<a href="https://colab.research.google.com/github/hardword/_read/blob/master/RSA_sign_and_verify_using_openssl.ipynb" target="_parent"><img src="https://colab.research.google.com/assets/colab-badge.svg" alt="Open In Colab"/></a>

## RSA sign and verify using OpenSSL

Original Source: https://github.com/bn121rajesh/ipython-notebooks/blob/master/BehindTheScene/OpensslSignVerify/openssl_sign_verify.ipynb

### Signing

[File] → [Hash] → [Padded Hash] → (*Encrypt*) → [Signature]

&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;↑

&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;[Private Key]

### Verifying

[Signature] → (*Decrypt*) → [Padded Hash] → [Hash] → (*Compare*) ←→ [Original Hash] 

&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;↑&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;↑

&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;[Public Key]&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;[*Original* Hash]

### Digital signature and verification

- A **digital signature** is a mathematical scheme for presenting the authenticity of digital messages or documents.

- Message / file to be sent is signed with private key.

- Message received by the recipient is authenticated using public key.

## RSA sign and verify using OpenSSL : Command 

### Create sample data file, private key and public key

In [0]:
# Create a file containing all lower case alphabets
! echo -e "==========================================================\n# Create a file containing all lower case alphabets\n==========================================================\n"
! echo abcdefghijklmnopqrstuvwxyz > myfile.txt
! echo "$ cat myfile.txt"; cat myfile.txt

# Generate 512 bit Private key
! echo -e "\n==========================================================\n# Generate 512 bit Private key\n==========================================================\n"
! echo "$ openssl genrsa -out myprivate.pem 512"; openssl genrsa -out myprivate.pem 512

# Cat the contents of private key
! echo -e "\n==========================================================\n# Cat the contents of private key (myprivate.pem)\n==========================================================\n"
! echo "$ cat myprivate.pem"; cat myprivate.pem

# Separate the public part from the Private key file.
! echo -e "\n==========================================================\n#Separate the public part from the Private key file\n==========================================================\n"
! echo "$ openssl rsa -in myprivate.pem -pubout > mypublic.pem"; openssl rsa -in myprivate.pem -pubout > mypublic.pem

# Cat the contents of public key
! echo -e "\n==========================================================\n# Cat the contents of public key (mypublic.pem)\n==========================================================\n"
! echo "$ cat mypublic.pem"; cat mypublic.pem

# Create a file containing all lower case alphabets

$ cat myfile.txt
abcdefghijklmnopqrstuvwxyz

# Generate 512 bit Private key

$ openssl genrsa -out myprivate.pem 512
Generating RSA private key, 512 bit long modulus (2 primes)
........+++++++++++++++++++++++++++
...+++++++++++++++++++++++++++
e is 65537 (0x010001)

# Cat the contents of private key (myprivate.pem)

$ cat myprivate.pem
-----BEGIN RSA PRIVATE KEY-----
MIIBOwIBAAJBANbDpP27f+cX8XxsWlcDG4aiqEi6m9xAit6no8e0Gt28+4/CrK/W
CcC9F0mta7kpna2jQ/+DtIkRIFccwKJmFK0CAwEAAQJAMnc2xgjRPVR7AmnTsK6i
QTjnom93QIJKH5f0/HBt/7yCgflSgc2D/d70tzHGizJLTMfoyLC6110VWZuFrh5k
AQIhAPFnc27su66dIrmd4KBLiYeFgDM5ua5JCgJuQEx42KDhAiEA47/Z30oVmuqi
s3p8pB1JiXjOhrjdP7LuCXONVpym0U0CIQC6ADuw/DagE/LtkffBinItOW/OCGxJ
HX3Y4ZopUfOYAQIhAIF/RNLBvSco4vpKWzS1smqIVmYkFylxBAg7u9HToMbBAiB8
R/WcjKH8EUAnPTFav6T1fj6QOPt6tZEe9R+/9/ebIw==
-----END RSA PRIVATE KEY-----

#Separate the public part from the Private key file

$ openssl rsa -in myprivate.pem -pubout > mypublic.pem
wri

### Sign using Openssl

- Message Digest Algorithm : SHA1

- Scheme : PCKS#1 v1.5

In [0]:
# Sign the file using sha1 digest and PKCS1 padding scheme
! echo -e "==========================================================\n# Sign the file using sha1 digest and PKCS1 padding scheme\n==========================================================\n"
! echo "$ openssl dgst -sha1 -sign myprivate.pem -out sha1.sign myfile.txt"; openssl dgst -sha1 -sign myprivate.pem -out sha1.sign myfile.txt

# Dump the signature file
! echo -e "\n==========================================================\n# Dump the signature file\n==========================================================\n"
! echo "$ hexdump sha1.sign"; hexdump sha1.sign

# Sign the file using sha1 digest and PKCS1 padding scheme

$ openssl dgst -sha1 -sign myprivate.pem -out sha1.sign myfile.txt

# Dump the signature file

$ hexdump sha1.sign
0000000 07c0 8820 f356 10aa 4fe7 210b 44c1 1c16
0000010 15ec 6a59 9709 95be 7605 865b 2418 35f3
0000020 a576 ea39 fcfa dca2 47b4 1e07 bc40 afc3
0000030 3760 4fe7 3759 314d 3c73 1d2a e7e0 1f42
0000040


### Verify sign using Openssl

- Openssl decrypts the signature to generate hash and compares it to the hash of the input file.

In [0]:
# Verify the signature of file
! echo -e "==========================================================\n# Verify the signature of file\n==========================================================\n"
! echo "$ openssl dgst -sha1 -verify mypublic.pem -signature sha1.sign myfile.txt"; openssl dgst -sha1 -verify mypublic.pem -signature sha1.sign myfile.txt

# Verify the signature of file

$ openssl dgst -sha1 -verify mypublic.pem -signature sha1.sign myfile.txt
Verified OK


## RSA signature generation : Behind the scene

### Step 1: Message digest (hash)

- Message (data) goes through a cryptographic-hash function to create a hash of message.

- SHA1 generates 160 bit (20 byte) hash.

- SHA224, SHA256, SHA384, SHA512, MD4, MD5 are few other message digest algorithms available in openssl.

In [0]:
# Calculate SHA1 hash value
# In MAC OS use shasum (with option -a 1) and use sha1sum in linux
! echo -e "==========================================================\n# Calculate SHA1 hash value\n==========================================================\n"
! echo "$ shasum -a 1 myfile.txt";shasum -a 1 myfile.txt

# Calculate SHA1 hash value

$ shasum -a 1 myfile.txt
8c723a0fa70b111017b4a6f06afe1c0dbcec14e3  myfile.txt


### Step 2: Padding the hash value

- hash value (20 byte in case of SHA1) is extended to RSA key size by prefixing padding.

- Default padding scheme in openssl is PKCS1.

- PKCS#1v1.5 padding scheme: 00||01||PS||00||T||H (https://tools.ietf.org/html/rfc2313)

- PS: Padding String, Octet string with FF such that length of message is equal to key size.

- T: Identifier of signature scheme (Each scheme has its MAGIC bytes).

- H: Hash value of the message.

#### PKCS#1v1.5 Padding Scheme for SHA1:

![PKCS1 #1.5 padding](https://drive.google.com/uc?id=1cXT0yVk7jgsRzZfy95ezFUn752gkr0xc)

#### PKCS#1v1.5 Hash Function Identifier (Magic Bytes)

![Hash Algorithm Identifier](https://drive.google.com/uc?id=1L73K3T_bdz2baj16g88vbbSx9yZgvOrl)

#### Padding in action

In [0]:
# Assign Padding (00+01+ff(26byte)+00)
! echo -e "==========================================================\n# Assign Padding (00+01+ff(26byte)+00)\n==========================================================\n"
! echo '$ PADDING="0001ffffffffffffffffffffffffffffffffffffffffffffffffffff00"'
PADDING = "0001ffffffffffffffffffffffffffffffffffffffffffffffffffff00" 

# Assign Magic bytes
! echo -e "\n==========================================================\n# Assign Magic bytes\n==========================================================\n"
! echo '$ ANS1_SHA1_MAGIC="3021300906052b0e03021a05000414"'
ANS1_SHA1_MAGIC = "3021300906052b0e03021a05000414"

# Assign Hash
! echo -e "\n==========================================================\n# Assign Hash\n==========================================================\n"
! echo "$ SHA1_HASH=$(shasum -a 1 myfile.txt | cut -d ' ' -f1)"
SHA1_HASH = ! shasum -a 1 myfile.txt | cut -d ' ' -f1
SHA1_HASH = SHA1_HASH[0]

# Calculate Padded Hash
! echo -e "\n==========================================================\n# Calculate Padded Hash\n==========================================================\n"
! echo "$ PADDED_HASH=$(echo $PADDING$ANS1_SHA1_MAGIC$SHA1_HASH)"
PADDED_HASH = ! echo $PADDING$ANS1_SHA1_MAGIC$SHA1_HASH
PADDED_HASH = PADDED_HASH[0]

# Assign Padding (00+01+ff(26byte)+00)

$ PADDING="0001ffffffffffffffffffffffffffffffffffffffffffffffffffff00"

# Assign Magic bytes

$ ANS1_SHA1_MAGIC="3021300906052b0e03021a05000414"

# Assign Hash

$ SHA1_HASH=8c723a0fa70b111017b4a6f06afe1c0dbcec14e3

# Calculate Padded Hash

$ PADDED_HASH=0001ffffffffffffffffffffffffffffffffffffffffffffffffffff003021300906052b0e03021a050004148c723a0fa70b111017b4a6f06afe1c0dbcec14e3


### Step 3: Get modulus and private exponent from private key

#### View the contents of private key:

In [0]:
# Get the private exponent and modulus from private key
! echo -e "\n==========================================================\n# Get the private exponent and modulus from private key\n==========================================================\n"
! echo '$ openssl rsa -in myprivate.pem -text -noout'; openssl rsa -in myprivate.pem -text -noout


# Get the private exponent and modulus from private key

$ openssl rsa -in myprivate.pem -text -noout
RSA Private-Key: (512 bit, 2 primes)
modulus:
    00:d6:c3:a4:fd:bb:7f:e7:17:f1:7c:6c:5a:57:03:
    1b:86:a2:a8:48:ba:9b:dc:40:8a:de:a7:a3:c7:b4:
    1a:dd:bc:fb:8f:c2:ac:af:d6:09:c0:bd:17:49:ad:
    6b:b9:29:9d:ad:a3:43:ff:83:b4:89:11:20:57:1c:
    c0:a2:66:14:ad
publicExponent: 65537 (0x10001)
privateExponent:
    32:77:36:c6:08:d1:3d:54:7b:02:69:d3:b0:ae:a2:
    41:38:e7:a2:6f:77:40:82:4a:1f:97:f4:fc:70:6d:
    ff:bc:82:81:f9:52:81:cd:83:fd:de:f4:b7:31:c6:
    8b:32:4b:4c:c7:e8:c8:b0:ba:d7:5d:15:59:9b:85:
    ae:1e:64:01
prime1:
    00:f1:67:73:6e:ec:bb:ae:9d:22:b9:9d:e0:a0:4b:
    89:87:85:80:33:39:b9:ae:49:0a:02:6e:40:4c:78:
    d8:a0:e1
prime2:
    00:e3:bf:d9:df:4a:15:9a:ea:a2:b3:7a:7c:a4:1d:
    49:89:78:ce:86:b8:dd:3f:b2:ee:09:73:8d:56:9c:
    a6:d1:4d
exponent1:
    00:ba:00:3b:b0:fc:36:a0:13:f2:ed:91:f7:c1:8a:
    72:2d:39:6f:ce:08:6c:49:1d:7d:d8:e1:9a:29:51:
    f3:98:01
e

#### Format the output to print modulus and private exponent:

In [0]:
# Store the output of private key info in a variable
PRKEY_INFO = ! openssl rsa -in myprivate.pem -text -noout
PRKEY_INFO = "\n".join(PRKEY_INFO)

# Grep and format string to output Modulus
! echo -e "\n==========================================================\n# Grep and format string to output Modulus\n==========================================================\n"
! echo "$ openssl rsa -in myprivate.pem -text -noout | grep modulus: -A 5 | tail -5 | tr -cd [:alnum:]"
MODULUS = ! echo "$PRKEY_INFO" | grep modulus: -A 5 | tail -5 | tr -cd [:alnum:]
MODULUS = MODULUS[0]
print("MODULUS :", MODULUS, "\n")

# Grep and format string to output privateExponent
! echo -e "\n==========================================================\n# Grep and format string to output privateExponent\n==========================================================\n"
! echo "$ openssl rsa -in myprivate.pem -text -noout | grep privateExponent: -A 5 | tail -5 | tr -cd [:alnum:]"
PREXP = ! echo "$PRKEY_INFO" | grep privateExponent: -A 5 | tail -5 | tr -cd [:alnum:]
PREXP = PREXP[0]
print("PREXP :", PREXP, "\n")


# Grep and format string to output Modulus

$ openssl rsa -in myprivate.pem -text -noout | grep modulus: -A 5 | tail -5 | tr -cd [:alnum:]
MODULUS : 00d6c3a4fdbb7fe717f17c6c5a57031b86a2a848ba9bdc408adea7a3c7b41addbcfb8fc2acafd609c0bd1749ad6bb9299dada343ff83b4891120571cc0a26614ad 


# Grep and format string to output privateExponent

$ openssl rsa -in myprivate.pem -text -noout | grep privateExponent: -A 5 | tail -5 | tr -cd [:alnum:]
PREXP : 327736c608d13d547b0269d3b0aea24138e7a26f7740824a1f97f4fc706dffbc8281f95281cd83fddef4b731c68b324b4cc7e8c8b0bad75d15599b85ae1e6401 



### Step 4: Sign the padded hash with private exponent and modulus

private key (n,d) → signature s=mᵈ(mod n)

- n: modulus
- d: private exponent
- m: message to be signed

In [0]:
# Convert padded hash (calculated in step 2) to integer
! echo -e "\n==========================================================\n# Convert padded hash (calculated in step 2) to integer\n==========================================================\n"
! echo '>>> padded_hash = int(PADDED_HASH, 16)'
! echo '>>> print("padded_hash :", padded_hash, "\n")'
padded_hash = int(PADDED_HASH, 16)
print("padded_hash :", padded_hash, "\n")

# Convert modulus (calculated in step 3) to integer
! echo -e "\n==========================================================\n# Convert modulus (calculated in step 3) to integer\n==========================================================\n"
! echo '>>> modulus = int(MODULUS, 16)'
! echo '>>> print("modulus :", modulus, "\n")'
modulus = int(MODULUS, 16)
print("modulus :", modulus, "\n")

# Convert private exponent (calculated in step 3) to integer
! echo -e "\n==========================================================\n# Convert private exponent (calculated in step 3) to integer\n==========================================================\n"
! echo '>>> private_exp = int(PREXP, 16)'
! echo '>>> print("private_exp :", private_exp, "\n")'
private_exp = int(PREXP, 16)
print("private_exp :", private_exp, "\n")


# Convert padded hash (calculated in step 2) to integer

>>> padded_hash = int(PADDED_HASH, 16)
>>> print("padded_hash :", padded_hash, "\n")
padded_hash : 409173825987017733751648712103449894027080255755383098685411420515058722331761614033343349191150215048257865372193312126743148306355620847721405748451 


# Convert modulus (calculated in step 3) to integer

>>> modulus = int(MODULUS, 16)
>>> print("modulus :", modulus, "\n")
modulus : 11248115745050075980665880631529336228289582745649273841941427247304525426167819167565288995516468623285488937876326660580067893599858926247256032796873901 


# Convert private exponent (calculated in step 3) to integer

>>> private_exp = int(PREXP, 16)
>>> print("private_exp :", private_exp, "\n")
private_exp : 2643102102228835163377245856928937514925302871400869999632237966469165380822758857383468299063152927020165349303434961889767295815984919972472634415670273 



In [0]:
# Sign the message: (padded_hash ** private_exp) % modulus
# (a**b)%c is efficiently caluclated by pow(a, b, c)
! echo -e "\n==========================================================\n# Sign the message: (padded_hash ** private_exp) % modulus ← (a**b)%c == pow(a, b, c) \n==========================================================\n"
! echo '>>> sign = hex(pow(padded_hash, private_exp, modulus))[2:]'
sign = hex(pow(padded_hash, private_exp, modulus))[2:]

# Format and the signature
! echo -e "\n==========================================================\n# Format and the signature \n==========================================================\n"
! echo '>>> slist = list(sign)'
! echo '>>> for i in range(len(sign) - 2, 0, -2):'
! echo '       slist.insert(i, ' ')'
! echo '>>> slist[len(slist) - 48 : 0 : -48] = ['\n']*(len(slist)//48)'
! echo '>>> print("".join(slist))'
slist = list(sign)
for i in range(len(sign) - 2, 0, -2):
    slist.insert(i, ' ')
slist[len(slist) - 48 : 0 : -48] = ['\n']*(len(slist)//48)
print("".join(slist))


# Sign the message: (padded_hash ** private_exp) % modulus ← (a**b)%c == pow(a, b, c) 

>>> sign = hex(pow(padded_hash, private_exp, modulus))[2:]

# Format and the signature 

>>> slist = list(sign)
>>> for i in range(len(sign) - 2, 0, -2):
       slist.insert(i,  )
>>> slist[len(slist) - 48 : 0 : -48] = [n]*(len(slist)//48)
>>> print("".join(slist))
c0 07 20 88 56 f3 aa 10 e7 4f 0b 21 c1 44 16 1c
ec 15 59 6a 09 97 be 95 05 76 5b 86 18 24 f3 35
76 a5 39 ea fa fc a2 dc b4 47 07 1e 40 bc c3 af
60 37 e7 4f 59 37 4d 31 73 3c 2a 1d e0 e7 42 1f


<hr>

## RSA Signature verification : Behind the scene

### Step 1: Get modulus and public exponent from public key

#### View the contents of public key:

- Pubic key contains Modulus, public exponent and key size.

- 65537 (0x10001) is widely accepted default public exponent.

In [0]:
# Get modulus and public exponent from public key
! echo -e "==========================================================\n# Get modulus and public exponent from public key\n==========================================================\n"
! echo "$ openssl rsa -pubin -inform PEM -text -noout < mypublic.pem"; openssl rsa -pubin -inform PEM -text -noout < mypublic.pem

# Get modulus and public exponent from public key

$ openssl rsa -pubin -inform PEM -text -noout < mypublic.pem
RSA Public-Key: (512 bit)
Modulus:
    00:d6:c3:a4:fd:bb:7f:e7:17:f1:7c:6c:5a:57:03:
    1b:86:a2:a8:48:ba:9b:dc:40:8a:de:a7:a3:c7:b4:
    1a:dd:bc:fb:8f:c2:ac:af:d6:09:c0:bd:17:49:ad:
    6b:b9:29:9d:ad:a3:43:ff:83:b4:89:11:20:57:1c:
    c0:a2:66:14:ad
Exponent: 65537 (0x10001)


#### Format the output to print modulus and public exponent:

In [0]:
# Store the output of public key info in a variable
PBKEY_INFO = ! openssl rsa -pubin -inform PEM -text -noout < mypublic.pem
PBKEY_INFO = "\n".join(PBKEY_INFO)

# Grep and format string to output Modulus
! echo -e "\n==========================================================\n# Grep and format string to output Modulus\n==========================================================\n"
! echo "$ openssl rsa -pubin -inform PEM -text -noout < mypublic.pem | grep modulus: -A 5 | tail -5 | tr -cd [:alnum:]"
MODULUS = ! echo "$PBKEY_INFO" | grep Modulus: -A 5 | tail -5 | tr -cd [:alnum:]
MODULUS = MODULUS[0]
print("MODULUS :", MODULUS, "\n")

# Grep to print public exponent
! echo -e "\n==========================================================\n# Grep to print public exponent\n==========================================================\n"
! echo "$ openssl rsa -pubin -inform PEM -text -noout < mypublic.pem | grep Exponent"
! echo "$PBKEY_INFO" | grep Exponent:



# Grep and format string to output Modulus

$ openssl rsa -pubin -inform PEM -text -noout < mypublic.pem | grep modulus: -A 5 | tail -5 | tr -cd [:alnum:]
MODULUS : 00d6c3a4fdbb7fe717f17c6c5a57031b86a2a848ba9bdc408adea7a3c7b41addbcfb8fc2acafd609c0bd1749ad6bb9299dada343ff83b4891120571cc0a26614ad 


# Grep to print public exponent

$ openssl rsa -pubin -inform PEM -text -noout < mypublic.pem | grep Exponent
Exponent: 65537 (0x10001)


### Step 2: Format and print signature file

- Signature is a binary file which is converted to a big integer and used in authentication.

In [0]:
# Using the signature from "RSA signature generation: Step 4"
# Different from sha1.sign file generated with openssl (nned further analysis)
! echo -e "\n==========================================================\n# Using the signature from "RSA signature generation: Step 4"\n==========================================================\n"
sign_received = sign
print(sign_received)


# Using the signature from RSA signature generation: Step 4

c007208856f3aa10e74f0b21c144161cec15596a0997be9505765b861824f33576a539eafafca2dcb447071e40bcc3af6037e74f59374d31733c2a1de0e7421f


### Step 3: Convert sign to padded hash

private key (n,e) → message m=sᵉ(mod n)

- n: modulus
- e: public exponent
- s: signature

***Check Padded hash in verification matches the padded hash in signing.***

In [0]:
# Convert signature file to integer (Obtained in step 2)
! echo -e "\n==========================================================\n# Convert signature file to integer (Obtained in step 2)\n==========================================================\n"
! echo '>>> signature = int(sign_received, 16)'
signature = int(sign_received, 16)

# Convert modulus to integer (Obtained in step 1)
! echo -e "\n==========================================================\n# Convert modulus to integer (Obtained in step 1)\n==========================================================\n"
! echo '>>> modulus = int(MODULUS, 16)'
modulus = int(MODULUS, 16)

# Set the public_exp
! echo -e "\n==========================================================\n# Set the public_exp\n==========================================================\n"
! echo '>>> public_exp = 65537'
public_exp = 65537

# Convert sign to hash: (sign ** public_exp) % modulus
# (a**b)%c is efficiently caluclated by pow(a, b, c)
! echo -e "\n==========================================================\n# Convert sign to hash: (sign ** public_exp) % modulus\n==========================================================\n"
! echo '>>> padded_hash = hex(pow(signature, public_exp, modulus))'
! echo '>>> padded_hash'
padded_hash = hex(pow(signature, public_exp, modulus))
padded_hash


# Convert signature file to integer (Obtained in step 2)

>>> signature = int(sign_received, 16)

# Convert modulus to integer (Obtained in step 1)

>>> modulus = int(MODULUS, 16)

# Set the public_exp

>>> public_exp = 65537

# Convert sign to hash: (sign ** public_exp) % modulus

>>> padded_hash = hex(pow(signature, public_exp, modulus))
>>> padded_hash


'0x1ffffffffffffffffffffffffffffffffffffffffffffffffffff003021300906052b0e03021a050004148c723a0fa70b111017b4a6f06afe1c0dbcec14e3'

### Step 4: Remove padding to obtain the hash of message

In [0]:
# Remove the padded hash to slice the hash of message
padded_hash[-40:]

'8c723a0fa70b111017b4a6f06afe1c0dbcec14e3'

#### Hash obtained above is the SHA1 hash of the data file myfile.txt

In [0]:
sha1 = ! shasum -a 1 myfile.txt
sha1[0].split()[0] == padded_hash[-40:]

True

# References:

1. [Cryptography and coding](https://books.google.com/books?id=H29qCQAAQBAJ&printsec=frontcover&dq=Cryptography+and+Coding:+11th+IMA+International+Conference&hl=en&sa=X&ved=0ahUKEwim5avgy4neAhUGHXwKHed7DdwQ6AEIKTAA#v=onepage&q=Cryptography%20and%20Coding%3A%2011th%20IMA%20International%20Conference&f=false)

2. [RSA Public key](https://medium.com/@bn121rajesh/understanding-rsa-public-key-70d900b1033c)

3. [Digital Signature](https://en.wikipedia.org/wiki/Digital_signature)