Created
April 25, 2018 13:25
-
-
Save w4kfu/bd7011c3f097e5c48d203975a4e28f0e to your computer and use it in GitHub Desktop.
BCRYPT_RSAPUBLIC_BLOB
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
import ctypes | |
def convert_bytes_to_structure(st, byte): | |
ctypes.memmove(ctypes.addressof(st), byte, ctypes.sizeof(st)) | |
def s2n(s): | |
if not len(s): | |
return 0 | |
return int(s.encode("hex"), 16) | |
ULONG = ctypes.c_ulong | |
# | |
# BCRYPT_RSAPUBLIC_BLOB format: | |
# | |
# + BCRYPT_RSAKEY_BLOB | |
# + PublicExponent[cbPublicExp] // Big-endian. | |
# + Modulus[cbModulus] // Big-endian. | |
class BCRYPT_RSAKEY_BLOB(ctypes.Structure): | |
_fields_ = [ | |
("Magic", ULONG), | |
("BitLength", ULONG), | |
("cbPublicExp", ULONG), | |
("cbModulus", ULONG), | |
("cbPrime1", ULONG), | |
("cbPrime2", ULONG), | |
] | |
def __repr__(self): | |
return "Magic : 0x{0:08X} ; BitLength : {1} ; cbPublicExp : {2} ; cbModulus : {3} ; cbPrime1 : {4} ; cbPrime2 : {5}".format(self.Magic, self.BitLength, self.cbPublicExp, self.cbModulus, self.cbPrime1, self.cbPrime2) | |
__str__ = __repr__ | |
def parse_rsa_pubkey_blob(bin): | |
b = BCRYPT_RSAKEY_BLOB() | |
convert_bytes_to_structure(b, bin) | |
pub_expo = bin[ctypes.sizeof(BCRYPT_RSAKEY_BLOB):ctypes.sizeof(BCRYPT_RSAKEY_BLOB) + b.cbPublicExp] | |
modulus = bin[ctypes.sizeof(BCRYPT_RSAKEY_BLOB) + b.cbPublicExp:ctypes.sizeof(BCRYPT_RSAKEY_BLOB) + b.cbPublicExp + b.cbModulus] | |
return b, s2n(pub_expo), s2n(modulus) | |
def test(): | |
import base64 | |
bin = "UlNBMQAIAAADAAAAAAEAAAAAAAAAAAAAAQABuC5MmkucB0KLE0NHS0sslfKc/haJ230au9p2QfCM3AW1tNEOaG7sNbJjtoKLKo60NWEXISVRqfAgt1c4d76IuLkQi9KsE3IXKGD4l4AB4vtCZTzwIIGuPiQYEtVkvLi79VDKhNaQjPwL/uHFj7ic9NmS+pPoujVrSpoQ9K3kzj0riLm00XX7z6pNhkIDztiMjmyDk9rhYZhSMXWAMSpqfIV/i1eTYnn8uhVtn7wv0+/XN+U5N52RonZR+lEg04y5QKsVGm7rYuU91F7dj52BOtWpogWA2J+rLLOGRO9ybtjmKZy12uAazaiiZRdf+nkVHYEutDfyeoqhyrVUVA35Iw==" | |
bin = base64.b64decode(bin) | |
b, p, m = parse_rsa_pubkey_blob(bin) | |
print b | |
print p | |
print m |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment