RSA private key format
I was trying to find a way to replicate the mega.co.nz session id decoding in Ruby using OpenSSL. But, unfortunately, I am not a cryptographer.
The problem is I don't understand / don't recognize the format of the private key
Here's what their code for decomposing the private key looks like: https://eu.static.mega.co.nz/crypto.js ):
// decompose private key
for (var i = 0; i < 4; i++)
{
var l = ((privk.charCodeAt(0)*256+privk.charCodeAt(1)+7)>>3)+2;
rsa_privk[i] = mpi2b(privk.substr(0,l));
if (typeof rsa_privk[i] == 'number') break;
privk = privk.substr(l);
}
privk
is 656 bytes long (including eight firmwares at the end).
After "decomposition", they use the decomposed parts to decrypt the session id ( https://eu.static.mega.co.nz/rsa.js ):
// Compute m**d mod p*q for RSA private key operations.
function RSAdecrypt(m (encrypted session-id), d (rsa_privk[2]), p (rsa_privk[0]), q (rsa_privk[1]), u (rsa_privk[3]))
How do I convert this key so that OpenSSL knows how to use it?
source to share
OpenSSL supports a variety of key formats including PEM / X.509 and PKCS8 .
The ruby standard library includes the OpenSSL binding .
Using the provided method in this post , you can create a key from the exponent and then use for example
key.to_pem()
to convert it to an X.509 string.
source to share