<a href="https://colab.research.google.com/github/hardword/_read/blob/master/RSA_sign_and_verify_using_openssl.ipynb" target="_parent"><img src="https://colab.research.google.com/assets/colab-badge.svg" alt="Open In Colab"/></a>

## RSA sign and verify using OpenSSL

Original Source at [here](https://github.com/bn121rajesh/ipython-notebooks/blob/master/BehindTheScene/OpensslSignVerify/openssl_sign_verify.ipynb) 

### Signing

[File] → [Hash] → [Padded Hash] → (*Encrypt*) → [Signature]

&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;↑

&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;[Private Key]

### Verifying

[Signature] → (*Decrypt*) → [Padded Hash] → [Hash] → (*Compare*) ←→ [Original Hash] 

&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;↑&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;↑

&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;[Public Key]&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;[*Original* Hash]

### Digital signature and verification

- A **digital signature** is a mathematical scheme for presenting the authenticity of digital messages or documents.

- Message / file to be sent is signed with private key.

- Message received by the recipient is authenticated using public key.

## RSA sign and verify using OpenSSL : Command 

### Create sample data file, private key and public key

In [2]:
# Create a file containing all lower case alphabets
! echo -e "==========================================================\n# Create a file containing all lower case alphabets\n==========================================================\n"
! echo abcdefghijklmnopqrstuvwxyz > myfile.txt
! echo "$ cat myfile.txt"; cat myfile.txt

# Generate 512 bit Private key
! echo -e "\n==========================================================\n# Generate 512 bit Private key\n==========================================================\n"
! echo "$ openssl genrsa -out myprivate.pem 512"; openssl genrsa -out myprivate.pem 512

# Cat the contents of private key
! echo -e "\n==========================================================\n# Cat the contents of private key (myprivate.pem)\n==========================================================\n"
! echo "$ cat myprivate.pem"; cat myprivate.pem

# Separate the public part from the Private key file.
! echo -e "\n==========================================================\n#Separate the public part from the Private key file\n==========================================================\n"
! echo "$ openssl rsa -in myprivate.pem -pubout > mypublic.pem"; openssl rsa -in myprivate.pem -pubout > mypublic.pem

# Cat the contents of public key
! echo -e "\n==========================================================\n# Cat the contents of public key (mypublic.pem)\n==========================================================\n"
! echo "$ cat mypublic.pem"; cat mypublic.pem

# Create a file containing all lower case alphabets

$ cat myfile.txt
abcdefghijklmnopqrstuvwxyz

# Generate 512 bit Private key

$ openssl genrsa -out myprivate.pem 512
Generating RSA private key, 512 bit long modulus (2 primes)
........+++++++++++++++++++++++++++
............+++++++++++++++++++++++++++
e is 65537 (0x010001)

# Cat the contents of private key (myprivate.pem)

$ cat myprivate.pem
-----BEGIN RSA PRIVATE KEY-----
MIIBOgIBAAJBAK/SXTxnLyUP18EU5BLB5N4OyF9CEeQ0WGn9f8Daazgqn5Jg/7RS
UYR6P2DXPA/zY7VCYXI5CkPswPplAMUaiesCAwEAAQJBAJyE4ydwnBGcRu/GDzt7
jKj58/qJMLA8wTCp0V73kleOcG5CD0fVl8yT8axmuGOP/oqJiQ03fuRy3iT5T1iw
e4ECIQDYModOlLq4XbIVRoGqj1KtEiGbqJfYGbneTmeT0DitiwIhANAw6j7B08jY
8PrTbrmo0cdYFeIzUs9HZ+OPE3Fab+EhAiBNbJsES0MrL3LNJ7jcCgPDs1CR3Ci0
3VGxCUcSqmkBzQIgQ9DrPO4ecrpYJRxiYQ/g5bKHzlsxiluUN8gPaUkwUIECIBeh
1vsv1qmSE/RV7418icn9u0DulgzlsHmpZHYATe6N
-----END RSA PRIVATE KEY-----

#Separate the public part from the Private key file

$ openssl rsa -in myprivate.pem -pubout > mypublic.pe

### Sign using Openssl

- Message Digest Algorithm : SHA1

- Scheme : PCKS#1 v1.5

In [3]:
# Sign the file using sha1 digest and PKCS1 padding scheme
! echo -e "==========================================================\n# Sign the file using sha1 digest and PKCS1 padding scheme\n==========================================================\n"
! echo "$ openssl dgst -sha1 -sign myprivate.pem -out sha1.sign myfile.txt"; openssl dgst -sha1 -sign myprivate.pem -out sha1.sign myfile.txt

# Dump the signature file
! echo -e "\n==========================================================\n# Dump the signature file\n==========================================================\n"
! echo "$ hexdump sha1.sign"; hexdump sha1.sign

# Sign the file using sha1 digest and PKCS1 padding scheme

$ openssl dgst -sha1 -sign myprivate.pem -out sha1.sign myfile.txt

# Dump the signature file

$ hexdump sha1.sign
0000000 4020 92ae ed15 3386 41c0 bebb afb1 0edf
0000010 2c43 5158 2bf1 f1ea d3eb eb20 f4de c50b
0000020 b2de f408 c6f2 fa61 20c4 9280 7d23 5ed2
0000030 2c47 7c50 4965 ef33 a8e5 37b3 a30c 38aa
0000040


### Verify sign using Openssl

- Openssl decrypts the signature to generate hash and compares it to the hash of the input file.

In [4]:
# Verify the signature of file
! echo -e "==========================================================\n# Verify the signature of file\n==========================================================\n"
! echo "$ openssl dgst -sha1 -verify mypublic.pem -signature sha1.sign myfile.txt"; openssl dgst -sha1 -verify mypublic.pem -signature sha1.sign myfile.txt

# Verify the signature of file

$ openssl dgst -sha1 -verify mypublic.pem -signature sha1.sign myfile.txt
Verified OK


## RSA signature generation : Behind the scene

### Step 1: Message digest (hash)

- Message (data) goes through a cryptographic-hash function to create a hash of message.

- SHA1 generates 160 bit (20 byte) hash.

- SHA224, SHA256, SHA384, SHA512, MD4, MD5 are few other message digest algorithms available in openssl.

In [5]:
# Calculate SHA1 hash value
# In MAC OS use shasum (with option -a 1) and use sha1sum in linux
! echo -e "==========================================================\n# Calculate SHA1 hash value\n==========================================================\n"
! echo "$ shasum -a 1 myfile.txt";shasum -a 1 myfile.txt

# Calculate SHA1 hash value

$ shasum -a 1 myfile.txt
8c723a0fa70b111017b4a6f06afe1c0dbcec14e3  myfile.txt


### Step 2: Padding the hash value

- hash value (20 byte in case of SHA1) is extended to RSA key size by prefixing padding.

- Default padding scheme in openssl is PKCS1.

- PKCS#1v1.5 padding scheme: 00||01||PS||00||T||H (https://tools.ietf.org/html/rfc2313)

- PS: Padding String, Octet string with FF such that length of message is equal to key size.

- T: Identifier of signature scheme (Each scheme has its MAGIC bytes).

- H: Hash value of the message.

#### PKCS#1v1.5 Padding Scheme for SHA1:

![PKCS1 #1.5 padding](https://drive.google.com/uc?id=1cXT0yVk7jgsRzZfy95ezFUn752gkr0xc)

#### PKCS#1v1.5 Hash Function Identifier (Magic Bytes)

![Hash Algorithm Identifier](https://drive.google.com/uc?id=1L73K3T_bdz2baj16g88vbbSx9yZgvOrl)

#### Padding in action

In [6]:
# Assign Padding (00+01+ff(26byte)+00)
! echo -e "==========================================================\n# Assign Padding (00+01+ff(26byte)+00)\n==========================================================\n"
! echo '$ PADDING="0001ffffffffffffffffffffffffffffffffffffffffffffffffffff00"'
PADDING = "0001ffffffffffffffffffffffffffffffffffffffffffffffffffff00" 

# Assign Magic bytes
! echo -e "\n==========================================================\n# Assign Magic bytes\n==========================================================\n"
! echo '$ ANS1_SHA1_MAGIC="3021300906052b0e03021a05000414"'
ANS1_SHA1_MAGIC = "3021300906052b0e03021a05000414"

# Assign Hash
! echo -e "\n==========================================================\n# Assign Hash\n==========================================================\n"
! echo "$ SHA1_HASH=$(shasum -a 1 myfile.txt | cut -d ' ' -f1)"
SHA1_HASH = ! shasum -a 1 myfile.txt | cut -d ' ' -f1
SHA1_HASH = SHA1_HASH[0]

# Calculate Padded Hash
! echo -e "\n==========================================================\n# Calculate Padded Hash\n==========================================================\n"
! echo "$ PADDED_HASH=$(echo $PADDING$ANS1_SHA1_MAGIC$SHA1_HASH)"
PADDED_HASH = ! echo $PADDING$ANS1_SHA1_MAGIC$SHA1_HASH
PADDED_HASH = PADDED_HASH[0]

# Assign Padding (00+01+ff(26byte)+00)

$ PADDING="0001ffffffffffffffffffffffffffffffffffffffffffffffffffff00"

# Assign Magic bytes

$ ANS1_SHA1_MAGIC="3021300906052b0e03021a05000414"

# Assign Hash

$ SHA1_HASH=8c723a0fa70b111017b4a6f06afe1c0dbcec14e3

# Calculate Padded Hash

$ PADDED_HASH=0001ffffffffffffffffffffffffffffffffffffffffffffffffffff003021300906052b0e03021a050004148c723a0fa70b111017b4a6f06afe1c0dbcec14e3


### Step 3: Get modulus and private exponent from private key

#### View the contents of private key:

In [7]:
# Get the private exponent and modulus from private key
! echo -e "\n==========================================================\n# Get the private exponent and modulus from private key\n==========================================================\n"
! echo '$ openssl rsa -in myprivate.pem -text -noout'; openssl rsa -in myprivate.pem -text -noout


# Get the private exponent and modulus from private key

$ openssl rsa -in myprivate.pem -text -noout
RSA Private-Key: (512 bit, 2 primes)
modulus:
    00:af:d2:5d:3c:67:2f:25:0f:d7:c1:14:e4:12:c1:
    e4:de:0e:c8:5f:42:11:e4:34:58:69:fd:7f:c0:da:
    6b:38:2a:9f:92:60:ff:b4:52:51:84:7a:3f:60:d7:
    3c:0f:f3:63:b5:42:61:72:39:0a:43:ec:c0:fa:65:
    00:c5:1a:89:eb
publicExponent: 65537 (0x10001)
privateExponent:
    00:9c:84:e3:27:70:9c:11:9c:46:ef:c6:0f:3b:7b:
    8c:a8:f9:f3:fa:89:30:b0:3c:c1:30:a9:d1:5e:f7:
    92:57:8e:70:6e:42:0f:47:d5:97:cc:93:f1:ac:66:
    b8:63:8f:fe:8a:89:89:0d:37:7e:e4:72:de:24:f9:
    4f:58:b0:7b:81
prime1:
    00:d8:32:87:4e:94:ba:b8:5d:b2:15:46:81:aa:8f:
    52:ad:12:21:9b:a8:97:d8:19:b9:de:4e:67:93:d0:
    38:ad:8b
prime2:
    00:d0:30:ea:3e:c1:d3:c8:d8:f0:fa:d3:6e:b9:a8:
    d1:c7:58:15:e2:33:52:cf:47:67:e3:8f:13:71:5a:
    6f:e1:21
exponent1:
    4d:6c:9b:04:4b:43:2b:2f:72:cd:27:b8:dc:0a:03:
    c3:b3:50:91:dc:28:b4:dd:51:b1:09:47:12:aa:69:
    01:cd
e

#### Format the output to print modulus and private exponent:

In [8]:
# Store the output of private key info in a variable
PRKEY_INFO = ! openssl rsa -in myprivate.pem -text -noout
PRKEY_INFO = "\n".join(PRKEY_INFO)

# Grep and format string to output Modulus
! echo -e "\n==========================================================\n# Grep and format string to output Modulus\n==========================================================\n"
! echo "$ openssl rsa -in myprivate.pem -text -noout | grep modulus: -A 5 | tail -5 | tr -cd [:alnum:]"
MODULUS = ! echo "$PRKEY_INFO" | grep modulus: -A 5 | tail -5 | tr -cd [:alnum:]
MODULUS = MODULUS[0]
print("MODULUS :", MODULUS, "\n")

# Grep and format string to output privateExponent
! echo -e "\n==========================================================\n# Grep and format string to output privateExponent\n==========================================================\n"
! echo "$ openssl rsa -in myprivate.pem -text -noout | grep privateExponent: -A 5 | tail -5 | tr -cd [:alnum:]"
PREXP = ! echo "$PRKEY_INFO" | grep privateExponent: -A 5 | tail -5 | tr -cd [:alnum:]
PREXP = PREXP[0]
print("PREXP :", PREXP, "\n")


# Grep and format string to output Modulus

$ openssl rsa -in myprivate.pem -text -noout | grep modulus: -A 5 | tail -5 | tr -cd [:alnum:]
MODULUS : 00afd25d3c672f250fd7c114e412c1e4de0ec85f4211e4345869fd7fc0da6b382a9f9260ffb45251847a3f60d73c0ff363b5426172390a43ecc0fa6500c51a89eb 


# Grep and format string to output privateExponent

$ openssl rsa -in myprivate.pem -text -noout | grep privateExponent: -A 5 | tail -5 | tr -cd [:alnum:]
PREXP : 009c84e327709c119c46efc60f3b7b8ca8f9f3fa8930b03cc130a9d15ef792578e706e420f47d597cc93f1ac66b8638ffe8a89890d377ee472de24f94f58b07b81 



### Step 4: Sign the padded hash with private exponent and modulus

private key (n,d) → signature s=mᵈ(mod n)

- n: modulus
- d: private exponent
- m: message to be signed

In [9]:
# Convert padded hash (calculated in step 2) to integer
! echo -e "\n==========================================================\n# Convert padded hash (calculated in step 2) to integer\n==========================================================\n"
! echo '>>> padded_hash = int(PADDED_HASH, 16)'
! echo '>>> print("padded_hash :", padded_hash, "\n")'
padded_hash = int(PADDED_HASH, 16)
print("padded_hash :", padded_hash, "\n")

# Convert modulus (calculated in step 3) to integer
! echo -e "\n==========================================================\n# Convert modulus (calculated in step 3) to integer\n==========================================================\n"
! echo '>>> modulus = int(MODULUS, 16)'
! echo '>>> print("modulus :", modulus, "\n")'
modulus = int(MODULUS, 16)
print("modulus :", modulus, "\n")

# Convert private exponent (calculated in step 3) to integer
! echo -e "\n==========================================================\n# Convert private exponent (calculated in step 3) to integer\n==========================================================\n"
! echo '>>> private_exp = int(PREXP, 16)'
! echo '>>> print("private_exp :", private_exp, "\n")'
private_exp = int(PREXP, 16)
print("private_exp :", private_exp, "\n")


# Convert padded hash (calculated in step 2) to integer

>>> padded_hash = int(PADDED_HASH, 16)
>>> print("padded_hash :", padded_hash, "\n")
padded_hash : 409173825987017733751648712103449894027080255755383098685411420515058722331761614033343349191150215048257865372193312126743148306355620847721405748451 


# Convert modulus (calculated in step 3) to integer

>>> modulus = int(MODULUS, 16)
>>> print("modulus :", modulus, "\n")
modulus : 9208531464990494757430048173515439380921618226719774146841205483232870744643940008439254218197506246618832166206599637061132572090079137408319794253040107 


# Convert private exponent (calculated in step 3) to integer

>>> private_exp = int(PREXP, 16)
>>> print("private_exp :", private_exp, "\n")
private_exp : 8197569963997061890809525467129068531695516282150313002960306549014635167676359138426052884692566516074147508425599386326531487997366618185424015413246849 



In [10]:
# Sign the message: (padded_hash ** private_exp) % modulus
# (a**b)%c is efficiently caluclated by pow(a, b, c)
! echo -e "\n==========================================================\n# Sign the message: (padded_hash ** private_exp) % modulus ← (a**b)%c == pow(a, b, c) \n==========================================================\n"
! echo '>>> sign = hex(pow(padded_hash, private_exp, modulus))[2:]'
sign = hex(pow(padded_hash, private_exp, modulus))[2:]

# Format and the signature
! echo -e "\n==========================================================\n# Format and the signature \n==========================================================\n"
! echo '>>> slist = list(sign)'
! echo '>>> for i in range(len(sign) - 2, 0, -2):'
! echo '       slist.insert(i, ' ')'
! echo '>>> slist[len(slist) - 48 : 0 : -48] = ['\n']*(len(slist)//48)'
! echo '>>> print("".join(slist))'
slist = list(sign)
for i in range(len(sign) - 2, 0, -2):
    slist.insert(i, ' ')
slist[len(slist) - 48 : 0 : -48] = ['\n']*(len(slist)//48)
print("".join(slist))


# Sign the message: (padded_hash ** private_exp) % modulus ← (a**b)%c == pow(a, b, c) 

>>> sign = hex(pow(padded_hash, private_exp, modulus))[2:]

# Format and the signature 

>>> slist = list(sign)
>>> for i in range(len(sign) - 2, 0, -2):
       slist.insert(i,  )
>>> slist[len(slist) - 48 : 0 : -48] = [n]*(len(slist)//48)
>>> print("".join(slist))
20 40 ae 92 15 ed 86 33 c0 41 bb be b1 af df 0e
43 2c 58 51 f1 2b ea f1 eb d3 20 eb de f4 0b c5
de b2 08 f4 f2 c6 61 fa c4 20 80 92 23 7d d2 5e
47 2c 50 7c 65 49 33 ef e5 a8 b3 37 0c a3 aa 38


<hr>

## RSA Signature verification : Behind the scene

### Step 1: Get modulus and public exponent from public key

#### View the contents of public key:

- Pubic key contains Modulus, public exponent and key size.

- 65537 (0x10001) is widely accepted default public exponent.

In [11]:
# Get modulus and public exponent from public key
! echo -e "==========================================================\n# Get modulus and public exponent from public key\n==========================================================\n"
! echo "$ openssl rsa -pubin -inform PEM -text -noout < mypublic.pem"; openssl rsa -pubin -inform PEM -text -noout < mypublic.pem

# Get modulus and public exponent from public key

$ openssl rsa -pubin -inform PEM -text -noout < mypublic.pem
RSA Public-Key: (512 bit)
Modulus:
    00:af:d2:5d:3c:67:2f:25:0f:d7:c1:14:e4:12:c1:
    e4:de:0e:c8:5f:42:11:e4:34:58:69:fd:7f:c0:da:
    6b:38:2a:9f:92:60:ff:b4:52:51:84:7a:3f:60:d7:
    3c:0f:f3:63:b5:42:61:72:39:0a:43:ec:c0:fa:65:
    00:c5:1a:89:eb
Exponent: 65537 (0x10001)


#### Format the output to print modulus and public exponent:

In [12]:
# Store the output of public key info in a variable
PBKEY_INFO = ! openssl rsa -pubin -inform PEM -text -noout < mypublic.pem
PBKEY_INFO = "\n".join(PBKEY_INFO)

# Grep and format string to output Modulus
! echo -e "\n==========================================================\n# Grep and format string to output Modulus\n==========================================================\n"
! echo "$ openssl rsa -pubin -inform PEM -text -noout < mypublic.pem | grep modulus: -A 5 | tail -5 | tr -cd [:alnum:]"
MODULUS = ! echo "$PBKEY_INFO" | grep Modulus: -A 5 | tail -5 | tr -cd [:alnum:]
MODULUS = MODULUS[0]
print("MODULUS :", MODULUS, "\n")

# Grep to print public exponent
! echo -e "\n==========================================================\n# Grep to print public exponent\n==========================================================\n"
! echo "$ openssl rsa -pubin -inform PEM -text -noout < mypublic.pem | grep Exponent"
! echo "$PBKEY_INFO" | grep Exponent:



# Grep and format string to output Modulus

$ openssl rsa -pubin -inform PEM -text -noout < mypublic.pem | grep modulus: -A 5 | tail -5 | tr -cd [:alnum:]
MODULUS : 00afd25d3c672f250fd7c114e412c1e4de0ec85f4211e4345869fd7fc0da6b382a9f9260ffb45251847a3f60d73c0ff363b5426172390a43ecc0fa6500c51a89eb 


# Grep to print public exponent

$ openssl rsa -pubin -inform PEM -text -noout < mypublic.pem | grep Exponent
Exponent: 65537 (0x10001)


### Step 2: Format and print signature file

- Signature is a binary file which is converted to a big integer and used in authentication.

In [21]:
# Using the signature from "RSA signature generation: Step 4"
# Different from sha1.sign file generated with openssl (nned further analysis)
! echo -e "\n==========================================================\n# Using the signature from "RSA signature generation: Step 4"\n==========================================================\n"
sign_received = sign
print(sign_received)

# Endian!!! (https://github.com/bn121rajesh/ipython-notebooks/issues/1)
! echo -e "\n==========================================================\n# Compare the signature from "Sign using Openss"\n==========================================================\n"
! echo '$ hexdump sha1.sign | cut -c 9- | tr -cd [:alnum:]'; hexdump sha1.sign | cut -c 9- | tr -cd [:alnum:]
! echo -e "\n--→ hexdump does it in little endian way!!\n"
! echo '$ od --endian big -x sha1.sign | cut -c 9- | tr -cd [:alnum:]'; od --endian big -x sha1.sign | cut -c 9- | tr -cd [:alnum:]


# Using the signature from RSA signature generation: Step 4

2040ae9215ed8633c041bbbeb1afdf0e432c5851f12beaf1ebd320ebdef40bc5deb208f4f2c661fac4208092237dd25e472c507c654933efe5a8b3370ca3aa38

# Compare the signature from Sign using Openss

$ hexdump sha1.sign | cut -c 9- | tr -cd [:alnum:]
402092aeed15338641c0bebbafb10edf2c4351582bf1f1ead3ebeb20f4dec50bb2def408c6f2fa6120c492807d235ed22c477c504965ef33a8e537b3a30c38aa
--→ hexdump does it in little endian way!!

$ od --endian big -x sha1.sign | cut -c 9- | tr -cd [:alnum:]
2040ae9215ed8633c041bbbeb1afdf0e432c5851f12beaf1ebd320ebdef40bc5deb208f4f2c661fac4208092237dd25e472c507c654933efe5a8b3370ca3aa38

### Step 3: Convert sign to padded hash

private key (n,e) → message m=sᵉ(mod n)

- n: modulus
- e: public exponent
- s: signature

***Check Padded hash in verification matches the padded hash in signing.***

In [14]:
# Convert signature file to integer (Obtained in step 2)
! echo -e "\n==========================================================\n# Convert signature file to integer (Obtained in step 2)\n==========================================================\n"
! echo '>>> signature = int(sign_received, 16)'
signature = int(sign_received, 16)

# Convert modulus to integer (Obtained in step 1)
! echo -e "\n==========================================================\n# Convert modulus to integer (Obtained in step 1)\n==========================================================\n"
! echo '>>> modulus = int(MODULUS, 16)'
modulus = int(MODULUS, 16)

# Set the public_exp
! echo -e "\n==========================================================\n# Set the public_exp\n==========================================================\n"
! echo '>>> public_exp = 65537'
public_exp = 65537

# Convert sign to hash: (sign ** public_exp) % modulus
# (a**b)%c is efficiently caluclated by pow(a, b, c)
! echo -e "\n==========================================================\n# Convert sign to hash: (sign ** public_exp) % modulus\n==========================================================\n"
! echo '>>> padded_hash = hex(pow(signature, public_exp, modulus))'
! echo '>>> padded_hash'
padded_hash = hex(pow(signature, public_exp, modulus))
padded_hash


# Convert signature file to integer (Obtained in step 2)

>>> signature = int(sign_received, 16)

# Convert modulus to integer (Obtained in step 1)

>>> modulus = int(MODULUS, 16)

# Set the public_exp

>>> public_exp = 65537

# Convert sign to hash: (sign ** public_exp) % modulus

>>> padded_hash = hex(pow(signature, public_exp, modulus))
>>> padded_hash


'0x1ffffffffffffffffffffffffffffffffffffffffffffffffffff003021300906052b0e03021a050004148c723a0fa70b111017b4a6f06afe1c0dbcec14e3'

### Step 4: Remove padding to obtain the hash of message

In [15]:
# Remove the padded hash to slice the hash of message
padded_hash[-40:]

'8c723a0fa70b111017b4a6f06afe1c0dbcec14e3'

#### Hash obtained above is the SHA1 hash of the data file myfile.txt

In [16]:
sha1 = ! shasum -a 1 myfile.txt
sha1[0].split()[0] == padded_hash[-40:]

True

# References:

1. [Cryptography and coding](https://books.google.com/books?id=H29qCQAAQBAJ&printsec=frontcover&dq=Cryptography+and+Coding:+11th+IMA+International+Conference&hl=en&sa=X&ved=0ahUKEwim5avgy4neAhUGHXwKHed7DdwQ6AEIKTAA#v=onepage&q=Cryptography%20and%20Coding%3A%2011th%20IMA%20International%20Conference&f=false)

2. [RSA Public key](https://medium.com/@bn121rajesh/understanding-rsa-public-key-70d900b1033c)

3. [Digital Signature](https://en.wikipedia.org/wiki/Digital_signature)