Example #1
0
def main(cert_path, data_path, offset):
  mod = get_modulus(cert_path)
  mod = gmpy.mpz(mod, 16)
  key_size = int(mod.bit_length() / 16)
  offset = int(offset, 16)
  print('Prime should be at offset: %x'%offset)
  print('Key size: %d\n'%key_size)
  with open(data_path, 'rb') as f:
    mm_data = mmap.mmap(f.fileno(), 0, access=mmap.ACCESS_READ)

    print('Hexdump of surrounding data:')
    hexdump(mm_data, max(0, offset - 1024), 2048)
    p = gmpy.mpz(long(mm_data, offset, key_size))
    if gmpy.is_prime(p) and p != mod and mod % p == 0:
      print('Prime factor found: %s\n'%p)
      hexbytes = binascii.hexlify(mm_data[offset:offset+key_size]).decode('ascii').upper()
      hexbytes = re.sub(r'(..)', r'\x\1', hexbytes)
      print('Prime in greppable ascii: %s\n'%hexbytes)
      p = gmpy.mpz(p)
      e = gmpy.mpz(65537)
      q = gmpy.divexact(mod, p)
      
      assert(gmpy.is_prime(q))

      phi = (p-1) * (q-1)
      d = gmpy.invert(e, phi)
      dp = d % (p - 1)
      dq = d % (q - 1)
      qinv = gmpy.invert(q, p)
      seq = Sequence()
      for x in [0, mod, e, d, p, q, dp, dq, qinv]:
        seq.setComponentByPosition (len (seq), Integer (x))
      print("\n\n-----BEGIN RSA PRIVATE KEY-----\n%s-----END RSA PRIVATE KEY-----\n\n"%base64.encodestring(encoder.encode(seq)).decode('ascii'))
    else:
      print('Prime factor not found')
Example #2
0
def main(cert_path, data_path, offset):
    mod = get_modulus(cert_path)
    mod = int(mod, 16)
    key_size = int(mod.bit_length() / 16)
    offset = int(offset, 16)
    print('Prime should be at offset: %x' % offset)
    print('Key size: %d\n' % key_size)
    with open(data_path, 'rb') as f:
        data = f.read()
    print('Hexdump of surrounding data:')
    hexdump(data, max(0, offset - 1024), 2048)
    p = long(data, offset, key_size)
    if gmpy.is_prime(p) and p != mod and mod % p == 0:
        print('Prime factor found: %s\n' % p)
        hexbytes = binascii.hexlify(data[offset:offset +
                                         key_size]).decode('ascii').upper()
        hexbytes = re.sub(r'(..)', r'\x\1', hexbytes)
        print('Prime in greppable ascii: %s\n' % hexbytes)
        p = gmpy.mpz(p)
        e = gmpy.mpz(65537)
        q = gmpy.divexact(mod, p)
        phi = (p - 1) * (q - 1)
        d = gmpy.invert(e, phi)
        dp = d % (p - 1)
        dq = d % (q - 1)
        qinv = gmpy.invert(q, p)
        seq = Sequence()
        for x in [0, mod, e, d, p, q, dp, dq, qinv]:
            seq.setComponentByPosition(len(seq), Integer(x))
        print(
            "\n\n-----BEGIN RSA PRIVATE KEY-----\n%s-----END RSA PRIVATE KEY-----\n\n"
            % base64.encodestring(encoder.encode(seq)).decode('ascii'))
    else:
        print('Prime factor not found')
Example #3
0
    def __init__(self,
                 EFp,
                 EFpk,
                 E,
                 P,
                 Q,
                 r,
                 Qp=None,
                 frob=None,
                 gam=None,
                 bet=None):
        self.E = E  #Elliptic Curve (equation) over EFp
        self.EFp = EFp  # Elliptic Curve Group
        self.Fp = EFp.F  # Field of the ECG
        self.Fp1 = self.Fp.one()
        self.Fp0 = self.Fp.zero()
        self.EFpk = EFpk
        self.Fpk = EFpk.F
        self.Fpk1 = self.Fpk.one()
        self.Fpk0 = self.Fpk.zero()

        self.frobenius = frob
        self.gamma = gam
        #self.beta = bet

        self.P = P  # Generator of G1
        self.Q = Q  # Generator of G2
        #self.Qp = Qp
        self.r = r  # This is the order of the subgroups G1, G2

        def degext(M, L):
            '''Return the degree of the extension of M over L (provided M,L are Fields)
            Assuming M is an extension of L
            '''
            assert isinstance(M, field.Field) and isinstance(L, field.Field)
            k = 1
            while not M.F == M:
                k = k * (M.deg - 1)
                M = M.F
                if M == L:
                    return k

        k = degext(
            self.Fpk,
            self.Fp)  # This is the degree of the extension EFpk over EFp
        q = self.Fp.char - 1

        self.e = gmpy.divexact(q**(k) - 1, self.r)

        self.to_fingerprint = ["E", "EFp", "EFpk", "r"]
        self.to_export = {
            "fingerprint": [],
            "value": ["E", "EFp", "EFpk", "r"]
        }
Example #4
0
def main(cert_path, data_path):
    mod = get_modulus(cert_path)
    mod = int(mod, 16)
    key_size = int(mod.bit_length() / 16)
    print('Key size: %d' % key_size)
    with open(data_path, 'rb') as f:
        data = f.read()
    print('Data length: %d' % len(data))
    length = len(data) - key_size
    for i in range(length):
        if i % 100000 == 0:
            sys.stdout.write(chr(27) + '[%dG' % (1) + chr(27) + '[0K')
            sys.stdout.write('Progress: %d%%' % (100.0 * i / length))
            sys.stdout.flush()
        if data[i] % 2 == 0:
            continue
        p = long(data, i, key_size)
        mod
        if p != 0 and p != 1 and p != mod and mod % p == 0:
            sys.stdout.write(chr(27) + '[%dG' % (1) + chr(27) + '[0K')
            q = gmpy.divexact(mod, p)
            print('%s Offset 0x%x:\nq = %s\np = %d\n' % (data_path, i, p, q))
            n = gmpy.mpz(mod)
            q2 = gmpy.mpz(p)
            e = gmpy.mpz(65537)
            p2 = gmpy.mpz(q)
            phi = (p2 - 1) * (q2 - 1)
            d = gmpy.invert(e, phi)
            dp = d % (p2 - 1)
            dq = d % (q2 - 1)
            qinv = gmpy.invert(q2, p2)
            seq = Sequence()
            for x in [0, mod, e, d, p2, q2, dp, dq, qinv]:
                seq.setComponentByPosition(len(seq), Integer(x))
            print(
                "\n\n-----BEGIN RSA PRIVATE KEY-----\n%s-----END RSA PRIVATE KEY-----\n\n"
                % base64.encodestring(encoder.encode(seq)).decode('ascii'))
            sys.exit(0)
    sys.stdout.write(chr(27) + '[%dG' % (1) + chr(27) + '[0K')
Example #5
0
    def __init__(self, EFp, EFpk, E, P, Q, r, Qp=None, frob=None, gam=None, bet = None):
        self.E = E #Elliptic Curve (equation) over EFp
        self.EFp = EFp # Elliptic Curve Group
        self.Fp = EFp.F # Field of the ECG
        self.Fp1 = self.Fp.one()
        self.Fp0 = self.Fp.zero()
        self.EFpk = EFpk
        self.Fpk = EFpk.F
        self.Fpk1 = self.Fpk.one()
        self.Fpk0 = self.Fpk.zero()

        self.frobenius = frob
        self.gamma = gam
        #self.beta = bet

        self.P = P # Generator of G1
        self.Q = Q # Generator of G2
        #self.Qp = Qp
        self.r = r # This is the order of the subgroups G1, G2
        def degext(M,L):
            '''Return the degree of the extension of M over L (provided M,L are Fields)
            Assuming M is an extension of L
            '''
            assert isinstance(M,field.Field) and isinstance(L,field.Field)
            k = 1
            while not M.F == M:
                k = k*(M.deg-1)
                M = M.F
                if M == L :
                    return k
        k = degext(self.Fpk,self.Fp) # This is the degree of the extension EFpk over EFp
        q = self.Fp.char-1

        self.e = gmpy.divexact(q**(k)-1,self.r)


        self.to_fingerprint = ["E","EFp","EFpk","r"]
        self.to_export = {"fingerprint": [],"value": ["E","EFp","EFpk","r"]}
Example #6
0
def main(cert_path, data_path):
  mod = get_modulus(cert_path)
  mod = int(mod, 16)
  key_size = int(mod.bit_length() / 16)
  print('Key size: %d'%key_size)
  with open(data_path, 'rb') as f:
    data = f.read()
  print('Data length: %d'%len(data))
  length = len(data) - key_size
  for i in range(length):
    if i % 100000 == 0:
      sys.stdout.write(chr(27) + '[%dG'%(1) + chr(27) + '[0K')
      sys.stdout.write('Progress: %d%%'%(100.0*i/length))
      sys.stdout.flush()
    if data[i] % 2 == 0:
      continue
    p = long(data, i, key_size)
    mod
    if p != 0 and p != 1 and p != mod and mod % p == 0:
      sys.stdout.write(chr(27) + '[%dG'%(1) + chr(27) + '[0K')
      q = gmpy.divexact(mod,p)
      print('%s Offset 0x%x:\nq = %s\np = %d\n'%(data_path, i, p, q))
      n = gmpy.mpz(mod)
      q2 = gmpy.mpz(p)
      e = gmpy.mpz(65537)
      p2 = gmpy.mpz(q)
      phi = (p2-1) * (q2-1)
      d = gmpy.invert(e, phi)
      dp = d % (p2 - 1)
      dq = d % (q2 - 1)
      qinv = gmpy.invert(q2, p2)
      seq = Sequence()
      for x in [0, mod, e, d, p2, q2, dp, dq, qinv]:
        seq.setComponentByPosition (len (seq), Integer (x))
      print("\n\n-----BEGIN RSA PRIVATE KEY-----\n%s-----END RSA PRIVATE KEY-----\n\n"%base64.encodestring(encoder.encode(seq)).decode('ascii'))
      sys.exit(0)
  sys.stdout.write(chr(27) + '[%dG'%(1) + chr(27) + '[0K')
Example #7
0
                y = ((y * y) % N + c) % N
                q = q * (abs(x - y)) % N
            g = gcd(q, N)
            k = k + m
        r = r * 2
    if g == N:
        while True:
            ys = ((ys * ys) % N + c) % N
            g = gcd(abs(x - ys), N)
            if g > 1:
                break

    return g


p = (brent(num))
q = gmpy.divexact(num, p)

print(p)
print((q))

phin = (p - 1) * (q - 1)
d = gmpy.invert(e, phin)
print(d)

y = pow(c, d, num)
print()
print()
print(y)
print()
Example #8
0
        ns.append(n)
    if line[:1] == "c":
        c = int(line[4:])
        cs.append(c)
    if line[:1] == "e":
        e = int(line[4:])
        es.append(e)

for i in range(0, len(ns)):
    for j in range(i, len(ns)):
        g = gcd(ns[i], ns[j])
        if g != ns[i] and g != ns[j]:
            n1 = ns[i]
            n2 = ns[j]
            p = gcd(ns[i], ns[j])
            q1 = gmpy.divexact(n1, p)
            q2 = gmpy.divexact(n2, p)
            c1 = cs[i]
            c2 = cs[j]
            e1 = es[i]
            e2 = es[j]
            if p == 1: continue
            print(
                "p = {} \n q1 = {}  \n q2 = {} \n n1 = {} \n n2 = {} \n c1 = {} \n c2 = {}, e1 = {}, e2 = {}"
                .format(p, q1, q2, n1, n2, c1, c2, e1, e2))
            q = q1
            e = e1
            phin = (p - 1) * (q - 1)
            d = gmpy.invert(e, phin)
            print(d)
            c = c1