function PKI_Decrypt($c, $d, $n) { $decryptarray = split(" ", $c); for ($u = 0; $u < count($decryptarray); $u++) { if ($decryptarray[$u] == "") { array_splice($decryptarray, $u, 1); } } for ($u = 0; $u < count($decryptarray); $u++) { $resultmod = powmod($decryptarray[$u], $d, $n); $deencrypt .= substr($resultmod, 1, strlen($resultmod) - 2); } for ($u = 0; $u < strlen($deencrypt); $u += 2) { $resultd .= chr(substr($deencrypt, $u, 2) + 30); } return $resultd; }
/** * getSignature * Get the base64 signature of a dictionary * @param array Associative array (i.e. dictionary) of key-value pairs * @param string Hexadecimal string of public key * @param string Hexadecimal string the private key * @return string Base64 encoded signature */ function getSignature($dict, $key, $privKey) { // Sort keys alphabetically uksort($dict, "strcasecmp"); // Concatenate all values $total = ''; foreach ($dict as $value) { $total .= $value; } // Escape apostrophes by un-quoting, adding apos, then re-quoting // so this turns ' into '\'' ... we have to double-slash for this php. // Switch to UTF8 before otherwise escapeshellarg will strip out non-ASCII characters $oldlocale = setlocale(LC_CTYPE, 0); setlocale(LC_CTYPE, "en_US.UTF-8"); $fixedApostrophes = escapeshellarg($total); // restore localte setlocale(LC_CTYPE, $oldlocale); // This part is the most expensive below // We try to do it with native code first $aquatic_root = preg_replace('!((/[A-Za-z._-]+)+)/AquaticPrime\\.php!', '$1', __FILE__); ob_start(); $passthruString = $aquatic_root . "/aquaticprime {$key} {$privKey} {$fixedApostrophes}"; passthru($passthruString, $err); $sig = ob_get_contents(); ob_end_clean(); if ($err) { error_log("passthrough yielded {$err}: {$passthruString}"); } // If that fails, do it in php if ($sig != "") { $sig = base64_encode($sig); } else { // Get the hash $hash = sha1(utf8_encode($total)); // OpenSSL-compatible PKCS1 Padding // 128 bytes - 20 bytes hash - 3 bytes extra padding = 105 bytes '0xff' $paddedHash = '0001'; for ($i = 0; $i < 105; $i++) { $paddedHash .= 'ff'; } $paddedHash .= '00' . $hash; $decryptedSig = hex2dec($paddedHash); // Encrypt into a signature $sig = powmod($decryptedSig, hex2dec($privKey), hex2dec($key)); $sig = base64_encode(ap_hex2bin(dec2hex($sig))); } return $sig; }
function verifySigature($message, $sign, $exponent, $modulus) { $intSign = bin2int(hex2bin($sign)); $intExponent = bin2int(hex2bin($exponent)); $intModulus = bin2int(hex2bin($modulus)); $intResult = powmod($intSign, $intExponent, $intModulus); $hexResult = bin2hex(int2bin($intResult)); $md5Message = md5($message); if ($md5Message == substr($hexResult, -32)) { return "1"; } else { return "0"; } }
/** * getSignature * Get the base64 signature of a dictionary * @param array Associative array (i.e. dictionary) of key-value pairs * @param string Hexadecimal string of public key * @param string Hexadecimal string the private key * @return string Base64 encoded signature */ function getSignature($dict, $key, $privKey) { // Sort keys alphabetically uksort($dict, "strcasecmp"); // Concatenate all values $total = ''; foreach ($dict as $value) { $total .= $value; } // Get the hash $hash = sha1(utf8_encode($total)); // OpenSSL-compatible PKCS1 Padding // 128 bytes - 20 bytes hash - 3 bytes extra padding = 105 bytes '0xff' $paddedHash = '0001'; for ($i = 0; $i < 105; $i++) { $paddedHash .= 'ff'; } $paddedHash .= '00' . $hash; $decryptedSig = hex2dec($paddedHash); // Encrypt into a signature $sig = powmod($decryptedSig, hex2dec($privKey), hex2dec($key)); $sig = base64_encode(hex2bin(dec2hex($sig))); return $sig; }
/** * getSignature * Get the base64 signature of a dictionary * @param array Associative array (i.e. dictionary) of key-value pairs * @param string Hexadecimal string of public key * @param string Hexadecimal string the private key * @return string Base64 encoded signature */ function getSignature($dict, $key, $privKey) { // Sort keys alphabetically uksort($dict, "strcasecmp"); // Concatenate all values $total = ''; foreach ($dict as $value) { $total .= $value; } // Escape apostrophes by un-quoting, adding apos, then re-quoting // so this turns ' into '\'' ... we have to double-slash for this php. $fixedApostrophes = str_replace("'", "'\\''", $total); // This part is the most expensive below // We try to do it with native code first ob_start(); $passthruString = DOC_ROOT . "/includes/aquaticprime {$key} {$privKey} '{$fixedApostrophes}'"; //passthru($passthruString, $err); $sig = ob_get_contents(); ob_end_clean(); if (true) { // Get the hash $hash = sha1(utf8_encode($total)); // OpenSSL-compatible PKCS1 Padding // 128 bytes - 20 bytes hash - 3 bytes extra padding = 105 bytes '0xff' $paddedHash = '0001'; for ($i = 0; $i < 105; $i++) { $paddedHash .= 'ff'; } $paddedHash .= '00' . $hash; $decryptedSig = hex2dec($paddedHash); // Encrypt into a signature $sig = powmod($decryptedSig, hex2dec($privKey), hex2dec($key)); $sig = base64_encode(hex2bin(dec2hex($sig))); } return $sig; }
$padding_front = array(0, 2); $size = rand(8, 16); for ($i = 0; $i < $size; $i++) { $padding_front[] = rand(1, 255); } $padding_front[] = 0; $content_size = strlen($serial_bin) + count($padding_front); $rest = $exported_bits / 8 - $content_size; if ($rest < 0) { my_die("content is too big to fit in key: " . $content_size . ", maximal allowed is: " . $exported_bits / 8); } $padding_back = array(); for ($i = 0; $i < $rest; $i++) { $padding_back[] = rand(0, 255); } $padding_front_bin = ""; foreach ($padding_front as $b) { $padding_front_bin = $padding_front_bin . pack("C", $b); } $padding_back_bin = ""; foreach ($padding_back as $b) { $padding_back_bin = $padding_back_bin . pack("C", $b); } $serial_final = $padding_front_bin . $serial_bin . $padding_back_bin; // RSA $n = base10_encode(base64_decode($exported_modulus)); $d = base10_encode(base64_decode($exported_private)); $serial_final = base10_encode($serial_final); $res = powmod($serial_final, $d, $n); $res = base64_encode(base10_decode($res)); OnSerialGenerated($res);