Jump to content
  • Advertisement
Sign in to follow this  
Acef

Trouble converting a RSA library from as3 to cpp

This topic is 2578 days old which is more than the 365 day threshold we allow for new replies. Please post a new topic.

If you intended to correct an error in the post then please contact us.

Recommended Posts

[size="1"](I've decided to post my question in the math category since it relates to arbitrary-precision integers and encryption)

I spent a good few days converting a RSA crypto library that uses a Bigint class very similar to the Biginteger class in the as3crypto library (Found Here) I've decide to specifically use this RSA library because its exactly what the server uses. However, I don't quite understand how a lot of the functions work, and it's very difficult to debug because I can't tell if function is working or not because I'm not familiar with Bigints at all.

If anyone with experience would be kind enough to take a look at my source code (Source Here) which also includes the as3 files I'm trying to convert from. The problem is that it takes forever to square the BigInt. I don't know if its because I got the modulus wrong from the PEM string or if its because the fromByteArray incorrectly reads the byte array to convert into a Bigint, or perhaps there is something wrong with how the RSA encryption works.

I'm basically trying to build a car without ever seeing a working engine before, so it would be very helpful if someone would take a quick look at it.

Here is the segment of the code where it happens :

CBigInteger* CBigInteger::exp(int e, CReduction* z) //z uses classic reduction when problem occurs
{
if (e > 0xffffffff || e < 1) return ONE;
CBigInteger* r = nbi();
CBigInteger* r2 = nbi();
CBigInteger* g = z->convert(this);
int i = nbits(e)-1;
g->copyTo(r);
while(--i >= 0) {
z->sqrTo(r, r2); //Takes a second or 2 to finish the first time.. then it takes a few seconds on the next round, then the third round takes more than a minute
if ((e&(1<<i))>0) {
z->mulTo(r2,g,r);
} else {
CBigInteger* t = r;
r = r2;
r2 = t;
}

}


*also there's probably a ton of memory leaks which I plan to fix by giving the Bigint class an instance count and index of current instances then delete them when I'm done.
*The as3 library I'm trying to convert from uses code derived from the as3 crypto library and the jsbn library.

My source code is also attached.

Share this post


Link to post
Share on other sites
Advertisement

[color="#1C2837"]I've decide to specifically use this RSA library because its exactly what the server uses.


If this is for education purposes that is fine, but if you are going to going to use the converted code in the "real world" I would perhaps rethink this decision. The RSA algorithm itself does not change, up to wire protocols, padding schemes, and so on. These are completely specified by secure protocols (i.e.: TLS/SSL) so all (correct) implementations will be consistent. To that end you should not run into much trouble using an existing cypto library to communicate with this software, certainly nowhere near as much as you will with a hand made one.

What's more; there is absolutely no chance at all your RSA implementation will be correct.

To answer your actual question, that behavior would be expected if the exponentiation was not being modulated correctly. You may like to investigate the results of "z->mulTo(r2,g,r);" and in particular the reduce methods of the reduction implementations to determine if they are behaving correctly.

Share this post


Link to post
Share on other sites

[quote name='Acef' timestamp='1321426129' post='4884469']
[color="#1C2837"]I've decide to specifically use this RSA library because its exactly what the server uses.


If this is for education purposes that is fine, but if you are going to going to use the converted code in the "real world" I would perhaps rethink this decision. The RSA algorithm itself does not change, up to wire protocols, padding schemes, and so on. These are completely specified by secure protocols (i.e.: TLS/SSL) so all (correct) implementations will be consistent. To that end you should not run into much trouble using an existing cypto library to communicate with this software, certainly nowhere near as much as you will with a hand made one.

What's more; there is absolutely no chance at all your RSA implementation will be correct.

To answer your actual question, that behavior would be expected if the exponentiation was not being modulated correctly. You may like to investigate the results of "z->mulTo(r2,g,r);" and in particular the reduce methods of the reduction implementations to determine if they are behaving correctly.
[/quote]

This. I once implemented my own MD5 hash, and boy was that a mistake. I didn't realize that other implementations were just as cross-platform and standard as anything I could hope for, so I wrote my own thinking I'd make mine endian independent, unlike all the others (turns out all the others actually are endian independent). It was a learning experience, but a painful one, because debugging complex cryptographic functions is a complete pain in the butt.

But carry on if you really want to do this for more educational purposes.

Share this post


Link to post
Share on other sites
I've tried looking at several libraries but few provided the padding function, and they we also bloated and not compact and simple. Ya its educational/fun but without the fun. I'm going to keep trying though and hopefully I can figure it out.

Thanks for the help though.

Share this post


Link to post
Share on other sites
Sign in to follow this  

  • Advertisement
×

Important Information

By using GameDev.net, you agree to our community Guidelines, Terms of Use, and Privacy Policy.

GameDev.net is your game development community. Create an account for your GameDev Portfolio and participate in the largest developer community in the games industry.

Sign me up!