In [3]:
from cryptography.hazmat.backends import default_backend
from cryptography.hazmat.primitives import hashes
from cryptography.hazmat.primitives.asymmetric import rsa, padding

def bytes_to_bitstring(data: bytes) -> str:
    return ''.join(f'{b:08b}' for b in data)

# === Key generation ===
private_key = rsa.generate_private_key(
    public_exponent=65537,
    key_size=2048,
    backend=default_backend()
)
public_key = private_key.public_key()

# === Message ===
message = b"This is a secret message."

# === Step 1: Hash the message explicitly ===
digest = hashes.Hash(hashes.SHA256(), backend=default_backend())
digest.update(message)
hash_bytes = digest.finalize()

print("Message:", message)
print("SHA-256 Hash (hex):", hash_bytes.hex())
print("SHA-256 Hash (bits):", bytes_to_bitstring(hash_bytes))

# === Step 2: Sign the message (actually signs the hash internally) ===
signature = private_key.sign(
    message,
    padding.PKCS1v15(),
    hashes.SHA256()
)

print("\nSignature (hex):", signature.hex())
print("Signature (bits):", bytes_to_bitstring(signature))

# === Step 3: Verify the signature ===
try:
    public_key.verify(
        signature,
        message,
        padding.PKCS1v15(),
        hashes.SHA256()
    )
    print("\nSignature is valid.")
except Exception as e:
    print("\nSignature verification failed:", e)



Message: b'This is a secret message.'
SHA-256 Hash (hex): ec4a9915084f958ddcd2902d191beda6c0e36dbecc1fd5dbc41dd691fe95d7d6
SHA-256 Hash (bits): 1110110001001010100110010001010100001000010011111001010110001101110111001101001010010000001011010001100100011011111011011010011011000000111000110110110110111110110011000001111111010101110110111100010000011101110101101001000111111110100101011101011111010110

Signature (hex): 68cfe1648a791edf8b0b9dfe82b42eca87b2801c509564f4f8798f6c946229f3e2eab63c2f79b7ffd2e76863ef855898c3e56abe2f0db5fe5c426a08231bb1312202efae522a7e2a207bff402e47b9b29ab439f4ef9c4fc5560638ece4a40d5c27d1f5c7d5e487352cea2461783b044756a95414650b5f4f57c1d62953e4e28bbc3d33a620115b239d58c7ba300d8aed7bb924ab514afeca9b3ecee32c0fff5b4b4ea7b98cd51a3e913288a3120c1b7e3334967da80ded06420806e933b25bb01b226aa068e23a76aa8098bbfa22a37947ed2f68aeddfab3b943ad2512392ecf63ffd1cd63ba8a421accda2373d9587d119252273d788b09fd295bcd249d94a1
Signature (bits): 01101000110011111110000101100100100010100111100100