RSA in un gusco di noce
- Dettagli
Per maggioni spiegazioni sul codice Perl potete contattatemi in privato sarò lieto di spiegarvi il codice linea per linea
#!/usr/bin/perl -sX
#./encode <key.pub -f=msg >cifrato
#./encode -decode <key.pri -f=cifrato
if ($f && !$getkey && !$getpub){
while (<>){$key.=$_;}
$key =~ m/modulus:(.*?)(public)?exponent:(.*?)\n/is;
$n = uc($1);
$e = uc($3);
if ($key =~ m/privateexponent:(.*?)prime/is)
{$d = uc($1);}
$n =~ s/:|\n|\s//gs;
$e =~ m/\(0X(.*?)\)/;
$e = $1;
$e =~ s/:|\n|\s//gs;
$d =~ s/:|\n|\s//gs;
if(!$d){$d=$e;}else{$e=$d;}
if ($f && $n && $e && $d){
open (INFILE, $f);
while(<INFILE>){$m.=$_;}
close(INFILE);
if ($decode){
print &rsa ($decode,$n,$d,$m);
#print "./rsa -n=$n -d=$d <$f";
}else{
print &rsa (0,$n,$e,$m);
#print "./rsa -encode -n=$n -e=$e <$f";
}
}else{
print "Usage:\n encode [-decode|-getkey|-getpub] (<privkey|<pubkey) -f=file\n\n";
}
}else{
if ($getkey){
# from .key
print `openssl rsa -noout -text -in $f`;
}elsif($getpub){
# from .crt
print `openssl x509 -in $f -noout -pubkey|openssl rsa -noout -text -pubin`;
}else{
print "Usage:\n encode [-decode|-getkey|-getpub] (<privkey|<pubkey) -f=file\n\n";
}
}
exit;
sub rsa(){
my $decode =shift;
my $n =shift;
my $d = shift;
my $e = $d;
my $m = shift;
if ($d && $decode){
#while (<>){$m .= $_;}
#decrypt m^d mod n # modular exponentiation
$m = `dc -e \"16o16i $m $d $n | p\"`;
$m =~ s/\\\n//gs;
$m =~ s/^2.*?00//;
$m = pack("H*",$m);
chop($m);
return $m;
}else{
#if(!$m){while (<>){$m .= $_;}}
$m = unpack("H*", $m);
#padding
$pkcs15= "0002";
while (length($pkcs15) < 254 - length($m)){
$pkcs15 .= uc(unpack( "H*", pack("C", rand(253)+2)));
}
$m = $pkcs15.'00'.uc($m);
#encrypt m^e mod n # modular exponentiation
$m= `dc -e \"16o16i $m $e $n | p\"`;
$m =~ s/\\\n//gs;
return $m;
}
}
NOTE su RSA e DH (Derivazione dalla Fonte https://crypto.stackexchange.com/ user:Wazoople riportata integralmente con qualche precisazione)
Diffie-Hellman Key Exchange
Problem: We have a symmetric encryption scheme and want to communicate. We don't want anybody else to have the key, so we can't say it out loud (or over a wire).
Solution/Mechanics:
We each pick a number, usually large, and keep it a secret, even from each other. I'll pick x, and you'll pick y
We agree on two more numbers, both prime, which anybody can know. We'll call them g and n
I'll calculate gx mod n and tell you my answer.
You'll calculate gy mod n and tell me your answer.
Our shared key is gxy mod n=(gy mod n)x mod n=(gx mod n)y mod n
RSA Asymmetric Encryption
Problem: I want anybody to be able to encrypt a message, but I'm the only one who can decrypt it. I don't want to share decryption keys with anybody.
Solution/Mechanics:
I choose two large primes, p and q
I calculate n such that pq=n
I calculate ϕ(n) such that (p−1)(q−1)=ϕ(n)
I choose an integer e that is both less than ϕ(n) and coprime with ϕ(n) such that gcd(ϕ(n),e)=1 usually 65537 = 256 x 256 + 1 = 0x010001
vedi https://www.ietf.org/rfc/rfc4871.txt
3.3.1. The rsa-sha1 Signing Algorithm The rsa-sha1 Signing Algorithm computes a message hash as described in Section 3.7 below using SHA-1 [FIPS.180-2.2002] as the hash-alg. That hash is then signed by the signer using the RSA algorithm (defined in PKCS#1 version 1.5 [RFC3447]) as the crypt-alg and the signer's private key. The hash MUST NOT be truncated or converted into any form other than the native binary form before being signed. The signing algorithm SHOULD use a public exponent of 65537.
I find d such that d is the multiplicative inverse of e mod ϕ(n) such that e*d mod ϕ(n) = 1
I release (e,n) as my public key, and retain (d,n) as my private key.
When you communicate with me, you treat your message as a large number m
The ciphertext c is given by c=me mod n, and decrypted by m=cd mod n
PKCS#1 Format reference
https://www.rfc-editor.org/rfc/rfc3447#appendix-C
--
-- Representation of RSA private key with information for the CRT
-- algorithm.
--
RSAPrivateKey ::= SEQUENCE {
version Version,
modulus INTEGER, -- n
publicExponent INTEGER, -- e
privateExponent INTEGER, -- d
prime1 INTEGER, -- p
prime2 INTEGER, -- q
exponent1 INTEGER, -- d mod (p-1)
exponent2 INTEGER, -- d mod (q-1)
coefficient INTEGER, -- (inverse of q) mod p
otherPrimeInfos OtherPrimeInfos OPTIONAL
}
Altre Informazioni utili
https://crypto.stackexchange.com/questions/2405/how-are-the-primes-used-to-generate-rsa-keys#2406