Signing and verifying data using pycrypto (RSA)

Question

I am trying to familiarize myself with the pycrypto module, but the lack of clear documentation makes things difficult.

To start with, I would like to understand signing and verifying data. Could someone please provide an example for how this would be written?

Answer 1

This is a fleshed-out version of the example in the old PyCrypto documentation:

Ensure you are using pycryptodome and not pycrypto (which is unmaintained!)

pycryptodome can be installed with pip install pycryptodome

import Crypto.Hash.MD5 as MD5 import Crypto.PublicKey.RSA as RSA import Crypto.PublicKey.DSA as DSA import Crypto.PublicKey.ElGamal as ElGamal import Crypto.Util.number as CUN import os  plaintext = 'The rain in Spain falls mainly on the Plain'  # Here is a hash of the message hash = MD5.new(plaintext).digest() print(repr(hash)) # '\xb1./J\xa883\x974\xa4\xac\x1e\x1b!\xc8\x11'  for alg in (RSA, DSA, ElGamal):     # Generates a fresh public/private key pair     key = alg.generate(384, os.urandom)      if alg == DSA:         K = CUN.getRandomNumber(128, os.urandom)     elif alg == ElGamal:         K = CUN.getPrime(128, os.urandom)         while CUN.GCD(K, key.p - 1) != 1:             print('K not relatively prime with {n}'.format(n=key.p - 1))             K = CUN.getPrime(128, os.urandom)         # print('GCD({K},{n})=1'.format(K=K,n=key.p-1))     else:         K = ''      # You sign the hash     signature = key.sign(hash, K)     print(len(signature), alg.__name__)     # (1, 'Crypto.PublicKey.RSA')     # (2, 'Crypto.PublicKey.DSA')     # (2, 'Crypto.PublicKey.ElGamal')      # You share pubkey with Friend     pubkey = key.publickey()      # You send message (plaintext) and signature to Friend.     # Friend knows how to compute hash.     # Friend verifies the message came from you this way:     assert pubkey.verify(hash, signature)      # A different hash should not pass the test.     assert not pubkey.verify(hash[:-1], signature)