赞 | 400 |
VIP | 0 |
好人卡 | 24 |
积分 | 250 |
经验 | 45372 |
最后登录 | 2024-7-2 |
在线时间 | 3339 小时 |
Lv5.捕梦者 (版主)
- 梦石
- 1
- 星屑
- 24004
- 在线时间
- 3339 小时
- 注册时间
- 2011-7-8
- 帖子
- 3926
|
4楼
楼主 |
发表于 2018-4-27 11:43:40
|
只看该作者
本帖最后由 guoxiaomi 于 2018-4-27 11:45 编辑
# --------------------------------------------------------- # RSA # --------------------------------------------------------- # For OAEP: # [url]https://www.emc.com/collateral/white-papers/h11300-pkcs-1v2-2-rsa-cryptography-standard-wp.pdf[/url] # --------------------------------------------------------- require 'base64' require 'digest/sha1' module RSA def int2str(i) hex = i.to_s(16) hex = '0' + hex if hex.size % 2 == 1 [hex].pack('H*') end def str2int(s) s.unpack('H*')[0].to_i(16) end def load_pub(fn) s = File.open(fn, 'r') do |f| Base64.decode64 f.read.split(/\s+/)[1] end i = 0 vars = [] while i < s.length do length = str2int(s[i...i+4]) i += 4 vars.push s[i...i+length] i += length end if i == s.size e, n = str2int(vars[1]), str2int(vars[2]) return [e, n] else return false end end def egcd(a, b) if a == 0 [b, 0, 1] else g, y, x = egcd(b % a, a) [g, x - (b / a) * y, y] end end def modinv(a, m) g, x, y = egcd(a, m) if g == 1 x % m else raise end end def modpow(a, b, n) rec = 1 while (b != 0) if b & 1 != 0 rec = (rec * a) % n end a = (a * a) % n b = b >> 1 end rec % n end def i2osp(i, len) a = [] len.times do a.push(i & 255) i = i >> 8 end a.reverse.pack('C*') end alias os2ip str2int def xor(s1, s2) raise if s1.size != s2.size int2str(str2int(s1) ^ str2int(s2)) end def sha1(s) Digest::SHA1.digest(s) end def mgf1(s, l) t = '' for i in 0..(l / 20) # 20 is sha1 output length t << sha1(s + i2osp(i, 4)) end t[0...l] end alias encrypt_public modpow end include RSA # try to encrypt a 128-bit aes key: aes_key = 'Say:hello,world!' # --------------------------------------------------------- # 0. load public key # --------------------------------------------------------- e, n = load_pub('test.pub') # --------------------------------------------------------- # 1. length checking # --------------------------------------------------------- L = '' DB = '' k = int2str(n).size lHash = sha1(L) hLen = lHash.size M = aes_key mLen = M.size if hLen > 2 << 61 - 1 # check for sha-1 raise 'label too long' elsif mLen + 2 * hLen + 2 > k raise 'message too long' end # --------------------------------------------------------- # 2. EME-OAEP encoding # --------------------------------------------------------- PS = "\x00" * (k - 2 * hLen - mLen - 2) DB << (lHash + PS + "\x01" + M) seed = Array.new(hLen).collect{|e| rand(256)}.pack('C*') maskedDB = xor(DB, mgf1(seed, k - hLen - 1)) maskedseed = xor(seed, mgf1(maskedDB, hLen)) EM = "\x00" + maskedseed + maskedDB print Base64.encode64(EM) # --------------------------------------------------------- # 3. RSA encryption # --------------------------------------------------------- m = os2ip(EM) c = encrypt_public(m, e, n) C = i2osp(c, k) print Base64.encode64(C)
# ---------------------------------------------------------
# RSA
# ---------------------------------------------------------
# For OAEP:
# [url]https://www.emc.com/collateral/white-papers/h11300-pkcs-1v2-2-rsa-cryptography-standard-wp.pdf[/url]
# ---------------------------------------------------------
require 'base64'
require 'digest/sha1'
module RSA
def int2str(i)
hex = i.to_s(16)
hex = '0' + hex if hex.size % 2 == 1
[hex].pack('H*')
end
def str2int(s)
s.unpack('H*')[0].to_i(16)
end
def load_pub(fn)
s = File.open(fn, 'r') do |f|
Base64.decode64 f.read.split(/\s+/)[1]
end
i = 0
vars = []
while i < s.length do
length = str2int(s[i...i+4])
i += 4
vars.push s[i...i+length]
i += length
end
if i == s.size
e, n = str2int(vars[1]), str2int(vars[2])
return [e, n]
else
return false
end
end
def egcd(a, b)
if a == 0
[b, 0, 1]
else
g, y, x = egcd(b % a, a)
[g, x - (b / a) * y, y]
end
end
def modinv(a, m)
g, x, y = egcd(a, m)
if g == 1
x % m
else
raise
end
end
def modpow(a, b, n)
rec = 1
while (b != 0)
if b & 1 != 0
rec = (rec * a) % n
end
a = (a * a) % n
b = b >> 1
end
rec % n
end
def i2osp(i, len)
a = []
len.times do
a.push(i & 255)
i = i >> 8
end
a.reverse.pack('C*')
end
alias os2ip str2int
def xor(s1, s2)
raise if s1.size != s2.size
int2str(str2int(s1) ^ str2int(s2))
end
def sha1(s)
Digest::SHA1.digest(s)
end
def mgf1(s, l)
t = ''
for i in 0..(l / 20) # 20 is sha1 output length
t << sha1(s + i2osp(i, 4))
end
t[0...l]
end
alias encrypt_public modpow
end
include RSA
# try to encrypt a 128-bit aes key:
aes_key = 'Say:hello,world!'
# ---------------------------------------------------------
# 0. load public key
# ---------------------------------------------------------
e, n = load_pub('test.pub')
# ---------------------------------------------------------
# 1. length checking
# ---------------------------------------------------------
L = ''
DB = ''
k = int2str(n).size
lHash = sha1(L)
hLen = lHash.size
M = aes_key
mLen = M.size
if hLen > 2 << 61 - 1 # check for sha-1
raise 'label too long'
elsif mLen + 2 * hLen + 2 > k
raise 'message too long'
end
# ---------------------------------------------------------
# 2. EME-OAEP encoding
# ---------------------------------------------------------
PS = "\x00" * (k - 2 * hLen - mLen - 2)
DB << (lHash + PS + "\x01" + M)
seed = Array.new(hLen).collect{|e| rand(256)}.pack('C*')
maskedDB = xor(DB, mgf1(seed, k - hLen - 1))
maskedseed = xor(seed, mgf1(maskedDB, hLen))
EM = "\x00" + maskedseed + maskedDB
print Base64.encode64(EM)
# ---------------------------------------------------------
# 3. RSA encryption
# ---------------------------------------------------------
m = os2ip(EM)
c = encrypt_public(m, e, n)
C = i2osp(c, k)
print Base64.encode64(C)
PHP的测试代码,把ruby代码的输出 Base64.encode64(C) 复制到 $data里,直接在服务端把私钥写出来了:
<?php $key = "-----BEGIN RSA PRIVATE KEY----- MIIEpAIBAAKCAQEAw2pCSxFVb2g1JwKjXK7CT7cVuSqo5emnWKyhjeqQjSvDUS3x dn1k4uTq24c701kpHkdXYl2WCJlDAJrIYD1KH6dzFAEOXNWKlKWIkcF7YkvnhZnn eHJw5ZhYuTM7cligkMeFW8UWb8tI/SsBmCQZrA/spJ03JmqJtoIY9PQXO+XAGqCy ZLxnHz40bvRMncgjPm4XENojrVtzh9LdRei8N3RkZw4gEcVaPpPgJze2ObSKdZ4+ CUtuFOSdap7K7o2N2d8S/Y7Jd+hH84FnSMpKlwsrr5unWeSFE67iNJV/KDH7V7Su 5J1GB9WgOBkxOm86+EXhrQfeuBI0Jqh/HQPKlwIDAQABAoIBAHkQqcWMFZwRuWxT rBXNh0CPsvumvEDEQxMi0Gv1uFxdkoIGrqO0B/6xx/b9j0je4iSKGk8sn7jwCpyj SCSnk/aMbTUlelp1SYfSDgwPDHvXfrY8pTTv4ZW8jqseXGP5GHDZy3sRXVchYDTI ohI5u1Xn/7n0VKiONIdHjmKjnolSNj8DRGYJ/nL9u4QenX0tGN43/lqP7UhO/O7D OdU9ysLn7glad6EARmMbG8hxIavdLvJ6F5HS9tpVT+9jTgi9t4mqdP6YTeh10fWa KQ7HFCOb9Wmu84YRNgb1+9w+ARGoe6r+aO1HTtE2DtoycExWOL0Ic2zhtKpKdv7N 8eZc7iECgYEA5Kuou03+IKlwDizgWAvsCifSWxRFcUAoCvR/xnDF80wqSxVWtJTF KaPHqU6uNTlFHvda+KRy0N6g8bc0+nrF8ZaOzMMM7tZTtY29mp5dZawD7zODTEGa XXzDbLyA8+rW3XZpuHlXJH6rovFyXvcZK+w5ekmeJI0NMwxTlvkUUK8CgYEA2sUf 6wZ2A/+FMjaqNWM5Nii/vth9F3VIQgpNC45batRyr2xSJBrug6Jd9R/N5qizWJR8 7/KYHwalqbqufj74PwodGRCR8QWoIK6msOEnIPNzhr+iFvFesjMvfF2MmPYzBT40 U+aJjqYS39rQRJuKlg6GcVEYiGu3J0Dc0LVqDpkCgYABGkLKBGpBRg/gQZ8jTYtp 0R9WiRZ8oU6QHvWuw0RxE+DwU74DSORaewuvaU21u/z1VUP/Buv2zdwAzl1XB9iE fbFak2YwkJ/+tBxB7pmMr/Ok556uc3KHGN7oW1BT3MIEd1mzJgKhjmrNclSW2KIq cA0m5cv5aSSzJlAQ3kqWyQKBgQCOL96931Ym5RVJ/JOF3Xaax8NQI96xt21+Vrma kCzEc04SzAFbLBHnhkkw/znQ98aRBPlq7q6GQ8i6VvYAYabxOf6NguKH11hd3YXD oqLO3MwyQSz1Ym1cvr3XQ+oUpLemabaS7VxsVW4hBlOks79QJiKlVcLvL6s7nQGn uLE0yQKBgQDAtCjdKbGGo8OFg2FKFD5vGXSXMscchi0ImyN4gAxRK3rlx5fyoo+X WUFSHdC3vO9TM00S07eXIuaOaHWjQUOzoTXKmQk4bvf5nZy6u+NvuPwGmwXXCCD2 Z+tK5j2eJ6DkOCwms9IA5kISZkxcFQASlywTihpkmXW9V9mXB0vk5g== -----END RSA PRIVATE KEY----- "; $data = "gEg4eOsosLi3LxguBSsyz7GVM/TBZo8XZYH97YYdNes9oL/1RYbbYp7jnfVt IWQpaeXFl/PBg+d1vy2R0C1YSuvqKJ/h5a6SddgNCF0sY40T3Pwg1n6bHcjp AXy+lrduQqnAUivppJF0UTY6Bv6DvdzQ5odd5On1tcZPzX/oGTAEYMiCZRWm OCqDPa7CqO2ohDaY0v+Ke8pxZh/my/VeyxVjprvkV3CWm4fE0DTwAnvSJtSJ 6zJV0iEMsigfdSk9CnWPkCkeaHHCbj9mQ25u+bjtoFAw+FpQAzB9CF6YQHI/ hCe4BPr8odOxdZtyKhgtdyENOmdPRWewtIhPc7PtJw=="; echo $data; $data = base64_decode($data); openssl_private_decrypt($data, $decrypted, $key, OPENSSL_NO_PADDING); echo "<br>NOPADDING!<br>"; echo base64_encode($decrypted); echo "<br>"; openssl_private_decrypt($data, $decrypted2, $key, OPENSSL_PKCS1_OAEP_PADDING); echo "<br>OAEP!<br>"; echo $decrypted2."<br>"; echo base64_encode($decrypted2); ?>
<?php
$key = "-----BEGIN RSA PRIVATE KEY-----
MIIEpAIBAAKCAQEAw2pCSxFVb2g1JwKjXK7CT7cVuSqo5emnWKyhjeqQjSvDUS3x
dn1k4uTq24c701kpHkdXYl2WCJlDAJrIYD1KH6dzFAEOXNWKlKWIkcF7YkvnhZnn
eHJw5ZhYuTM7cligkMeFW8UWb8tI/SsBmCQZrA/spJ03JmqJtoIY9PQXO+XAGqCy
ZLxnHz40bvRMncgjPm4XENojrVtzh9LdRei8N3RkZw4gEcVaPpPgJze2ObSKdZ4+
CUtuFOSdap7K7o2N2d8S/Y7Jd+hH84FnSMpKlwsrr5unWeSFE67iNJV/KDH7V7Su
5J1GB9WgOBkxOm86+EXhrQfeuBI0Jqh/HQPKlwIDAQABAoIBAHkQqcWMFZwRuWxT
rBXNh0CPsvumvEDEQxMi0Gv1uFxdkoIGrqO0B/6xx/b9j0je4iSKGk8sn7jwCpyj
SCSnk/aMbTUlelp1SYfSDgwPDHvXfrY8pTTv4ZW8jqseXGP5GHDZy3sRXVchYDTI
ohI5u1Xn/7n0VKiONIdHjmKjnolSNj8DRGYJ/nL9u4QenX0tGN43/lqP7UhO/O7D
OdU9ysLn7glad6EARmMbG8hxIavdLvJ6F5HS9tpVT+9jTgi9t4mqdP6YTeh10fWa
KQ7HFCOb9Wmu84YRNgb1+9w+ARGoe6r+aO1HTtE2DtoycExWOL0Ic2zhtKpKdv7N
8eZc7iECgYEA5Kuou03+IKlwDizgWAvsCifSWxRFcUAoCvR/xnDF80wqSxVWtJTF
KaPHqU6uNTlFHvda+KRy0N6g8bc0+nrF8ZaOzMMM7tZTtY29mp5dZawD7zODTEGa
XXzDbLyA8+rW3XZpuHlXJH6rovFyXvcZK+w5ekmeJI0NMwxTlvkUUK8CgYEA2sUf
6wZ2A/+FMjaqNWM5Nii/vth9F3VIQgpNC45batRyr2xSJBrug6Jd9R/N5qizWJR8
7/KYHwalqbqufj74PwodGRCR8QWoIK6msOEnIPNzhr+iFvFesjMvfF2MmPYzBT40
U+aJjqYS39rQRJuKlg6GcVEYiGu3J0Dc0LVqDpkCgYABGkLKBGpBRg/gQZ8jTYtp
0R9WiRZ8oU6QHvWuw0RxE+DwU74DSORaewuvaU21u/z1VUP/Buv2zdwAzl1XB9iE
fbFak2YwkJ/+tBxB7pmMr/Ok556uc3KHGN7oW1BT3MIEd1mzJgKhjmrNclSW2KIq
cA0m5cv5aSSzJlAQ3kqWyQKBgQCOL96931Ym5RVJ/JOF3Xaax8NQI96xt21+Vrma
kCzEc04SzAFbLBHnhkkw/znQ98aRBPlq7q6GQ8i6VvYAYabxOf6NguKH11hd3YXD
oqLO3MwyQSz1Ym1cvr3XQ+oUpLemabaS7VxsVW4hBlOks79QJiKlVcLvL6s7nQGn
uLE0yQKBgQDAtCjdKbGGo8OFg2FKFD5vGXSXMscchi0ImyN4gAxRK3rlx5fyoo+X
WUFSHdC3vO9TM00S07eXIuaOaHWjQUOzoTXKmQk4bvf5nZy6u+NvuPwGmwXXCCD2
Z+tK5j2eJ6DkOCwms9IA5kISZkxcFQASlywTihpkmXW9V9mXB0vk5g==
-----END RSA PRIVATE KEY-----
";
$data = "gEg4eOsosLi3LxguBSsyz7GVM/TBZo8XZYH97YYdNes9oL/1RYbbYp7jnfVt
IWQpaeXFl/PBg+d1vy2R0C1YSuvqKJ/h5a6SddgNCF0sY40T3Pwg1n6bHcjp
AXy+lrduQqnAUivppJF0UTY6Bv6DvdzQ5odd5On1tcZPzX/oGTAEYMiCZRWm
OCqDPa7CqO2ohDaY0v+Ke8pxZh/my/VeyxVjprvkV3CWm4fE0DTwAnvSJtSJ
6zJV0iEMsigfdSk9CnWPkCkeaHHCbj9mQ25u+bjtoFAw+FpQAzB9CF6YQHI/
hCe4BPr8odOxdZtyKhgtdyENOmdPRWewtIhPc7PtJw==";
echo $data;
$data = base64_decode($data);
openssl_private_decrypt($data, $decrypted, $key, OPENSSL_NO_PADDING);
echo "<br>NOPADDING!<br>";
echo base64_encode($decrypted);
echo "<br>";
openssl_private_decrypt($data, $decrypted2, $key, OPENSSL_PKCS1_OAEP_PADDING);
echo "<br>OAEP!<br>";
echo $decrypted2."<br>";
echo base64_encode($decrypted2);
?>
公钥:
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDDakJLEVVvaDUnAqNcrsJPtxW5Kqjl6adYrKGN6pCNK8NRLfF2fWTi5OrbhzvTWSkeR1diXZYImUMAmshgPUofp3MUAQ5c1YqUpYiRwXtiS+eFmed4cnDlmFi5MztyWKCQx4VbxRZvy0j9KwGYJBmsD+yknTcmaom2ghj09Bc75cAaoLJkvGcfPjRu9EydyCM+bhcQ2iOtW3OH0t1F6Lw3dGRnDiARxVo+k+AnN7Y5tIp1nj4JS24U5J1qnsrujY3Z3xL9jsl36EfzgWdIykqXCyuvm6dZ5IUTruI0lX8oMftXtK7knUYH1aA4GTE6bzr4ReGtB964EjQmqH8dA8qX test
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDDakJLEVVvaDUnAqNcrsJPtxW5Kqjl6adYrKGN6pCNK8NRLfF2fWTi5OrbhzvTWSkeR1diXZYImUMAmshgPUofp3MUAQ5c1YqUpYiRwXtiS+eFmed4cnDlmFi5MztyWKCQx4VbxRZvy0j9KwGYJBmsD+yknTcmaom2ghj09Bc75cAaoLJkvGcfPjRu9EydyCM+bhcQ2iOtW3OH0t1F6Lw3dGRnDiARxVo+k+AnN7Y5tIp1nj4JS24U5J1qnsrujY3Z3xL9jsl36EfzgWdIykqXCyuvm6dZ5IUTruI0lX8oMftXtK7knUYH1aA4GTE6bzr4ReGtB964EjQmqH8dA8qX test
|
|