I was trying to find a way to replicate the session-id decoding of mega.co.nz in Ruby using OpenSSL. But, unfortunately, I'm not a cryptography expert.
The problem is I don't understand/recognise the private key format
This is what their code to decompose the private key looks like ( https://eu.static.mega.co.nz/crypto.js ):
// decompose private key
for (var i = 0; i < 4; i++)
{
var l = ((privk.charCodeAt(0)*256+privk.charCodeAt(1)+7)>>3)+2;
rsa_privk[i] = mpi2b(privk.substr(0,l));
if (typeof rsa_privk[i] == 'number') break;
privk = privk.substr(l);
}
privk
itself is 656 bytes long (include eight dashes padding at the end).
After the 'decomposition' they use the decomposed parts to decrypt the session-id ( https://eu.static.mega.co.nz/rsa.js ):
// Compute m**d mod p*q for RSA private key operations.
function RSAdecrypt(m (encrypted session-id), d (rsa_privk[2]), p (rsa_privk[0]), q (rsa_privk[1]), u (rsa_privk[3]))
How to convert this key so OpenSSL knows how to use it?
OpenSSL supports different key formats, including PEM/X.509 and PKCS8 .
The ruby standard library includes an OpenSSL binding .
Using the method provided in this post you can create the key from the exponent and then use for example
key.to_pem()
to convert it to an X.509-formatted string.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.