Migrate RSA decryption from PyCrypto to PyCryptodome

Question

Using the PyCrypto library, the following code prints 127:

from Crypto.PublicKey import RSA
import base64

# Private key in tuple form (obscured for privacy)
key = [1, 1, 1]

bk = "zJuG60z9Iv..." # (obscured for privacy)

privatekey = RSA.construct(key)
result = privatekey.decrypt(base64.b64decode(bk))
print(len(result))

To the best of my knowledge, this would be the equivalent using PyCryptodome. However, the resulting value only has a length of 16, indicating a possible decryption error.

from Crypto.PublicKey import RSA
from Crypto.Cipher import PKCS1_v1_5
import base64

# Private key in tuple form (obscured for privacy)
key = [1, 1, 1]

bk = "zJuG60z9Iv..." # (obscured for privacy)

privatekey = RSA.construct(key)
cipher = PKCS1_v1_5.new(privatekey)
result = cipher.decrypt(base64.b64decode(bk), None)
print(len(result))

I believe this is because my ciphertext uses textbook unpadded RSA. Does anyone know how I can decrypt this value with PyCryptodome or another maintained library?

score 0 · Accepted Answer · answered Jul 20 '20 at 00:00

PyCryptodome doesn't provide a built-in method to decrypt textbook RSA, but can be decrypted using modular exponentiation from the standard library.

from Crypto.PublicKey import RSA
import base64

# Private key in tuple form (obscured for privacy)
key = [1, 1, 1]

bk = "zJuG60z9Iv..." # (obscured for privacy)

privatekey = RSA.construct(key)
ciphertext = base64.b64decode(bk)
ct_int = int.from_bytes(ciphertext, 'big')
pt_int = pow(ct_int, privatekey.d, privatekey.n)
plaintext = pt_int.to_bytes(privatekey.size_in_bytes(), 'big').lstrip(b'\x00')
print(len(plaintext))

Migrate RSA decryption from PyCrypto to PyCryptodome

1 Answers1