1>

<key2 xsi:type="soapenc:string">
yEDJlFM/UJON9lyLkY0JKoxYYaOYuH58CG6bpQ6OIwbkJr31H0Fv82reQ+G81EFmR5cz9zija5fxJ7Es/9djcdFKZeybHdXL07jGKVq1gg=
</key2>

I've got two base64 (possible) rsa keys. The first one is 64 bytes and the second one 80 bytes long (after 'de-base64ing'). I would like to use pycrypto to input them as a rsa key. Any advice how to do that exactly (pycrypto documentation wasn't informative) and if I have to convert it somehow (possible pkcs conversion)?


This data seems like data encrypted by RSA, not the actual key.
They are too short (and not well-formatted) to be keys. Their length seems like data encrypted with RSA-512 and RSA-640 respectively.

(do you know more now?)