# by https://findneo.github.io/
# decode encryption.encrypted
s1 = 'abdefghijklmpqrtuvwxyz'
s2 = 'dmenwfoxgpyhirasbktclu'
f1 = open('encryption.encrypted')
with open('encryption.py', 'w') as f2:
tmp += s2[s1.index(j)] if j in s1 else j
def common_modulus(n, e1, e2, c1, c2):
assert (libnum.gcd(e1, e2) == 1)
_, s1, s2 = gmpy2.gcdext(e1, e2)
m = pow(c1, s1, n) if s1 > 0 else pow(gmpy2.invert(c1, n), -s1, n)
m *= pow(c2, s2, n) if s2 > 0 else pow(gmpy2.invert(c2, n), -s2, n)
[n2, n3] = map(lambda x: int(base64.b64decode(x).encode('hex'), 16),
open('n2&n3').readlines())
[n1c1, n1c2] = map(lambda x: int(x, 16), open('n1.encrypted').readlines())
[msg1c1, msg2c2] = map(lambda x: int(x, 16), open('ciphertext').readlines())
n1 = common_modulus(n3, e1, e2, n1c1, n1c2)
# n1 += n3 # 存在n3比n1小的可能,并且确实如此;貌似主办方中途改题,把n1改成小于n3了。
d1 = gmpy2.invert(e, (p1 - 1) * (p2 - 1))
d2 = gmpy2.invert(e, (p1 - 1) * (p3 - 1))
msg1 = pow(msg1c1, d1, n1)
msg2 = pow(msg2c2, d2, n2)
msg1 = hex(msg1)[2:].decode('hex')
msg2 = hex(msg2)[2:].decode('hex')
# XMAN{CRYPT0_I5_50_Interestingvim rsa.py}