martes, 18 de septiembre de 2012

RSA-based digital signature

For this homework I need to implement a HTTP public-key repository for key exchange that employs RSA-Based digital signatures, so for make this assignment I used PHP and a little database in mysql also a little script in Python.

First of all, this is my code:

This is the PHP+MySQL code
<?php
$conectar = mysql_connect("*****", "******", "******") or die(mysql_error());
$select = mysql_select_db("*******", $conectar);
function f($x){
return ($x * $x);
}
function fastmodexp($x, $y, $mod){
$p = 1;
$aux = $x;
while($y > 0){
if ($y % 2 == 1){
$p = ($p * $aux) % $mod;
}
$aux = ($aux * $aux) % $mod;
$y = $y >> 1;
}
return ($p);
}
?>
<html>
<head>
<title>Web Service - RSA-Based digital signatures</title>
</head>
<body>
<a href="http://robertomtz.comeze.com/script.py">Download script</a></br>
<?php
if(isset($_POST['Generate'])){
$random = rand(0, 9);
}
if(isset($_POST['Check'])){
$usuario = $_POST['usuarios'];
$x = $_POST['challengen'];
$r = $_POST['response'];
$E = mysql_fetch_row(mysql_query("SELECT E From Usuarios WHERE Usuario = \"". $usuario . "\""));
$N = mysql_fetch_row(mysql_query("SELECT N From Usuarios WHERE Usuario = \"". $usuario . "\""));
$e = $E[0];
$n = $N[0];
$y = f($x);
$num = fastmodexp($r, $e, $n);
if ($y == $num){
echo "<strong><h2>Yes, it was ". $usuario ." :)</h2></strong>";
} else {
echo "<strong><h2>No, it wasn't ". $usuario ." :(</h2></strong>";
}
}
?>
<form action = "<?php echo $_SERVER['PHP_SELF']; ?>" method="post">
Challenge: <?php echo $random; ?>
<input type="submit" name="Generate" value="Generate" />
</form>
<form action = "<?php echo $_SERVER['PHP_SELF'];?>" method="post">
<input type="hidden" value="<?php echo $random; ?>" name="challengen"/>
<?php
$strmysql = "SELECT Usuario FROM Usuarios";
$usuarios = mysql_query($strmysql);
$select = "<select name=\"usuarios\">";
while($fila = mysql_fetch_array($usuarios)){
$select .= "<option value='".$fila['Usuario']."'>".$fila['Usuario']."</option>";
}
$select .= "</select>";
?>
User: <?php echo $select; ?> </br></br>
Response: <input type="text" name="response" size = "10" /> </br>
<input type="submit" name="Check" value="Check" /> </br>
</form>
</body>
</html>
view raw cripto.php hosted with ❤ by GitHub



This is the Python script.
#!/usr/bin/python
def f(x):
return x*x
def fastmodexp(x, y, mod):
p = 1
aux = x
while y > 0:
if y % 2 == 1:
p = (p * aux) % mod
aux = (aux * aux) % mod
y = y >> 1
return p
def main():
x = int(raw_input("Escribe tu x -> "))
d = int(raw_input("Escribe tu d -> "))
n = int(raw_input("Escribe tu n -> "))
y = f(x)
r = fastmodexp(y, d, n)
print "Esta es tu r = " + str(r)
main()
view raw script.py hosted with ❤ by GitHub

This is the MySQL database.
CREATE TABLE 'Usuarios' (
'Usuario' char(10) COLLATE latin1_general_ci NOT NULL,
'E' int(10) NOT NULL,
'N' int(10) NOT NULL
) ENGINE=MyISAM DEFAULT CHARSET=latin1 COLLATE=latin1_general_ci;
INSERT INTO 'Usuarios' VALUES('Alguien', 19, 3763);
INSERT INTO 'Usuarios' VALUES('Roberto', 67, 253);
INSERT INTO 'Usuarios' VALUES('Saul', 91459, 9131);
INSERT INTO 'Usuarios' VALUES('Max', 233273, 73109);
INSERT INTO 'Usuarios' VALUES('cecy', 59, 5767);
view raw database.sql hosted with ❤ by GitHub
You can access to the application robertomtz.comeze.com/cripto.php

This is useful for example, I am not sure that cecy is the same person that I am chatting on facebook, so Cecy is on my database with a public key and I sent a challenge to Cecy and she download a script that run in local, put her keys and compute a r, she sent me the r and I verify in my web that it was Cecy.

This is an example that I made with Cecy 







If I put an incorrect Response:


:)
Publicado por ROberto en 14:27
Etiquetas:

1 comentario:

Suscribirse a: Enviar comentarios (Atom)