oaep inner works
This commit is contained in:
parent
7bcd404185
commit
580f2c4f67
|
@ -8,6 +8,7 @@ Perform RSA-OAEP
|
||||||
"""
|
"""
|
||||||
|
|
||||||
import hashlib
|
import hashlib
|
||||||
|
import random
|
||||||
from math import floor
|
from math import floor
|
||||||
|
|
||||||
# the given key in the assignment
|
# the given key in the assignment
|
||||||
|
@ -39,21 +40,39 @@ def mgf1(seed: bytearray, length: int, hash_func=hashlib.sha256) -> bytearray:
|
||||||
# 4.Output the leading l octets of T as the octet string mask.
|
# 4.Output the leading l octets of T as the octet string mask.
|
||||||
return bytearray(T[:length])
|
return bytearray(T[:length])
|
||||||
|
|
||||||
def byte_xor(ba1: bytearray, ba2: bytearray):
|
def byte_xor(ba0: bytearray, ba1: bytearray):
|
||||||
a = int(ba1.hex(), 16)
|
"""
|
||||||
b = int(ba2.hex(), 16)
|
helper function for bytewise xor
|
||||||
c = a^b
|
"""
|
||||||
if c.bit_length() / 8 == floor(c.bit_length() / 8):
|
ba2: bytearray = bytearray(0)
|
||||||
clen = floor(c.bit_length() / 8)
|
for (b0, b1) in zip(ba0, ba1):
|
||||||
else:
|
ba2.append((b0 ^ b1))
|
||||||
clen = floor(c.bit_length() / 8) + 1
|
#print("xored:\n%s" % ba2.hex())
|
||||||
return bytearray(c.to_bytes(clen, 'big'))
|
return ba2
|
||||||
|
|
||||||
|
def calclen(n: int) -> int:
|
||||||
|
"""
|
||||||
|
helper function to calculate the length in bytes
|
||||||
|
"""
|
||||||
|
len = n.bit_length() / 8
|
||||||
|
if len > floor(len):
|
||||||
|
return 1 + floor(len)
|
||||||
|
else:
|
||||||
|
return floor(len)
|
||||||
|
|
||||||
def rsa_oaep_inner(seed: bytearray, datablock: bytearray) -> tuple[bytearray, bytearray, bytearray]:
|
def rsa_oaep_inner(seed: bytearray, block: bytearray) -> tuple[bytearray, bytearray]:
|
||||||
mgf_seed = mgf1(seed, len(seed))
|
"""
|
||||||
masked_db = byte_xor(mgf_seed, datablock)
|
inner function of rsa-oaep
|
||||||
print(masked_db.hex())
|
"""
|
||||||
|
mgf_seed = mgf1(seed, len(block))
|
||||||
|
print("mgf1(seed):\n%s" % mgf_seed.hex())
|
||||||
|
masked_db = byte_xor(mgf_seed, block)
|
||||||
|
print("mgf1(seed) ^ block:\n%s" % masked_db.hex())
|
||||||
|
mask_seed = mgf1(masked_db, len(seed))
|
||||||
|
print("mgf1(mgf1(seed) ^ block):\n%s" % mask_seed.hex())
|
||||||
|
masked_seed = byte_xor(seed, mask_seed)
|
||||||
|
print("mgf1(mgf1(seed) ^ block) ^ seed:\n%s" % masked_seed.hex())
|
||||||
|
return (masked_seed, masked_db)
|
||||||
|
|
||||||
def test_rsa_oaep_inner():
|
def test_rsa_oaep_inner():
|
||||||
seed: bytearray = bytearray.fromhex("aa1122fe0815beef")
|
seed: bytearray = bytearray.fromhex("aa1122fe0815beef")
|
||||||
|
@ -64,8 +83,8 @@ def test_rsa_oaep_inner():
|
||||||
00000000000000000000000000000000000001466f6f626172203132
|
00000000000000000000000000000000000001466f6f626172203132
|
||||||
33343536373839
|
33343536373839
|
||||||
""")
|
""")
|
||||||
print("seed\t%s" % seed.hex())
|
print("seed:\n%s" % seed.hex())
|
||||||
print("db\t%s" % db.hex())
|
print("db:\n%s" % db.hex())
|
||||||
|
|
||||||
result = rsa_oaep_inner(seed, db)
|
result = rsa_oaep_inner(seed, db)
|
||||||
|
|
||||||
|
@ -85,8 +104,36 @@ def test_rsa_oaep_inner():
|
||||||
""")
|
""")
|
||||||
GIVEN_MASK_FOR_SEED = bytearray.fromhex("713162084a4e0e6d ")
|
GIVEN_MASK_FOR_SEED = bytearray.fromhex("713162084a4e0e6d ")
|
||||||
GIVEN_MASKED_SEED = bytearray.fromhex("db2040f6425bb082")
|
GIVEN_MASKED_SEED = bytearray.fromhex("db2040f6425bb082")
|
||||||
assert result[0] == GIVEN_MASKED_SEED, "is %s" % result[0].hex()
|
assert result[0] == GIVEN_MASKED_SEED, "is\n%s\ninstead of\n%s" % (result[0].hex(), GIVEN_MASKED_SEED.hex())
|
||||||
assert result[1] == GIVEN_MASKED_DB, "is %s" % result[1].hex()
|
assert result[1] == GIVEN_MASKED_DB, "is\n%s\ninstead of\n%s" % (result[1].hex(), GIVEN_MASKED_DB.hex())
|
||||||
|
|
||||||
|
def rsa_oaep(ha: bytearray, m: bytearray):
|
||||||
|
# generate a seed
|
||||||
|
seed = random.randint(0, 2**64 - 1)
|
||||||
|
seed = bytearray(seed.to_bytes(calclen(seed), 'big'))
|
||||||
|
# build the message
|
||||||
|
block: bytearray = bytearray(0)
|
||||||
|
assert len(block) == 0
|
||||||
|
curlen = 0
|
||||||
|
curlen += len(ha)
|
||||||
|
curlen += len(m)
|
||||||
|
block += ha
|
||||||
|
block += bytearray(calclen(GIVEN_PUB_KEY[0]) - curlen)
|
||||||
|
block += m
|
||||||
|
|
||||||
|
assert len(block) == calclen(GIVEN_PUB_KEY[0]), "curlen:\n%s\nmodlen:\n%s" % (curlen, calclen(GIVEN_PUB_KEY[0]))
|
||||||
|
result = rsa_oaep_inner(seed, block)
|
||||||
|
print()
|
||||||
|
print(result[0].hex())
|
||||||
|
print(result[1].hex())
|
||||||
|
print()
|
||||||
|
return bytearray(1) + result[0] + result[1]
|
||||||
|
|
||||||
|
def main():
|
||||||
|
ha = bytearray(0)
|
||||||
|
m = bytearray.fromhex("466f6f62617220313233343536373839")
|
||||||
|
r = rsa_oaep(ha, m)
|
||||||
|
print("final:\n%s" % r.hex())
|
||||||
|
|
||||||
if __name__ == "__main__":
|
if __name__ == "__main__":
|
||||||
test_rsa_oaep_inner()
|
main()
|
||||||
|
|
Loading…
Reference in New Issue