def generate_key(bits, e): """ Returns p and q. """ p = getPrime(bits / 2) q = getPrime(bits / 2) if fractions.gcd(p - 1, e) != 1 or fractions.gcd(q - 1, e) != 1: return generate_key(bits, e) else: return p, q, modinv(e, (p - 1) * (q - 1))
def rsa_key_export(): masterkey = rsa.generate_key( 2048 ) print '[+] generate OK!' print '[+] exporting keypair to disk...' rsa.export_keypair( 'rsa_server', masterkey ) print '\t[+] attempting to reload keypair from disk... ', pubkey = rsa.load_key('rsa_server.pub') prvkey = rsa.load_key('rsa_server.prv') assert( prvkey.has_private() ) assert( not pubkey.has_private() ) print 'OK!' assert(pubkey == prvkey.publickey())
def generateRSAKey(self): str = self.getFolderName() rsa.generate_key(str) self.showdialog("Key have been save at ..." + str)
from botocore.exceptions import ClientError from flask import Flask, abort, render_template, request from onetimesecret import OneTimeSecretCli from rsa import decrypt, encrypt, generate_key server = Flask(__name__) AWS_ACCESS_KEY_ID = os.environ.get("AWS_ACCESS_KEY_ID") AWS_S3_REGION = os.environ.get("AWS_S3_REGION", "us-east-1") AWS_SECRET_ACCESS_KEY = os.environ.get("AWS_SECRET_ACCESS_KEY") ONETIMESECRET_KEY = os.environ.get("ONETIMESECRET_KEY") ONETIMESECRET_USER = os.environ.get("ONETIMESECRET_USER") PASSWORD_STORAGE = os.environ.get("PASSWORD_STORAGE") SLACK_SERVER = os.environ.get("SLACK_SERVER", "https://slack.slashpass.co") secret_key = generate_key(os.environ.get("BIP39")) private_key = secret_key.exportKey("PEM") public_key = secret_key.publickey().exportKey("PEM") s3 = boto3.client( "s3", region_name=AWS_S3_REGION, aws_access_key_id=AWS_ACCESS_KEY_ID, aws_secret_access_key=AWS_SECRET_ACCESS_KEY, ) def _get_encryption_key(): bucket = PASSWORD_STORAGE key = "slack.slashpass.id_rsa.pub" encryption_key_url = "{}/public_key".format(SLACK_SERVER)
# longer messages and bigger exponents require more encrypted messages print "" print "Assuming that the message length is %d, we compute the bit_length of pow(<biggest string of size %d>, e), which is: %d" % ( len(m), len(m), (pow(pow(2, len(m) * 8), e).bit_length())) print "Every encryption operation uses a modulo whose lower bound is %d bit long" % ( key_length - 1) n_messages = (pow(pow(2, len(m) * 8), e).bit_length() / (key_length - 1)) + 1 print "So, we need at least (%d/%d) + 1 = %d different encrypted messages to be sure to recover the message" % ( pow(pow(2, len(m) * 8), e).bit_length(), (key_length - 1), n_messages) n_list = [] c_list = [] for _ in xrange(n_messages): p, q, d = generate_key(key_length, e) n = p * q # during every encryption step pow(m,e) is always the same "unknown" value, whereas n changes c = rsa_enc(mint, e, n) n_list.append(n) c_list.append(c) recovered_pow_m_e = crt(c_list, n_list) recovered_message = int_to_str(invpow(recovered_pow_m_e, e)) print "" print "original message:", repr(m) print "recovered message:", repr(recovered_message) assert m == recovered_message
break n = p * q l = (p - 1) * (q - 1) # calculate totient function d = modinv(e, l) self.n, self.e, self.d = int(n), int(e), int(d) return self.n, self.e, self.d def encrypt(self, data): return pow(int(data), int(self.e), int(self.n)) def decrypt(self, data): return pow(int(data), int(self.d), int(self.n)) if __name__ == "__main__": rsa = RSA() N, E, D = rsa.generate_key(16) test_data = 25 encrypted = pow(test_data, E, N) decrypted = pow(encrypted, D, N) print("n:", N) print("e:", E) print("d:", D) print("data:", test_data) print("encrypted:", encrypted) print("decrypted:", decrypted) assert decrypted == test_data
import os from datetime import datetime from urllib.parse import urlparse, urlunparse import redis import requests from flask import Flask from flask_sqlalchemy import SQLAlchemy from raven.contrib.flask import Sentry from rsa import generate_key from core import SlashpassCMD from environ import BIP39, DATABASE_URL, REDIS_HOST, SENTRY_DSN secret_key = generate_key(BIP39) private_key = secret_key.exportKey("PEM") public_key = secret_key.publickey().exportKey("PEM") server = Flask(__name__) server.config["SQLALCHEMY_DATABASE_URI"] = DATABASE_URL server.config["SQLALCHEMY_TRACK_MODIFICATIONS"] = False cache = redis.StrictRedis(host=REDIS_HOST, port=6379) sentry = Sentry(server, dsn=SENTRY_DSN) cmd = SlashpassCMD(cache, private_key) db = SQLAlchemy(server) class Team(db.Model): id = db.Column(db.Integer, primary_key=True)
import os import random import time from collections import namedtuple import rsa import utils Interval = namedtuple("Interval", ["lower_bound", "upper_bound"]) # global RSA key # only the oracle may use the secret key sk, in this setup modulus_size = 256 pk, sk = rsa.generate_key(modulus_size) (n, e) = pk # modulus size in bytes k = modulus_size // 8 # global start timer t_start = time.perf_counter() # keep track of the oracle calls global queries queries = 0 # math.ceil and math.floor don't work for large integers def floor(a, b): return a // b
def test_key_generator(self): n, e, d = generate_key(8) data = 2 en = encrypt(data, e, n) dec = decrypt(en, d, n) self.assertEqual(data,dec)
# -*-coding:utf-8-*- import base64 import aes import rsa import ecc if __name__ == '__main__': aesKey = b"pI3UfYGBWXR938Ui0ngNsmOsJ675kYcfqhzG86l7K24=" secretRsaPrivateKey = 'KhPQAOlk1QfwaN6Ax5ZvAi15WyYdCdmVrC5Dpy/m31vAXyF5w+fQQV77hv5QpwYxKFJASEPuPM3FxS6kJotVkKiStTwKrXvo4mPJkha6FS7ao5+UdM4IupS6ru8QGV1Xg1qP1WCKYXRwm5aSzmoJmJ/gag2lS9QPFP1l0epjiWf1pwqNR0Y5CNfD82U1nH23D499kXcVTVQFoAUIeThRt7iO+TmlIrXnVO7vkOIikLnRtyTzgM4RhpKecVy7ezKEWyLNatMkEJEdekAkcbD05YxG8tBz7s2YODRG3uDQfC3piPLlvaWA4QPSbiYoHiZX8rCKGYez1K/xe0F1VI9SJiKTezXjxo6SGJybLMKtnzVtIc2OdY+XRznxhOZDqCkEaLZMSQDRv8j7ZvfZV+2v3/4l89VWLsRFXmTUrWDBbo1y6MReKSFivZDvG4AmVVO/cOv6p9akuoxzkAWd/fp3Qg1+jFl7Wbf2d1pn4P3VokfPj6V1VmKPWGSpJ1k55vVpD29Lw2EIUTSVJ/2MYCDrXZKWmuSiKaA+Wb4aFSRTDQqW0xbM31Mj2D29pLY0ujc7pBfOe2c97+7TDGKoYlh6pzclPhdT2bk73u4vDogIRT0d13OzWp5G3NyoWUATjgJYPnXIuRSLwK/tJ+w93jBOI3LFbQkWavsz09ZAdOu3DKkytMcCaGHhrKshiDV83Q2elStzd5SPHjTH290LokC58A/0FT+xlqG0WbRS1O248Spou/CH/RfPBo96ZU+XIXV9tW2WAoVz/GEh8zdP3FSph+6CxNVUQqj1EMXD64XcAAVxX3XUmpclObXezJ3HioyrhIveRPOfsJBrsm7Hm9akcf3I6KZJpGKgdKcjbJ48o4MKgFQKvjnW+ykWxwThF4uqybPNepjLyLoBuUkWWg+Y77s4q0ZtIzZaTVqi+51K5al8MvvthV7+ZwR13yApNOg3j+kz4v/ahOuXEDH7cM+stqbuN1tft0GJ+eAx4Mm8irmEYuCNUK0fLGKcPImLRS32QFzJ79oGmiYfHf8ca0NBpx+l2pZHoBQtCWLVirEluOLPiaHiWvpglDiD1oWb99KnrdWVCz9NZ5gkXRwjPdh7zHB+bFYOlo6+wy7MhJolJGLD+DIthzLluVRT0ZrtWB9bMGjVMHyCgMAhZEEi7DmklIBIXtqjKZEtD+N+6peyV2OF+/v5HwHvo392wUBeyllCz3LqZO0u/wfvFCYlqglIChgnQb6EOF3E1ubYAROPFZeYty9KJMpwXZKv0R3UccLBF0kbWZ3aEh7CWmeI8E4Y0t8PT2pLNAfxBBm+nSPDkfbrGOpNM6J+wQCGS0RPopmmjQ65Qw43wGVbWzf1NHp6U88ep06jtWY2wxAG1mmPPDJmpSJSwjqt00d4ennWqIKdHCGK72Or19SgaryHAzKmjw8ks9PqlPMu07f/SXYJqCk9Ugjkwhwn1Ddl+U40djq1sq3BAtqOIbGnKEJjyV16ZPTVaN1Gq1gRn+IFTFaWb+5pUN5UlqIyJYHUBubvHWhWKga++3bQeWyQlKc+os+nKPD/rCMn2FyLp/2TF3AIyagdBvF42CaB3DLW33xFgIfbIZtRjqZj1fhKZg8ifdkQMXTc4/3uGF/qpySvM64KBtSgTN959DaO/sl6dYw+xFDHeCchZSceVo5uPh54UKpUCHahYP51k2bmQit9gsWA+W7zV8Qb4+BZdr0yBlfa7AomTwwgp/Kxs0ya2sZ885BZR+ah6nFjuc4OzIH60a8gUFZxDEC/05278OWRntnToP6UYzbHyfGCdzKbiPOGoDaFZfSGRD6MCBuP0MWYqGG6B6/Vza87NfluFOAjpu5iMXgqX1XT5rYe0PEZCYrto3KV3H4FpP65gs3AP92kFHQ62pGJkzj22bua53OZqLx+ylO97m62FOkqKQYV+c820Td6bCHjUSjxTQEvGOJsX36ukV37URsHfwXdykOugsbQZT0gddpRZj3pPv/zgl+4LCVXR/uD1ziKrmdmBTSUIFu2/hurLOAzXXmJSk3qKLMJJz0FquRESELLqR5ujAKVA9GQ7+sR8bbCA3d+BU5yMcRx0vrvf41+Sadf6IRF2KwR5juzUS7EwMDMOaDrsN3V1/QYhtTM4Ji+ZqPXav7yuWjULadPAcucelReTbLfka2RPMEk' publicKey = 'MIIBCgKCAQEA2xdcIYkim4HRgc8eW/KNZhESYIF/LBbr4WTwK0sygZkBUrXdQeEeYyeK08E1CF2VxsVQzkdP+RU6O8Z7y8JXyCh0Jdx7uEb1KKHYVT99BK1TEQZ32Ittba0xoybC/CAd3D1RPJtK+ymF837hp2FradVqAxrYcpcvk0vqKx4Lucylp6Z9Tq32xJYVK4dVihqZWaWnSLnodfCnPluW5JR6V3Y4unsX9bjxiqUHN9YtC6HE+MnFc/5wQkX1x8gFRTamt0B4BZsEzWSg3JG+L8Vy+MxnYibx+Y0rGWhysP7u5zHGx8cmCmZp9aDO0/WArvoFaaAIhBke7SxARMbcZpHY8wIDAQAB' privateKeyBase64 = aes.aes_ecb_decrypt( base64.b64decode(aesKey), base64.b64decode(secretRsaPrivateKey)) signature = rsa.sign_by_rsa_with_sha256(base64.b64decode(privateKeyBase64), b"this is message") print( rsa.verify_signature(base64.b64decode(publicKey), signature, b"this is message")) ciphertext = aes.aes_ecb_encrypt(base64.b64decode(aesKey), b"this is message") print(aes.aes_ecb_decrypt(base64.b64decode(aesKey), ciphertext)) private, public = rsa.generate_key() print(base64.b64encode(private).decode()) print(base64.b64encode(public).decode()) private, public = ecc.generate_key() signature = ecc.sign_with_sha256(private, b"this is message") print(ecc.verify_signature(public, signature, b"this is message"))