# Digital Signature and Asymmetric Cryptography Implementation

- Environment used: conda create -n blockchain pip python scipy cryptography
- cryptography version 3.4.7, python version 3.9.5

Note: This code is implemented in **signature.py** in the working directory, including tests. 

In [1]:
from cryptography.hazmat.primitives.asymmetric import rsa
from cryptography.hazmat.primitives import serialization
from cryptography.hazmat.primitives import hashes
from cryptography.hazmat.primitives.asymmetric import padding
from cryptography.exceptions import InvalidSignature

# Generate Public and Private Keys

In [2]:
def generate_keys():
    ''' 
    This function uses RSA encryption with 2048 bits to create public and private key
    Returns two objects, the public key and the private key
    '''
    private_key = rsa.generate_private_key(
                        public_exponent = 65537, 
                        key_size = 2048)
    public_key = private_key.public_key()
    return(private_key, public_key)

# running
private_key ,public_key = generate_keys()
print(private_key ,'\n',public_key)

<cryptography.hazmat.backends.openssl.rsa._RSAPrivateKey object at 0x000001A0CC6DA518> 
 <cryptography.hazmat.backends.openssl.rsa._RSAPublicKey object at 0x000001A0CC6DA5C0>


# Signing a Message Using Private Key
- SHA 256 needsd padding in cryptography
- PSS is a sudorandom 
- \x are hexidecimal values in the signature

In [3]:
message = b"A message I want to sign"

def sign(message, private_key):
    ''' 
    Takes the private key and a message to give a digital signature
    Returns a digital signature
    '''
    message = bytes(str(message), 'utf-8')
    signature = private_key.sign(message,
                                 padding.PSS(
                                 mgf = padding.MGF1(hashes.SHA256()),
                                 salt_length = padding.PSS.MAX_LENGTH),
                                 hashes.SHA256())
    return(signature)

# running
signature = sign(message,private_key)
signature

b"\x9a,\xd5\xd6\xf0\x03g\xc1\x08\x12\xb8:V\x0bQb.3\xb1#\xa5]X\xd8|1\x05r\xad\xa8\x821\xcc%\xd8?|\xcf\xf3\x93q/\xdf\x1fDE\x17B\x8f\xa1\x93\xdb\n\xb9)\xadK[\xc4\x13\xd4~#\x88\x17X\x13\x1f~\xc7\xfdZ2\x1fl\xe9]X\x99\xa6i\x83\xa9\xb0*\x13\xdf\x9d\xa5*B\xfb\xbea\xc6a$\x99\xfd\x91!\xc7\x81\xa0CV\xc2\x7f \x05\x91\x05\x08\x9b\xb9\x96\xed\x88w\xf62\xd7\x04g\xa3;\xdeuU\x94\x88\x14\xf0d\xd1n\xd1\x1b\xdb\xb9\r\x9d\xe7d.\xf1dSx\x81\t\xfd\x8e&\xfc\x8b\x1f\x16\xe0\xa9\xafeP`\xabA\xb1\x92N-f\xc4\xba\xea]?\xf6\x0fWYE-'\xad$5\x02\x06\x83,\xecW\xdaE\xb2\xb6\x8dU\xee\xa4\xe1m\xc4~S\xf3\xeb\xe4~o\xe7\xc3\xb6\xc0\x82@\xd8ji\xc8D\xbf\x00Z6nxl\x1dh\xc9\xb2\xff\xb5#\xf0\xf9\x10\xe4\x8bH\xe1\xa6\x8dE\xee\x01\x8fm\xb7C&\\\x02a&"

# Verification of Message and Sender

If you have a public key, a message, a signature, and the signing algorithm that was used you can check that the private key associated with a given public key was used to sign that specific message.

If the signature does not match, verify() will raise an InvalidSignature exception.

In [4]:
def verify(message, signature, public_key):
    '''
    Takes a message, received signature, and public key to verify message from the sender untampered.
    Returns True if verified, else False
    '''
    
    message = bytes(str(message), 'utf-8') # if message bytes converts to a string and then to bytes
    public_key = private_key.public_key() # need to refactor the argument of function and this line.
    try:
        public_key.verify(
        signature,
        message,
        padding.PSS(
        mgf=padding.MGF1(hashes.SHA256()),
        salt_length=padding.PSS.MAX_LENGTH),
        hashes.SHA256()
    )
        return(True)
    except InvalidSignature:
        return(False)
    except:
        print("Error executing public key verify")
        
# running
verify(message,signature, public_key)

True

# Resources

https://cryptography.io/en/latest/hazmat/primitives/asymmetric/rsa/