#hsctf8
from Crypto.Util.number import *
import random
import sympy
flag = open('flag.txt','rb').read()
p,q = getPrime(1024),getPrime(1024)
e = 0x10001
n = p*q
m = random.randrange(0,n)
c = pow(m,e,n)
d = sympy.mod_inverse(e,(p-1)*(q-1))
def menu():
print()
print("1. Key generation algorithm")
print("2. Public key")
print("3. Private key")
print("4. Decrypt")
choice = input(": ").strip()
if choice=="1":
f = open(__file__)
print()
print(f.read())
print()
menu()
elif choice=="2":
print("n = "+str(n))
print("e = 65537")
menu()
elif choice=="3":
print("d = "+str(d))
menu()
elif choice=="4":
d_ = int(input("What private key you like to decrypt the message with?\n : "))
if d_%((p-1)*(q-1))==d:
print("You are not allowed to use that private key.")
menu()
if (pow(c,d_,n)==m):
print("Congrats! Here is your flag:")
print(flag)
exit()
else:
print("Sorry, that is incorrect.")
menu()
else:
print("That is not a valid choice.")
menu()
while 1:
menu()
from ptrlib import Socket
def factorize(N, e, d):
from math import gcd
import gmpy2
k = d*e - 1
t = k
while t % 2 == 0:
t //= 2
g = 3
while True:
x = pow(g, t, N)
if x > 1:
y = gcd(x - 1, N)
if y > 1:
return y, N//y
g = gmpy2.next_prime(g)
sock = Socket("nc regulus-regulus.hsc.tf 1337")
sock.sendlineafter(": ", "2")
n = int(sock.recvlineafter("n = "))
sock.sendlineafter(": ", "3")
d = int(sock.recvlineafter("d = "))
from math import gcd
p, q = factorize(n, 65537, d)
l = (p-1)*(q-1) // gcd(p-1, q-1)
d2 = pow(65537, -1, l)
while d2 == d:
d2 += l
sock.sendlineafter(": ", "4")
sock.sendlineafter(": ", str(d2))
sock.interactive()
