RAS encrypted file analysis

Posted by quickstopman on Sat, 05 Mar 2022 12:45:28 +0100

There are two different coding formats for X.509 standard certificates. pem coding is generally used pem as the file extension,
If der coding is adopted, it shall be in der as the extension. But common certificate extensions also include crt,. cer,. p12 et al,
They may adopt different coding formats and contents, but most of them can be converted to each other.

Key format and coding

x.509: public key certificate standard, which is the content of an integer;
RSA: asymmetric encryption algorithm, which can be used to encrypt text, usually 1024 4086 bits;
ASN.1: Abstract syntax tags describe a data format that represents, encodes, transmits and decodes data;
PKCS (the public key Cryptography Standards): a series of standards related to public key cryptography;
PKCS#1 (RSA Cryptography Standard): defines the syntax format of RSA public key and private key;
PKCS#8 (private key information Syntax Standard): defines a syntax for private key information and also provides a syntax for encryption keys;
DER Code: conform to ASN 1. The key or certificate file of syntax is output as binary file;
PEM encoding: encode the binary data encoded by DER with Base64, and output the text data plus the start and end lines,
Such as "---- BEGIN CERTIFICATE ------" and "---- END CERTIFICATE ------" in the certificate file;

Several extensions of certificates

. PEM: file extension of X.509 certificate in PEM encoding format;
. DER: file extension of X.509 certificate in DER encoding format;
. crt(certificate): certificate format, common in UNIX like systems, PEM or DER coding, most of which adopts PEM coding;
. cer(certificate): certificate format, which is common in Windows system. Similarly, PEM or DER coding is adopted for most of them;
. p12(.pfx): encryption standard, PKCS #12, is a kind of Public Key Cryptography Standards (PKCS) series,
Contains the corresponding X.509 certificate and the private key corresponding to the certificate. Simple understanding: one p12 file = X.509 certificate + private key;
. csr(Certificate Signing Request): a certificate signing request, which is not in the form of a certificate. It is used to apply for a certificate from a CA,
Contains an RSA public key and other attached information in generating this When applying for csr, a paired RSA private key will also be generated.
. key: it is usually used to store an RSA public key or private key. It is not in the format of X.509 certificate. The code may also be PEM or DER. The viewing method is as follows:

PEM Coding format: openssl rsa -in xxx.key -text -noout 
DER Coding format: openssl rsa -in xxx.key -text -noout -inform der

PKCS#1 format

Contains a series of data, from which you can export the private key and public key. I can't understand how to generate it

secret key

# PKCS#1 format key data structure
RSAPrivateKey ::= SEQUENCE 
  version Version,    // Version number. The version number in V2 should be 0, but if multiple prime numbers are used, the version number should be 1
  modulus INTEGER, -- n     //Modulus of RSA n
  publicExponent INTEGER, -- e    //RSA's public key exponent e
  privateExponent INTEGER, -- d    //RSA's public key power exponent d
  prime1 INTEGER, -- p    //Prime factor p of n
  prime2 INTEGER, -- q    //Prime factor q of n
  exponent1 INTEGER, -- d mod (p-1) 
  exponent2 INTEGER, -- d mod (q-1) 
  coefficient INTEGER, -- (inverse of q) mod p,//Represents the coefficient of CRT (Chinese remainder theorem)
  otherPrimeInfos OtherPrimeInfos OPTIONAL    //If version is 0, it is ignored; If version is 1, it should contain at least one instance of OtherPrimeInfo

OtherPrimeInfo ::= SEQUENCE 
  prime INTEGER, -- ri 
  exponent INTEGER, -- di 
  coefficient INTEGER -- ti 

Using openssl to generate, pkcs#1 format, PEM encoded key file prikey pkcs1. pem
openssl genrsa -out prikey.pkcs1.pem

# cat prikey.pkcs1.pem

The file is base64 coded and can be decoded by tools
openssl rsa -inform PEM -outform DER -in prikey.pkcs1.pem -out prikey.pkcs1.der
Got it The der file is the binary output of the key in pkcs#1 format

# xxd prike.pkcs#1.der
0000000: 3082 025b 0201 0002 8181 00f0 7f55 6009  0..[.........U`.
0000010: cd94 e296 4870 4ee1 f960 64bc 5379 7f52  ....HpN..`
0000020: 3521 5fb9 5a34 8d15 c416 aa08 cfdf 3835  5!_.Z4........
0000030: 499d 3ffb 31a2 b72e 8256 81f7 9eec cbc4  I.?.1....V......

Direct binary is useless. You can view the information of each field with opnssl
openssl asn1parse -i -in prikey.pkcs1.pem

# cat prikey.pkcs1.pem
  0:d=0  hl=4 l= 603 cons: SEQUENCE
  4:d=1  hl=2 l=   1 prim:  INTEGER :00
  7:d=1  hl=3 l= 129 prim:  INTEGER :B614A0942E269BD799F5043...07B47D072D527A3B584952DFBAB                                                                
139:d=1  hl=2 l=   3 prim:  INTEGER :010001
144:d=1  hl=3 l= 128 prim:  INTEGER :69132647DD0A32CD0CEFB46F...D2AC424E1E4064BCB85B3AAB9AE1AC1                                                                
275:d=1  hl=2 l=  65 prim:  INTEGER :D9232CD625CFF3512F2C26D2E9...68327792926561E64C600013781E5EC569
342:d=1  hl=2 l=  65 prim:  INTEGER :D6AB36F17373EF5B73229939DA11...6054E2E813FF00B                                                     
409:d=1  hl=2 l=  64 prim:  INTEGER :1EDA40A4ACFABF37E9DBFC283BC...C80E4DCC71258D2BC0FFFC7390B43864E1BF2105104BA701                                                                         
475:d=1  hl=2 l=  64 prim:  INTEGER :A1D672959574D1...62CFAFB6A7FE42C90DDBDBEE147D749445BA7EE5802B76E7C8A4B55D9FC181D62773                                                                           541:d=1  hl=2 l=  64 prim:  INTEGER :7AC9618673B62E277A8FB...D83C21460E2A6BEE

Left half
0:d=0 hl=4 l= 603 cons: SEQUENCE
0 indicates the offset length of the node in the whole file
d=0 = node depth
hl=4 = length of node header byte
l=603 indicates the length of node data bytes
The node or the sub structure of cons indicates that the node contains data
prim # indicates that the node is the original node and contains data
OCTET STRING [HEX DUMP] is the encrypted private key data.
//SEQUENCE and OCTETSTRING are ASN 1. Refer to ASN for details 1 format description.
Right half
Referring to the format of the above two paragraphs, you can correspond to the values of each field one by one. This paper does not involve rsa codec operation, so it's good to know the composition of the certificate. After all, I won't
There is another way to view it
openssl rsa -text -noout -in prikey.pkcs1.pem

# cat prikey.pkcs1.pem
Private-Key: (1024 bit)
publicExponent: 65537 (0x10001)

Generally, the output content is similar.

Public key

# PKCS#1 public key data structure
RSAPublicKey ::= SEQUENCE 
  modulus INTEGER, -- n    //Is the RSA modulus, which is a positive integer 
  publicExponent INTEGER -- e    //Is the RSA public key power exponent, which is a positive integer

Using openssl to export pkcs1 public key from pkcs1 key
openssl rsa -in prikey.pkcs1.pem -RSAPublicKey_out -out pubkey.pkcs1.

# cat pubkey.pkcs1.pem

Get to know the private key part and check the value of each field
openssl asn1parse -i -in pubkey.pkcs1.pem

# cat pubkey.pkcs1.pem
  0:d=0  hl=3 l= 137 cons: SEQUENCE
  3:d=1  hl=3 l= 129 prim:  INTEGER           :B614A0942E269BD799...D527A3B584952DFBA
135:d=1  hl=2 l=   3 prim:  INTEGER           :010001

PKCS#8 format

The operation and viewing methods are similar to those above. Briefly introduce their mechanism and generation method

Private key

# PKCS#8 key data structure
PrivateKeyInfo ::= SEQUENCE 
  verion               Version,    // edition
  privateKeyAlgorithm		PrivateKeyAlgorithmIdentifier ::= SEQUENCE // Private key algorithm
  privateKey				      PrivateKey ::= OCTET STRING ,    // Encrypted private key data, the last OCTET STRING data block 
  attributes           [0] IMPLICIT Attributes OPTIONAL ::= SET OF Attribute 

Convert pkcs1 private key to pkcs8 private key
openssl pkcs8 -topk8 -in prikey.pkcs1.pem -out prikey.pkcs8.pem -nocrypt
openssl asn1parse -i -in prikey.pkcs8.pem

# cat prikey.pkcs8.pem
# It depends on indentation to distinguish which group of information is, so it should be arranged better 
 0:d=0 hl=4 l= 710 cons: SEQUENCE 
 4:d=1 hl=2 l= 64  cons:  SEQUENCE  
 6:d=2 hl=2 l= 9   prim:   OBJECT :PBES2  
17:d=2 hl=2 l= 51  cons:  SEQUENCE    
19:d=3 hl=2 l= 27  cons:   SEQUENCE    
21:d=4 hl=2 l= 9   prim:    OBJECT :PBKDF2  
32:d=4 hl=2 l= 14  cons:    SEQUENCE    
34:d=5 hl=2 l= 8   prim:     OCTET STRING [HEX DUMP]:7A61B055165A89CA
44:d=5 hl=2 l= 2   prim:     INTEGER :0800  
48:d=3 hl=2 l= 20  cons:   SEQUENCE  
50:d=4 hl=2 l= 8   prim:    OBJECT :des-ede3-cbc  
60:d=4 hl=2 l= 8   prim:    OCTET STRING [HEX DUMP]:110E8A184EFEAB9C   
70:d=1 hl=4 l= 640 prim:  OCTET STRING [HEX DUMP]:  
C94F34F0CFF56B3E92D437C49559B1BD6 ... 87948FD5C7526D569BB8  

Public key

Export private key from pkcsck8
openssl rsa -in prikey.pkcs1.pem -pubout -out pubkey.pkcs8.pem
Get to know the private key part and check the value of each field
openssl asn1parse -i -in pubkey.pkcs8.pem

# cat pubkey.pkcs8.pem 
-----END PUBLIC KEY-----

openssl asn1parse -i -in pubkey.pkcs8.pem

# cat pubkey.pkcs8.pem
 0:d=0  hl=3 l= 159 cons: SEQUENCE 
 3:d=1  hl=2 l=  13 cons:  SEQUENCE 
 5:d=2  hl=2 l=   9 prim:   OBJECT            :rsaEncryption 
 6:d=2  hl=2 l=   0 prim:   NULL 
18:d=1  hl=3 l= 141 prim:  BIT STRING

PKCS#1/8 public-private key conversion

# PKCS#1 / 8 public-private key conversion
#generate   #1 Public: ` OpenSSL genrsa - out prikey pkcs1. pem 1024`  

#1 Private transfer #8 private: ` OpenSSL pkcs8 - in prikey pkcs1. pem -out prikey. pkcs8. pem  -nocrypt `  
#8 Private transfer #1: ` OpenSSL RSA - in prikey pkcs8. pem -out prikey. pkcs1. pem`  

#1 Private transfer #1 Public: ` OpenSSL RSA - in prikey pkcs1. pem -out pubkey. pkcs1. pem -RSAPublicKey_ out`
#8 Private transfer #8 public: ` OpenSSL RSA - in prikey pkcs8. pem -out pubkey. pkcs8. pem -pubout`

#1 revolution #8 public: ` OpenSSL RSA - in pubkey pkcs1. pem -out pubkey. pkcs8. pem -pubout -RSAPublicKey_ in`
#8 revolution #1 Public: ` OpenSSL RSA - in pubkey pkcs8. pem -out pubkey. pkcs1. pem -pubin  -RSAPublicKey_ out`

#1 Private transfer #8 public: ` OpenSSL RSA - in prikey pkcs1. pem -out pubkey. pkcs8. pem -pubout`

reference resources

#Secret key / Certificate / https handshake / CA related concepts
#Analyze RSA private key file format with openssl command
#RSA public private key format analysis and its conversion method between Java and Openssl
#Principle of RSA algorithm (I)
#openssl RSA key format PKCS1 and PKCS8 convert to each other