# Public & Private key generation

References: 
- https://gist.github.com/lkdocs/6519378

## Example of RSA key pair generation

In [6]:
def generate_RSA(bits=2048):
    '''
    Generate an RSA keypair with an exponent of 65537 in PEM format
    param: bits The key length in bits
    Return private key and public key
    '''
    from Crypto.PublicKey import RSA 
    new_key = RSA.generate(bits, e=65537) 
    public_key = new_key.publickey().exportKey("PEM") 
    private_key = new_key.exportKey("PEM") 
    return private_key, public_key

sign_key, verification_key = generate_RSA()

## How to create and write public and private keys

In [40]:
from Crypto.PublicKey import RSA 
key = RSA.generate(bits) 
public_key = key.publickey().exportKey("PEM")
private_key = key.exportKey("PEM") 

with open('private.pem', "wb") as file:
    file.write(key.exportKey())

with open('public.pem', "wb") as file:
    file.write(key.publickey().exportKey())


In [42]:
from Crypto.PublicKey import RSA 

# Import private key
with open("private.pem", "rb") as file:
    pub_key = RSA.importKey(file.read())
    
# Import public key 
with open('public.pem', "rb") as file:
    prv_key = RSA.importKey(file.read())

## Signing and verifying

Signing process: 
- Generate a hash of the message 
- Use the key to create a signer 
- Sign the hash to create a signature

In [51]:
from Crypto.Signature import PKCS1_v1_5
from Crypto.PublicKey import RSA 
from Crypto.Hash import SHA

message = "To be signed"
with open("private.pem", "rb") as file: 
    private_key = RSA.importKey(file.read())
    
hash_ = SHA.new(str.encode(message))
signer = PKCS1_v1_5.new(private_key)

signature = signer.sign(hash_)

Verification process:

- Import the public key 
- Hash the message 
- Create a verifier using the public key
- Use the verifier to verify the hash

In [55]:
from Crypto.Signature import PKCS1_v1_5
from Crypto.PublicKey import RSA 
from Crypto.Hash import SHA

message = "To be signed"

with open("public.pem", "rb") as file:
    public_key = RSA.importKey(file.read())

hash_ = SHA.new(str.encode(message))
verifier = PKCS1_v1_5.new(public_key)

result = verifier.verify(hash_, signature)

result

True