前言

最近做題的時候有遇到一個問題，就是去利用求解出來的rsa的私鑰去生成pem格式的私鑰文件。找到網上用的都是先令RSA去generate，然后分別給RSA的n,e,d,p,q參數賦值，再導出私鑰。所以在想這種情況下怎么解決。

解決方法

現在使用Crypto.PublicKey.RSA模塊時，這么做將報錯

Exception has occurred: AttributeError can't set attribute

意思就是我們不能去給他賦值了。
然后我們去找到Crypto.PublicKey.RSA模塊的代碼

發現可以通過構造函數傳入

這邊是Crypto.PublicKey.RSA模塊的構造函數實現。

def construct(rsa_components, consistency_check=True):r"""Construct an RSA key from a tuple of valid RSA components.The modulus **n** must be the product of two primes.The public exponent **e** must be odd and larger than 1.In case of a private key, the following equations must apply:.. math::\begin{align}p*q &= n \\e*d &\equiv 1 ( \text{mod lcm} [(p-1)(q-1)]) \\p*u &\equiv 1 ( \text{mod } q)\end{align}Args:rsa_components (tuple):A tuple of integers, with at least 2 and nomore than 6 items. The items come in the following order:1. RSA modulus *n*.2. Public exponent *e*.3. Private exponent *d*.Only required if the key is private.4. First factor of *n* (*p*).Optional, but the other factor *q* must also be present.5. Second factor of *n* (*q*). Optional.6. CRT coefficient *q*, that is :math:`p^{-1} \text{mod }q`. Optional.consistency_check (boolean):If ``True``, the library will verify that the provided componentsfulfil the main RSA properties.Raises:ValueError: when the key being imported fails the most basic RSA validity checks.Returns: An RSA key object (:class:`RsaKey`)."""class InputComps(object):passinput_comps = InputComps()for (comp, value) in zip(('n', 'e', 'd', 'p', 'q', 'u'), rsa_components):setattr(input_comps, comp, Integer(value))n = input_comps.ne = input_comps.eif not hasattr(input_comps, 'd'):key = RsaKey(n=n, e=e)else:d = input_comps.dif hasattr(input_comps, 'q'):p = input_comps.pq = input_comps.qelse:# Compute factors p and q from the private exponent d.# We assume that n has no more than two factors.# See 8.2.2(i) in Handbook of Applied Cryptography.ktot = d * e - 1# The quantity d*e-1 is a multiple of phi(n), even,# and can be represented as t*2^s.t = ktotwhile t % 2 == 0:t //= 2# Cycle through all multiplicative inverses in Zn.# The algorithm is non-deterministic, but there is a 50% chance# any candidate a leads to successful factoring.# See "Digitalized Signatures and Public Key Functions as Intractable# as Factorization", M. Rabin, 1979spotted = Falsea = Integer(2)while not spotted and a < 100:k = Integer(t)# Cycle through all values a^{t*2^i}=a^kwhile k < ktot:cand = pow(a, k, n)# Check if a^k is a non-trivial root of unity (mod n)if cand != 1 and cand != (n - 1) and pow(cand, 2, n) == 1:# We have found a number such that (cand-1)(cand+1)=0 (mod n).# Either of the terms divides n.p = Integer(n).gcd(cand + 1)spotted = Truebreakk *= 2# This value was not any good... let's try another!a += 2if not spotted:raise ValueError("Unable to compute factors p and q from exponent d.")# Found !assert ((n % p) == 0)q = n // pif hasattr(input_comps, 'u'):u = input_comps.uelse:u = p.inverse(q)# Build key objectkey = RsaKey(n=n, e=e, d=d, p=p, q=q, u=u)# Verify consistency of the keyif consistency_check:# Modulus and public exponent must be coprimeif e <= 1 or e >= n:raise ValueError("Invalid RSA public exponent")if Integer(n).gcd(e) != 1:raise ValueError("RSA public exponent is not coprime to modulus")# For RSA, modulus must be oddif not n & 1:raise ValueError("RSA modulus is not odd")if key.has_private():# Modulus and private exponent must be coprimeif d <= 1 or d >= n:raise ValueError("Invalid RSA private exponent")if Integer(n).gcd(d) != 1:raise ValueError("RSA private exponent is not coprime to modulus")# Modulus must be product of 2 primesif p * q != n:raise ValueError("RSA factors do not match modulus")if test_probable_prime(p) == COMPOSITE:raise ValueError("RSA factor p is composite")if test_probable_prime(q) == COMPOSITE:raise ValueError("RSA factor q is composite")# See Carmichael theoremphi = (p - 1) * (q - 1)lcm = phi // (p - 1).gcd(q - 1)if (e * d % int(lcm)) != 1:raise ValueError("Invalid RSA condition")if hasattr(key, 'u'):# CRT coefficientif u <= 1 or u >= q:raise ValueError("Invalid RSA component u")if (p * u % q) != 1:raise ValueError("Invalid RSA component u with p")return key

也就是說我們傳入一個元組也就是tuple類型的值就行了。那我們就傳入(n,e,d,p,q)

我這邊給一個我的一個exp

from Crypto.PublicKey import RSA from Crypto.Cipher import PKCS1_OAEP f=open("public.key","r") key=RSA.import_key(f.read()) f.close() e=key.e n=key.nimport base64 from Crypto.Util.number import * import gmpy2 p= 3133337 q=25478326064937419292200172136399497719081842914528228316455906211693118321971399936004729134841162974144246271486439695786036588117424611881955950996219646807378822278285638261582099108339438949573034101215141156156408742843820048066830863814362379885720395082318462850002901605689761876319151147352730090957556940842144299887394678743607766937828094478336401159449035878306853716216548374273462386508307367713112073004011383418967894930554067582453248981022011922883374442736848045920676341361871231787163441467533076890081721882179369168787287724769642665399992556052144845878600126283968890273067575342061776244939 print(p*q==n) f=open("flag.enc","r") c_base64=f.read().strip("\n") c_bytes=base64.b64decode(c_base64) c=bytes_to_long(c_bytes) phi=(p-1)*(q-1) d=gmpy2.invert(e,phi)rsa_components=(n,e,int(d),p,q)arsa=RSA.construct(rsa_components)rsakey = RSA.importKey(arsa.exportKey()) rsakey = PKCS1_OAEP.new(rsakey)decrypted = rsakey.decrypt(c_bytes) print(decrypted)

主要就是從公鑰里面把n和e取出來
然后把n分解出p、q

接著計算私鑰d

然后傳入RSA模塊的構造函數，導出私鑰。利用私鑰對我們的密文進行求解即可

總結

以上是生活随笔為你收集整理的关于Crypto.PublicKey.RSA,在generate后无法被赋值问题的全部內容，希望文章能夠幫你解決所遇到的問題。

如果覺得生活随笔網站內容還不錯，歡迎將生活随笔推薦給好友。