oeap works
This commit is contained in:
parent
580f2c4f67
commit
4ac13b24f3
|
@ -7,12 +7,46 @@ Perform RSA-OAEP
|
||||||
@source: https://git.cscherr.de/PlexSheep/plexcryptool/src/branch/master/plexcryptool/trash-hash.py
|
@source: https://git.cscherr.de/PlexSheep/plexcryptool/src/branch/master/plexcryptool/trash-hash.py
|
||||||
"""
|
"""
|
||||||
|
|
||||||
|
import argparse
|
||||||
import hashlib
|
import hashlib
|
||||||
import random
|
import random
|
||||||
from math import floor
|
from math import floor
|
||||||
|
|
||||||
# the given key in the assignment
|
# the given key in the assignment
|
||||||
GIVEN_PUB_KEY = (0xAF5466C26A6B662AC98C06023501C9DF6036B065BD1F6804B1FC86307718DA4048211FD68A06917DE6F81DC018DCAF84B38AB77A6538BA2FE6664D3FB81E4A0886BBCDAB071AD6823FE20DF1CD67D33FB6CC5DA519F69B11F3D48534074A83F03A5A9545427720A30A27432E94970155A026572E358072023061AF65A2A18E85, 0x10001)
|
GIVEN_PUB_KEY = (0xAF5466C26A6B662AC98C06023501C9DF6036B065BD1F6804B1FC86307718DA4048211FD68A06917DE6F81DC018DCAF84B38AB77A6538BA2FE6664D3FB81E4A0886BBCDAB071AD6823FE20DF1CD67D33FB6CC5DA519F69B11F3D48534074A83F03A5A9545427720A30A27432E94970155A026572E358072023061AF65A2A18E85, 0x10001)
|
||||||
|
GIVEN_MASK_FOR_DB = bytearray.fromhex("""
|
||||||
|
ea600669f6f16b3a2ad05d4b6d9b23911c8cc432fddd8d34a68d88af
|
||||||
|
3d787b7eebf6cd1b720812086758ce56e24ab819ccd8fb5eedb1cae9
|
||||||
|
f6f895667d7f89d0454b828777ecabc040a649c8956e78ec1c721370
|
||||||
|
663065cbc343deabad9eb6f2aceab6bfed5beb232cc55413bfffa06e
|
||||||
|
68627d7ec3ded5
|
||||||
|
""")
|
||||||
|
GIVEN_DB = bytearray.fromhex("""
|
||||||
|
00000000000000000000000000000000000000000000000000000000
|
||||||
|
00000000000000000000000000000000000000000000000000000000
|
||||||
|
00000000000000000000000000000000000000000000000000000000
|
||||||
|
00000000000000000000000000000000000001466f6f626172203132
|
||||||
|
33343536373839
|
||||||
|
""")
|
||||||
|
GIVEN_MASKED_DB = bytearray.fromhex("""
|
||||||
|
ea600669f6f16b3a2ad05d4b6d9b23911c8cc432fddd8d34a68d88af
|
||||||
|
3d787b7eebf6cd1b720812086758ce56e24ab819ccd8fb5eedb1cae9
|
||||||
|
f6f895667d7f89d0454b828777ecabc040a649c8956e78ec1c721370
|
||||||
|
663065cbc343deabad9eb6f2aceab6bfed5bea6543aa3672cddf915c
|
||||||
|
5b564848f4e6ec
|
||||||
|
""")
|
||||||
|
GIVEN_MASK_FOR_SEED = bytearray.fromhex("713162084a4e0e6d ")
|
||||||
|
GIVEN_MASKED_SEED = bytearray.fromhex("db2040f6425bb082")
|
||||||
|
GIVEN_SEED = 0xaa1122fe0815beef
|
||||||
|
GIVEN_SEED_BYTES = bytearray.fromhex("aa1122fe0815beef")
|
||||||
|
GIVEN_MSG = bytearray.fromhex("466f6f62617220313233343536373839")
|
||||||
|
GIVEN_OAEP = bytearray.fromhex("""
|
||||||
|
00db2040f6425bb082ea600669f6f16b3a2ad05d4b6d9b23911c8cc4
|
||||||
|
32fddd8d34a68d88af3d787b7eebf6cd1b720812086758ce56e24ab8
|
||||||
|
19ccd8fb5eedb1cae9f6f895667d7f89d0454b828777ecabc040a649
|
||||||
|
c8956e78ec1c721370663065cbc343deabad9eb6f2aceab6bfed5bea
|
||||||
|
6543aa3672cddf915c5b564848f4e6ec
|
||||||
|
""")
|
||||||
|
|
||||||
SEED_LENGTH = 8 # bytes
|
SEED_LENGTH = 8 # bytes
|
||||||
|
|
||||||
|
@ -60,80 +94,102 @@ def calclen(n: int) -> int:
|
||||||
else:
|
else:
|
||||||
return floor(len)
|
return floor(len)
|
||||||
|
|
||||||
def rsa_oaep_inner(seed: bytearray, block: bytearray) -> tuple[bytearray, bytearray]:
|
def rsa_oaep_inner(seed: bytearray, block: bytearray, verbose: bool) -> tuple[bytearray, bytearray]:
|
||||||
"""
|
"""
|
||||||
inner function of rsa-oaep
|
inner function of rsa-oaep
|
||||||
"""
|
"""
|
||||||
|
assert type(seed) == bytearray
|
||||||
mgf_seed = mgf1(seed, len(block))
|
mgf_seed = mgf1(seed, len(block))
|
||||||
print("mgf1(seed):\n%s" % mgf_seed.hex())
|
|
||||||
masked_db = byte_xor(mgf_seed, block)
|
masked_db = byte_xor(mgf_seed, block)
|
||||||
print("mgf1(seed) ^ block:\n%s" % masked_db.hex())
|
|
||||||
mask_seed = mgf1(masked_db, len(seed))
|
mask_seed = mgf1(masked_db, len(seed))
|
||||||
print("mgf1(mgf1(seed) ^ block):\n%s" % mask_seed.hex())
|
|
||||||
masked_seed = byte_xor(seed, mask_seed)
|
masked_seed = byte_xor(seed, mask_seed)
|
||||||
|
if verbose:
|
||||||
|
print("mgf1(seed):\n%s" % mgf_seed.hex())
|
||||||
|
print("mgf1(seed) ^ block:\n%s" % masked_db.hex())
|
||||||
|
print("mgf1(mgf1(seed) ^ block):\n%s" % mask_seed.hex())
|
||||||
print("mgf1(mgf1(seed) ^ block) ^ seed:\n%s" % masked_seed.hex())
|
print("mgf1(mgf1(seed) ^ block) ^ seed:\n%s" % masked_seed.hex())
|
||||||
return (masked_seed, masked_db)
|
return (masked_seed, masked_db)
|
||||||
|
|
||||||
def test_rsa_oaep_inner():
|
def test_rsa_oaep_inner():
|
||||||
seed: bytearray = bytearray.fromhex("aa1122fe0815beef")
|
result = rsa_oaep_inner(GIVEN_SEED_BYTES, GIVEN_DB, True)
|
||||||
db: bytearray = bytearray.fromhex("""
|
|
||||||
00000000000000000000000000000000000000000000000000000000
|
|
||||||
00000000000000000000000000000000000000000000000000000000
|
|
||||||
00000000000000000000000000000000000000000000000000000000
|
|
||||||
00000000000000000000000000000000000001466f6f626172203132
|
|
||||||
33343536373839
|
|
||||||
""")
|
|
||||||
print("seed:\n%s" % seed.hex())
|
|
||||||
print("db:\n%s" % db.hex())
|
|
||||||
|
|
||||||
result = rsa_oaep_inner(seed, db)
|
|
||||||
|
|
||||||
GIVEN_MASK_FOR_DB = bytearray.fromhex("""
|
|
||||||
ea600669f6f16b3a2ad05d4b6d9b23911c8cc432fddd8d34a68d88af
|
|
||||||
3d787b7eebf6cd1b720812086758ce56e24ab819ccd8fb5eedb1cae9
|
|
||||||
f6f895667d7f89d0454b828777ecabc040a649c8956e78ec1c721370
|
|
||||||
663065cbc343deabad9eb6f2aceab6bfed5beb232cc55413bfffa06e
|
|
||||||
68627d7ec3ded5
|
|
||||||
""")
|
|
||||||
GIVEN_MASKED_DB = bytearray.fromhex("""
|
|
||||||
ea600669f6f16b3a2ad05d4b6d9b23911c8cc432fddd8d34a68d88af
|
|
||||||
3d787b7eebf6cd1b720812086758ce56e24ab819ccd8fb5eedb1cae9
|
|
||||||
f6f895667d7f89d0454b828777ecabc040a649c8956e78ec1c721370
|
|
||||||
663065cbc343deabad9eb6f2aceab6bfed5bea6543aa3672cddf915c
|
|
||||||
5b564848f4e6ec
|
|
||||||
""")
|
|
||||||
GIVEN_MASK_FOR_SEED = bytearray.fromhex("713162084a4e0e6d ")
|
|
||||||
GIVEN_MASKED_SEED = bytearray.fromhex("db2040f6425bb082")
|
|
||||||
assert result[0] == GIVEN_MASKED_SEED, "is\n%s\ninstead of\n%s" % (result[0].hex(), GIVEN_MASKED_SEED.hex())
|
assert result[0] == GIVEN_MASKED_SEED, "is\n%s\ninstead of\n%s" % (result[0].hex(), GIVEN_MASKED_SEED.hex())
|
||||||
assert result[1] == GIVEN_MASKED_DB, "is\n%s\ninstead of\n%s" % (result[1].hex(), GIVEN_MASKED_DB.hex())
|
assert result[1] == GIVEN_MASKED_DB, "is\n%s\ninstead of\n%s" % (result[1].hex(), GIVEN_MASKED_DB.hex())
|
||||||
|
|
||||||
def rsa_oaep(ha: bytearray, m: bytearray):
|
def rsa_oaep(ha: bytearray, m: bytearray, verbose: bool, seed: int = random.randint(0, 2**64 - 1)):
|
||||||
# generate a seed
|
# generate a seed
|
||||||
seed = random.randint(0, 2**64 - 1)
|
assert calclen(seed) == 8, "seed is wrong length: %d" % calclen(seed)
|
||||||
seed = bytearray(seed.to_bytes(calclen(seed), 'big'))
|
l_seed: bytearray = bytearray(seed.to_bytes(calclen(seed), 'big'))
|
||||||
# build the message
|
# build the message
|
||||||
block: bytearray = bytearray(0)
|
block: bytearray = bytearray(0)
|
||||||
assert len(block) == 0
|
assert len(block) == 0
|
||||||
|
maxlen = calclen(GIVEN_PUB_KEY[0]) - 1 - len(l_seed)
|
||||||
curlen = 0
|
curlen = 0
|
||||||
curlen += len(ha)
|
curlen += len(ha)
|
||||||
curlen += len(m)
|
curlen += len(m)
|
||||||
block += ha
|
block += ha
|
||||||
block += bytearray(calclen(GIVEN_PUB_KEY[0]) - curlen)
|
block += bytearray(maxlen - curlen - 1)
|
||||||
|
block += bytearray(0x01.to_bytes())
|
||||||
block += m
|
block += m
|
||||||
|
|
||||||
assert len(block) == calclen(GIVEN_PUB_KEY[0]), "curlen:\n%s\nmodlen:\n%s" % (curlen, calclen(GIVEN_PUB_KEY[0]))
|
assert len(block) == maxlen
|
||||||
result = rsa_oaep_inner(seed, block)
|
if verbose:
|
||||||
|
print("block:\n%s" % block.hex())
|
||||||
|
# in this case
|
||||||
|
assert block == GIVEN_DB, "is\n%s\ninstead of\n%s" % (block.hex(), GIVEN_DB.hex())
|
||||||
|
assert type(l_seed) == bytearray
|
||||||
|
result = rsa_oaep_inner(seed=l_seed, block=block, verbose=verbose)
|
||||||
|
if verbose:
|
||||||
print()
|
print()
|
||||||
print(result[0].hex())
|
print(result[0].hex())
|
||||||
print(result[1].hex())
|
print(result[1].hex())
|
||||||
print()
|
print()
|
||||||
return bytearray(1) + result[0] + result[1]
|
return bytearray(1) + result[0] + result[1]
|
||||||
|
|
||||||
|
def test_rsa_oaep():
|
||||||
|
r = rsa_oaep(bytearray(0), GIVEN_MSG, True, GIVEN_SEED)
|
||||||
|
assert r == GIVEN_OAEP
|
||||||
|
print(r)
|
||||||
|
|
||||||
|
|
||||||
def main():
|
def main():
|
||||||
|
parser = argparse.ArgumentParser(prog="oaep-rsa", description='A hacky Implementation of rsa-oaep')
|
||||||
|
parser.add_argument('-m', '--message', type=str, metavar="MSG",
|
||||||
|
help='the message of the oaep')
|
||||||
|
parser.add_argument('-rs', '--random-seed', action="store_true",
|
||||||
|
help='a random seed')
|
||||||
|
parser.add_argument('-s', '--seed', type=int,
|
||||||
|
help='a custom seed')
|
||||||
|
parser.add_argument('-a', '--hashed-data', type=str,
|
||||||
|
help='append some auth hashed stuff')
|
||||||
|
parser.add_argument('-v', '--verbose', action="store_true",
|
||||||
|
help='append some auth hashed stuff')
|
||||||
|
parser.add_argument('-t', '--test', action="store_true",
|
||||||
|
help='perform tests')
|
||||||
|
args = parser.parse_args()
|
||||||
|
|
||||||
|
if args.test:
|
||||||
|
test_rsa_oaep()
|
||||||
|
test_rsa_oaep_inner()
|
||||||
|
exit()
|
||||||
|
if args.hashed_data:
|
||||||
|
ha = bytearray.fromhex(args.hashed_data)
|
||||||
|
else:
|
||||||
ha = bytearray(0)
|
ha = bytearray(0)
|
||||||
|
if args.message:
|
||||||
|
m = bytearray.fromhex(args.message)
|
||||||
|
else:
|
||||||
m = bytearray.fromhex("466f6f62617220313233343536373839")
|
m = bytearray.fromhex("466f6f62617220313233343536373839")
|
||||||
r = rsa_oaep(ha, m)
|
if args.seed:
|
||||||
print("final:\n%s" % r.hex())
|
seed: int = args.seed
|
||||||
|
r = rsa_oaep(ha, m, args.verbose, seed)
|
||||||
|
elif args.random_seed:
|
||||||
|
seed = random.randint(0, 2**64 - 1)
|
||||||
|
r = rsa_oaep(ha, m, args.verbose, seed)
|
||||||
|
else:
|
||||||
|
seed = GIVEN_SEED
|
||||||
|
r = rsa_oaep(ha, m, args.verbose, seed)
|
||||||
|
print("result:\n%s" % r.hex())
|
||||||
|
|
||||||
if __name__ == "__main__":
|
if __name__ == "__main__":
|
||||||
main()
|
main()
|
||||||
|
|
Loading…
Reference in New Issue