Пример #1
0
func (pk *PrivateKey) parseRSAPrivateKey(data []byte) (err error) {
	rsaPub := pk.PublicKey.PublicKey.(*rsa.PublicKey)
	rsaPriv := new(rsa.PrivateKey)
	rsaPriv.PublicKey = *rsaPub

	buf := bytes.NewBuffer(data)
	d, _, err := readMPI(buf)
	if err != nil {
		return
	}
	p, _, err := readMPI(buf)
	if err != nil {
		return
	}
	q, _, err := readMPI(buf)
	if err != nil {
		return
	}

	rsaPriv.D = new(big.Int).SetBytes(d)
	rsaPriv.Primes = make([]*big.Int, 2)
	rsaPriv.Primes[0] = new(big.Int).SetBytes(p)
	rsaPriv.Primes[1] = new(big.Int).SetBytes(q)
	if err := rsaPriv.Validate(); err != nil {
		return err
	}
	rsaPriv.Precompute()
	pk.PrivateKey = rsaPriv
	pk.Encrypted = false
	pk.encryptedData = nil

	return nil
}
Пример #2
0
func (pk *PrivateKey) parseRSAPrivateKey(data []byte) (err os.Error) {
	rsaPub := pk.PublicKey.PublicKey.(*rsa.PublicKey)
	rsaPriv := new(rsa.PrivateKey)
	rsaPriv.PublicKey = *rsaPub

	buf := bytes.NewBuffer(data)
	d, _, err := readMPI(buf)
	if err != nil {
		return
	}
	p, _, err := readMPI(buf)
	if err != nil {
		return
	}
	q, _, err := readMPI(buf)
	if err != nil {
		return
	}

	rsaPriv.D = new(big.Int).SetBytes(d)
	rsaPriv.P = new(big.Int).SetBytes(p)
	rsaPriv.Q = new(big.Int).SetBytes(q)
	pk.PrivateKey = rsaPriv
	pk.Encrypted = false
	pk.encryptedData = nil

	return nil
}
Пример #3
0
func main() {
	var primes []uint64 = prime.PrimeSieveBatch{BatchSize: 100}.GetPrimes(10000)
	var p, q uint64 = /*uint64(104723), uint64(104729) */ primes[len(primes)-2], primes[len(primes)-1]
	fmt.Println(p, q)
	var mod int64 = int64(p * q)
	fmt.Println(mod)
	var puk, prk = /*int(65537), uint64(10195862609) */ KeyGenerator1{}.KeyGen(p, q)
	fmt.Println(puk, prk)

	b := []byte("Hi")
	var pub rsa.PublicKey = rsa.PublicKey{N: big.NewInt(mod), E: puk}
	var priv rsa.PrivateKey = rsa.PrivateKey{PublicKey: pub}
	priv.D = big.NewInt(int64(prk))
	priv.Primes = []*big.Int{big.NewInt(int64(p)), big.NewInt(int64(q))}

	fmt.Println(len(b))
	fmt.Printf("% x\n", b)

	//h := md5.New()
	enc, erre := rsa.EncryptPKCS1v15(rand.Reader, &pub, b)
	//h.Reset()
	dec, errd := rsa.DecryptPKCS1v15(rand.Reader, &priv, b)

	//fmt.Println(64 - 11)
	fmt.Printf("%s\n", erre)
	fmt.Printf("%s\n", errd)
	fmt.Printf("% x\n", enc)
	fmt.Printf("% x\n", dec)
}
Пример #4
0
// msg -> rsa
func UnpackPrivateKey(k *msgs.PrivateKey) *rsa.PrivateKey {
	var key rsa.PrivateKey
	key.PublicKey = *UnpackKey(k.PublicKey)
	key.D = new(big.Int)
	key.D.SetBytes(k.D)
	for _, p := range k.Primes {
		key.Primes = append(key.Primes, new(big.Int).SetBytes(p))
	}
	return &key
}
Пример #5
0
// ParsePKCS1PrivateKey returns an RSA private key from its ASN.1 PKCS#1 DER encoded form.
func ParsePKCS1PrivateKey(der []byte) (*rsa.PrivateKey, error) {
	var priv pkcs1PrivateKey
	rest, err := asn1.Unmarshal(der, &priv)
	if len(rest) > 0 {
		return nil, asn1.SyntaxError{Msg: "trailing data"}
	}
	if err != nil {
		return nil, err
	}

	if priv.Version > 1 {
		return nil, errors.New("x509: unsupported private key version")
	}

	if priv.N.Sign() <= 0 || priv.D.Sign() <= 0 || priv.P.Sign() <= 0 || priv.Q.Sign() <= 0 {
		return nil, errors.New("x509: private key contains zero or negative value")
	}

	key := new(rsa.PrivateKey)
	key.PublicKey = rsa.PublicKey{
		E: priv.E,
		N: priv.N,
	}

	key.D = priv.D
	key.Primes = make([]*big.Int, 2+len(priv.AdditionalPrimes))
	key.Primes[0] = priv.P
	key.Primes[1] = priv.Q
	for i, a := range priv.AdditionalPrimes {
		if a.Prime.Sign() <= 0 {
			return nil, errors.New("x509: private key contains zero or negative prime")
		}
		key.Primes[i+2] = a.Prime
		// We ignore the other two values because rsa will calculate
		// them as needed.
	}

	err = key.Validate()
	if err != nil {
		return nil, err
	}
	key.Precompute()

	return key, nil
}
Пример #6
0
func UnmarshalRsaPrivateFromProto(msg *RsaPrivateKeyMessage) (*rsa.PrivateKey, error) {
	if msg == nil {
		return nil, errors.New("No message")
	}
	key := new(rsa.PrivateKey)
	key.D = new(big.Int)
	key.D.SetBytes(msg.D)
	key.PublicKey.N = new(big.Int)
	key.PublicKey.N.SetBytes(msg.PublicKey.Modulus)
	key.PublicKey.E = 0x10001 // Fix
	// if msg.PublicKey.P != nil && msg.PublicKey.Q != nil {
	// 	msg.Primes[0] = new(big.Int)
	// 	msg.Primes[1] = new(big.Int)
	// 	msg.Primes[0].SetBytes(msg.PublicKey.P)
	// 	msg.Primes[1].SetBytes(msg.PublicKey.Q)
	// }
	return key, nil
}
Пример #7
0
func TestAlertFlushing(t *testing.T) {
	c, s := net.Pipe()
	done := make(chan bool)

	clientWCC := &writeCountingConn{Conn: c}
	serverWCC := &writeCountingConn{Conn: s}

	serverConfig := testConfig.Clone()

	// Cause a signature-time error
	brokenKey := rsa.PrivateKey{PublicKey: testRSAPrivateKey.PublicKey}
	brokenKey.D = big.NewInt(42)
	serverConfig.Certificates = []Certificate{{
		Certificate: [][]byte{testRSACertificate},
		PrivateKey:  &brokenKey,
	}}

	go func() {
		Server(serverWCC, serverConfig).Handshake()
		serverWCC.Close()
		done <- true
	}()

	err := Client(clientWCC, testConfig).Handshake()
	if err == nil {
		t.Fatal("client unexpectedly returned no error")
	}

	const expectedError = "remote error: tls: handshake failure"
	if e := err.Error(); !strings.Contains(e, expectedError) {
		t.Fatalf("expected to find %q in error but error was %q", expectedError, e)
	}
	clientWCC.Close()
	<-done

	if n := clientWCC.numWrites; n != 1 {
		t.Errorf("expected client handshake to complete with one write, but saw %d", n)
	}

	if n := serverWCC.numWrites; n != 1 {
		t.Errorf("expected server handshake to complete with one write, but saw %d", n)
	}
}
Пример #8
0
// Read a private key (file) string and create a public key. Return the private key.
func (k *RR_DNSKEY) readPrivateKeyRSA(kv map[string]string) (PrivateKey, os.Error) {
	p := new(rsa.PrivateKey)
	p.Primes = []*big.Int{nil, nil}
	for k, v := range kv {
		switch k {
		case "modulus", "publicexponent", "privateexponent", "prime1", "prime2":
			v1, err := packBase64([]byte(v))
			if err != nil {
				return nil, err
			}
			switch k {
			case "modulus":
				p.PublicKey.N = big.NewInt(0)
				p.PublicKey.N.SetBytes(v1)
			case "publicexponent":
				i := big.NewInt(0)
				i.SetBytes(v1)
				p.PublicKey.E = int(i.Int64()) // int64 should be large enough
			case "privateexponent":
				p.D = big.NewInt(0)
				p.D.SetBytes(v1)
			case "prime1":
				p.Primes[0] = big.NewInt(0)
				p.Primes[0].SetBytes(v1)
			case "prime2":
				p.Primes[1] = big.NewInt(0)
				p.Primes[1].SetBytes(v1)
			}
		case "exponent1", "exponent2", "coefficient":
			// not used in Go (yet)
		case "created", "publish", "activate":
			// not used in Go (yet)
		}
	}
	return p, nil
}
Пример #9
0
// Convert string to an RSA private key
func Base64ToPriv(s string) (*rsa.PrivateKey, os.Error) {
	if len(s) == 0 {
		return nil, nil
	}
	if !verifyCRC(s) {
		return nil, nil
	}
	s = s[0 : len(s)-1]

	enc := base64.StdEncoding
	pk := rsa.PrivateKey{}

	buf := make([]byte, 4096) // shoud be big enough
	src := []byte(s)
	k := -1

	// N
	if k = firstComma(src); k < 0 {
		return nil, os.ErrorString("missing delimiter")
	}
	n, err := enc.Decode(buf, src[0:k])
	if err != nil {
		return nil, err
	}
	pk.N = &big.Int{}
	pk.N.SetBytes(buf[0:n])
	src = src[k+1:]

	// E
	if k = firstComma(src); k < 0 {
		return nil, os.ErrorString("missing delimiter")
	}
	n, err = enc.Decode(buf, src[0:k])
	if err != nil {
		return nil, err
	}
	pke64, err := bytesToInt64(buf[0:n])
	if err != nil {
		return nil, err
	}
	pk.E = int(pke64)
	src = src[k+1:]

	// D
	if k = firstComma(src); k < 0 {
		return nil, os.ErrorString("missing delimiter")
	}
	n, err = enc.Decode(buf, src[0:k])
	if err != nil {
		return nil, err
	}
	pk.D = &big.Int{}
	pk.D.SetBytes(buf[0:n])
	src = src[k+1:]

	// P
	if k = firstComma(src); k < 0 {
		return nil, os.ErrorString("missing delimiter")
	}
	n, err = enc.Decode(buf, src[0:k])
	if err != nil {
		return nil, err
	}
	pk.P = &big.Int{}
	pk.P.SetBytes(buf[0:n])
	src = src[k+1:]

	// Q
	n, err = enc.Decode(buf, src)
	if err != nil {
		return nil, err
	}
	pk.Q = &big.Int{}
	pk.Q.SetBytes(buf[0:n])

	return &pk, nil
}
Пример #10
0
func main() {
	message := []byte("MODULUS")
	message_p := []byte("PRIME Pea")
	pb := make([]byte, 32)
	pb[0] = 0x80
	for i, c := range message {
		pb[i] |= c >> 7
		pb[i+1] |= c << 1
	}
	copy(pb[len(message)+2:], message_p)
	p, err := PrimeWithPrefix(pb, 512)
	if err != nil {
		panic(err)
	}

	qb := make([]byte, 33)
	message_q := []byte("PRIME Queue")
	qb[0] = 0x80
	copy(qb[len(message)+2:], message_q)
	q, err := PrimeWithPrefix(qb, 512)
	if err != nil {
		panic(err)
	}

	n := big.NewInt(0)
	n.Mul(p, q)

	// To calculate the modulus from the desired private key, we need simply to
	// invert it modulo (p-1)(q-1)
	phi_p := big.NewInt(-1)
	phi_p.Add(phi_p, p)
	phi_q := big.NewInt(-1)
	phi_q.Add(phi_q, q)
	phi := big.NewInt(0)
	phi.Mul(phi_p, phi_q)

	d := big.NewInt(0x10001)
	d.ModInverse(d, phi)

	private := new(rsa.PrivateKey)
	private.N = n
	private.E = 0x10001
	private.D = d
	private.Primes = []*big.Int{p, q}
	private.Precompute()

	rfckey := rfc3441PrivateKey{Version: 0,
		Modulus:         n,
		PublicExponent:  0x10001,
		PrivateExponent: d,
		Prime1:          p, Prime2: q,
		Exponent1:   private.Precomputed.Dp,
		Exponent2:   private.Precomputed.Dq,
		Coefficient: private.Precomputed.Qinv}

	priv_enc, err := asn1.Marshal(rfckey)
	if err != nil {
		panic(err)
	}

	b := pem.Block{Type: "RSA PRIVATE KEY", Bytes: priv_enc}
	pem.Encode(os.Stdout, &b)
}
Пример #11
0
// Read a private key (file) string and create a public key. Return the private key.
func (k *RR_DNSKEY) ReadPrivateKey(q io.Reader) (PrivateKey, os.Error) {
	p := new(rsa.PrivateKey)
	p.Primes = []*big.Int{nil, nil}
	var left, right string
	r := line.NewReader(q, 300)
	line, _, err := r.ReadLine()
	for err == nil {
		n, _ := fmt.Sscanf(string(line), "%s %s+\n", &left, &right)
		if n > 0 {
			switch left {
			case "Private-key-format:":
				if right != "v1.3" {
					return nil, ErrPrivKey
				}
			case "Algorithm:":
				a, _ := strconv.Atoi(right)
				if a == 0 {
					return nil, ErrAlg
				}
				k.Algorithm = uint8(a)
			case "Modulus:", "PublicExponent:", "PrivateExponent:", "Prime1:", "Prime2:":
				v, err := packBase64([]byte(right))
				if err != nil {
					return nil, err
				}
				if left == "Modulus:" {
					p.PublicKey.N = big.NewInt(0)
					p.PublicKey.N.SetBytes(v)
				}
				if left == "PublicExponent:" {
					i := big.NewInt(0)
					i.SetBytes(v)
					// Int64 should be large enough
					p.PublicKey.E = int(i.Int64())
				}
				if left == "PrivateExponent:" {
					p.D = big.NewInt(0)
					p.D.SetBytes(v)
				}
				if left == "Prime1:" {
					p.Primes[0] = big.NewInt(0)
					p.Primes[0].SetBytes(v)
				}
				if left == "Prime2:" {
					p.Primes[1] = big.NewInt(0)
					p.Primes[1].SetBytes(v)
				}
			case "Exponent1:", "Exponent2:", "Coefficient:":
				/* not used in Go (yet) */
			case "Created:", "Publish:", "Activate:":
				/* not used in Go (yet) */
			default:
				return nil, ErrKey
			}
		}
		line, _, err = r.ReadLine()
	}
	if !k.setPublicKeyRSA(p.PublicKey.E, p.PublicKey.N) {
		return nil, ErrKey
	}
	return p, nil
}