from Crypto.PublicKey import RSA
from Crypto.Signature.pkcs1_15 import PKCS115_SigScheme
from Crypto.Hash import SHA256
import binascii
# Generate 1024-bit RSA key pair (private + public key)
keyPair = RSA.generate(bits=1024)
pubKey = keyPair.publickey()
# Sign the message using the PKCS#1 v1.5 signature scheme (RSASP1)
msg = b'Message for RSA signing'
hash = SHA256.new(msg)
signer = PKCS115_SigScheme(keyPair)
signature = signer.sign(hash)
print("Signature:", binascii.hexlify(signature))
# Verify valid PKCS#1 v1.5 signature (RSAVP1)
msg = b'Message for RSA signing'
hash = SHA256.new(msg)
verifier = PKCS115_SigScheme(pubKey)
try:
verifier.verify(hash, signature)
print("Signature is valid.")
except:
print("Signature is invalid.")
# Verify invalid PKCS#1 v1.5 signature (RSAVP1)
msg = b'A tampered message'
hash = SHA256.new(msg)
verifier = PKCS115_SigScheme(pubKey)
try:
verifier.verify(hash, signature)
print("Signature is valid.")
except:
print("Signature is invalid.")
I'm a cryptographic expert with a deep understanding of various cryptographic algorithms and protocols. I've worked extensively with asymmetric key cryptography, digital signatures, and hash functions. My expertise is grounded in both theoretical knowledge and practical implementation.
In the provided Python code snippet, the focus is on implementing RSA (Rivest–Shamir–Adleman), a widely used public-key cryptosystem. Let me break down the key concepts and functions used in the code:
-
RSA Key Pair Generation:
keyPair = RSA.generate(bits=1024) pubKey = keyPair.publickey()Here, a 1024-bit RSA key pair is generated.
keyPaircontains both the private and public keys, whilepubKeystores only the public key. -
Message Signing:
msg = b'Message for RSA signing' hash = SHA256.new(msg) signer = PKCS115_SigScheme(keyPair) signature = signer.sign(hash)The message is signed using the PKCS#1 v1.5 signature scheme with SHA-256 as the hashing algorithm. The
signmethod takes the hash of the message and produces the digital signature. -
Signature Verification (Valid Case):
msg = b'Message for RSA signing' hash = SHA256.new(msg) verifier = PKCS115_SigScheme(pubKey) try: verifier.verify(hash, signature) print("Signature is valid.") except: print("Signature is invalid.")The code verifies a valid signature by rehashing the original message, creating a verifier with the public key, and then using the
verifymethod to check the signature's validity. -
Signature Verification (Invalid Case):
msg = b'A tampered message' hash = SHA256.new(msg) verifier = PKCS115_SigScheme(pubKey) try: verifier.verify(hash, signature) print("Signature is valid.") except: print("Signature is invalid.")This snippet demonstrates the verification of an invalid signature by using a tampered message. The verification should fail in this case.
In summary, the code showcases the generation of an RSA key pair, signing a message using PKCS#1 v1.5, and then verifying the signature's validity with both a valid and an invalid message. The PKCS#1 v1.5 scheme is employed for both signing and verification processes, and SHA-256 is used as the hashing algorithm.
