reconstruct a private key from a public key

Cryptography/OpenSSL-Cheatsheet.md

@@ -1,24 +1,26 @@
 # OpenSSL Cheatsheet
 
-
 ## Read X.509 Certificate
 
-* A certificate can be read via
+A certificate can be read via
+
 ```sh
 openssl x509 -in $CERT -text
 ```
 
 ## Generate CSR
 
-* A Certificate Signing Request needs a private alongside the request for a cert.
+A Certificate Signing Request needs a private alongside the request for a cert.
 This is done in the following way
+
 ```sh
 openssl req -new -nodes -newkey rsa:4096 -keyout $PRIVATE_KEY -out $CERT_CSR
 ```
 
 ## Create an X.509 Certificate
 
-* Create a X.509 certificate via
+Create a X.509 certificate via
+
 ```sh
 openssl x509 -newkey -nodes rsa:4096 -keyout $PRIVATE_KEY -out $CERT -sha256 -days 365
 openssl req -new -x509 -keyout cert.pem -out cert.pem -days 365 -nodes
@@ -26,7 +28,8 @@ openssl req -new -x509 -keyout cert.pem -out cert.pem -days 365 -nodes
 
 ## Extract Keys from PFX Cert
 
-* Key and cert form PFX
+Key and cert form PFX
+
 ```sh
 openssl pkcs12 -in cert.pfx -nocerts -out key.pem -nodes
 openssl pkcs12 -in cert.pfx -out cert.pem -clcerts -nokeys
@@ -34,7 +37,8 @@ openssl pkcs12 -in cert.pfx -out cert.pem -clcerts -nokeys
 
 ## Extract & Repack PFX Cert
 
-* Extract & Repack with another password, e.g. from `mimikatz` to `cqure`
+Extract & Repack with another password, e.g. from `mimikatz` to `cqure`
+
 ```sh
 openssl pkcs12 -in *.pfx -out temp.pem -nodes
 openssl pkcs12 -export -out *.pfx -in temp.pem
@@ -44,26 +48,32 @@ openssl pkcs12 -export -out *.pfx -in temp.pem
 
 ### Read Parameters of a RSA Key
 
-* Show parameters of the private key
+Show parameters of the private key
+
 ```sh
 openssl rsa -in $PRIVATE_KEY -text -noout
 ```
 
+
+
 ### Create RSA Key
 
-* Generate an OpenSSL RSA key via
+Generate an OpenSSL RSA key via
+
 ```sh
 openssl genrsa -out $PRIVATE_KEY 4096
 ```
 
-* Generate an OpenSSl RSA public key from a private key
+Generate an OpenSSl RSA public key from a private key
+
 ```sh
 openssl rsa -in $PRIVATE_KEY -pubout -out public-key.pem
 ```
 
 ### Encrypt RSA
 
-* Encrypt RSA current and deprecated
+Encrypt RSA current and deprecated
+
 ```sh
 openssl pkeyutl -encrypt -in $CLEAR_TEXT -out $CLEAR_TEXT -pubin -inkey $PUBLIC_KEY
 openssl rsautl -encrypt -in $CLEAR_TEXT -out $ENCRYPTED -pubin -inkey $PUBLIC_KEY
@@ -71,12 +81,14 @@ openssl rsautl -encrypt -in $CLEAR_TEXT -out $ENCRYPTED -pubin -inkey $PUBLIC_KE
 
 ### Decrypt RSA
 
-* Decrypt a RSA cipher with the private key
+Decrypt a RSA cipher with the private key
+
 ```sh
 openssl pkeyutl -decrypt -in $CIPHER -out $PLAIN_TEXT -inkey $PRIVATE_KEY
 ```
 
-* Deprecated version of RSA decryption is the following
+Deprecated version of RSA decryption is the following
+
 ```sh
 openssl rsautl -decrypt -in $CIPHER -out $PLAIN_TEXT -inkey $PRIVATE_KEY
 ```

Cryptography/RSA.md

@@ -7,12 +7,12 @@ $$
 1 < \phi < n
 $$
 
-* There is also 
+There is also
 $$
 \phi = (p-1) * (q-1)
 $$$
 
-* Encryption, public key `e` is a prime between 2 and phi  
+Encryption, public key `e` is a prime between 2 and phi  
 $$
 2 < e < \phi
 $$
@@ -24,7 +24,7 @@ for i in range (2, phi):
         possible_e.append()
 ```
 
-* Decryption, private key `d` 
+Decryption, private key `d`
 $$
 d * e mod \phi = 1
 $$
@@ -35,13 +35,16 @@ for i in range (phi + 1, phi + foo):
     if i * e mod phi == 1 :
        possible_d.append()
 ```
+
 * \\( Cipher = msg ** d mod $\phi$ \\)
 * \\( Cleartext = cipher ** e mod $\phi$ )
 
 ## Euklid
 
 Just a short excourse:  
-A greatest common divisior out of an example a = 32 and b = 14 would be the groups of the following divisors
+A greatest common divisior out of an example a = 32 and b = 14 would be the
+groups of the following divisors
+
 ```sh
 a = 32, b = 24
 a = {1, 2, 4, 8, 16}
@@ -53,6 +56,7 @@ gcd(a,b) = 8
 
 Two values are prime and have themselves and only `1` as a divisor are called coprime.
 To check if a and b have a greatest common divisor do the euclidean algorithm.
+
 ```python
 def gcd(a, b):
     if b == 0:
@@ -62,18 +66,21 @@ def gcd(a, b):
 
 ### Extended GCD
 
-#TODO
+\#TODO
 
-## Fermat's Little Theorem
+## Fermat`s Little Theorem
 
-If modulus $p$ is a prime and and modulus $n$ is not a prime, p defines a finite field (ring).
+If modulus $p$ is a prime and and modulus $n$ is not a prime, p defines a
+finite field (ring).
 $$
 n \in F_{p} \{0,1,...,p-1\}
 $$
 
-The field consists of elements $n$ which have an inverse $m$ resulting in $n + m = 0$ and $n * m = 1$.
+The field consists of elements $n$ which have an inverse $m$ resulting in $n +
+m = 0$ and $n * m = 1$.
 
-So , $n^p - n$ is a multiple of p then $n^p \equiv n\ mod\ p$ and therefore $ n = n^p\ mod\ p$. An example
+So , $n^p - n$ is a multiple of p then $n^p \equiv n\ mod\ p$ and therefore $ n
+= n^p\ mod\ p$. An example
 $$
 4 = 4^{31}\ mod\ 31
 $$
@@ -97,7 +104,8 @@ $n^{p-2} \equiv n^{-1}\ mod\ p$
 $m$ is a quadratic residue when $\pm n^2 = m\ mod\ p$ with two solutions.
 Otherwise it is a quadratic non residue.
 
-So a porperty of quad res are, if Quadratic Residue $QR = 1$ and Quadratic NonResidue $QN = -1$
+So a porperty of quad res are, if Quadratic Residue $QR = 1$ and Quadratic
+NonResidue $QN = -1$
 
 $$
 QR * QR = QR\\
@@ -120,14 +128,16 @@ $$
 \frac{a}{p} \equiv a^{p-1/2}\ (mod\ p)\ and\ \frac{a}{p} \in \{-1,0,1\}
 $$
 
-* Legendre Symbol test via Python with 
+Legendre Symbol test via Python with
+
 ```python
 pow(a,(p-1)/2,p)
 ```
 
 [Finding the square root of integer a which is quadratic residue](http://mathcenter.oxford.emory.edu/site/math125/findingSquareRoots/)
 
-* Given $p \equiv 3\ mod\ 4$ the square root is calculated through
+Given $p \equiv 3\ mod\ 4$ the square root is calculated through
+
 ```python
 pow(a,((p+1)//4),p)
 ```
@@ -138,6 +148,116 @@ pow(a,((p+1)//4),p)
 * Precondition: modulus is not a prime
 * TBD
 
+## RSA PublicKey Extraction
+
+### Extract n and e from RSA public key
+
+```python
+from Crypto.PublicKey import RSA
+
+with open("./id_rsa.pub", 'r') as _f:
+    pub_k = RSA.importKey(_f.read())
+
+print(f"n:\n{pub_k.n}\n")
+print(f"\ne:\n{pub_k.e}\n")
+```
+
+### Extract p and q from PublicKey
+
+Modified from [d4rkvaibhav](https://github.com/murtaza-u/zet/tree/main/20220808171808/README.md)
+
+```python
+from Crypto.PublicKey import RSA
+
+with open("./id_rsa.pub", 'r') as _f:
+    pub_k = RSA.importKey(_f.read())
+
+def isqrt(n):
+    x=n
+    y=(x+n//x)//2
+    while(y<x):
+        x=y
+        y=(x+n//x)//2
+    return x
+def fermat(n):
+    t0=isqrt(n)+1
+    counter=0
+    t=t0+counter
+    temp=isqrt((t*t)-n)
+    while((temp*temp)!=((t*t)-n)):
+        counter+=1
+        t=t0+counter
+        temp=isqrt((t*t)-n)
+    s=temp
+    p=t+s
+    q=t-s
+    return p,q
+
+p,q = fermat(pub_k.n)
+print(f"\np: {p}\n")
+print(f"\nq: {q}\n")
+print(f"\np-q: {p-q}\n")
+```
+
+### Generate PrivateKey
+
+```python
+from Crypto.PublicKey import RSA
+
+with open("./id_rsa.pub", 'r') as _f:
+    pub_k = RSA.importKey(_f.read())
+
+def isqrt(n):
+    x=n
+    y=(x+n//x)//2
+    while(y<x):
+        x=y
+        y=(x+n//x)//2
+    return x
+def fermat(n):
+    t0=isqrt(n)+1
+    counter=0
+    t=t0+counter
+    temp=isqrt((t*t)-n)
+    while((temp*temp)!=((t*t)-n)):
+        counter+=1
+        t=t0+counter
+        temp=isqrt((t*t)-n)
+    s=temp
+    p=t+s
+    q=t-s
+    return p,q
+
+def extended_euclid(a, b):
+    if a == 0:
+        return b, 0, 1
+    else:
+        g, y, x = extended_euclid(b % a, a)
+        return g, x - (b // a) * y, y
+
+def modular_inverse(e, phi):
+    g, x, y = extended_euclid(e, phi)
+
+    if g != 1 :
+        raise Exception("No modular inverse")
+    else:
+        return x % phi
+
+p,q = fermat(pub_k.n)
+phi = (p-1) * (q-1)
+d = modular_inverse(pub_k.e, phi)
+
+
+print(f"\np: {p}\n")
+print(f"\nq: {q}\n")
+print(f"\np-q: {p-q}\n")
+print(f"\nd: {d}\n")
+
+priv_k = RSA.construct((pub_k.n, pub_k.e, d))
+with open ("./priv_id_rsa", "wb") as _f:
+    _f.write(priv_k.export_key('PEM'))
+```
+
 ## Links
 
 * [Encryption+Decryption](https://www.cs.drexel.edu/~jpopyack/Courses/CSP/Fa17/notes/10.1_Cryptography/RSA_Express_EncryptDecrypt_v2.html)