1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
|
#include "../lib/lib.h"
#include "../lib/lib2.h"
#include "../lib/lib3.h"
#include "../lib/lib4.h"
#include "../lib/lib5.h"
#include "../lib/lib6.h"
/**
* you do not have the secrect key to sign the message
* but you try to find a number which gives a "valid" padding
* if the number is e-th rooted
* to verfiy the signature the message is exponiated with e
* when this didn't wrap around then it is a "valid" padding
*
* make the littlest possible number and exponiated it with e
* hope that it did not wrap around and the e-th root is
*
**/
int main()
{
struct rsa_key_bignum public, private;
SHA1Context sha1;
BIGNUM *mess = BN_new();
BIGNUM *forged = BN_new();
BIGNUM *signed_mess = BN_new();
BIGNUM *restored = BN_new();
out = BIO_new(BIO_s_file());
BIO_set_fp(out, stdout, BIO_NOCLOSE);
ctx = BN_CTX_new();
char *str_mess = "hi mom";
char *sha1_hash[20];
int pk_mess_len = 20 + strlen(str_mess) + 4 + 50;
char *pk_mes = malloc(pk_mess_len);
rsa_generate_key_bignum(&public, &private);
SHA1Reset(&sha1);
SHA1Input(&sha1, str_mess, strlen(str_mess));
SHA1Result(&sha1);
memcpy(sha1_hash, &(sha1.Message_Digest), 20);
pk_mes[0] = 0x00;
pk_mes[1] = 0x01;
pk_mes[2] = 0xff;
pk_mes[3] = 0x00;
memcpy(&pk_mes[4], sha1_hash, 20);
// does this padding verify?
printf("padding verfied: %i\n", shitty_pkcs1_5_padding_verify(pk_mes, pk_mess_len, str_mess));
BN_bin2bn(pk_mes, pk_mess_len, mess);
// sign with knowing the private key
//rsa_encrypt_bignum(mess, signed_mess, &private);
// "sign" without knowing the private key
BIGNUM *n3 = BN_new();
BN_set_word(n3, 3);
nth_root_bignum(signed_mess, mess, n3);
// verfiy
rsa_decrypt_bignum(signed_mess, restored, &public);
char *rest_mess = malloc(BN_num_bytes(restored));
BN_bn2bin(restored, rest_mess);
printf("\nverfied after cube root and exp: %i\n", shitty_pkcs1_5_padding_verify(rest_mess, BN_num_bytes(restored), str_mess));
printf("padding from better verifier function: %i\n",
pkcs1_5_padding_verify(pk_mes, pk_mess_len, str_mess));
}
|
