Python inverse示例

示例#1

def _common_module_attack(n, e_b, d_b, e_a):

    N = (e_b * d_b) - 1  # 1) N <- (e_b*d_b)-1
    f, s = get_f_s_from_N(N)  #    N = (2^f)*s

    a = randint(1, n - 1)  # 2) a <- rand (Z/nZ)
    b = pow(int(a), int(s), int(n))  #    b <- a^s (mod n)
    print("b = ", b)
    l_and_t_found = False
    print("start finding l")
    l = find_l(b, int(n))

    while (not l_and_t_found):  # 3) b^(2^l) = 1 (mod n)
        #    if (b^(2^(l-1)) = -1 (mod n))
        pow_b = pow(2, l - 1)  #       new rand a, go to 2)
        if (pow(b, pow_b, n) == -1):  #    else
            a = randint(1, n - 1)  #       t <- b^(2^(l-1)) (mod n)
            b = pow(a, s, n)
            l = find_l(b)
        else:
            t = pow(b, pow_b, n)
            l_and_t_found = True

    p = GCD(t + 1, n)  # 4) p <- gcd(t+1,n)
    q = GCD(t - 1, n)  #    q <- gcd(t-1,n)

    f_n_2 = (p - 1) * (q - 1)
    d_a = inverse(e_a, f_n_2)
    while (d_a == d_b):
        d_a = inverse(e_b, f_n_2)
    if d_b != d_a:
        print("Attack for common module: Success")
    else:
        print("Attack for common module: Failed")

示例#2

文件： __init__.py 项目： ianling/ecdsa-private-key-recovery

 def recover_nonce_reuse(self, other):
     assert (self.pubkey.q == other.pubkey.q)
     assert (self.sig.r == other.sig.r)  # reused *k* implies same *r*
     self.k = (self.h - other.h) * inverse(self.sig.s - other.sig.s,
                                           self.pubkey.q) % self.pubkey.q
     self.x = ((self.k * self.sig.s - self.h) *
               inverse(self.sig.r, self.pubkey.q)) % self.pubkey.q
     # other.k, other.x = self.k, self.x   # update other object as well?
     return self

示例#3

文件： test_RSA.py 项目： FndNur1Labs/PokemonGo-DesktopMap

    def setUp(self):
        global RSA, Random, bytes_to_long
        from Cryptodome.PublicKey import RSA
        from Cryptodome import Random
        from Cryptodome.Util.number import bytes_to_long, inverse
        self.n = bytes_to_long(a2b_hex(self.modulus))
        self.p = bytes_to_long(a2b_hex(self.prime_factor))

        # Compute q, d, and u from n, e, and p
        self.q = self.n // self.p
        self.d = inverse(self.e, (self.p-1)*(self.q-1))
        self.u = inverse(self.p, self.q)    # u = e**-1 (mod q)

        self.rsa = RSA

示例#4

文件： test_RSA.py 项目： Ball-project-2021/test-backend-frontend

    def setUp(self):
        global RSA, Random, bytes_to_long
        from Cryptodome.PublicKey import RSA
        from Cryptodome import Random
        from Cryptodome.Util.number import bytes_to_long, inverse
        self.n = bytes_to_long(a2b_hex(self.modulus))
        self.p = bytes_to_long(a2b_hex(self.prime_factor))

        # Compute q, d, and u from n, e, and p
        self.q = self.n // self.p
        self.d = inverse(self.e, (self.p-1)*(self.q-1))
        self.u = inverse(self.p, self.q)    # u = e**-1 (mod q)

        self.rsa = RSA

示例#5

文件： test_RSA.py 项目： FndNur1Labs/PokemonGo-DesktopMap

    def test_construct_bad_key6(self):
        tup = (self.n, self.e, self.d, self.p, self.q, 10L)
        self.assertRaises(ValueError, self.rsa.construct, tup)

        from Cryptodome.Util.number import inverse
        tup = (self.n, self.e, self.d, self.p, self.q, inverse(self.q, self.p))
        self.assertRaises(ValueError, self.rsa.construct, tup)

示例#6

文件： utils.py 项目： liudhzhyym/hydrogen

    def decrypt(self, cipher):
        """
        :type cipher long
        :param cipher: 密文
        :return:
        """
        cipher = self.encoding_2_long(cipher, self.cipher_encoding)
        if self.d is not None:
            d = self.d
        else:
            d = inverse(self.e, (self.p - 1) * (self.q - 1))

        if self.n is not None:
            n = self.n
        else:
            n = self.p * self.q

        rsa = RSA.construct((n, self.e, d))
        if self.padding == 'PKCS1_OAEP':
            rsa = PKCS1_OAEP.new(rsa)
            plain = rsa.decrypt(long_to_bytes(cipher))
        elif self.padding == 'PKCS1_v1_5':
            rsa = PKCS1_v1_5.new(rsa)
            plain = rsa.decrypt(long_to_bytes(cipher), True)
        else:
            plain = pow(cipher, d, n)
            return self.long_2_encoding(plain, self.plain_encoding)

        plain = self.long_2_encoding(bytes_to_long(plain), self.plain_encoding)
        return plain

示例#7

    def uncrypt(self, block):
        """ La fonction de déchiffrement"""

        byte_size = self.bit_size//8

        if len(block) == 4*byte_size:
            b_B1 = block[0:byte_size]
            b_B2 = block[byte_size:2*byte_size]
            b_c = block[2*byte_size:3*byte_size]
            b_v = block[3*byte_size:4*byte_size]
            
            B1 = int.from_bytes(b_B1, sys.byteorder)
            B2 = int.from_bytes(b_B2, sys.byteorder)
            c = int.from_bytes(b_c, sys.byteorder)
            v = int.from_bytes(b_v, sys.byteorder)

            # vérification de v
            p = self.p
            x1, x2, y1, y2 = self.x1, self.x2, self.y1, self.y2
            H = self.hashFunction((B1 + B2 + c) % p)
            v_bis = (pow(B1, x1, p) * pow(B2, x2, p) * pow(pow(B1, y1, p) * pow(B2, y2, p), H, p)) % p
            if v_bis != v:
                raise ValueError('Le message a été altéré après le chiffrement')
            # déchiffrement
            m = (inverse(pow(B1, self.w, p), p) * c) % p
            m = m.to_bytes(byte_size, sys.byteorder)
            return unpad(m, byte_size, 'iso7816')
        else:
            raise ValueError("Le block ne possède pas la bonne taille pour le déchiffrement")

示例#8

文件： test_RSA.py 项目： Ball-project-2021/test-backend-frontend

    def test_construct_bad_key6(self):
        tup = (self.n, self.e, self.d, self.p, self.q, 10)
        self.assertRaises(ValueError, self.rsa.construct, tup)

        from Cryptodome.Util.number import inverse
        tup = (self.n, self.e, self.d, self.p, self.q, inverse(self.q, self.p))
        self.assertRaises(ValueError, self.rsa.construct, tup)

示例#9

def copper_rsa_lattice():
    """
    Encryption:
    import random
    base = random.getrandbits(2048)
    p = next_prime(base + random.getrandbits(256))
    q = next_prime(base + random.getrandbits(256))
    n = p * q
    e = 65537
    print("e = ", e)
    print("n = ", n)
    c = power_mod(m, e, n)
    print("c = ", c)

    Output:
    """
    from Cryptodome.Util import number
    e = 65537
    n = 8281850967132278399574272688766937486036646313403007679588335903785669628431708760927341727806006769095252325575815709840401878674105658204057327337750902945521512357960818523078486774689928139816732080923197367563639383252762498921096166065153092144335239373370093976823925031794323976150363874930075228846801224430767428594024165529140949082062667410186456029480046489969338885725614510660737026927443934115006027747874368836800022473917576424175601374800697491622086825964475396316066082109998646438504664272000556702241576240616765962934452557847306066736505798267513078073147161755828577875047115978481485076227911405625234425533967247248864837854031634968764570599279385827285321806293661331225163255461894680337693227417748934924109356565823327149859245521513696171473417470936260563397398387972467438182651142096935931112668743912944902147582538985769095457203775208567489073198557073226907349118348902079942096374377432431441166710584381655348979330535397040250376989291669788189409825278457889980676574146044704329826483808929549888234303934178478274711686806257841293265249466735277673158607466360053037971774844824065612178793324128914371112619033111301900922374201703477207948412866443213080633623441392016518823291181
    c = 6407923537926201847312357068295079879508779752068254604904486842729636773279241546432035102141932853761974844472828552921133743850412718722424893044377874567625621282274625365299685502104113862870672461666586814138206797733946319875258776059721304226419810313489197076949529322847815009706727586961448584443159011118432142946962961532154723891985416387650240762711716865116844837968079333914181751979527853152286708153252001832721723040664452442266930832118353632114958540067674924812749763008217133300059446967170825813909142247660230309955433005706793802514554628379255160648976960069078223370104177403453404917998945232459801324103878906593528309460372271638119657797804398399482025063414403804134607772871958848100256643503372624214762343403925077455660522664025602043433142314759978192969519687720668535544914589329155338178120703060384042066182354031274600184116143293639032906542194564776766076911767759167772137229504115598174156646085123675283692418970988032320780636742598466655712520383055569607154074137271584433653335176877094399371749081016317705026349554938167377640856287458145646649292278971980553895419112860061073864077521131958519819285117031990498977039003918710661660868949818362940359852436185282868088342132

    p = 2877820523787450925749443223409676535526103461002156158445828224293671401993991478543020287097392331073352851877283061169200661485601861126177989029099279726556037706157577055235829106587295127330817726845862915284936240880512882371822435354503703582818585826639860414460347276612398615213473473435297607044419660432857760267782763215613805061134548930946450808892523918406477350229326879718460875896139320212120566207583969498664502640043503068067423704342779684140776844591504545219651693576024138161226306265777913216051021635043708034933142150577361241126706252795462441428424206966514776010058207246337809108763
    q = 2877820523787450925749443223409676535526103461002156158445828224293671401993991478543020287097392331073352851877283061169200661485601861126177989029099279726556037706157577055235829106587295127330817726845862915284936240880512882371822435354503703582818585826639860414460347276612398615213473473435297607044419660432857760267782763215613805061134548930946450808892523918406477350229326879718460875896139320212120566207583969498664502640043503068067423704342779684140776844591504545219651693576024138161226306265777913216051021635043708034966478921186010140653104995611058414645030602000549187384764408555794028217687
    # factorized n from http://factordb.com
    phi = (p - 1) * (q - 1)
    d = number.inverse(e, phi)
    print(number.long_to_bytes(pow(c, d, n)))

示例#10

文件： 6.47_48.py 项目： blegloannec/cryptopals

def attack(c: bytes):
    e, n = K
    B = 1 << (8 * (k - 2))

    # Init.
    print('Step  1......', end=' ', flush=True)
    if oracle(c):  # m was already padded before encryption
        s0 = 1
    else:
        # Step 1
        s0 = random.randint(0, n - 1)
        while not oracle(c * pow(s0, e, n)):
            s0 = random.randint(0, n - 1)
    M = [(2 * B, 3 * B - 1)]
    c0 = (c * pow(s0, e, n)) % n
    i = 1
    print('ok')

    # Step 2.a
    print('Step  2a.....', end=' ', flush=True)
    s = ceil_div(n, 3 * B)
    while not oracle(c0 * pow(s, e, n)):
        s += 1
    print('ok')

    while True:
        print(f'Steps 2b-4... {i}', end='\r', flush=True)
        if len(M) > 1:
            # Step 2.b
            s += 1
            while not oracle(c0 * pow(s, e, n)):
                s += 1
        else:
            # Step 2.c
            a, b = M[0]
            r = ceil_div(2 * (b * s - 2 * B), n)  # as in the article,
            #r = ceil_div(2*(b*s-B), n)   # or corrected typo?
            s = ceil_div(2 * B + r * n, b)
            while not oracle(c0 * pow(s, e, n)):
                s += 1
                if a * s >= 3 * B + r * n:
                    r += 1
                    s = ceil_div(2 * B + r * n, b)

        # Step 3
        Mupd = []
        for a, b in M:
            r = ceil_div(a * s - 3 * B + 1, n)
            while n * r <= b * s - 2 * B:
                a1 = max(a, ceil_div(2 * B + r * n, s))
                b1 = min(b, (3 * B - 1 + r * n) // s)
                if a1 <= b1:
                    Mupd.append((a1, b1))
                r += 1
        M = merge_intervals(Mupd)

        # Step 4
        if len(M) == 1 and M[0][0] == M[0][1]:
            return (M[0][0] * inverse(s0, n)) % n
        i += 1

示例#11

文件： tema2.py 项目： Andreeaxhx/ACTN

def rsa_crt_multiprime(y):

    phi = (p - 1) * (q - 1) * (r - 1)
    d = pow(e, -1, phi)

    b1 = pow(y % p, d % (p - 1), p)
    b2 = pow(y % q, d % (q - 1), q)
    b3 = pow(y % r, d % (r - 1), r)

    x1 = b1 % p
    c = ((b2 - x1) * inverse(p, q)) % q
    x2 = x1 + p * c

    d = ((b3 - x2) * inverse(p * q, r)) % r
    x3 = x2 + p * q * d

    return x3

示例#12

    def calculate_prediction(self, encrypted_nom, encrypted_denom):
        plain_nom = encrypted_nom[1] * inverse(
            pow(encrypted_nom[0], self.privElgamalKey, self.p), self.p)
        plain_denom = encrypted_denom[1] * inverse(
            pow(encrypted_denom[0], self.privElgamalKey, self.p), self.p)

        #print(self.boundedDiscreteLog(plain_nom % self.p))
        #print(self.boundedDiscreteLog(plain_denom % self.p))
        nom = self.boundedDiscreteLog(plain_nom % self.p)
        denom = self.boundedDiscreteLog(plain_denom % self.p)
        print("Nom", nom)
        print("Denom", denom)
        if denom == 0:
            prediction = 0
        else:
            prediction = nom / denom
        return prediction

示例#13

文件： Server.py 项目： cinarmert/CS425-Project

    def calculateSimMat(self):
        self.genElgamalKeys()
        n = len(self.user_list)
        sim_round1_m = []
        for i in range(n):
            sim_round1_m.append(self.user_list[i].sim_round1_all(
                self.m, self.avg_ratings))
            print("Round 1 User: "******"Round 2 User: "******"Round2 Done")
        for i in range(self.m):
            temp_zero = []
            for j in range(self.m):
                temp_zero.append(0)
            decrypt_pairwise_m.append(temp_zero)
            decrypt_denom.append(0)

        progress = 0
        for i in range(self.m):
            for j in range(self.m):
                base = 1
                for k in range(n):
                    base = base * round2_m[k][i][j] % self.p
                    progress += 1

                #decrypt_pairwise_m[i][j] = pairwise_mults[i][j][1] * inverse(base, self.p) % self.p
                decrypt_pairwise_m[i][j] = self.boundedDiscreteLog(
                    pairwise_mults[i][j][1] * inverse(base, self.p) % self.p)
                #print("Decrypt i: ", i, " j: ", j, " Done!")
            print("Progress: %", 100 * float(progress) / (self.m * self.m * n))
            decrypt_denom[i] = decrypt_pairwise_m[i][i]

        result_matrix = []
        for i in range(self.m):
            sim_vector = []
            for j in range(self.m):
                sim_vector.append(
                    int(
                        self.getSim(decrypt_pairwise_m[i][j], decrypt_denom[i],
                                    decrypt_denom[j]) * 100))
            result_matrix.append(sim_vector)

        #print(result_matrix)
        self.simMat = result_matrix

示例#14

文件： paillier.py 项目： cinarmert/CS425-Project

    def gen_key(prime_size = 1024):
        p = getPrime(prime_size)
        q = getPrime(prime_size)
        n = p * q
        g = n + 1
        phi = (p - 1) * (q - 1)
        l = phi
        mu = inverse(phi, n)

        return (n, g), (l, mu)

示例#15

文件： tema2.py 项目： Andreeaxhx/ACTN

def rsa_crt_multipower(y):

    phi = p * (p - 1) * (q - 1)
    d = pow(e, -1, phi)
    p2 = p * p
    x0 = pow(y % p, d % (p - 1), p)
    xq = pow(y % q, d % (q - 1), q)

    first = (y - pow(x0, e, p2)) // p
    second = inverse(e * pow(x0, e - 1, p), p)
    x1 = (first * second) % p

    xp2 = x1 * p + x0

    sol1 = xp2 % p2
    c = ((xq - sol1) * inverse(p2, q)) % q

    sol2 = sol1 + p2 * c

    return sol2

示例#16

文件： fertilizers.py 项目： INOS-soft/writeups

    def __init__(self):
        self.e = 3
        self.p = getStrongPrime(512, e=self.e)
        self.q = getStrongPrime(512, e=self.e)
        self.n = self.p * self.q
        self.phi = (self.p - 1) * (self.q - 1)
        self.d = inverse(self.e, self.phi)

        ## generate secret seed
        self.seed = pow(1 << 1023, self.e, self.n)
        self.seed = long_to_bytes(self.seed)

示例#17

文件： cipher.py 项目： lysakov/PublicKeyCriptography

    def __decrypt_block(self, blob, p, q, block_size, n):
        c = bytes_to_int(blob)
        m_p = sqrt_mod(c, p)
        m_q = sqrt_mod(c, q)
        q_inv = number.inverse(q, p)
        p_inv = number.inverse(p, q)
        m = [(m_p * q * q_inv + m_q * p * p_inv) % n,
             (m_p * q * q_inv - m_q * p * p_inv) % n]
        m += [n - m[0], n - m[1]]

        for block in m:
            bytes_arr = int_to_bytes(block)
            if bytes_to_int(bytes_arr[:len(Rabin._PADDING)]) == bytes_to_int(
                    Rabin._PADDING):
                data_len = bytes_arr[len(Rabin._PADDING):len(Rabin._PADDING) +
                                     byte_length(block_size)]
                data_len = bytes_to_int(data_len)

                return bytes_arr[-1 - data_len:-1]

        raise ValueError("Incorrect ciphertext format")

示例#18

文件： decrypt.py 项目： onealmond/hacking-lab

def rsa_twins():
    from Cryptodome.Util import number
    n = 14783703403657671882600600446061886156235531325852194800287001788765221084107631153330658325830443132164971084137462046607458019775851952933254941568056899
    e = 65537
    c = 684151956678815994103733261966890872908254340972007896833477109225858676207046453897176861126186570268646592844185948487733725335274498844684380516667587

    # factorized n from http://factordb.com
    p = 121588253559534573498320028934517990374721243335397811413129137253981502291629
    q = 121588253559534573498320028934517990374721243335397811413129137253981502291631

    phi = (p - 1) * (q - 1)
    d = number.inverse(e, phi)
    print(number.long_to_bytes(pow(c, d, n)))

示例#19

def _generate_a(r):
    e = 0
    d = 0
    some = True
    while (some == True):
        e = randint(1, r - 1)
        if (GCD(e, r) == 1):
            d = inverse(e, r)
            if ((e * d) % r == 1):
                some = False
                break
    print("a = ", e)
    print("a_1 = ", d)
    return e, d

示例#20

def decrypt(grps, e):
    for grp in combinations(zip(grps['n'], grps['c']), e):
        N = 1
        for x in grp:
            N *= x[0]

        M = 0
        for x in grp:
            M += x[1] * number.inverse(N // x[0], x[0]) * (N // x[0])
        M %= N

        m, exact = gmpy.root(M, e)
        if exact:
            print(number.long_to_bytes(m))

示例#21

    def decrypt(self, cipher):
        """
        :type cipher long
        :param cipher: 密文
        :return:
        """
        cipher = self.encoding_2_long(cipher, self.cipher_encoding)
        if self.d is not None:
            d = self.d
        else:
            d = inverse(self.e, (self.p - 1) * (self.q - 1))

        if self.n is not None:
            n = self.n
        elif self.p is not None and self.q is not None:
            n = self.p * self.q
        else:
            return '!!!error: n is empty!!!'

        # (N,e)是公钥，(N,d)是私钥
        if self.encrypt_method == 'private-key-encrypt':
            n, e, d = n, d, self.e
        elif self.encrypt_method == 'public-key-encrypt':
            n, e, d = n, self.e, d
        else:
            return '!!!wrong encrypt_method!!!'

        rsa = RSA.construct((n, e, d))
        if self.padding == 'PKCS1_OAEP':
            rsa = PKCS1_OAEP.new(rsa)
            plain = rsa.decrypt(long_to_bytes(cipher))
        elif self.padding == 'PKCS1_v1_5_Java':
            rsa = PKCS1_v1_5_Java_Cipher(rsa, Random.get_random_bytes)
            # 第二个参数 False，表示出错时会返回 False，plain 的值将为 False
            plain = rsa.decrypt(long_to_bytes(cipher), False)
            if plain is False:
                return '!!!error: decrypt error!!!'
        elif self.padding == 'PKCS1_v1_5':
            rsa = PKCS1_v1_5.new(rsa)
            # 第二个参数 False，表示出错时会返回 False，plain 的值将为 False
            plain = rsa.decrypt(long_to_bytes(cipher), False)
            if plain is False:
                return '!!!error: decrypt error!!!'
        else:
            plain = pow(cipher, d, n)
            return self.long_2_encoding(plain, self.plain_encoding)

        plain = self.long_2_encoding(bytes_to_long(plain), self.plain_encoding)
        return plain

示例#22

def parse_PRIK(chunk, encryption_key):
    """Parse PRIK chunk which contains private RSA key"""
    decrypted = decode_aes256('cbc',
                              encryption_key[:16],
                              decode_hex(chunk.payload),
                              encryption_key)

    hex_key = re.match(br'^LastPassPrivateKey<(?P<hex_key>.*)>LastPassPrivateKey$', decrypted).group('hex_key')
    rsa_key = RSA.importKey(decode_hex(hex_key))

    rsa_key.dmp1 = rsa_key.d % (rsa_key.p - 1)
    rsa_key.dmq1 = rsa_key.d % (rsa_key.q - 1)
    rsa_key.iqmp = number.inverse(rsa_key.q, rsa_key.p)

    return rsa_key

示例#23

def good_parameters():
    p, q = getPrimePair()
    n = p * q
    f_n = (p - 1) * (q - 1)

    while (True):
        e = randint(1, f_n - 1)
        if (GCD(e, f_n) == 1):
            d = inverse(e, f_n)
            if 36 * pow(d, 4) > n:
                break

    print("p = {}".format(p))
    print("q = {}".format(q))
    print("n = {}".format(n))
    print("e = {}".format(e))
    print("d = {}".format(d))

示例#24

def gen_key(size=1 << 10):
    e = 3  # we always want e = 3 here
    n = 0
    while n.bit_length() < size:
        p = getPrime(size >> 1)
        while (p - 1) % e == 0:  # gcd(e, p-1) != 1
            p = getPrime(size >> 1)
        q = getPrime(size >> 1)
        while (q - 1) % e == 0:  # gcd(e, q-1) != 1
            q = getPrime(size >> 1)
        n = p * q
    phi = (p - 1) * (q - 1)
    #d = pow(e, -1, phi)
    d = inverse(e, phi)
    K = PubKey(e, n)
    k = PrivKey(d, n)
    return (k, K)

示例#25

文件： signature.py 项目： lysakov/PublicKeyCriptography

    def keygen(security_param = 2048):
        p = number.getPrime(security_param // 2)
        q = number.getPrime(security_param // 2)
        n = p*q

        phi = (p - 1)*(q - 1)
        e = randint(0, phi)
        while number.GCD(e, phi) != 1:
            e = randint(0, phi)

        key_coder = RsaKeyCoder()
        public_key = key_coder.encode_public_key(e, n)

        key_encryptor = KeyEncryptor.get_instance()
        d = number.inverse(e, phi)
        private_key = key_encryptor.encrypt(key_coder.encode_private_key(d, n))

        return public_key, private_key

示例#26

    def encrypt(self, plain):
        """
        :type plain long
        :param plain: 明文
        :return:
        """
        plain = self.encoding_2_long(plain, self.plain_encoding)
        # (N,e)是公钥，(N,d)是私钥
        if self.encrypt_method == 'public-key-encrypt':
            n, e = self.n, self.e
        elif self.encrypt_method == 'private-key-encrypt':
            if self.d is not None:
                d = self.d
            else:
                d = inverse(self.e, (self.p - 1) * (self.q - 1))

            if self.n is not None:
                n = self.n
            else:
                n = self.p * self.q

            n, e = n, d
        else:
            return '!!!wrong encrypt_method!!!'

        rsa = RSA.construct((n, e,))
        # 最佳非对称加密填充（OAEP）
        if self.padding == 'PKCS1_OAEP':
            rsa = PKCS1_OAEP.new(rsa)
            cipher = rsa.encrypt(long_to_bytes(plain))
        elif self.padding == 'PKCS1_v1_5_Java':
            rsa = PKCS1_v1_5_Java_Cipher(rsa, Random.get_random_bytes)
            cipher = rsa.encrypt(long_to_bytes(plain))
        elif self.padding == 'PKCS1_v1_5':
            rsa = PKCS1_v1_5.new(rsa)
            cipher = rsa.encrypt(long_to_bytes(plain))
        else:
            cipher = pow(plain, e, n)
            return self.long_2_encoding(cipher, self.cipher_encoding)

        cipher = self.long_2_encoding(bytes_to_long(cipher), self.cipher_encoding)
        return cipher

示例#27

文件： test_import_RSA.py 项目： mmunier44/chat-frontend

class ImportKeyTests(unittest.TestCase):
    # 512-bit RSA key generated with openssl
    rsaKeyPEM = '''-----BEGIN RSA PRIVATE KEY-----
MIIBOwIBAAJBAL8eJ5AKoIsjURpcEoGubZMxLD7+kT+TLr7UkvEtFrRhDDKMtuII
q19FrL4pUIMymPMSLBn3hJLe30Dw48GQM4UCAwEAAQJACUSDEp8RTe32ftq8IwG8
Wojl5mAd1wFiIOrZ/Uv8b963WJOJiuQcVN29vxU5+My9GPZ7RA3hrDBEAoHUDPrI
OQIhAPIPLz4dphiD9imAkivY31Rc5AfHJiQRA7XixTcjEkojAiEAyh/pJHks/Mlr
+rdPNEpotBjfV4M4BkgGAA/ipcmaAjcCIQCHvhwwKVBLzzTscT2HeUdEeBMoiXXK
JACAr3sJQJGxIQIgarRp+m1WSKV1MciwMaTOnbU7wxFs9DP1pva76lYBzgUCIQC9
n0CnZCJ6IZYqSt0H5N7+Q+2Ro64nuwV/OSQfM6sBwQ==
-----END RSA PRIVATE KEY-----'''

    # As above, but this is actually an unencrypted PKCS#8 key
    rsaKeyPEM8 = '''-----BEGIN PRIVATE KEY-----
MIIBVQIBADANBgkqhkiG9w0BAQEFAASCAT8wggE7AgEAAkEAvx4nkAqgiyNRGlwS
ga5tkzEsPv6RP5MuvtSS8S0WtGEMMoy24girX0WsvilQgzKY8xIsGfeEkt7fQPDj
wZAzhQIDAQABAkAJRIMSnxFN7fZ+2rwjAbxaiOXmYB3XAWIg6tn9S/xv3rdYk4mK
5BxU3b2/FTn4zL0Y9ntEDeGsMEQCgdQM+sg5AiEA8g8vPh2mGIP2KYCSK9jfVFzk
B8cmJBEDteLFNyMSSiMCIQDKH+kkeSz8yWv6t080Smi0GN9XgzgGSAYAD+KlyZoC
NwIhAIe+HDApUEvPNOxxPYd5R0R4EyiJdcokAICvewlAkbEhAiBqtGn6bVZIpXUx
yLAxpM6dtTvDEWz0M/Wm9rvqVgHOBQIhAL2fQKdkInohlipK3Qfk3v5D7ZGjrie7
BX85JB8zqwHB
-----END PRIVATE KEY-----'''

    # The same RSA private key as in rsaKeyPEM, but now encrypted
    rsaKeyEncryptedPEM=(

        # PEM encryption
        # With DES and passphrase 'test'
        ('test', '''-----BEGIN RSA PRIVATE KEY-----
Proc-Type: 4,ENCRYPTED
DEK-Info: DES-CBC,AF8F9A40BD2FA2FC

Ckl9ex1kaVEWhYC2QBmfaF+YPiR4NFkRXA7nj3dcnuFEzBnY5XULupqQpQI3qbfA
u8GYS7+b3toWWiHZivHbAAUBPDIZG9hKDyB9Sq2VMARGsX1yW1zhNvZLIiVJzUHs
C6NxQ1IJWOXzTew/xM2I26kPwHIvadq+/VaT8gLQdjdH0jOiVNaevjWnLgrn1mLP
BCNRMdcexozWtAFNNqSzfW58MJL2OdMi21ED184EFytIc1BlB+FZiGZduwKGuaKy
9bMbdb/1PSvsSzPsqW7KSSrTw6MgJAFJg6lzIYvR5F4poTVBxwBX3+EyEmShiaNY
IRX3TgQI0IjrVuLmvlZKbGWP18FXj7I7k9tSsNOOzllTTdq3ny5vgM3A+ynfAaxp
dysKznQ6P+IoqML1WxAID4aGRMWka+uArOJ148Rbj9s=
-----END RSA PRIVATE KEY-----'''),

        # PKCS8 encryption
        ('winter', '''-----BEGIN ENCRYPTED PRIVATE KEY-----
MIIBpjBABgkqhkiG9w0BBQ0wMzAbBgkqhkiG9w0BBQwwDgQIeZIsbW3O+JcCAggA
MBQGCCqGSIb3DQMHBAgSM2p0D8FilgSCAWBhFyP2tiGKVpGj3mO8qIBzinU60ApR
3unvP+N6j7LVgnV2lFGaXbJ6a1PbQXe+2D6DUyBLo8EMXrKKVLqOMGkFMHc0UaV6
R6MmrsRDrbOqdpTuVRW+NVd5J9kQQh4xnfU/QrcPPt7vpJvSf4GzG0n666Ki50OV
M/feuVlIiyGXY6UWdVDpcOV72cq02eNUs/1JWdh2uEBvA9fCL0c07RnMrdT+CbJQ
NjJ7f8ULtp7xvR9O3Al/yJ4Wv3i4VxF1f3MCXzhlUD4I0ONlr0kJWgeQ80q/cWhw
ntvgJwnCn2XR1h6LA8Wp+0ghDTsL2NhJpWd78zClGhyU4r3hqu1XDjoXa7YCXCix
jCV15+ViDJzlNCwg+W6lRg18sSLkCT7alviIE0U5tHc6UPbbHwT5QqAxAABaP+nZ
CGqJGyiwBzrKebjgSm/KRd4C91XqcsysyH2kKPfT51MLAoD4xelOURBP
-----END ENCRYPTED PRIVATE KEY-----'''
        ),
    )

    rsaPublicKeyPEM = '''-----BEGIN PUBLIC KEY-----
MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAL8eJ5AKoIsjURpcEoGubZMxLD7+kT+T
Lr7UkvEtFrRhDDKMtuIIq19FrL4pUIMymPMSLBn3hJLe30Dw48GQM4UCAwEAAQ==
-----END PUBLIC KEY-----'''

    # Obtained using 'ssh-keygen -i -m PKCS8 -f rsaPublicKeyPEM'
    rsaPublicKeyOpenSSH = b('''ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAAQQC/HieQCqCLI1EaXBKBrm2TMSw+/pE/ky6+1JLxLRa0YQwyjLbiCKtfRay+KVCDMpjzEiwZ94SS3t9A8OPBkDOF comment\n''')

    # The private key, in PKCS#1 format encoded with DER
    rsaKeyDER = a2b_hex(
    '''3082013b020100024100bf1e27900aa08b23511a5c1281ae6d93312c3efe
    913f932ebed492f12d16b4610c328cb6e208ab5f45acbe2950833298f312
    2c19f78492dedf40f0e3c190338502030100010240094483129f114dedf6
    7edabc2301bc5a88e5e6601dd7016220ead9fd4bfc6fdeb75893898ae41c
    54ddbdbf1539f8ccbd18f67b440de1ac30440281d40cfac839022100f20f
    2f3e1da61883f62980922bd8df545ce407c726241103b5e2c53723124a23
    022100ca1fe924792cfcc96bfab74f344a68b418df578338064806000fe2
    a5c99a023702210087be1c3029504bcf34ec713d877947447813288975ca
    240080af7b094091b12102206ab469fa6d5648a57531c8b031a4ce9db53b
    c3116cf433f5a6f6bbea5601ce05022100bd9f40a764227a21962a4add07
    e4defe43ed91a3ae27bb057f39241f33ab01c1
    '''.replace(" ",""))

    # The private key, in unencrypted PKCS#8 format encoded with DER
    rsaKeyDER8 = a2b_hex(
    '''30820155020100300d06092a864886f70d01010105000482013f3082013
    b020100024100bf1e27900aa08b23511a5c1281ae6d93312c3efe913f932
    ebed492f12d16b4610c328cb6e208ab5f45acbe2950833298f3122c19f78
    492dedf40f0e3c190338502030100010240094483129f114dedf67edabc2
    301bc5a88e5e6601dd7016220ead9fd4bfc6fdeb75893898ae41c54ddbdb
    f1539f8ccbd18f67b440de1ac30440281d40cfac839022100f20f2f3e1da
    61883f62980922bd8df545ce407c726241103b5e2c53723124a23022100c
    a1fe924792cfcc96bfab74f344a68b418df578338064806000fe2a5c99a0
    23702210087be1c3029504bcf34ec713d877947447813288975ca240080a
    f7b094091b12102206ab469fa6d5648a57531c8b031a4ce9db53bc3116cf
    433f5a6f6bbea5601ce05022100bd9f40a764227a21962a4add07e4defe4
    3ed91a3ae27bb057f39241f33ab01c1
    '''.replace(" ",""))

    rsaPublicKeyDER = a2b_hex(
    '''305c300d06092a864886f70d0101010500034b003048024100bf1e27900a
    a08b23511a5c1281ae6d93312c3efe913f932ebed492f12d16b4610c328c
    b6e208ab5f45acbe2950833298f3122c19f78492dedf40f0e3c190338502
    03010001
    '''.replace(" ",""))

    n = int('BF 1E 27 90 0A A0 8B 23 51 1A 5C 12 81 AE 6D 93 31 2C 3E FE 91 3F 93 2E BE D4 92 F1 2D 16 B4 61 0C 32 8C B6 E2 08 AB 5F 45 AC BE 29 50 83 32 98 F3 12 2C 19 F7 84 92 DE DF 40 F0 E3 C1 90 33 85'.replace(" ",""),16)
    e = 65537
    d = int('09 44 83 12 9F 11 4D ED F6 7E DA BC 23 01 BC 5A 88 E5 E6 60 1D D7 01 62 20 EA D9 FD 4B FC 6F DE B7 58 93 89 8A E4 1C 54 DD BD BF 15 39 F8 CC BD 18 F6 7B 44 0D E1 AC 30 44 02 81 D4 0C FA C8 39'.replace(" ",""),16)
    p = int('00 F2 0F 2F 3E 1D A6 18 83 F6 29 80 92 2B D8 DF 54 5C E4 07 C7 26 24 11 03 B5 E2 C5 37 23 12 4A 23'.replace(" ",""),16)
    q = int('00 CA 1F E9 24 79 2C FC C9 6B FA B7 4F 34 4A 68 B4 18 DF 57 83 38 06 48 06 00 0F E2 A5 C9 9A 02 37'.replace(" ",""),16)

    # This is q^{-1} mod p). fastmath and slowmath use pInv (p^{-1}
    # mod q) instead!
    qInv = int('00 BD 9F 40 A7 64 22 7A 21 96 2A 4A DD 07 E4 DE FE 43 ED 91 A3 AE 27 BB 05 7F 39 24 1F 33 AB 01 C1'.replace(" ",""),16)
    pInv = inverse(p,q)

    def testImportKey1(self):
        """Verify import of RSAPrivateKey DER SEQUENCE"""
        key = RSA.importKey(self.rsaKeyDER)
        self.assertTrue(key.has_private())
        self.assertEqual(key.n, self.n)
        self.assertEqual(key.e, self.e)
        self.assertEqual(key.d, self.d)
        self.assertEqual(key.p, self.p)
        self.assertEqual(key.q, self.q)

    def testImportKey2(self):
        """Verify import of SubjectPublicKeyInfo DER SEQUENCE"""
        key = RSA.importKey(self.rsaPublicKeyDER)
        self.assertFalse(key.has_private())
        self.assertEqual(key.n, self.n)
        self.assertEqual(key.e, self.e)

    def testImportKey3unicode(self):
        """Verify import of RSAPrivateKey DER SEQUENCE, encoded with PEM as unicode"""
        key = RSA.importKey(self.rsaKeyPEM)
        self.assertEqual(key.has_private(),True) # assert_
        self.assertEqual(key.n, self.n)
        self.assertEqual(key.e, self.e)
        self.assertEqual(key.d, self.d)
        self.assertEqual(key.p, self.p)
        self.assertEqual(key.q, self.q)

    def testImportKey3bytes(self):
        """Verify import of RSAPrivateKey DER SEQUENCE, encoded with PEM as byte string"""
        key = RSA.importKey(b(self.rsaKeyPEM))
        self.assertEqual(key.has_private(),True) # assert_
        self.assertEqual(key.n, self.n)
        self.assertEqual(key.e, self.e)
        self.assertEqual(key.d, self.d)
        self.assertEqual(key.p, self.p)
        self.assertEqual(key.q, self.q)

    def testImportKey4unicode(self):
        """Verify import of RSAPrivateKey DER SEQUENCE, encoded with PEM as unicode"""
        key = RSA.importKey(self.rsaPublicKeyPEM)
        self.assertEqual(key.has_private(),False) # failIf
        self.assertEqual(key.n, self.n)
        self.assertEqual(key.e, self.e)

    def testImportKey4bytes(self):
        """Verify import of SubjectPublicKeyInfo DER SEQUENCE, encoded with PEM as byte string"""
        key = RSA.importKey(b(self.rsaPublicKeyPEM))
        self.assertEqual(key.has_private(),False) # failIf
        self.assertEqual(key.n, self.n)
        self.assertEqual(key.e, self.e)

    def testImportKey5(self):
        """Verifies that the imported key is still a valid RSA pair"""
        key = RSA.importKey(self.rsaKeyPEM)
        idem = key._encrypt(key._decrypt(89))
        self.assertEqual(idem, 89)

    def testImportKey6(self):
        """Verifies that the imported key is still a valid RSA pair"""
        key = RSA.importKey(self.rsaKeyDER)
        idem = key._encrypt(key._decrypt(65))
        self.assertEqual(idem, 65)

    def testImportKey7(self):
        """Verify import of OpenSSH public key"""
        key = RSA.importKey(self.rsaPublicKeyOpenSSH)
        self.assertEqual(key.n, self.n)
        self.assertEqual(key.e, self.e)

    def testImportKey8(self):
        """Verify import of encrypted PrivateKeyInfo DER SEQUENCE"""
        for t in self.rsaKeyEncryptedPEM:
            key = RSA.importKey(t[1], t[0])
            self.assertTrue(key.has_private())
            self.assertEqual(key.n, self.n)
            self.assertEqual(key.e, self.e)
            self.assertEqual(key.d, self.d)
            self.assertEqual(key.p, self.p)
            self.assertEqual(key.q, self.q)

    def testImportKey9(self):
        """Verify import of unencrypted PrivateKeyInfo DER SEQUENCE"""
        key = RSA.importKey(self.rsaKeyDER8)
        self.assertTrue(key.has_private())
        self.assertEqual(key.n, self.n)
        self.assertEqual(key.e, self.e)
        self.assertEqual(key.d, self.d)
        self.assertEqual(key.p, self.p)
        self.assertEqual(key.q, self.q)

    def testImportKey10(self):
        """Verify import of unencrypted PrivateKeyInfo DER SEQUENCE, encoded with PEM"""
        key = RSA.importKey(self.rsaKeyPEM8)
        self.assertTrue(key.has_private())
        self.assertEqual(key.n, self.n)
        self.assertEqual(key.e, self.e)
        self.assertEqual(key.d, self.d)
        self.assertEqual(key.p, self.p)
        self.assertEqual(key.q, self.q)

    def testImportKey11(self):
        """Verify import of RSAPublicKey DER SEQUENCE"""
        der = asn1.DerSequence([17, 3]).encode()
        key = RSA.importKey(der)
        self.assertEqual(key.n, 17)
        self.assertEqual(key.e, 3)

    def testImportKey12(self):
        """Verify import of RSAPublicKey DER SEQUENCE, encoded with PEM"""
        der = asn1.DerSequence([17, 3]).encode()
        pem = der2pem(der)
        key = RSA.importKey(pem)
        self.assertEqual(key.n, 17)
        self.assertEqual(key.e, 3)

    def test_import_key_windows_cr_lf(self):
        pem_cr_lf = "\r\n".join(self.rsaKeyPEM.splitlines())
        key = RSA.importKey(pem_cr_lf)
        self.assertEqual(key.n, self.n)
        self.assertEqual(key.e, self.e)
        self.assertEqual(key.d, self.d)
        self.assertEqual(key.p, self.p)
        self.assertEqual(key.q, self.q)

    ###
    def testExportKey1(self):
        key = RSA.construct([self.n, self.e, self.d, self.p, self.q, self.pInv])
        derKey = key.exportKey("DER")
        self.assertEqual(derKey, self.rsaKeyDER)

    def testExportKey2(self):
        key = RSA.construct([self.n, self.e])
        derKey = key.exportKey("DER")
        self.assertEqual(derKey, self.rsaPublicKeyDER)

    def testExportKey3(self):
        key = RSA.construct([self.n, self.e, self.d, self.p, self.q, self.pInv])
        pemKey = key.exportKey("PEM")
        self.assertEqual(pemKey, b(self.rsaKeyPEM))

    def testExportKey4(self):
        key = RSA.construct([self.n, self.e])
        pemKey = key.exportKey("PEM")
        self.assertEqual(pemKey, b(self.rsaPublicKeyPEM))

    def testExportKey5(self):
        key = RSA.construct([self.n, self.e])
        openssh_1 = key.exportKey("OpenSSH").split()
        openssh_2 = self.rsaPublicKeyOpenSSH.split()
        self.assertEqual(openssh_1[0], openssh_2[0])
        self.assertEqual(openssh_1[1], openssh_2[1])

    def testExportKey7(self):
        key = RSA.construct([self.n, self.e, self.d, self.p, self.q, self.pInv])
        derKey = key.exportKey("DER", pkcs=8)
        self.assertEqual(derKey, self.rsaKeyDER8)

    def testExportKey8(self):
        key = RSA.construct([self.n, self.e, self.d, self.p, self.q, self.pInv])
        pemKey = key.exportKey("PEM", pkcs=8)
        self.assertEqual(pemKey, b(self.rsaKeyPEM8))

    def testExportKey9(self):
        key = RSA.construct([self.n, self.e, self.d, self.p, self.q, self.pInv])
        self.assertRaises(ValueError, key.exportKey, "invalid-format")

    def testExportKey10(self):
        # Export and re-import the encrypted key. It must match.
        # PEM envelope, PKCS#1, old PEM encryption
        key = RSA.construct([self.n, self.e, self.d, self.p, self.q, self.pInv])
        outkey = key.exportKey('PEM', 'test')
        self.assertTrue(tostr(outkey).find('4,ENCRYPTED')!=-1)
        self.assertTrue(tostr(outkey).find('BEGIN RSA PRIVATE KEY')!=-1)
        inkey = RSA.importKey(outkey, 'test')
        self.assertEqual(key.n, inkey.n)
        self.assertEqual(key.e, inkey.e)
        self.assertEqual(key.d, inkey.d)

    def testExportKey11(self):
        # Export and re-import the encrypted key. It must match.
        # PEM envelope, PKCS#1, old PEM encryption
        key = RSA.construct([self.n, self.e, self.d, self.p, self.q, self.pInv])
        outkey = key.exportKey('PEM', 'test', pkcs=1)
        self.assertTrue(tostr(outkey).find('4,ENCRYPTED')!=-1)
        self.assertTrue(tostr(outkey).find('BEGIN RSA PRIVATE KEY')!=-1)
        inkey = RSA.importKey(outkey, 'test')
        self.assertEqual(key.n, inkey.n)
        self.assertEqual(key.e, inkey.e)
        self.assertEqual(key.d, inkey.d)

    def testExportKey12(self):
        # Export and re-import the encrypted key. It must match.
        # PEM envelope, PKCS#8, old PEM encryption
        key = RSA.construct([self.n, self.e, self.d, self.p, self.q, self.pInv])
        outkey = key.exportKey('PEM', 'test', pkcs=8)
        self.assertTrue(tostr(outkey).find('4,ENCRYPTED')!=-1)
        self.assertTrue(tostr(outkey).find('BEGIN PRIVATE KEY')!=-1)
        inkey = RSA.importKey(outkey, 'test')
        self.assertEqual(key.n, inkey.n)
        self.assertEqual(key.e, inkey.e)
        self.assertEqual(key.d, inkey.d)

    def testExportKey13(self):
        # Export and re-import the encrypted key. It must match.
        # PEM envelope, PKCS#8, PKCS#8 encryption
        key = RSA.construct([self.n, self.e, self.d, self.p, self.q, self.pInv])
        outkey = key.exportKey('PEM', 'test', pkcs=8,
                protection='PBKDF2WithHMAC-SHA1AndDES-EDE3-CBC')
        self.assertTrue(tostr(outkey).find('4,ENCRYPTED')==-1)
        self.assertTrue(tostr(outkey).find('BEGIN ENCRYPTED PRIVATE KEY')!=-1)
        inkey = RSA.importKey(outkey, 'test')
        self.assertEqual(key.n, inkey.n)
        self.assertEqual(key.e, inkey.e)
        self.assertEqual(key.d, inkey.d)

    def testExportKey14(self):
        # Export and re-import the encrypted key. It must match.
        # DER envelope, PKCS#8, PKCS#8 encryption
        key = RSA.construct([self.n, self.e, self.d, self.p, self.q, self.pInv])
        outkey = key.exportKey('DER', 'test', pkcs=8)
        inkey = RSA.importKey(outkey, 'test')
        self.assertEqual(key.n, inkey.n)
        self.assertEqual(key.e, inkey.e)
        self.assertEqual(key.d, inkey.d)

    def testExportKey15(self):
        # Verify that that error an condition is detected when trying to
        # use a password with DER encoding and PKCS#1.
        key = RSA.construct([self.n, self.e, self.d, self.p, self.q, self.pInv])
        self.assertRaises(ValueError, key.exportKey, 'DER', 'test', 1)

    def test_import_key(self):
        """Verify that import_key is an alias to importKey"""
        key = RSA.import_key(self.rsaPublicKeyDER)
        self.assertFalse(key.has_private())
        self.assertEqual(key.n, self.n)
        self.assertEqual(key.e, self.e)

示例#28

文件： decrypt.py 项目： onealmond/hacking-lab

#!/usr/bin/env python3
from Cryptodome.Util import number

N = 0x665166804cd78e8197073f65f58bca14e019982245fcc7cad74535e948a4e0258b2e919bf3720968a00e5240c5e1d6b8831d8fec300d969fccec6cce11dde826d3fbe0837194f2dc64194c78379440671563c6c75267f0286d779e6d91d3e9037c642a860a894d8c45b7ed564d341501cedf260d3019234f2964ccc6c56b6de8a4f66667e9672a03f6c29d95100cdf5cb363d66f2131823a953621680300ab3a2eb51c12999b6d4249dde499055584925399f3a8c7a4a5a21f095878e80bbc772f785d2cbf70a87c6b854eb566e1e1beb7d4ac6eb46023b3dc7fdf34529a40f5fc5797f9c15c54ed4cb018c072168e9c30ca3602e00ea4047d2e5686c6eb37b9
e = 0x2c998e57bc651fe4807443dbb3e794711ca22b473d7792a64b7a326538dc528a17c79c72e425bf29937e47b2d6f6330ee5c13bfd8564b50e49132d47befd0ee2e85f4bfe2c9452d62ef838d487c099b3d7c80f14e362b3d97ca4774f1e4e851d38a4a834b077ded3d40cd20ddc45d57581beaa7b4d299da9dec8a1f361c808637238fa368e07c7d08f5654c7b2f8a90d47857e9b9c0a81a46769f6307d5a4442707afb017959d9a681fa1dc8d97565e55f02df34b04a3d0a0bf98b7798d7084db4b3f6696fa139f83ada3dc70d0b4c57bf49f530dec938096071f9c4498fdef9641dfbfe516c985b27d1748cc6ce1a4beb1381fb165a3d14f61032e0f76f095d
c = 0x503d5dd3bf3d76918b868c0789c81b4a384184ddadef81142eabdcb78656632e54c9cb22ac2c41178607aa41adebdf89cd24ec1876365994f54f2b8fc492636b59382eb5094c46b5818cf8d9b42aed7e8051d7ca1537202d20ef945876e94f502e048ad71c7ad89200341f8071dc73c2cc1c7688494cad0110fca4854ee6a1ba999005a650062a5d55063693e8b018b08c4591946a3fc961dae2ba0c046f0848fbe5206d56767aae8812d55ee9decc1587cf5905887846cd3ecc6fc069e40d36b29ee48229c0c79eceab9a95b11d15421b8585a2576a63b9f09c56a4ca1729680410da237ac5b05850604e2af1f4ede9cf3928cbb3193a159e64482928b585ac

p = 98444549679044409506244239144443867459824227934526036052949278261505813439015297459200379108752444235232667213138464076415095486907288282630595622287237215801470940146886371515679909322090871473412384894540642399950010296214525469622505798526072170187467562765920044646574445427364231529083610955760228212701
q = 131205304707717699800023219057082007986286045823683571663112014612188606710079038751853416273709729039622908861933527111469616900188875912430487264576215232569029320804579614330240773622645122871884209068761138439268551367198798009790636662892148063583135747945604771740458352899202428704645256790931460695949

phi = (q-1)*(p-1)

# TODO
# e is too big for Wiener's Attack
# use Boneh's attack instead
# https://sagi.io/2016/04/crypto-classics-wieners-rsa-attack/
d = number.inverse(e, phi)
print(number.long_to_bytes(pow(c, d, N)))

示例#29

 def calc_d(self):
     d = inverse(self.e, (self.p - 1) * (self.q - 1))
     return d

示例#30

 def make_private_key_pem(self):
     d = inverse(self.e, (self.p - 1) * (self.q - 1))
     rsa = RSA.construct((self.n, self.e, d))
     return rsa.exportKey()

示例#31

    21711308225346315542706844618441565741046498277716979943478360598053144971379956916575370343448988601905854572029635846626259487297950305231661109855854947494209135205589258643517961521594924368498672064293208230802441077390193682958095111922082677813175804775628884377724377647428385841831277059274172982280545237765559969228707506857561215268491024097063920337721783673060530181637161577401589126558556182546896783307370517275046522704047385786111489447064794210010802761708615907245523492585896286374996088089317826162798278528296206977900274431829829206103227171839270887476436899494428371323874689055690729986771,
    2734411677251148030723138005716109733838866545375527602018255159319631026653190783670493107936401603981429171880504360560494771017246468702902647370954220312452541342858747590576273775107870450853533717116684326976263006435733382045807971890762018747729574021057430331778033982359184838159747331236538501849965329264774927607570410347019418407451937875684373454982306923178403161216817237890962651214718831954215200637651103907209347900857824722653217179548148145687181377220544864521808230122730967452981435355334932104265488075777638608041325256776275200067541533022527964743478554948792578057708522350812154888097
)

# (N, e) pairs from friends
friend_keys = [
    (21711308225346315542706844618441565741046498277716979943478360598053144971379956916575370343448988601905854572029635846626259487297950305231661109855854947494209135205589258643517961521594924368498672064293208230802441077390193682958095111922082677813175804775628884377724377647428385841831277059274172982280545237765559969228707506857561215268491024097063920337721783673060530181637161577401589126558556182546896783307370517275046522704047385786111489447064794210010802761708615907245523492585896286374996088089317826162798278528296206977900274431829829206103227171839270887476436899494428371323874689055690729986771,
     106979),
    (21711308225346315542706844618441565741046498277716979943478360598053144971379956916575370343448988601905854572029635846626259487297950305231661109855854947494209135205589258643517961521594924368498672064293208230802441077390193682958095111922082677813175804775628884377724377647428385841831277059274172982280545237765559969228707506857561215268491024097063920337721783673060530181637161577401589126558556182546896783307370517275046522704047385786111489447064794210010802761708615907245523492585896286374996088089317826162798278528296206977900274431829829206103227171839270887476436899494428371323874689055690729986771,
     108533),
    (21711308225346315542706844618441565741046498277716979943478360598053144971379956916575370343448988601905854572029635846626259487297950305231661109855854947494209135205589258643517961521594924368498672064293208230802441077390193682958095111922082677813175804775628884377724377647428385841831277059274172982280545237765559969228707506857561215268491024097063920337721783673060530181637161577401589126558556182546896783307370517275046522704047385786111489447064794210010802761708615907245523492585896286374996088089317826162798278528296206977900274431829829206103227171839270887476436899494428371323874689055690729986771,
     69557),
    (21711308225346315542706844618441565741046498277716979943478360598053144971379956916575370343448988601905854572029635846626259487297950305231661109855854947494209135205589258643517961521594924368498672064293208230802441077390193682958095111922082677813175804775628884377724377647428385841831277059274172982280545237765559969228707506857561215268491024097063920337721783673060530181637161577401589126558556182546896783307370517275046522704047385786111489447064794210010802761708615907245523492585896286374996088089317826162798278528296206977900274431829829206103227171839270887476436899494428371323874689055690729986771,
     97117),
    (21711308225346315542706844618441565741046498277716979943478360598053144971379956916575370343448988601905854572029635846626259487297950305231661109855854947494209135205589258643517961521594924368498672064293208230802441077390193682958095111922082677813175804775628884377724377647428385841831277059274172982280545237765559969228707506857561215268491024097063920337721783673060530181637161577401589126558556182546896783307370517275046522704047385786111489447064794210010802761708615907245523492585896286374996088089317826162798278528296206977900274431829829206103227171839270887476436899494428371323874689055690729986771,
     103231)
]
c = 20304610279578186738172766224224793119885071262464464448863461184092225736054747976985179673905441502689126216282897704508745403799054734121583968853999791604281615154100736259131453424385364324630229671185343778172807262640709301838274824603101692485662726226902121105591137437331463201881264245562214012160875177167442010952439360623396658974413900469093836794752270399520074596329058725874834082188697377597949405779039139194196065364426213208345461407030771089787529200057105746584493554722790592530472869581310117300343461207750821737840042745530876391793484035024644475535353227851321505537398888106855012746117

# factorization of N
p = 134460556242811604004061671529264401215233974442536870999694816691450423689575549530215841622090861571494882591368883283016107051686642467260643894947947473532769025695530343815260424314855023688439603651834585971233941772580950216838838690315383700689885536546289584980534945897919914730948196240662991266027
q = 161469718942256895682124261315253003309512855995894840701317251772156087404025170146631429756064534716206164807382734456438092732743677793224010769460318383691408352089793973150914149255603969984103815563896440419666191368964699279209687091969164697704779792586727943470780308857107052647197945528236341228473

phi = (q - 1) * (p - 1)

# reverse encryption process
for key in friend_keys[::-1]:
    d = number.inverse(key[1], phi)
    c = pow(c, d, N)
print(number.long_to_bytes(c))

示例#32

文件： Server.py 项目： cinarmert/CS425-Project

    def calculateAverage(self):
        self.genElgamalKeys()
        n = len(self.user_list)
        round1_m = []
        for i in range(n):
            round1_m.append(self.user_list[i].average_round1_all(self.m))

        sum_of_ratings, sum_of_flags = self.multiplyRatings(round1_m)

        ratings_A = []
        flags_A = []
        for sum in sum_of_ratings:
            ratings_A.append(sum[0])
        for sum in sum_of_flags:
            flags_A.append(sum[0])
        # Round 1 Done
        #print(ratings_A)
        #print(sum_of_ratings)
        # Round 2
        round2_m = []
        for i in range(n):
            round2_m.append(self.user_list[i].average_round2(
                ratings_A, flags_A))

        sum_plain_ratings = []
        sum_plain_flags = []

        for i in range(self.m):
            sum_plain_flags.append(0)
            sum_plain_ratings.append(0)

        for i in range(self.m):
            base = 1
            for j in range(n):
                base = base * round2_m[j][i][0] % self.p  # multiply all A_1 s
            sum_plain_ratings[i] = (sum_of_ratings[i][1] * inverse(
                base, self.p)) % self.p  # Divide by B_1
            sum_plain_ratings[i] = self.boundedDiscreteLog(
                sum_plain_ratings[i])
            base = 1
            for j in range(n):
                base = base * round2_m[j][i][1] % self.p  # multiply all A_2 s
            sum_plain_flags[i] = (sum_of_flags[i][1] * inverse(
                base, self.p)) % self.p  # Divide by B_2
            sum_plain_flags[i] = self.boundedDiscreteLog(sum_plain_flags[i])

        average_result = []

        for i in range(self.m):
            inter_result = 0
            if (sum_plain_flags[i] == 0):
                inter_result = sum_plain_flags[i] * 1.0
            else:
                inter_result = sum_plain_ratings[i] * 1.0 / sum_plain_flags[
                    i]  # calculate the actual average
            #print("Rating i", sum_plain_ratings[i])
            #print("flags i", sum_plain_flags[i])
            #average_result.append(inter_result) open if not stored as a multiple of 2
            average_result.append(inter_result / 2)

        self.avg_ratings = average_result  # list of m averages