Skip to content

rezak9876/rsa-tool-python

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

1 Commit
keys
keys
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
rsa_tool.py
rsa_tool.py
 
 

Repository files navigation

RSA Cryptographic Tool Suite

A complete Python implementation for secure RSA operations including encryption, decryption, digital signatures, and verification.

Table of Contents

Prerequisites

  • Python 3.8+
  • pip package manager

Installation

  1. Clone the repository:
git clone https://github.com/rezak9876/rsa-tool.git
cd rsa-tool

Install required dependencies:

pip install cryptography

Initial Setup

Generate your cryptographic key pair:

cd keys
python key_gen.py

This will:

  • Generate a 2048-bit RSA private key in keys/my/private_key.pem
  • Display your public key in PEM format (copy this for sharing)

Key Exchange Protocol

Adding Contacts

  • Get the contact's public key file (.pem)
  • Save it as: keys/others/<name>.pem

Example: To add my public key:

cat > keys/others/rezak.pem << 'EOF'
-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2JOlS70z/u7WvutfPRhv
YB8iDErPh+YyMmGxHgH/nbyAz/FVua+TF7d4Hj0EcNHEVouKTP2CSvm0GxCZGclh
b8tcqyUf1xeLkRH7IsMKW2GWSpWP/TopSfRv9EHD8OPE44x1RcFY1f8cMJh/m2NP
++TNsDhuT4YUA5xG68ESeOzZoXHPpN45z3NVgMf8NSNxucCTwl0gwTNkpB970jI8
HLNYzUgtFSZIs7RjZ1RZm4w/fSPf9ahgznB1ycTWaxYD4Ax/B1iJAxQWBRN/mc+r
WuKEqmCeFfsvis+lAsrD9V5dKCS1eilu8k3aSrBwjWBJ6dg0ihQr9iaR+hT91sQe
QQIDAQAB
-----END PUBLIC KEY-----
EOF
  • Always verify that a public key truly belongs to the intended person by checking their signed message after adding their public key. Below I'll explain the signature verification process:

Usage Guide

1. Digital Signature Verification

Verify a signed message's authenticity:

python rsa_tool.py verify sender_name "original message" "signature"

Example:

python rsa_tool.py verify rezak "I'm RezaK" "0RaTgzg9H/U38iODMXAI/rLfwoGf0kg7FeDQcGkvSGWCLJFKlXpvd3aoswMTVLtuR20z+1I+t9F+MTfTsnrSp5ILEsJvCGwpdFyuc+xbIsbgA+o+dvRDjLGVzIitbuAnbA0Rj49dsfSDPj9GQGErjtPXM32AJVSL5EWoI5sxzJRANEwsO/AFJM4mxtyyyHpT17FyT8KYTCcHYYBxy7VtdZM0lbJihmw68cj5viJqc1Hqk/uyFX2JMGrqyHZkGnqEN23zAmf+anMe5uc6jhh/eQSqHHqeWUJCL9K3UTkSmnQ/O21LE2S2vddT0F64o393Oipd0oTMdPB5chIPLFfEmw=="

Output:

✅ Signature is VALID — The message is authentic
❌ Signature is INVALID — Possible tampering detected

2. Message Signing

Create a digital signature for your message:

python rsa_tool.py sign "Your message text"

Output:

🔏 Your signature: 0RaTgz...LFfEmw==

Understanding Message Encryption & Decryption

When you want to send an encrypted message to someone:

  1. You must use their PUBLIC key to encrypt your message
  2. Only they can decrypt it with their PRIVATE key
  3. You can safely send the encrypted message through any channel

When you receive an encrypted message:

  1. The sender used YOUR public key to encrypt it
  2. Only YOU can decrypt it using your PRIVATE key
  3. This ensures the message remains confidential during transmission

3. Secure Message Encryption

Encrypt a message for a specific recipient:

python rsa_tool.py encrypt "Secret message" recipient_name

Output:

🔒 Encrypted message: dGhpcy...ZQ==

4. Message Decryption

Decrypt a received message:

python rsa_tool.py decrypt "ENCRYPTED_MESSAGE_BASE64"

Output:

📩 Decrypted message: This is the original secret message

Security Architecture

project/
├── keys/
│   ├── my/
│   │   └── private_key.pem    # NEVER SHARE
│   └── others/
│       ├── alice.pem          # Contacts' public keys
│       └── bob.pem
└── rsa_tool.py               # Main application

Best Practices

Key Verification

  • Always verify new public keys via secondary channel

Key Management

  • Set strict file permissions: chmod 600 keys/my/private_key.pem
  • Backup keys securely

Operational Security

  • Regenerate keys annually or after suspected compromise
  • Use different keys for different purposes

Message Security

  • Always sign before encrypting

Based on NIST Special Publication 800-57B Revision 1 recommendations.

Cryptographic Specifications

RSA Parameters

  • Key Length: 2048 bits (NIST recommended minimum for RSA)
  • Public Exponent (e): 65537 (F4)
  • Padding Scheme: PKCS#1 v2.1 (OAEP for encryption, PSS for signatures)

Digital Signatures

  • Hash Algorithm: SHA-256
  • Signature Scheme: RSA-PSS (Probabilistic Signature Scheme)

Message Encryption

  • Key Encapsulation: RSA-OAEP
  • Data Encryption: AES-256-GCM

Troubleshooting

Common Issues

  1. "Invalid Key Format" Error

    • Ensure the key file is in valid PEM format
    • Check file permissions
    • Verify the key hasn't been corrupted

  2. "Signature Verification Failed"

    • Confirm you're using the correct public key
    • Ensure the message hasn't been modified
    • Check if the signature was properly base64 encoded

  3. "Encryption Failed"

    • Verify the recipient's public key is valid
    • Check if the message size is within RSA limits
    • Ensure proper character encoding (UTF-8)

About

A Python-based toolkit for secure RSA operations, including encryption, decryption, digital signatures, and verification. Features 2048-bit RSA keys, SHA-256 hashing, and AES-256-GCM encryption. Easy to set up with key generation, secure key exchange, and best practices for cryptographic security.

Resources

Readme

License

MIT license
Activity

Stars

1 star

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages