In [1]:
# RSA mathematics foundation and simple implementing
# 
#
# 质数/素数
#   只能被1和自身整除
#
# 互质
#   最大公约数为1的数
#
# 欧拉函数
#   欧拉函数φ(n)是小于或等于正整数n的数字中与n互质的数的数目
#   如果n是两个质数p和q的乘积, 那么:
#   φ(n) = φ(p*q) = φ(p) * φ(q) = (p - 1) * (q - 1)
#
# 模反元素
#   如果两个正整数a和n互质，那么一定可以找到整数b，使得 a*b - 1 被n整除，或者说a*b被n除的余数是1
#   a*b ≡ 1 (mod n)  
#
# 欧拉定理
#   如果两个正整数a和n互质，则n的欧拉函数 φ(n) 可以让下面的等式成立：
#   a^φ(n) ≡ 1 (mod n)
#   a * a^(φ(n) - 1) ≡ 1 (mod n)
#   由此可得：a的φ(n) - 1次方肯定是a关于n的模反元素
#   欧拉定理证明模反元素必然存在
#
# 费马小定理
#   假设正整数a与质数p互质，因为质数p的φ(p)等于p-1，则欧拉定理可以写成
#   a^(p-1) ≡ 1 (mod p)
#   费马小定理是欧拉定理的一个特例
#

In [2]:
# RSA encrypt and decrypt, and prove
#   m: message, m_e: encrypted message, m_e_d: decrypted message from m_e
# 
#   m_e ≡ m^e (mod n)
#   m_e_d ≡ m_e^d (mod n) ≡ m^(e*d) (mod n)
#   e*d ≡ 1 (mod φ(n)) -> e*d = hφ(n) + 1
#   m_e_d ≡ m^(hφ(n) + 1) (mod n) ≡ m * m^(hφ(n)) ≡ m * (m^φ(n))^h ≡ m * (1)^h (mod n) ≡ m
# 

In [3]:
# RSA generator steps
# step1: choose two different primes
#   p, q
#   n = p * q  : modulus
#
# step2: get r
#   r = φ(n) = φ(pq) = φ(p) * φ(q) = (p - 1) * (q - 1)
#
# step3: get e
#   1 < e < r
#   e, r coprime
#
# step4: get d
#   d: 1 < d < r and d * e mod r == 1
#   d = (h * r + 1) / e
#
# step5: 
#   (e, n) : public key
#   (d, n) : private key
#

In [17]:
%%latex
\begin{equation}
欧拉函数: \phi(n) = \phi(pq) = \phi(p) \times \phi(q) = (p - 1) \times (q -1) \\
r = \phi(n), 1 < e < r, 1 < d < r \\
模反元素: e \times d \equiv 1 \pmod{r}, e \times d \equiv 1 \pmod{\phi(n)} \\
\\
欧拉定理: m^{\phi(n)} \equiv 1 \pmod{n} \\
\textit{欧拉定理可以证明模反元素必然存在}: m^{\phi(n)} = m \times m^{\phi(n) - 1} \equiv 1 \pmod{n} \\
\\
m: message \space (m < n)\\
加密: m_e = m^{e} \bmod{n} \\
解密: m_{e\_d} = m_e^{d} \bmod{n} \\
证明: m_e^{d} \bmod{n} = m^{e \times d} \bmod{n} = m^{h\phi(n) + 1} \bmod{n} = m \times m^{h\phi(n)} \bmod{n} = m \times 1 = m
\\                                
在线时长 = \sum_{i=1}^N(logtime_{i+1} - logtime_i), 如果 logtime_{i+1} - logtime_i > 30 分钟, 则记为1分钟
\end{equation}

<IPython.core.display.Latex object>

In [30]:
IGNORE_FIRST_N_PRIMES = 3
P_AND_Q_MIN_DIFF = 2
E_AND_D_MIN_DIFF = 1

In [31]:
def primes_generator():
    primes = []   # primes generated so far
    last = 1      # last number tried
    while True:
        last += 1
        for p in primes:
            if last % p == 0:
                break
        else:
            primes.append(last)
            yield last

# greatest common divisor
def gcd(x, y):
   while(y):
       x, y = y, x % y
        
   return x

# least common multiple
def lcm(x, y):
   return (x * y) // gcd(x, y)

In [32]:
def get_p_q():
    primes = primes_generator()
    for i in range(1, IGNORE_FIRST_N_PRIMES):
        next(primes)   
    p = next(primes)

    for i in range(1, P_AND_Q_MIN_DIFF):
        next(primes)
    q = next(primes)
    
    return (p, q)
        
def get_n(p, q):
    return p * q


def get_r(p, q):
    #return lcm(p - 1, q - 1)
    return (p -1) * (q - 1)


def get_e(r):
    for e in range(2, r):
        if gcd(e, r) == 1:
            return e
        else:
            continue
            
    return 0


def get_d(r, e):
    for i in range(1, 10000000):
        x = divmod(i * r + 1, e)
        quotient = x[0]
        remainder = x[1]
        if remainder > 0:
            continue
        
        if quotient > r:
            break
        
        if quotient > 1 and quotient != e and abs(quotient - e) > E_AND_D_MIN_DIFF:
            return quotient
        else:
            continue
            
    return 0    

In [33]:
def get_rsa(p, q):
    rsa = dict()
    rsa['p'] = p
    rsa['q'] = q
    rsa['n'] = p * q
    
    rsa['r'] = get_r(p, q)
    r = rsa['r']
    
    e = get_e(r)
    rsa['e'] = e
    if e == 0:
        rsa['ready'] = False
        return rsa
    
    d = get_d(r, e)
    rsa['d'] = d
    if d == 0:
        rsa['ready'] = False
        return rsa

    rsa['ready'] = True
    return rsa

In [34]:
def verify_rsa(rsa, msgs):
    for e, d in (('e', 'd'), ('d', 'e')):
        print("test: m -> {}(m) -> {}({}(m)) ...".format(e, d, e))
        print("--------------------------------")
        for m in msgs:
            m_e = m ** rsa[e] % rsa['n']
            m_e_d = m_e ** rsa[d] % rsa['n']
            print("{status}: {m:4d} -> {m_e:4d} -> {m_e_d:4d}".format(
                status=('PASS' if m == m_e_d else 'FAIL'), 
                m=m, 
                m_e=m_e, 
                m_e_d=m_e_d)
            )
        print("")

In [35]:
def main():
    p, q = get_p_q()
    rsa = get_rsa(p, q)
    print('RSA -> {}'.format(rsa))
    if rsa['ready'] == False:
        print('Get RSA failed!')
        return
    
    CASE_COUNT = 10
    print('RSA verify:')
    print("=====================================================")
    print("m < rsa['n'] cases:")
    verify_rsa(rsa, range(max(rsa['n'] - CASE_COUNT, 1), rsa['n']))
    print("=====================================================")
    print("m >= rsa['n'] cases:")
    verify_rsa(rsa, range(rsa['n'], rsa['n'] + CASE_COUNT))

In [36]:
main()

RSA -> {'p': 5, 'q': 11, 'n': 55, 'r': 40, 'e': 3, 'd': 27, 'ready': True}
RSA verify:
m < rsa['n'] cases:
test: m -> e(m) -> d(e(m)) ...
--------------------------------
PASS:   45 ->   45 ->   45
PASS:   46 ->   41 ->   46
PASS:   47 ->   38 ->   47
PASS:   48 ->   42 ->   48
PASS:   49 ->    4 ->   49
PASS:   50 ->   40 ->   50
PASS:   51 ->   46 ->   51
PASS:   52 ->   28 ->   52
PASS:   53 ->   47 ->   53
PASS:   54 ->   54 ->   54

test: m -> d(m) -> e(d(m)) ...
--------------------------------
PASS:   45 ->   45 ->   45
PASS:   46 ->   51 ->   46
PASS:   47 ->   53 ->   47
PASS:   48 ->   27 ->   48
PASS:   49 ->   14 ->   49
PASS:   50 ->   30 ->   50
PASS:   51 ->    6 ->   51
PASS:   52 ->   13 ->   52
PASS:   53 ->   37 ->   53
PASS:   54 ->   54 ->   54

m >= rsa['n'] cases:
test: m -> e(m) -> d(e(m)) ...
--------------------------------
FAIL:   55 ->    0 ->    0
FAIL:   56 ->    1 ->    1
FAIL:   57 ->    8 ->    2
FAIL:   58 ->   27 ->    3
FAIL:   59 ->    9 ->    4
FAI

In [12]:
# The ASN.1 spec for the PKCS1 RSA private key format is as follows:
#
# RSAPrivateKey ::= SEQUENCE {
#     version           Version,
#     modulus           INTEGER,  -- n
#     publicExponent    INTEGER,  -- e
#     privateExponent   INTEGER,  -- d
#     prime1            INTEGER,  -- p
#     prime2            INTEGER,  -- q
#     exponent1         INTEGER,  -- d mod (p-1)
#     exponent2         INTEGER,  -- d mod (q-1)
#     coefficient       INTEGER,  -- (inverse of q) mod p
#     otherPrimeInfos   OtherPrimeInfos OPTIONAL
# }
#

In [13]:
%%latex
\begin{equation}
\textit{coefficient = (inverse of q) mod p} \\
\textit{when p is prime} \\
coefficient = q^{p-2} \bmod{p}
\end{equation}

<IPython.core.display.Latex object>

In [14]:
# Basic Certificate Fileds, TBSCertificate Fileds
#
# Certificate  ::=  SEQUENCE  {
#         tbsCertificate       TBSCertificate,
#         signatureAlgorithm   AlgorithmIdentifier,
#         signatureValue       BIT STRING
# }
# 
# TBSCertificate  ::=  SEQUENCE  {
#     version         [0]  EXPLICIT Version DEFAULT v1,
#     serialNumber         CertificateSerialNumber,
#     signature            AlgorithmIdentifier,
#     issuer               Name,
#     validity             Validity,
#     subject              Name,
#     subjectPublicKeyInfo SubjectPublicKeyInfo,
#     issuerUniqueID  [1]  IMPLICIT UniqueIdentifier OPTIONAL,
#                          -- If present, version MUST be v2 or v3
#     subjectUniqueID [2]  IMPLICIT UniqueIdentifier OPTIONAL,
#                          -- If present, version MUST be v2 or v3
#     extensions      [3]  EXPLICIT Extensions OPTIONAL
#                          -- If present, version MUST be v3
# }
#

In [15]:
# PKCS 12
# In cryptography, PKCS #12 defines an archive file format for storing many cryptography objects as a single file. 
# It is commonly used to bundle a private key with its X.509 certificate 
# or to bundle all the members of a chain of trust. 
# 
# The full PKCS #12 standard is very complex. 
# It enables buckets of complex objects such as PKCS #8 structures, nested deeply. 
# But in practice it is normally used to store just one private key and its associated certificate chain.
#
# A simpler, alternative format to PKCS #12 is PEM which just lists the certificates and possibly 
# private keys as Base 64 strings in a text file. 
#

In [16]:
# rsa, dsa, ec key, req, x509 usage examples
#
# rsa encrypt, decrypt
# openssl genrsa -out rsa_1024.key 1024
# openssl rsa -in rsa_1024.key -pubout -out rsa_1024.pubkey
# openssl rsa -in rsa_1024.pubkey -pubin -text
# openssl rsautl -in rsa.helloworld -out rsa.helloworld.e -inkey rsa_1024.key -encrypt
# openssl rsautl -in rsa.helloworld.e -out rsa.helloworld.e.d -inkey rsa_1024.key -decrypt
#
# self-signed certificate
# openssl genrsa -out x_ca.key 2048
# openssl req -new -x509 -key x_ca.key -out x_ca.crt -subj /C=CN/ST=JiangSu/L=SuZhou/O=O_X/OU=OU_X/CN=X_CA/ -days 3650 -set_serial 1
#
# openssl req -new -key lile.ca.rsa -out lile.ca.csr -subj '/C=CN/ST=JiangSu/L=SuZhou/O=YXT/OU=BDAI/CN=ydc-*/'
# openssl x509 -req -in lile.ca.csr -out lile.ca.crt -signkey lile.ca.key -days 3650 -set_serial 100
# 
# openssl genrsa -out rsa_1024.key 1024
# openssl req -new -key rsa_1024.key -out rsa_1024.csr -subj /C=CN/ST=JiangSu/L=SuZhou/O=O_X/OU=OU_X/CN=rsa_1024/
# openssl x509 -req -in rsa_1024.csr -out rsa_1024.crt -CA x_ca.crt -CAkey x_ca.key -days 3650 -set_serial 100
# 
# textout key, csr, crt
# openssl rsa -in rsa_1024.key -text
# openssl rsa -in rsa_1024.pubkey -pubin -text
# openssl req -in rsa_1024.csr -text
# openssl x509 -in rsa_1024.crt -text
#
# s_server, s_client
# openssl s_client -host dashboard.yxt.com -port 443
# openssl s_server -cert rsa_1024.crt -key rsa_1024.key -accept 7777
# openssl s_client -connect localhost:7777 -CAfile x_ca.crt
# 
# openssl s_server -cert rsa_1024.crt -key rsa_1024.key -accept 7777 -Verify 1
# openssl s_client -connect localhost:7777 -cert rsa_1024.crt -key rsa_1024.key -CAfile x_ca.crt
#  -showcerts

# s_time
# openssl s_time -connect localhost:7777 -new
# openssl s_time -connect localhost:7777 -reuse
#
# speed
# openssl speed rsa1024
# openssl speed md5
# openssl speed aes-256-cbc
#
# dsa generation, shown, sign, verify
# openssl dsaparam -out dsa_1024.param 1024
# openssl gendsa -out dsa_1024.key dsa_1024.param
# openssl dsa -in dsa_1024.key -pubout -out dsa_1024.pubkey
# 
# openssl dsaparam -in dsa_1024.param -text
# openssl dsa -in dsa_1024.key -text
# openssl dsa -in dsa_1024.pubkey -pubin -text
# 
# echo -n 'hello_world' | openssl dgst -sign dsa_1024.key > hello_world.dsa_sign
# echo -n 'hello_world' | openssl dgst -verify dsa_1024.pubkey -signature hello_world.dsa_sign
# 
# ec, ecparam
# two common curves: prime256v1, secp384r1
# openssl ecparam -list_curves
# openssl ecparam -out ecparam.prime256v1 -name prime256v1
# openssl ecparam -in ecparam.prime256v1 -genkey -out ecparam.prime256v1.key
# openssl ecparam -in ecparam.prime256v1 -genkey -param_enc explicit -out ecparam.prime256v1.key
# openssl ecparam -in ecparam.prime256v1 -text
# openssl ecparam -in ecparam.prime256v1.key -text
# openssl ecparam -in ecparam.prime256v1.key -text -param_enc explicit
# openssl ecparam -name prime256v1 -text -param_enc explicit
# 
# openssl ec -in ecparam.prime256v1.key -pubout -out ecparam.prime256v1.pubkey
# openssl ec -in ecparam.prime256v1.key -text
# openssl ec -in ecparam.prime256v1.pubkey -pubin -text
# openssl req -new -key ecparam.prime256v1.key -out ecparam.prime256v1.csr -subj /C=CN/ST=JiangSu/L=SuZhou/O=O_X/CN=ecparam_prime256v1_1/
# openssl x509 -req -in ecparam.prime256v1.csr -out ecparam.prime256v1.crt -CA x_ca.crt -CAkey x_ca.key -days 3650 -set_serial 99
#
# ECDSA: message signature
# ECDH: security key negotiation/exchange
#

In [16]:
# keytools, pkcs12 usage
# https://www.jianshu.com/p/e5f46dcf4664
# https://blog.csdn.net/sayyy/article/details/78351512
# 
# openssl pkcs12 -export -in uydc-101.crt -inkey uydc-101.key -out uydc-101.p12 -name uydc-101 -CAfile yxt-ca.crt -caname yxtca -passout pass:123456
# openssl pkcs12 -in ydc.p12 -password file:pass -passin file:pass -nokeys
# openssl pkcs12 -in ydc.p12 -password pass:pass -passin pass:pass -nokeys 
# keytool -importkeystore -deststorepass 123456 -destkeypass 123456 -destkeystore uydc-101.jks -srckeystore uydc-101.pkcs12 -srcstoretype PKCS12 -srcstorepass 123456 -alias uydc-101
# openssl pkcs12 -info -in uydc-101.pkcs12 -passin pass:123456
#  
# keytool example
# Create keystore and certificate
# keytool \
# -genkeypair \
# -alias uydc-102.hbase.thrift \
# -keyalg RSA \
# -keysize 2048 \
# -keypass 123456 \
# -sigalg SHA256withRSA \
# -dname "CN=uydc-102,OU=data,O=yxt,L=SuZhou,ST=JiangSu,C=CN" \
# -validity 3650 \
# -keystore uydc-102_keystore.jks \
# -storetype JKS \
# -storepass 123456
# 
# Generate CSR - Certificate Signing Request
# keytool \
# -certreq \
# -alias uydc-102.hbase.thrift \
# -keyalg RSA \
# -keypass 123456 \
# -keystore uydc-102_keystore.jks \
# -storetype JKS \
# -storepass 123456 \
# -file uydc-102.hbase.thrift.csr
# 
# Import Certificate Sign Authority ROOT Certificate
# keytool \
# -import \
# -trustcacerts \
# -alias ca_root_GlobalSign \
# -keypass 123456 \
# -keystore uydc-102_keystore.jks \
# -storepass 123456 \
# -file GlobalSign_cert.cer
# 
# Import Signed Certificate base on above CSR
# keytool \
# -import \
# -trustcacerts \
# -alias uydc-102.hbase.thrift \
# -keypass 123456 \
# -keystore uydc-102_keystore.jks \
# -storepass 123456 \
# -file uydc-102.hbase.thrift.cer

In [None]:
# reference:
#
# https://en.wikipedia.org/wiki/X.509
# https://zh.wikipedia.org/wiki/RSA%E5%8A%A0%E5%AF%86%E6%BC%94%E7%AE%97%E6%B3%95
# https://en.wikipedia.org/wiki/RSA_(cryptosystem)
# https://zhuanlan.zhihu.com/p/33580225
# https://tools.ietf.org/html/rfc3447
# https://tools.ietf.org/html/rfc5280
# https://tools.ietf.org/html/rfc5280
# https://zhuanlan.zhihu.com/p/36326221
# https://andrea.corbellini.name/2015/05/17/elliptic-curve-cryptography-a-gentle-introduction/
#