# Public & Private key generation

References: 
- https://gist.github.com/lkdocs/6519378

## Example of RSA key pair generation

- Use the generate() function to create a RSA key instance
- Use the publicKey() method of the instance to create the public key 
- Use exportKey() on the instance to export the RSA key for preparation to write to a file


In [6]:
def generate_RSA(bits=2048):
    '''
    Generate an RSA keypair with an exponent of 65537 in PEM format
    param: bits The key length in bits
    Return private key and public key
    '''
    from Crypto.PublicKey import RSA 
    new_key = RSA.generate(bits, e=65537) 
    public_key = new_key.publickey().exportKey("PEM") 
    private_key = new_key.exportKey("PEM") 
    return private_key, public_key

sign_key, verification_key = generate_RSA()

## How to create and write public and private keys

In [40]:
from Crypto.PublicKey import RSA 
key = RSA.generate(bits) 
public_key = key.publickey().exportKey("PEM")
private_key = key.exportKey("PEM") 

with open('private.pem', "wb") as file:
    file.write(key.exportKey())

with open('public.pem', "wb") as file:
    file.write(key.publickey().exportKey())


In [42]:
from Crypto.PublicKey import RSA 

# Import private key
with open("private.pem", "rb") as file:
    pub_key = RSA.importKey(file.read())
    
# Import public key 
with open('public.pem', "rb") as file:
    prv_key = RSA.importKey(file.read())

## Signing and verifying

Signing process: 
- Generate a hash of the message 
- Use the key to create a signer 
- Sign the hash to create a signature

In [65]:
from Crypto.Signature import PKCS1_v1_5
from Crypto.PublicKey import RSA 
from Crypto.Hash import SHA

message = "To be signed"
with open("private.pem", "rb") as file: 
    private_key = RSA.importKey(file.read())
    
hash_ = SHA.new(str.encode(message))
signer = PKCS1_v1_5.new(private_key)

signature = signer.sign(hash_)

signature

b'pm\\\x85\x1a\x9e\x03\xf4Q\x8c\xe7\x14Yc\x800\xe8k~\xd1\x89\xf0\xca\xd2\xee\xec\x7f-c\xf3\xc8\xf4\xfaFn\xd5>\xb4\xd5D\x8e\'j\x8b\xd7\xb8\xc7\xdf\xd4\x9a\xbbo\x950\x9c\x17\xc6l\xa6\x1c\xfc\x80F\xee\x12_v\xeb\xf94P\xf1\x9by\x8f\xb8"\xd6\xd6\xefrD~\xfaA\x93\xb6\xe9\t\xd7?\xb8\xc5\x1aG\x01\x08\xc8o\xd5\xb0YI\xec\xe3\xed\x06y\xc9 jKG\xb5?\xddm\x10h\x07F\x03N\xab\x869\xda\xe7\x98"o\xeaXq\xe4Z7G\xf1\x81\x96\xecN>\x1b\xc07U>\xb6\x97F\xc2`\x07\xc0\x9a2\x9bD\xa2\xd8\x12\xe9z$\xce7\x8e\xc0X^\xc0w\xd1WSq\xed\xa3\xab\xc7\xfe\xf7\xd2\x84\x85\x94\xbe\xb8\x16S\xf0\xfb\xd5\x08\xfcq`\xd7\xf5\xe3wZ\\s\xb4\x90v\xce\x87r\xb6\xcf\xe1s\xea^\xa9\x8a\xfd\x1a\x1d\xbc\xa3\x18K\xea)\xc0\x16\xfdKAg\xcf0H\xef\x12\xe4`\xbfb\x1bI\xf5\xdd\x1d\x9d\x11\xaa:`\xac\x17'

Verification process:

- Import the public key 
- Hash the message 
- Create a verifier using the public key
- Use the verifier check the signature is authentic

In [56]:
from Crypto.Signature import PKCS1_v1_5
from Crypto.PublicKey import RSA 
from Crypto.Hash import SHA

message = "To be signed"

with open("public.pem", "rb") as file:
    public_key = RSA.importKey(file.read())

hash_ = SHA.new(str.encode(message))
verifier = PKCS1_v1_5.new(public_key)

result = verifier.verify(hash_, signature)

result

True