Welcome to the new Woodmann RCE Messageboards Regroupment
Please be patient while the rest of the site is restored.

To all Members of the old RCE Forums:
In order to log in, it will be necessary to reset your forum login password ("I forgot my password") using the original email address you registered with. You will be sent an email with a link to reset your password for that member account.

The old vBulletin forum was converted to phpBB format, requiring the passwords to be reset. If this is a problem for some because of a forgotten email address, please feel free to re-register with a new username. We are happy to welcome old and new members back to the forums! Thanks.

All new accounts are manually activated before you can post. Any questions can be PM'ed to Kayaker.

decrypt with RSA?

To discuss DES MD5 El-Gamal RSA PGP and others....
Locked
joblack
Junior Member
Posts: 27
Joined: Wed Feb 10, 2010 8:12 am

decrypt with RSA?

Post by joblack »

<key1 xsi:type="soapenc:string"><!-- BASE64 Encoded -->
i3/ZILiePzco8S6nPQ1lIJTzYrCepqZRCr6beYCcHE9O1+VWjplnl+455H7xh6zjI46WgrvvH9FU0eag8jHRuQ==
</key1>

<key2 xsi:type="soapenc:string">
yEDJlFM/UJON9lyLkY0JKoxYYaOYuH58CG6bpQ6OIwbkJr31H0Fv82reQ+G81EFmR5cz9zija5fxJ7Es/9djcdFKZeybHdXL07jGKVq1gg=
</key2>

I've got two base64 (possible) rsa keys. The first one is 64 bytes and the second one 80 bytes long (after 'de-base64ing'). I would like to use pycrypto to input them as a rsa key. Any advice how to do that exactly (pycrypto documentation wasn't informative) and if I have to convert it somehow (possible pkcs conversion)?
User avatar
Darkelf
Posts: 222
Joined: Wed Jan 24, 2007 7:20 pm

Post by Darkelf »

If you only want to en/decrypt with Python, you won't need PyCrypto.
Python has everything you need built in.
Here is an example with simple 64bit RSA:

E = 0x10001
N = 0xBEB128542A228E39
D = 0xBA6970A36F738149
K = 76 (which is 0x3736) -> our cleartext - we want to encrypt that
C is our resulting encrypted message

the encryption:
C = K**E % N -> in Python:

C = hex(pow(K,E,N))

the result is: C = 0x25FC077C52595154

the decryption:
K = C**D % N -> in Python

K = hex(pow(C,D,N))

the result is: K = 0x3736

As you can see, the pow function in Python can take a third parameter. It uses it to do a modulo operation with the result of 1. parameter to power 2. parameter.
That's all you need.

Regards
darkelf
sikke
Junior Member
Posts: 10
Joined: Sat Feb 27, 2010 10:03 am

Post by sikke »

Sure. But the problem might be the padding. One should never use plain RSA, as in your example, but only with PKCS padding, with extra randomness added.

Version 1.5 is pretty simple, also to strip: after decryption the highest order byte is 00 then 02, then random != 0, and we stop at the first 00 byte.

The data after that is the actual payload. There are some demands on the number of
random bytes etc.

Version 2 is harder to get right, and involves some hashing with SHA1, so
this is best done in the context of a library that has it.

I don't know the pycrypto library, I'd do it with the openssl command line tool
or a C-program using libcrypto. Just be warned that RSA is not just the modular
exponentiation, in practice the PKCS (or other) paddings are used...
sikke
Junior Member
Posts: 10
Joined: Sat Feb 27, 2010 10:03 am

Post by sikke »

joblack wrote:<key1 xsi:type="soapenc:string"><!-- BASE64 Encoded -->
i3/ZILiePzco8S6nPQ1lIJTzYrCepqZRCr6beYCcHE9O1+VWjplnl+455H7xh6zjI46WgrvvH9FU0eag8jHRuQ==
</key1>

<key2 xsi:type="soapenc:string">
yEDJlFM/UJON9lyLkY0JKoxYYaOYuH58CG6bpQ6OIwbkJr31H0Fv82reQ+G81EFmR5cz9zija5fxJ7Es/9djcdFKZeybHdXL07jGKVq1gg=
</key2>

I've got two base64 (possible) rsa keys. The first one is 64 bytes and the second one 80 bytes long (after 'de-base64ing'). I would like to use pycrypto to input them as a rsa key. Any advice how to do that exactly (pycrypto documentation wasn't informative) and if I have to convert it somehow (possible pkcs conversion)?

This data seems like data encrypted by RSA, not the actual key.
They are too short (and not well-formatted) to be keys. Their length seems like data encrypted with RSA-512 and RSA-640 respectively.

(do you know more now?)
Locked