<a href="https://colab.research.google.com/github/wjtopp3/CSIT-2033/blob/main/Lab_Exercise_RSASignatureValidation.ipynb" target="_parent"><img src="https://colab.research.google.com/assets/colab-badge.svg" alt="Open In Colab"/></a>

### Exercise - RSA Signature Validation
Use the cryptography library to perform digital signing and verification of a file's contents with RSA. Create a sample file, read the file's content, sign it using RSA with SHA-512, and then verify the signature using the corresponding public key.

### Expected Output (your hash value will vary based on your file content)

```
RSA key pair generated.
File signed.
Signature (hex): 20a1bc89a0eb63aa330a219ce0c0131caf9d8b1b5897bb5c8e3b0c03a3009ffc679eb1b421fbbc9257fe4937dac987677e3d273ec6577885ce7e9e2f260f04c3d58c2dc5ad12d4038b7dc461a82cceaf2b05ccd23e447d56f92495d675324ace0236a8d2dca778338175509da9444263826268637806247cc04add6ab96ea827d2d309da21c07e4a923cf46b67695e99b2bdc2d048472dc0e3e76c71fde95a2b6ead5a9024e7f20a5073dbe5742ecc1120f0f30ffbf9a1feec4381c26c54616a5b9d6eb8b8aa26f5f6bbc3a7b46fe1b5b89be888cab648cb0545d262c9aabc32b0028698b4cb53105650d53b426393b941d532a6b28b54c4ee5e8582a23ac498
eSignature is valid. File content is authentic and unchanged.
```

In [None]:
# Add your solution here







In [None]:
###
###
### SOLUTION
###
###

from cryptography.hazmat.primitives.asymmetric import rsa, padding
from cryptography.hazmat.primitives import hashes
import os

# create a sample file with some content
filename = "sample.txt"
with open(filename, "w") as f:
    f.write("This is a secure message stored in a file.\n")

# read the file's content as bytes
with open(filename, "rb") as f:
    file_data = f.read()

# generate RSA key pair
private_key = rsa.generate_private_key(public_exponent=65537, key_size=2048)
public_key = private_key.public_key()
print("RSA key pair generated.")

# sign the file data using SHA-512
signature = private_key.sign(
    file_data,
    padding.PSS(
        mgf=padding.MGF1(hashes.SHA512()),
        salt_length=padding.PSS.MAX_LENGTH
    ),
    hashes.SHA512()
)
print("File signed.")
print("Signature (hex):", signature.hex())

# verify the signature
try:
    public_key.verify(
        signature,
        file_data,
        padding.PSS(
            mgf=padding.MGF1(hashes.SHA512()),
            salt_length=padding.PSS.MAX_LENGTH
        ),
        hashes.SHA512()
    )
    print("eSignature is valid. File content is authentic and unchanged.")
except Exception as e:
    print("Signature verification failed:", str(e))


