# Asymmetric Cryptography Implementation

In [1]:
from cryptography.hazmat.primitives.asymmetric import rsa
from cryptography.hazmat.primitives import serialization
from cryptography.hazmat.primitives import hashes
from cryptography.hazmat.primitives.asymmetric import padding


# Generate Public and Private Keys

In [2]:
# def generate_keys():
#     ''' This function uses RSA encryption with 2048 bits'''
#     key = rsa.generate_private_key(public_exponent = 65537, key_size = 2048)
    
#     private_key = key.private_bytes(serialization.Encoding.PEM,
#                                     serialization.PrivateFormat.TraditionalOpenSSL,
#                                     serialization.NoEncryption()).decode('utf-8')
    
#     public_key = key.public_key().public_bytes(serialization.Encoding.OpenSSH,
#                                                serialization.PublicFormat.OpenSSH)
#     return(private_key, public_key)
# private_key, public_key = generate_keys()
# private_key

In [3]:
def generate_keys():
    ''' This function uses RSA encryption with 2048 bits'''
    private_key = rsa.generate_private_key(public_exponent = 65537, key_size = 2048)
    public_key = private_key.public_key()
    return(private_key, public_key)

private_key ,public_key = generate_keys()
print(private_key ,public_key)

<cryptography.hazmat.backends.openssl.rsa._RSAPrivateKey object at 0x000001E1B7A72A58> <cryptography.hazmat.backends.openssl.rsa._RSAPublicKey object at 0x000001E1B7A72AC8>


# Signing a Message Using Private Key

In [4]:
message = b"A message I want to sign"

def sign(message, private_key):
    signature = private_key.sign(message,
                                 padding.PSS(
                                 mgf = padding.MGF1(hashes.SHA256()),
                                 salt_length = padding.PSS.MAX_LENGTH),
                                 hashes.SHA256())
    return(signature)

signature = sign(message,private_key)

# Verification of Message and Sender

If you have a public key, a message, a signature, and the signing algorithm that was used you can check that the private key associated with a given public key was used to sign that specific message.

If the signature does not match, verify() will raise an InvalidSignature exception.

In [5]:
def verify(message, signature, public_key):
    public_key = private_key.public_key() # need to refactor the argument of function and this line.
    try:
        public_key.verify(
        signature,
        message,
        padding.PSS(
        mgf=padding.MGF1(hashes.SHA256()),
        salt_length=padding.PSS.MAX_LENGTH),
        hashes.SHA256()
    )
        return(True)
    except:
        return(False)

verify(message,signature, public_key)

True

# Resources

https://cryptography.io/en/latest/hazmat/primitives/asymmetric/rsa/

https://www.programcreek.com/python/example/99667/cryptography.hazmat.primitives.asymmetric.rsa.generate_private_key