w4kfu/bcrypt_rsapublic.py

## bcrypt_rsapublic.py
import ctypes

def convert_bytes_to_structure(st, byte):
    ctypes.memmove(ctypes.addressof(st), byte, ctypes.sizeof(st))

def s2n(s):
    if not len(s):
        return 0
    return int(s.encode("hex"), 16)

ULONG = ctypes.c_ulong

#
# BCRYPT_RSAPUBLIC_BLOB format:
#
#   + BCRYPT_RSAKEY_BLOB
#   + PublicExponent[cbPublicExp]   // Big-endian.
#   + Modulus[cbModulus]            // Big-endian.

class BCRYPT_RSAKEY_BLOB(ctypes.Structure):
    _fields_ = [
        ("Magic", ULONG),
        ("BitLength", ULONG),
        ("cbPublicExp", ULONG),
        ("cbModulus", ULONG),
        ("cbPrime1", ULONG),
        ("cbPrime2", ULONG),
    ]
    def __repr__(self):
        return "Magic : 0x{0:08X} ; BitLength : {1} ; cbPublicExp : {2} ; cbModulus : {3} ; cbPrime1 : {4} ; cbPrime2 : {5}".format(self.Magic, self.BitLength, self.cbPublicExp, self.cbModulus, self.cbPrime1, self.cbPrime2)
    __str__ = __repr__

def parse_rsa_pubkey_blob(bin):
    b = BCRYPT_RSAKEY_BLOB()
    convert_bytes_to_structure(b, bin)
    pub_expo = bin[ctypes.sizeof(BCRYPT_RSAKEY_BLOB):ctypes.sizeof(BCRYPT_RSAKEY_BLOB) + b.cbPublicExp]
    modulus = bin[ctypes.sizeof(BCRYPT_RSAKEY_BLOB) + b.cbPublicExp:ctypes.sizeof(BCRYPT_RSAKEY_BLOB) + b.cbPublicExp + b.cbModulus]
    return b, s2n(pub_expo), s2n(modulus)

def test():
    import base64
    bin = "UlNBMQAIAAADAAAAAAEAAAAAAAAAAAAAAQABuC5MmkucB0KLE0NHS0sslfKc/haJ230au9p2QfCM3AW1tNEOaG7sNbJjtoKLKo60NWEXISVRqfAgt1c4d76IuLkQi9KsE3IXKGD4l4AB4vtCZTzwIIGuPiQYEtVkvLi79VDKhNaQjPwL/uHFj7ic9NmS+pPoujVrSpoQ9K3kzj0riLm00XX7z6pNhkIDztiMjmyDk9rhYZhSMXWAMSpqfIV/i1eTYnn8uhVtn7wv0+/XN+U5N52RonZR+lEg04y5QKsVGm7rYuU91F7dj52BOtWpogWA2J+rLLOGRO9ybtjmKZy12uAazaiiZRdf+nkVHYEutDfyeoqhyrVUVA35Iw=="
    bin = base64.b64decode(bin)
    b, p, m = parse_rsa_pubkey_blob(bin)
    print b
    print p
    print m
	import ctypes

	def convert_bytes_to_structure(st, byte):
	ctypes.memmove(ctypes.addressof(st), byte, ctypes.sizeof(st))

	def s2n(s):
	if not len(s):
	return 0
	return int(s.encode("hex"), 16)

	ULONG = ctypes.c_ulong

	#
	# BCRYPT_RSAPUBLIC_BLOB format:
	#
	# + BCRYPT_RSAKEY_BLOB
	# + PublicExponent[cbPublicExp] // Big-endian.
	# + Modulus[cbModulus] // Big-endian.

	class BCRYPT_RSAKEY_BLOB(ctypes.Structure):
	_fields_ = [
	("Magic", ULONG),
	("BitLength", ULONG),
	("cbPublicExp", ULONG),
	("cbModulus", ULONG),
	("cbPrime1", ULONG),
	("cbPrime2", ULONG),
	]
	def __repr__(self):
	return "Magic : 0x{0:08X} ; BitLength : {1} ; cbPublicExp : {2} ; cbModulus : {3} ; cbPrime1 : {4} ; cbPrime2 : {5}".format(self.Magic, self.BitLength, self.cbPublicExp, self.cbModulus, self.cbPrime1, self.cbPrime2)
	__str__ = __repr__

	def parse_rsa_pubkey_blob(bin):
	b = BCRYPT_RSAKEY_BLOB()
	convert_bytes_to_structure(b, bin)
	pub_expo = bin[ctypes.sizeof(BCRYPT_RSAKEY_BLOB):ctypes.sizeof(BCRYPT_RSAKEY_BLOB) + b.cbPublicExp]
	modulus = bin[ctypes.sizeof(BCRYPT_RSAKEY_BLOB) + b.cbPublicExp:ctypes.sizeof(BCRYPT_RSAKEY_BLOB) + b.cbPublicExp + b.cbModulus]
	return b, s2n(pub_expo), s2n(modulus)

	def test():
	import base64
	bin = "UlNBMQAIAAADAAAAAAEAAAAAAAAAAAAAAQABuC5MmkucB0KLE0NHS0sslfKc/haJ230au9p2QfCM3AW1tNEOaG7sNbJjtoKLKo60NWEXISVRqfAgt1c4d76IuLkQi9KsE3IXKGD4l4AB4vtCZTzwIIGuPiQYEtVkvLi79VDKhNaQjPwL/uHFj7ic9NmS+pPoujVrSpoQ9K3kzj0riLm00XX7z6pNhkIDztiMjmyDk9rhYZhSMXWAMSpqfIV/i1eTYnn8uhVtn7wv0+/XN+U5N52RonZR+lEg04y5QKsVGm7rYuU91F7dj52BOtWpogWA2J+rLLOGRO9ybtjmKZy12uAazaiiZRdf+nkVHYEutDfyeoqhyrVUVA35Iw=="
	bin = base64.b64decode(bin)
	b, p, m = parse_rsa_pubkey_blob(bin)
	print b
	print p
	print m