From 1fe002d0b46b3e5b3559dd629f3d56b16bb12c0b Mon Sep 17 00:00:00 2001 From: Benedict Date: Thu, 15 Dec 2016 21:19:27 +0100 Subject: set6: task42 completed --- set6/task42.c | 70 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 70 insertions(+) create mode 100644 set6/task42.c (limited to 'set6/task42.c') diff --git a/set6/task42.c b/set6/task42.c new file mode 100644 index 0000000..253836c --- /dev/null +++ b/set6/task42.c @@ -0,0 +1,70 @@ +#include "../lib/lib.h" +#include "../lib/lib2.h" +#include "../lib/lib3.h" +#include "../lib/lib4.h" +#include "../lib/lib5.h" +#include "../lib/lib6.h" +/** + * you do not have the secrect key to sign the message + * but you try to find a number which gives a "valid" padding + * if the number is e-th rooted + * to verfiy the signature the message is exponiated with e + * when this didn't wrap around then it is a "valid" padding + * + * make the littlest possible number and exponiated it with e + * hope that it did not wrap around and the e-th root is + * + **/ +int main() +{ + struct rsa_key_bignum public, private; + SHA1Context sha1; + + BIGNUM *mess = BN_new(); + BIGNUM *forged = BN_new(); + BIGNUM *signed_mess = BN_new(); + BIGNUM *restored = BN_new(); + out = BIO_new(BIO_s_file()); + BIO_set_fp(out, stdout, BIO_NOCLOSE); + + ctx = BN_CTX_new(); + + char *str_mess = "hi mom"; + char *sha1_hash[20]; + int pk_mess_len = 20 + strlen(str_mess) + 4 + 50; + char *pk_mes = malloc(pk_mess_len); + + rsa_generate_key_bignum(&public, &private); + + SHA1Reset(&sha1); + SHA1Input(&sha1, str_mess, strlen(str_mess)); + SHA1Result(&sha1); + memcpy(sha1_hash, &(sha1.Message_Digest), 20); + + pk_mes[0] = 0x00; + pk_mes[1] = 0x01; + pk_mes[2] = 0xff; + pk_mes[3] = 0x00; + memcpy(&pk_mes[4], sha1_hash, 20); + + // does this padding verify? + printf("padding verfied: %i\n", shitty_pkcs1_5_padding_verify(pk_mes, pk_mess_len, str_mess)); + BN_bin2bn(pk_mes, pk_mess_len, mess); + // sign with knowing the private key + //rsa_encrypt_bignum(mess, signed_mess, &private); + // "sign" without knowing the private key + BIGNUM *n3 = BN_new(); + BN_set_word(n3, 3); + nth_root_bignum(signed_mess, mess, n3); + + + // verfiy + rsa_decrypt_bignum(signed_mess, restored, &public); + + char *rest_mess = malloc(BN_num_bytes(restored)); + BN_bn2bin(restored, rest_mess); + + printf("\nverfied after cube root and exp: %i\n", shitty_pkcs1_5_padding_verify(rest_mess, BN_num_bytes(restored), str_mess)); + printf("padding from better verifier function: %i\n", + pkcs1_5_padding_verify(pk_mes, pk_mess_len, str_mess)); +} -- cgit v1.2.3-70-g09d2