Пример #1
0
def generate_keypair_num(bits, e=E):

    while True:

        p = getStrongPrime(bits)
        q = getStrongPrime(bits)
        n = p * q
        et = (p - 1) * (q - 1)

        if gcd(et, e) == 1:
            break
    d = invmod(e, et)
    return ((e, n), (d, n))
Пример #2
0
def deadbeef(target=_TEST_TARGET, length=128, prime_length=4096,
           public_exponent=65537):
  """Perform the 0xdeadbeef attack.

  Returns a strong prime `p`, a prime `q`, and a private exponent
  `d` such that the last `length` bits of `p * q` is equal to
  `target`. (It is obvious, I hope, that the resulting key does
  not have any particular security guarantee.)

  Or loops forever if the last bit of `target` is `0`.
  """
  d = 0
  while not d:
    N = 2 ** length
    p = pubkey.getStrongPrime(2048-128)
    x = target * 2 ** (2048 - 128 - 2 * length) - 1
    q = x * ((target * invert(p * x, N)) % N)
    while not pubkey.isPrime(q):
      q += N
    phi = (p - 1) * (q - 1)
    d = invert(public_exponent, phi)
  n = p * q
  e = public_exponent
  with open(hex(n)[:18], 'wb') as f:
    f.write("n = {}\ne = {}\nd = {}\np = {}\nq = {}\n"
            .format(n, e, d, p, q))
  return n, e, d, p, q
Пример #3
0
def generate_pq(modbits):
	# generate primes p ad q
	# stolen from pycrypt
        p = q = 1L
        while number.size(p*q) < modbits:
                if modbits > 512 :
                        # Note that q might be one bit longer than p if somebody specifies an odd
                        # number of bits for the key. (Why would anyone do that?  You don't get
                        # more security.)
                        p = pubkey.getStrongPrime(modbits>>1, 0, 1e-12, None)
                        q = pubkey.getStrongPrime(modbits - (modbits>>1), 0, 1e-12, None)
                else :
                        p = pubkey.getPrime(modbits>>1, None)
                        q = pubkey.getPrime(modbits - (modbits>>1), None)

	return (p, q)
Пример #4
0
def generate_pq(modBits):
    '''
        Generate p, q (public key) with modBits bits for SRA encryption
        generate primes p and q, from Sefasi and pycrypt
    '''
    assert (modBits % 2 == 0)  # must provide even number of bits
    p = q = 1L
    while number.size(p * q) < modBits:
        if modBits > 512:
            p = pubkey.getStrongPrime(modBits >> 1, 0, 1e-12, None)
            q = pubkey.getStrongPrime(modBits - (modBits >> 1), 0, 1e-12, None)
        else:
            p = pubkey.getPrime(modBits >> 1, None)
            q = pubkey.getPrime(modBits - (modBits >> 1), None)

    return (p, q)
Пример #5
0
def generate_pq(modbits):
    # generate primes p ad q
    # stolen from pycrypt
    p = q = 1L
    while number.size(p * q) < modbits:
        if modbits > 512:
            # Note that q might be one bit longer than p if somebody specifies an odd
            # number of bits for the key. (Why would anyone do that?  You don't get
            # more security.)
            p = pubkey.getStrongPrime(modbits >> 1, 0, 1e-12, None)
            q = pubkey.getStrongPrime(modbits - (modbits >> 1), 0, 1e-12, None)
        else:
            p = pubkey.getPrime(modbits >> 1, None)
            q = pubkey.getPrime(modbits - (modbits >> 1), None)

    return (p, q)
Пример #6
0
def main():

    import os
    from Crypto.PublicKey.pubkey import getStrongPrime
    S = getStrongPrime(512) % N
    C1 = (pow(S, E, N) * C) % N

    P1 = submit(C1)
    P = (P1 * invmod(S, N)) % N
    print(i2s(P))
Пример #7
0
def generate_py(bits, randfunc, progress_func=None, e=65537):
    """generate(bits:int, randfunc:callable, progress_func:callable, e:int)

    Generate an RSA key of length 'bits', public exponent 'e'(which must be
    odd), using 'randfunc' to get random data and 'progress_func',
    if present, to display the progress of the key generation.
    """
    obj=RSAobj()
    obj.e = long(e)

    # Generate the prime factors of n
    if progress_func:
        progress_func('p,q\n')
    p = q = 1L
    while number.size(p*q) < bits:
        # Note that q might be one bit longer than p if somebody specifies an odd
        # number of bits for the key. (Why would anyone do that?  You don't get
        # more security.)
        p = pubkey.getStrongPrime(bits>>1, obj.e, 1e-12, randfunc)
        q = pubkey.getStrongPrime(bits - (bits>>1), obj.e, 1e-12, randfunc)

    # It's OK for p to be larger than q, but let's be
    # kind to the function that will invert it for
    # th calculation of u.
    if p > q:
        (p, q)=(q, p)
    obj.p = p
    obj.q = q

    if progress_func:
        progress_func('u\n')
    obj.u = pubkey.inverse(obj.p, obj.q)
    obj.n = obj.p*obj.q

    if progress_func:
        progress_func('d\n')
    obj.d=pubkey.inverse(obj.e, (obj.p-1)*(obj.q-1))

    assert bits <= 1+obj.size(), "Generated key is too small"

    return obj
Пример #8
0
def generate_py(bits, randfunc, progress_func=None, e=65537):
    """generate(bits:int, randfunc:callable, progress_func:callable, e:int)

    Generate an RSA key of length 'bits', public exponent 'e'(which must be
    odd), using 'randfunc' to get random data and 'progress_func',
    if present, to display the progress of the key generation.
    """
    obj=RSAobj()
    obj.e = long(e)

    # Generate the prime factors of n
    if progress_func:
        progress_func('p,q\n')
    p = q = 1L
    while number.size(p*q) < bits:
        # Note that q might be one bit longer than p if somebody specifies an odd
        # number of bits for the key. (Why would anyone do that?  You don't get
        # more security.)
        p = pubkey.getStrongPrime(bits>>1, obj.e, 1e-12, randfunc)
        q = pubkey.getStrongPrime(bits - (bits>>1), obj.e, 1e-12, randfunc)

    # It's OK for p to be larger than q, but let's be
    # kind to the function that will invert it for
    # th calculation of u.
    if p > q:
        (p, q)=(q, p)
    obj.p = p
    obj.q = q

    if progress_func:
        progress_func('u\n')
    obj.u = pubkey.inverse(obj.p, obj.q)
    obj.n = obj.p*obj.q

    if progress_func:
        progress_func('d\n')
    obj.d=pubkey.inverse(obj.e, (obj.p-1)*(obj.q-1))

    assert bits <= 1+obj.size(), "Generated key is too small"

    return obj
Пример #9
0
def generate_py(bits, randfunc, progress_func=None):
    """generate(bits:int, randfunc:callable, progress_func:callable)

    Generate an RSA key of length 'bits', using 'randfunc' to get
    random data and 'progress_func', if present, to display
    the progress of the key generation.
    """
    obj = RSAobj()
    obj.e = 65537L

    # Generate the prime factors of n
    if progress_func:
        progress_func('p,q\n')
    p = q = 1L
    while number.size(p * q) < bits:
        # Note that q might be one bit longer than p if somebody specifies an odd
        # number of bits for the key. (Why would anyone do that?  You don't get
        # more security.)
        p = pubkey.getStrongPrime(bits >> 1, obj.e, 1e-12, randfunc)
        q = pubkey.getStrongPrime(bits - (bits >> 1), obj.e, 1e-12, randfunc)

    # p shall be smaller than q (for calc of u)
    if p > q:
        (p, q) = (q, p)
    obj.p = p
    obj.q = q

    if progress_func:
        progress_func('u\n')
    obj.u = pubkey.inverse(obj.p, obj.q)
    obj.n = obj.p * obj.q

    if progress_func:
        progress_func('d\n')
    obj.d = pubkey.inverse(obj.e, (obj.p - 1) * (obj.q - 1))

    assert bits <= 1 + obj.size(), "Generated key is too small"

    return obj
Пример #10
0
def generate_py(bits, randfunc, progress_func=None, e=65537):
    obj = RSAobj()
    obj.e = long(e)
    if progress_func:
        progress_func('p,q\n')
    p = q = 1L
    while number.size(p * q) < bits:
        p = pubkey.getStrongPrime(bits >> 1, obj.e, 1e-12, randfunc)
        q = pubkey.getStrongPrime(bits - (bits >> 1), obj.e, 1e-12, randfunc)

    if p > q:
        p, q = q, p
    obj.p = p
    obj.q = q
    if progress_func:
        progress_func('u\n')
    obj.u = pubkey.inverse(obj.p, obj.q)
    obj.n = obj.p * obj.q
    if progress_func:
        progress_func('d\n')
    obj.d = pubkey.inverse(obj.e, (obj.p - 1) * (obj.q - 1))
    return obj
Пример #11
0
def generate_py(bits, randfunc, progress_func=None):
    """generate(bits:int, randfunc:callable, progress_func:callable)

    Generate an RSA key of length 'bits', using 'randfunc' to get
    random data and 'progress_func', if present, to display
    the progress of the key generation.
    """
    obj=RSAobj()
    obj.e = 65537L

    # Generate the prime factors of n
    if progress_func:
        progress_func('p,q\n')
    p = q = 1L
    while number.size(p*q) < bits:
        # Note that q might be one bit longer than p if somebody specifies an odd
        # number of bits for the key. (Why would anyone do that?  You don't get
        # more security.)
        p = pubkey.getStrongPrime(bits>>1, obj.e, 1e-12, randfunc)
        q = pubkey.getStrongPrime(bits - (bits>>1), obj.e, 1e-12, randfunc)

    # p shall be smaller than q (for calc of u)
    if p > q:
        (p, q)=(q, p)
    obj.p = p
    obj.q = q

    if progress_func:
        progress_func('u\n')
    obj.u = pubkey.inverse(obj.p, obj.q)
    obj.n = obj.p*obj.q

    if progress_func:
        progress_func('d\n')
    obj.d=pubkey.inverse(obj.e, (obj.p-1)*(obj.q-1))

    assert bits <= 1+obj.size(), "Generated key is too small"

    return obj
Пример #12
0
                        help="Only match full, not just prefix")
    parser.add_argument("--processes",
                        "-p",
                        type=int,
                        default=cpu_count(),
                        help="Number of worker processes")
    args = parser.parse_args()

    q = Queue(args.processes)
    processes = []
    s = Search(wordlists=args.word_lists.split(','), full=args.full)
    c = Value('i', 0)

    for i in range(0, args.processes):
        print("[+] Starting worker {}".format(i + 1))
        processes.append(Process(target=generator, args=(q, s, i + 1, c)))
        processes[i].start()
    processes.append(Process(target=counter, args=(c, )))
    processes[-1].start()
    try:
        while True:
            q.put((getStrongPrime(512, 3,
                                  1e-12), getStrongPrime(512, 3, 1e-12)))
    except KeyboardInterrupt:
        print("[-] Interrupt received, stopping workers.")
        stdout.flush()
    for p in processes:
        p.terminate()
    for p in processes:
        p.join()