reconstruct a private key from a public key
This commit is contained in:
parent
b6788a4bb4
commit
513a004f9f
|
@ -1,24 +1,26 @@
|
|||
# OpenSSL Cheatsheet
|
||||
|
||||
|
||||
## Read X.509 Certificate
|
||||
|
||||
* A certificate can be read via
|
||||
A certificate can be read via
|
||||
|
||||
```sh
|
||||
openssl x509 -in $CERT -text
|
||||
```
|
||||
|
||||
## Generate CSR
|
||||
|
||||
* A Certificate Signing Request needs a private alongside the request for a cert.
|
||||
A Certificate Signing Request needs a private alongside the request for a cert.
|
||||
This is done in the following way
|
||||
|
||||
```sh
|
||||
openssl req -new -nodes -newkey rsa:4096 -keyout $PRIVATE_KEY -out $CERT_CSR
|
||||
```
|
||||
|
||||
## Create an X.509 Certificate
|
||||
|
||||
* Create a X.509 certificate via
|
||||
Create a X.509 certificate via
|
||||
|
||||
```sh
|
||||
openssl x509 -newkey -nodes rsa:4096 -keyout $PRIVATE_KEY -out $CERT -sha256 -days 365
|
||||
openssl req -new -x509 -keyout cert.pem -out cert.pem -days 365 -nodes
|
||||
|
@ -26,7 +28,8 @@ openssl req -new -x509 -keyout cert.pem -out cert.pem -days 365 -nodes
|
|||
|
||||
## Extract Keys from PFX Cert
|
||||
|
||||
* Key and cert form PFX
|
||||
Key and cert form PFX
|
||||
|
||||
```sh
|
||||
openssl pkcs12 -in cert.pfx -nocerts -out key.pem -nodes
|
||||
openssl pkcs12 -in cert.pfx -out cert.pem -clcerts -nokeys
|
||||
|
@ -34,7 +37,8 @@ openssl pkcs12 -in cert.pfx -out cert.pem -clcerts -nokeys
|
|||
|
||||
## Extract & Repack PFX Cert
|
||||
|
||||
* Extract & Repack with another password, e.g. from `mimikatz` to `cqure`
|
||||
Extract & Repack with another password, e.g. from `mimikatz` to `cqure`
|
||||
|
||||
```sh
|
||||
openssl pkcs12 -in *.pfx -out temp.pem -nodes
|
||||
openssl pkcs12 -export -out *.pfx -in temp.pem
|
||||
|
@ -44,26 +48,32 @@ openssl pkcs12 -export -out *.pfx -in temp.pem
|
|||
|
||||
### Read Parameters of a RSA Key
|
||||
|
||||
* Show parameters of the private key
|
||||
Show parameters of the private key
|
||||
|
||||
```sh
|
||||
openssl rsa -in $PRIVATE_KEY -text -noout
|
||||
```
|
||||
|
||||
|
||||
|
||||
### Create RSA Key
|
||||
|
||||
* Generate an OpenSSL RSA key via
|
||||
Generate an OpenSSL RSA key via
|
||||
|
||||
```sh
|
||||
openssl genrsa -out $PRIVATE_KEY 4096
|
||||
```
|
||||
|
||||
* Generate an OpenSSl RSA public key from a private key
|
||||
Generate an OpenSSl RSA public key from a private key
|
||||
|
||||
```sh
|
||||
openssl rsa -in $PRIVATE_KEY -pubout -out public-key.pem
|
||||
```
|
||||
|
||||
### Encrypt RSA
|
||||
|
||||
* Encrypt RSA current and deprecated
|
||||
Encrypt RSA current and deprecated
|
||||
|
||||
```sh
|
||||
openssl pkeyutl -encrypt -in $CLEAR_TEXT -out $CLEAR_TEXT -pubin -inkey $PUBLIC_KEY
|
||||
openssl rsautl -encrypt -in $CLEAR_TEXT -out $ENCRYPTED -pubin -inkey $PUBLIC_KEY
|
||||
|
@ -71,12 +81,14 @@ openssl rsautl -encrypt -in $CLEAR_TEXT -out $ENCRYPTED -pubin -inkey $PUBLIC_KE
|
|||
|
||||
### Decrypt RSA
|
||||
|
||||
* Decrypt a RSA cipher with the private key
|
||||
Decrypt a RSA cipher with the private key
|
||||
|
||||
```sh
|
||||
openssl pkeyutl -decrypt -in $CIPHER -out $PLAIN_TEXT -inkey $PRIVATE_KEY
|
||||
```
|
||||
|
||||
* Deprecated version of RSA decryption is the following
|
||||
Deprecated version of RSA decryption is the following
|
||||
|
||||
```sh
|
||||
openssl rsautl -decrypt -in $CIPHER -out $PLAIN_TEXT -inkey $PRIVATE_KEY
|
||||
```
|
||||
|
|
|
@ -7,12 +7,12 @@ $$
|
|||
1 < \phi < n
|
||||
$$
|
||||
|
||||
* There is also
|
||||
There is also
|
||||
$$
|
||||
\phi = (p-1) * (q-1)
|
||||
$$$
|
||||
|
||||
* Encryption, public key `e` is a prime between 2 and phi
|
||||
Encryption, public key `e` is a prime between 2 and phi
|
||||
$$
|
||||
2 < e < \phi
|
||||
$$
|
||||
|
@ -24,7 +24,7 @@ for i in range (2, phi):
|
|||
possible_e.append()
|
||||
```
|
||||
|
||||
* Decryption, private key `d`
|
||||
Decryption, private key `d`
|
||||
$$
|
||||
d * e mod \phi = 1
|
||||
$$
|
||||
|
@ -35,13 +35,16 @@ for i in range (phi + 1, phi + foo):
|
|||
if i * e mod phi == 1 :
|
||||
possible_d.append()
|
||||
```
|
||||
|
||||
* \\( Cipher = msg ** d mod $\phi$ \\)
|
||||
* \\( Cleartext = cipher ** e mod $\phi$ )
|
||||
|
||||
## Euklid
|
||||
|
||||
Just a short excourse:
|
||||
A greatest common divisior out of an example a = 32 and b = 14 would be the groups of the following divisors
|
||||
A greatest common divisior out of an example a = 32 and b = 14 would be the
|
||||
groups of the following divisors
|
||||
|
||||
```sh
|
||||
a = 32, b = 24
|
||||
a = {1, 2, 4, 8, 16}
|
||||
|
@ -53,6 +56,7 @@ gcd(a,b) = 8
|
|||
|
||||
Two values are prime and have themselves and only `1` as a divisor are called coprime.
|
||||
To check if a and b have a greatest common divisor do the euclidean algorithm.
|
||||
|
||||
```python
|
||||
def gcd(a, b):
|
||||
if b == 0:
|
||||
|
@ -62,18 +66,21 @@ def gcd(a, b):
|
|||
|
||||
### Extended GCD
|
||||
|
||||
#TODO
|
||||
\#TODO
|
||||
|
||||
## Fermat's Little Theorem
|
||||
## Fermat`s Little Theorem
|
||||
|
||||
If modulus $p$ is a prime and and modulus $n$ is not a prime, p defines a finite field (ring).
|
||||
If modulus $p$ is a prime and and modulus $n$ is not a prime, p defines a
|
||||
finite field (ring).
|
||||
$$
|
||||
n \in F_{p} \{0,1,...,p-1\}
|
||||
$$
|
||||
|
||||
The field consists of elements $n$ which have an inverse $m$ resulting in $n + m = 0$ and $n * m = 1$.
|
||||
The field consists of elements $n$ which have an inverse $m$ resulting in $n +
|
||||
m = 0$ and $n * m = 1$.
|
||||
|
||||
So , $n^p - n$ is a multiple of p then $n^p \equiv n\ mod\ p$ and therefore $ n = n^p\ mod\ p$. An example
|
||||
So , $n^p - n$ is a multiple of p then $n^p \equiv n\ mod\ p$ and therefore $ n
|
||||
= n^p\ mod\ p$. An example
|
||||
$$
|
||||
4 = 4^{31}\ mod\ 31
|
||||
$$
|
||||
|
@ -97,7 +104,8 @@ $n^{p-2} \equiv n^{-1}\ mod\ p$
|
|||
$m$ is a quadratic residue when $\pm n^2 = m\ mod\ p$ with two solutions.
|
||||
Otherwise it is a quadratic non residue.
|
||||
|
||||
So a porperty of quad res are, if Quadratic Residue $QR = 1$ and Quadratic NonResidue $QN = -1$
|
||||
So a porperty of quad res are, if Quadratic Residue $QR = 1$ and Quadratic
|
||||
NonResidue $QN = -1$
|
||||
|
||||
$$
|
||||
QR * QR = QR\\
|
||||
|
@ -120,14 +128,16 @@ $$
|
|||
\frac{a}{p} \equiv a^{p-1/2}\ (mod\ p)\ and\ \frac{a}{p} \in \{-1,0,1\}
|
||||
$$
|
||||
|
||||
* Legendre Symbol test via Python with
|
||||
Legendre Symbol test via Python with
|
||||
|
||||
```python
|
||||
pow(a,(p-1)/2,p)
|
||||
```
|
||||
|
||||
[Finding the square root of integer a which is quadratic residue](http://mathcenter.oxford.emory.edu/site/math125/findingSquareRoots/)
|
||||
|
||||
* Given $p \equiv 3\ mod\ 4$ the square root is calculated through
|
||||
Given $p \equiv 3\ mod\ 4$ the square root is calculated through
|
||||
|
||||
```python
|
||||
pow(a,((p+1)//4),p)
|
||||
```
|
||||
|
@ -138,6 +148,116 @@ pow(a,((p+1)//4),p)
|
|||
* Precondition: modulus is not a prime
|
||||
* TBD
|
||||
|
||||
## RSA PublicKey Extraction
|
||||
|
||||
### Extract n and e from RSA public key
|
||||
|
||||
```python
|
||||
from Crypto.PublicKey import RSA
|
||||
|
||||
with open("./id_rsa.pub", 'r') as _f:
|
||||
pub_k = RSA.importKey(_f.read())
|
||||
|
||||
print(f"n:\n{pub_k.n}\n")
|
||||
print(f"\ne:\n{pub_k.e}\n")
|
||||
```
|
||||
|
||||
### Extract p and q from PublicKey
|
||||
|
||||
Modified from [d4rkvaibhav](https://github.com/murtaza-u/zet/tree/main/20220808171808/README.md)
|
||||
|
||||
```python
|
||||
from Crypto.PublicKey import RSA
|
||||
|
||||
with open("./id_rsa.pub", 'r') as _f:
|
||||
pub_k = RSA.importKey(_f.read())
|
||||
|
||||
def isqrt(n):
|
||||
x=n
|
||||
y=(x+n//x)//2
|
||||
while(y<x):
|
||||
x=y
|
||||
y=(x+n//x)//2
|
||||
return x
|
||||
def fermat(n):
|
||||
t0=isqrt(n)+1
|
||||
counter=0
|
||||
t=t0+counter
|
||||
temp=isqrt((t*t)-n)
|
||||
while((temp*temp)!=((t*t)-n)):
|
||||
counter+=1
|
||||
t=t0+counter
|
||||
temp=isqrt((t*t)-n)
|
||||
s=temp
|
||||
p=t+s
|
||||
q=t-s
|
||||
return p,q
|
||||
|
||||
p,q = fermat(pub_k.n)
|
||||
print(f"\np: {p}\n")
|
||||
print(f"\nq: {q}\n")
|
||||
print(f"\np-q: {p-q}\n")
|
||||
```
|
||||
|
||||
### Generate PrivateKey
|
||||
|
||||
```python
|
||||
from Crypto.PublicKey import RSA
|
||||
|
||||
with open("./id_rsa.pub", 'r') as _f:
|
||||
pub_k = RSA.importKey(_f.read())
|
||||
|
||||
def isqrt(n):
|
||||
x=n
|
||||
y=(x+n//x)//2
|
||||
while(y<x):
|
||||
x=y
|
||||
y=(x+n//x)//2
|
||||
return x
|
||||
def fermat(n):
|
||||
t0=isqrt(n)+1
|
||||
counter=0
|
||||
t=t0+counter
|
||||
temp=isqrt((t*t)-n)
|
||||
while((temp*temp)!=((t*t)-n)):
|
||||
counter+=1
|
||||
t=t0+counter
|
||||
temp=isqrt((t*t)-n)
|
||||
s=temp
|
||||
p=t+s
|
||||
q=t-s
|
||||
return p,q
|
||||
|
||||
def extended_euclid(a, b):
|
||||
if a == 0:
|
||||
return b, 0, 1
|
||||
else:
|
||||
g, y, x = extended_euclid(b % a, a)
|
||||
return g, x - (b // a) * y, y
|
||||
|
||||
def modular_inverse(e, phi):
|
||||
g, x, y = extended_euclid(e, phi)
|
||||
|
||||
if g != 1 :
|
||||
raise Exception("No modular inverse")
|
||||
else:
|
||||
return x % phi
|
||||
|
||||
p,q = fermat(pub_k.n)
|
||||
phi = (p-1) * (q-1)
|
||||
d = modular_inverse(pub_k.e, phi)
|
||||
|
||||
|
||||
print(f"\np: {p}\n")
|
||||
print(f"\nq: {q}\n")
|
||||
print(f"\np-q: {p-q}\n")
|
||||
print(f"\nd: {d}\n")
|
||||
|
||||
priv_k = RSA.construct((pub_k.n, pub_k.e, d))
|
||||
with open ("./priv_id_rsa", "wb") as _f:
|
||||
_f.write(priv_k.export_key('PEM'))
|
||||
```
|
||||
|
||||
## Links
|
||||
|
||||
* [Encryption+Decryption](https://www.cs.drexel.edu/~jpopyack/Courses/CSP/Fa17/notes/10.1_Cryptography/RSA_Express_EncryptDecrypt_v2.html)
|
||||
|
|
Loading…
Reference in New Issue