Rabbit
class Rabbit
{
private int[] x = new int[8];
private int[] c = new int[8];
private int carry;
public void Rabbit()
{
for(int i = 0; i < 8; i++)
{
x[i] = c[i] = 0;
}
carry = 0;
}
private int g_func(int x)
{
int a = x & 0xffff;
int b = x >>> 16;
int h =( ( ( ( a * a ) >>> 17 ) + ( a * b ) ) >>> 15 ) + b * b;
int l = x * x;
return h ^ l;
}
/**
* @declaration 比较两个有符号整数的十六进制的大小,即作为无符号整数进行比较
* @param x
* @param y
* @return 若(unsigned x) < (unsigned y),则返回1,否则返回0
*/
private int compare(int x, int y)
{
long a = x;
long b = y;
a &= 0x00000000ffffffffl;
b &= 0x00000000ffffffffl;
return (a < b) ? 1 : 0;
}
private int rotL(int x, int y)
{
return ( x << y ) | ( x >>> (32 - y) );
}
private void next_state()
{
int[] g = new int[8];
int[] c_old = new int[8];
int i = 0;
for( i = 0; i < 8; i++)
{
c_old[i] = c[i];
}
c[0] += 0x4d34d34d + carry;
c[1] += 0xd34d34d3 + compare(c[0], c_old[0]);
c[2] += 0x34d34d34 + compare(c[1], c_old[1]);
c[3] += 0x4d34d34d + compare(c[2], c_old[2]);
c[4] += 0xd34d34d3 + compare(c[3], c_old[3]);
c[5] += 0x34d34d34 + compare(c[4], c_old[4]);
c[6] += 0x4d34d34d + compare(c[5], c_old[5]);
c[7] += 0xd34d34d3 + compare(c[6], c_old[6]);
carry = compare(c[7], c_old[7]);
for( i = 0; i < 8; i++)
{
g[i] = g_func(x[i] + c[i]);
}
x[0] = g[0] + rotL(g[7], 16) + rotL(g[6], 16);
x[1] = g[1] + rotL(g[0], 8 ) + g[7];
x[2] = g[2] + rotL(g[1], 16) + rotL(g[0], 16);
x[3] = g[3] + rotL(g[2], 8 ) + g[1];
x[4] = g[4] + rotL(g[3], 16) + rotL(g[2], 16);
x[5] = g[5] + rotL(g[4], 8 ) + g[3];
x[6] = g[6] + rotL(g[5], 16) + rotL(g[4], 16);
x[7] = g[7] + rotL(g[6], 8 ) + g[5];
}
/**
* @declaration 将一个字节数组转化为整数,采用Big-Endian格式进行解析
* @param a 待转化的字节数组
* @param i 字节数组的起始索引
* @return 转化后的整数
*/
public static int os2ip(byte[] a, int i)
{
int x0 = a[i + 3] & 0x000000ff;
int x1 = a[i + 2] << 8 & 0x0000ff00;
int x2 = a[i + 1] << 16 & 0x00ff0000;
int x3 = a[i] << 24 & 0xff000000;
return x0 | x1 | x2 | x3;
}
/**
* @declaration 将整数x转化为4字节数组,采用Big-Endian格式进行解析
* @param x 待转化的整数x
* @return 解析后的字节数组,长度为4
*/
public static byte[] i2osp(int x)
{
byte[] s = new byte[4];
s[3] = (byte)( x & 0x000000ff );
s[2] = (byte)( ( x & 0x0000ff00 ) >>> 8 );
s[1] = (byte)( ( x & 0x00ff0000 ) >>> 16 );
s[0] = (byte)( ( x & 0xff000000 ) >>> 24 );
return s;
}
/**
* @declaration 密钥初始化函数
* @param p_key 长度为128位的密钥数组,若密钥长度小于128位,
* 则必须在填充后再调用该函数
*/
public void keySetup(byte[] p_key)
{
int k0, k1, k2, k3, i;
k0 = os2ip(p_key, 12);
k1 = os2ip(p_key, 8);
k2 = os2ip(p_key, 4);
k3 = os2ip(p_key, 0);
x[0] = k0;
x[2] = k1;
x[4] = k2;
x[6] = k3;
x[1] = ( k3 << 16 ) | ( k2 >>> 16 );
x[3] = ( k0 << 16 ) | ( k3 >>> 16 );
x[5] = ( k1 << 16 ) | ( k0 >>> 16 );
x[7] = ( k2 << 16 ) | ( k1 >>> 16 );
c[0] = rotL(k2, 16);
c[2] = rotL(k3, 16);
c[4] = rotL(k0, 16);
c[6] = rotL(k1, 16);
c[1] = (k0 & 0xffff0000) | (k1 & 0x0000ffff);
c[3] = (k1 & 0xffff0000) | (k2 & 0x0000ffff);
c[5] = (k2 & 0xffff0000) | (k3 & 0x0000ffff);
c[7] = (k3 & 0xffff0000) | (k0 & 0x0000ffff);
carry = 0;
for( i = 0; i < 4; i++)
{
next_state();
}
for( i = 0; i < 8; i++)
{
c[ (i + 4) & 7 ] ^= x[i];
}
}
/**
* @declaration 该函数用于生成128位随机密钥,用于直接和明文进行异或处理
* @param p_dest 产生的128位随机密钥
* @param data_size 需要产生的随机密钥数量,必须是16的倍数
*/
public void getS(byte[] p_dest, long data_size)
{
int i, j, m;
int[] k = new int[4];
byte[] t = new byte[4];
for( i = 0; i < data_size; i+=16)
{
next_state();
k[0] = x[0] ^ ( x[5] >>> 16 ) ^ ( x[3] << 16 );
k[1] = x[2] ^ ( x[7] >>> 16 ) ^ ( x[5] << 16 );
k[2] = x[4] ^ ( x[1] >>> 16 ) ^ ( x[7] << 16 );
k[3] = x[6] ^ ( x[3] >>> 16 ) ^ ( x[1] << 16 );
for( j = 0; j < 4; j++)
{
t = i2osp(k[j]);
for( m = 0; m < 4; m++)
{
p_dest[ j * 4 + m ] = t[m];
}
}
}
}
/**
* @declaration 加密和解密函数
* @param p_src 需要加密或解密的消息,其长度必须是16的倍数,以字节为单位,
* 若不是16的倍数,则需要在调用该函数前进行填充,一般填充值
* 为0的字节
* @param p_dest 加密或解密的结果,其长度必须是16的倍数,以字节为单位
* 并且长度必须大于等于p_src的长度
* @param data_size 需要处理的消息的长度,必须是16的倍数,以字节为单位
* 其值为p_src的长度
*/
public void cipher(byte[] p_src, byte[] p_dest, long data_size)
{
int i, j, m;
int[] k = new int[4];
byte[] t = new byte[4];
for( i = 0; i < data_size; i+=16)
{
next_state();
k[0] = os2ip(p_src, i * 16 + 0) ^ x[0] ^ ( x[5] >>> 16 ) ^ ( x[3] << 16 );
k[1] = os2ip(p_src, i * 16 + 4) ^ x[2] ^ ( x[7] >>> 16 ) ^ ( x[5] << 16 );
k[2] = os2ip(p_src, i * 16 + 8) ^ x[4] ^ ( x[1] >>> 16 ) ^ ( x[7] << 16 );
k[3] = os2ip(p_src, i * 16 + 12) ^ x[6] ^ ( x[3] >>> 16 ) ^ ( x[1] << 16 );
for( j = 0; j < 4; j++)
{
t = i2osp(k[j]);
for( m = 0; m < 4; m++)
{
p_dest[ i * 16 + j * 4 + m ] = t[m];
}
}
}
}
}
public class Main {
public static void main(String[] args) {
/**
* 定义测试密钥key,需要注意的是,由于java没有unsigned类型,
* 所以需要对大于等于0x80的字节进行类型转换,
* 比较方便的办法是都加上(byte)
*/
byte[] key = {
(byte)0xa0, (byte)0x33, (byte)0xd6, (byte)0x78,
(byte)0x6b, (byte)0x05, (byte)0x14, (byte)0xac,
(byte)0xfc, (byte)0x3d, (byte)0x8e, (byte)0x2d,
(byte)0x6a, (byte)0x2c, (byte)0x27, (byte)0x1d
};
/**
* 定义待加密的消息message,密文ciphertext,并初始化为0
*/
byte[] message = new byte[16];
byte[] ciphertext = new byte[16];
for( int i = 0; i < 16; i++)
{
message[i] = (byte)i;
ciphertext[i] = 0;
}
/**
* 调用Rabbit流密码进行加密
*/
Rabbit rtest = new Rabbit();
/*
* 初始化密钥
*/
rtest.keySetup(key);
/*
* 加密
*/
rtest.cipher(message, ciphertext, 16);
for( int i = 0; i < 16; i++)
{
System.out.printf("%02x ", ciphertext[i]);
}
System.out.println();
/**
* 调用Rabbit流密码进行解密
*/
Rabbit rtest2 = new Rabbit();
/*
* 初始化密钥
*/
rtest2.keySetup(key);
byte[] szT = new byte[16];
for( int i = 0; i < 16; i++)
{
szT[i] = 0;
}
/*
* 解密
*/
rtest2.cipher(ciphertext, szT, 16);
for( int i = 0; i < 16; i++)
{
System.out.printf("%02x ", szT[i]);
}
System.out.println();
}
}
RSA
已知dp, dq
https://blog.csdn.net/qq_32350719/article/details/102719279
p = 8637633767257008567099653486541091171320491509433615447539162437911244175885667806398411790524083553445158113502227745206205327690939504032994699902053229
q = 12640674973996472769176047937170883420927050821480010581593137135372473880595613737337630629752577346147039284030082593490776630572584959954205336880228469
dp = 6500795702216834621109042351193261530650043841056252930930949663358625016881832840728066026150264693076109354874099841380454881716097778307268116910582929
dq = 783472263673553449019532580386470672380574033551303889137911760438881683674556098098256795673512201963002175438762767516968043599582527539160811120550041
c = 24722305403887382073567316467649080662631552905960229399079107995602154418176056335800638887527614164073530437657085079676157350205351945222989351316076486573599576041978339872265925062764318536089007310270278526159678937431903862892400747915525118983959970607934142974736675784325993445942031372107342103852
m1 = int(pow(c, dq, q))
m2 = int(pow(c, dp, p))
invp = inverse_mod(p, q)
c1 = ((m2 - m1) * invp) % q
cd = c1 * p + m1
flag = hex(cd)
n相同e不同
c1=22322035275663237041646893770451933509324701913484303338076210603542612758956262869640822486470121149424485571361007421293675516338822195280313794991136048140918842471219840263536338886250492682739436410013436651161720725855484866690084788721349555662019879081501113222996123305533009325964377798892703161521852805956811219563883312896330156298621674684353919547558127920925706842808914762199011054955816534977675267395009575347820387073483928425066536361482774892370969520740304287456555508933372782327506569010772537497541764311429052216291198932092617792645253901478910801592878203564861118912045464959832566051361
n=22708078815885011462462049064339185898712439277226831073457888403129378547350292420267016551819052430779004755846649044001024141485283286483130702616057274698473611149508798869706347501931583117632710700787228016480127677393649929530416598686027354216422565934459015161927613607902831542857977859612596282353679327773303727004407262197231586324599181983572622404590354084541788062262164510140605868122410388090174420147752408554129789760902300898046273909007852818474030770699647647363015102118956737673941354217692696044969695308506436573142565573487583507037356944848039864382339216266670673567488871508925311154801
e1=11187289
c2=18702010045187015556548691642394982835669262147230212731309938675226458555210425972429418449273410535387985931036711854265623905066805665751803269106880746769003478900791099590239513925449748814075904017471585572848473556490565450062664706449128415834787961947266259789785962922238701134079720414228414066193071495304612341052987455615930023536823801499269773357186087452747500840640419365011554421183037505653461286732740983702740822671148045619497667184586123657285604061875653909567822328914065337797733444640351518775487649819978262363617265797982843179630888729407238496650987720428708217115257989007867331698397
e2=9647291
_, s1, s2 = xgcd(e1, e2)
if s1 < 0:
s1 = 0-s1
c1 = inverse_mod(c1, n)
elif s2 < 0:
s2 = 0 - s2
c2 = inverse_mod(c2, n)
m = (int(pow(c1, s1, n)) * int(pow(c2, s2, n)))%n
bytes.fromhex(hex(m)[2:])
已知dp
e = 65537
n = 248254007851526241177721526698901802985832766176221609612258877371620580060433101538328030305219918697643619814200930679612109885533801335348445023751670478437073055544724280684733298051599167660303645183146161497485358633681492129668802402065797789905550489547645118787266601929429724133167768465309665906113
dp = 905074498052346904643025132879518330691925174573054004621877253318682675055421970943552016695528560364834446303196939207056642927148093290374440210503657
c = 140423670976252696807533673586209400575664282100684119784203527124521188996403826597436883766041879067494280957410201958935737360380801845453829293997433414188838725751796261702622028587211560353362847191060306578510511380965162133472698713063592621028959167072781482562673683090590521214218071160287665180751
for x in range(1, e):
if(e*dp%x==1):
p=(e*dp-1)//x+1
if(n%p!=0):
continue
q=n//p
phin=(p-1)*(q-1)
d=inverse_mod(e, phin)
m=int(pow(c, d, n))
if(len(hex(m)[2:])%2==1):
continue
print('--------------')
print(m)
print(hex(m)[2:])
print(bytes.fromhex(hex(m)[2:]))
网友评论