Created
March 20, 2017 23:53
-
-
Save defuse/49883a55e70e6927d3327d5da42e1c7c to your computer and use it in GitHub Desktop.
Test OpenSSL RSA Random Number Generator
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # primes.sh -- @DefuseSec | |
| echo -n >/tmp/primes.txt | |
| # Generate 1000 primes. | |
| for i in {1..500}; do | |
| # Use 192-bit keys for speed (could potentially mask RNG bugs that only affect bigger keys) | |
| openssl genrsa 192 2>/dev/null | \ | |
| openssl rsa -text 2>/dev/null |\ | |
| sed 'N;s/:\n//g' | sed 'N;s/:\n//g'| sed 'N;s/:\n//g' | sed 'N;s/:\n//g' | sed 'N;s/:\n//g' |\ | |
| grep prime | sed 's/prime[12]//g' | sed 's/[ :]//g' >> /tmp/primes.txt | |
| done | |
| sort /tmp/primes.txt | uniq -c | sort -snr | head -n 10 | |
| echo "..." |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
I ran it for 100,000 total primes on up-to-date Debian and Arch and there were no duplicates found. I'll run it for 1,000,000 total primes just to see.
The slide that inspired me to write this seemed to need 10s of millions of primes to see a collision though.