1

I am trying to decrypt a readme file given for a CTF. I have the public and private keys

-----BEGIN RSA PRIVATE KEY-----
MIIJJwIBAAKCAgEAgBqs0zu5mQ8XcsZ1yYGR1Pg75Lwk5GU4hoJmDVvlSjsV4L/X
ol9Gc+zWSQzJhkcGNlE/dr+mAUQlYJ+E51/giuucZ/onupmYiVpmHMrvRSdj2HbU
Xzb9d/U/JeDMVlGsp8o71rXxpxHGRoMIZiJ+kEf0XfPl5a3NWXhezQ1U5S5UieA9
Yuh4J/3oIYMpR0+Fl/0fPtAe/nh1FeVoj+bPoKtWImdYe7GIg8kfGfxak/nO59ar
fICnoVAa138u/q7qL41+vs8a7RKfDev/htbOKbvn64a/FtiVDuHyolsV7rCblTmA
BXBYlq+Cl9TOL6ThdvfZkv9BTUVRGRi4Q03C5uXI1Hk7E8KvuBSXKDl9GESFBFYL
g5/8O96+Cr8lU7ovyR4+NH5eDvJW3s+s4sCnFM6OUWcRH3xbhnWSfdAyn16UL13X
cQ0ImWNBKP823Df2bsQHbtLlOIKTB/4GYjQmHVH75f4C0XzGnZUz/G5neBswq2w8
C14HK/VKZlKDxF2jyutLUz8giL31tztWMNwgXGbbldjCd9bhC8FViBXQyh58Hfqq
wpmfm9r+MNbbP1Q9f14cp062GgkSBCPj2Q3f0bqEKyRbBx+/rtz3Er/nmxZPjXqE
4RpM/Aoz47qmCa/aVlE2V/jwpi4Ti+dsMovo0g2sanKlk1nioksQTcZrBFMCAwEA
AQKCAgAp85JhYo+3NiABsEhmgw4U5m4GzC5wtU07j3yIJ24BTzQs8+ZUAEt8LzVF
mvBsDtpT82uLIdvlUkHDULofY2CPXfVMf7l+/EndwULrbvHIfcvO2atWuxVqsV/K
scF5Cyo1kJ7kA5Vtlv6NnN+lQuqbqVS3Z+YDv1UeVbMGB7Wjj/aTaGHyABtJTXc1
clSUS9B+I6CV22YrA5ukXgpOBdI81Z9RiPKLH2qLbdPHmMK47vf5KG3kSeWbiDYi
GD51nSaICBhXuE8jEBQSZRS7PaEqPaUHlosBmk/GHextitK15hQtXDU2ksIQJs3n
lwMmyyIi6avQ3dKu0WJri5LcR5zptMeCTEgWLj9zM85WVLdTcvXQU42Qttf9N8eb
5HzIU5snCiMvYSnHkU/op3+Sjq4w4RYTt/31z5r1IDb6ExB8uFnBlXqPELoFldKo
CPNAozAiapWlD1hSXAedtRKbUTvUX4PDTM96BNRP7QxqJ8wcZwwo2If0sfyRE050
IulrC3N4vb0Tzj8CKnb3N5AG7EzH/dnZ6MmYwgplBLJFzLrXc5b1D1WPsYd8AI3D
T9vMf+qHwxhS2VAxnIyaZLxtwBONeoorh8eE0QNKZKHsSHQU4B8q++1Nzik3inPM
WLfKS6z4sInuk4/zlXz/h9bu16HtAMMDIitNDcGTsAALbT6f0QKCAQEA0OwjLLI1
OOLLebqSaobLcuZXGHvFURShSFGfrPQqwW2Fo+Dn0ziS4qFYOGBx+mr7gOSXY/uY
HiDOY8qCY/iG8D8E1BQ760BAw7DoVg/2GVcr0DwV5pkrvGZWSyR4DeuBPIldSvJ0
6JO0fCduuCnG6xvNC6wRR8wmkBbMB8NUy1EoZOGPIwOaNphwFw1mH2bn7h1Lp21G
JaE0pEaqIVl7qIb5FTRwLX6vgxvyOp7RcrLl9JS/zDbEweffnbm7cUZ03iK8LUgB
1htPd2RbSUSrSSt120+RFz2RSW+UcyWZcL4LnsumxfTgq/Q0IOzlGN/TKewnjGUl
4EVbpGVRg7tUtQKCAQEAnPh42556OCU459nQ9YSHPTIj0BxlWAiALn8T4DSV6wAE
9aZytwNQXid8oFBBwDzqSqVNunIwM/iUxbPqabEFT+8umlElG/Lgv4ceDNrsDfYa
PsX75W8S/xJcMLImaWr+ngvAijBqE+uqyxVLXZCKxAGwipZbEAlpWp11fVT9Byn1
OEM+bZ6h7tzRBhdthwcgg7H1hQy/neNot95u5IveSL7Q5T116EME6iX/X0tVxBEa
mPrLyxRBfg4TnjOg4srGKSFCeV0oimkAeWTOeucBmHdWQUiFGSOIASmRwpj/iGGj
HRHvIrst6MrO+XLLNknOHpqYAQNXZUHwArtbhsVh5wKCAQAISqbmujfkhxO+RApV
kf33FG82eIsPObtg7GRi79nWjWs1YtKwjlk+B1tB+Ynsf1x19BySCkUyROkMCth7
8Twhws6FQDxUjNtFKPs/lyiUPuJtREU2PrP+qS0ZlFvzaXpalbUPKWo8ZMhP+Ryq
0HWllRfhM7YH3HFXXKBCWp096H2q60zL/fOb4Rbpw01fR61CxQTgozSaf7hgILHV
2wBOYvT1w3wEQjfjAzPs4aq8W59GwrSN/Up3y6UTVHC9ASfYPRas0WPJRJI10dTR
ppkJsWDfEFxYyMfAW15P55kcYV6CseBvkNVt3aZH/D7natKtokK7jrQfH4GQl7jR
epjVAoIBAAp7LNa9RjvpgFs62BEMwFr9thZ3Tu0J5EU2hwU5fakrXyln69D8j6k5
ycCKm1lSt/I0B3Sjm0RdHNH2qXhVMZ2cwufa8zdiiE9BnmgNViW4gRgf8CnpuML/
XtiBjL8NPeMftcOEaBDcc5ML4PRmal2cH0WhtILlnftG+EleG2cXDiCrnMeFCBsC
85IMjmuttiYVA+fWahUI0j00xQLNtBH3a8tixzSzBOj9kIe0aA2ndrcwR9tPhu/7
0KOHnv6Fu6WTavTfm41iZX21lXPvaNPdZA0H4ptDHBm3xNvRi353xoRyZh1TkkUx
BZDycU82rmSsvemTZ4qDVJtaF0pwc5ECggEAFbT/XaA/ZiAfAYESgz0fr/gmkCu0
w+b8r5H5i3XUM9iiJIuNDrxn00060mlGe3CsiKZT+4+9Bf13ArqrNOdpeidzc3Gu
DzHvO0S0+hhAmrmwaQUAMhJRYYlsulVv9R7tl4QQWWuX6fPiSgsjAKG7h8YpyCnZ
G6E9aoj9gvPNxFLmM9A/VHewYTfcvVRuViQm8QYPCiS+nbro1rrYt98tJIYb9K02
6mvvE1WGKPNWKTpuMkr3Um4C3eql6p4cWsPmMZB8qdJ8+KA8OxJR2JcnGNq30VX4
sKUlo8kQgjoW3lTbioAvuHisLFMWzHPBi+l2ymDlFeU6dG7cJjQyjsNAkA==
-----END RSA PRIVATE KEY-----

-----BEGIN PUBLIC KEY-----
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAgBqs0zu5mQ8XcsZ1yYGR
1Pg75Lwk5GU4hoJmDVvlSjsV4L/Xol9Gc+zWSQzJhkcGNlE/dr+mAUQlYJ+E51/g
iuucZ/onupmYiVpmHMrvRSdj2HbUXzb9d/U/JeDMVlGsp8o71rXxpxHGRoMIZiJ+
kEf0XfPl5a3NWXhezQ1U5S5UieA9Yuh4J/3oIYMpR0+Fl/0fPtAe/nh1FeVoj+bP
oKtWImdYe7GIg8kfGfxak/nO59arfICnoVAa138u/q7qL41+vs8a7RKfDev/htbO
Kbvn64a/FtiVDuHyolsV7rCblTmABXBYlq+Cl9TOL6ThdvfZkv9BTUVRGRi4Q03C
5uXI1Hk7E8KvuBSXKDl9GESFBFYLg5/8O96+Cr8lU7ovyR4+NH5eDvJW3s+s4sCn
FM6OUWcRH3xbhnWSfdAyn16UL13XcQ0ImWNBKP823Df2bsQHbtLlOIKTB/4GYjQm
HVH75f4C0XzGnZUz/G5neBswq2w8C14HK/VKZlKDxF2jyutLUz8giL31tztWMNwg
XGbbldjCd9bhC8FViBXQyh58Hfqqwpmfm9r+MNbbP1Q9f14cp062GgkSBCPj2Q3f
0bqEKyRbBx+/rtz3Er/nmxZPjXqE4RpM/Aoz47qmCa/aVlE2V/jwpi4Ti+dsMovo
0g2sanKlk1nioksQTcZrBFMCAwEAAQ==
-----END PUBLIC KEY-----

But when I try either with openssl or cyberchef, I get an IllegalBlockSizeException: Data must not be longer than 512 bytes. Can someone explain to me why this is happening or guide me? Thanks!

I tried decrypting it with openssl, cyberchef, you name it. But I keep getting the error.

Phil31
  • 11
  • 2

2 Answers2

0

What you have is a 4096 bit RSA private key. RSA works with modular exponentiation, and is therefore restricted to messages that are within that size.

By definition in PKCS#1 you can see that actually the ciphertext should be precisely 4096 / 8 = 512 bytes, as the resulting number is simply prefixed with zero bits to get to this (unsigned) encoding.

This restrict the input value for encryption, and in turn that limits the message size that can be processed. As RSA is very inefficient compared to e.g. symmetric encryption usually a hybrid cryptosystem is used: a random key is encrypted which is then used to encrypt the message.

So you have basically two failure modes for this exception (which doesn't get to the unpadding part yet): either the RSA ciphertext is not presented correctly, or you need to look if decryption of the first 512 bytes doesn't result in a 128, 192 or 256 bit key (which is probably an AES key, although other algorithms could be used).

Just decoding the key is obviously not the end of the puzzle, that would be too easy :)

Maarten Bodewes
  • 90,524
  • 13
  • 150
  • 263
  • Thank you, I understand what you mean. I am trying to decrypt 512 bytes but I get Error: Encryption block is invalid. According to my research, they used RSAES-PKCS1-V1_5. I wonder if I am using the same padding algorithm for encryption and decryption. – Phil31 Jul 14 '23 at 21:30
  • That might be the next problem, yes. But the decryption code is not in the question, so I cannot say (sorry, didn't notice the next error in above comment). Or, of course, the data that you are now looking at isn't the RSA ciphertext, but commonly it consists of the first bytes. – Maarten Bodewes Jul 14 '23 at 21:56
  • Alright. If you think that the answer helped you then please accept it; I think it does clearly specify why you got the error at the very least. Probably best to leave the puzzle unsolved for the next person otherwise (glad you solved it, but maybe best to delete the previous comment). – Maarten Bodewes Jul 15 '23 at 18:23
0

You can see your decoded private key here

- Certificate SEQUENCE (9 elem)
  - tbsCertificate TBSCertificate INTEGER 0
  - signatureAlgorithm AlgorithmIdentifier INTEGER (4096 bit) 522619537995600330659362798382170334294884599411537923477852582607882…
  - signature BIT STRING INTEGER 65537
  - INTEGER (4094 bit) 171146993674742119666924704806111657760300490906975096719130752520413…
  - INTEGER (2048 bit) 263740111251701695242154015117783353622712014389724293829853199685866…
  - INTEGER (2048 bit) 198157017343803180079696350367430661633409074561527518264812238754480…
  - INTEGER (2044 bit) 104671869228935732383972808233723622193978050479526509948799635684108…
  - INTEGER (2044 bit) 132312298075359371962212373042384694952133620745722938176422228174864…
  - INTEGER (2045 bit) 274025760907982715469692757023388764574001657891745879566522826382768…
Ian Boyd
  • 246,734
  • 253
  • 869
  • 1,219