I am trying to familiarize myself with the pycrypto module, but the lack of clear documentation makes things difficult.
To start with, I would like to understand signing and verifying data. Could someone please provide an example for how this would be written?
This is a fleshed-out version of the example in the old PyCrypto documentation:
Ensure you are using pycryptodome
and not pycrypto
(which is unmaintained!)
pycryptodome can be installed with pip install pycryptodome
import Crypto.Hash.MD5 as MD5 import Crypto.PublicKey.RSA as RSA import Crypto.PublicKey.DSA as DSA import Crypto.PublicKey.ElGamal as ElGamal import Crypto.Util.number as CUN import os plaintext = 'The rain in Spain falls mainly on the Plain' # Here is a hash of the message hash = MD5.new(plaintext).digest() print(repr(hash)) # '\xb1./J\xa883\x974\xa4\xac\x1e\x1b!\xc8\x11' for alg in (RSA, DSA, ElGamal): # Generates a fresh public/private key pair key = alg.generate(384, os.urandom) if alg == DSA: K = CUN.getRandomNumber(128, os.urandom) elif alg == ElGamal: K = CUN.getPrime(128, os.urandom) while CUN.GCD(K, key.p - 1) != 1: print('K not relatively prime with {n}'.format(n=key.p - 1)) K = CUN.getPrime(128, os.urandom) # print('GCD({K},{n})=1'.format(K=K,n=key.p-1)) else: K = '' # You sign the hash signature = key.sign(hash, K) print(len(signature), alg.__name__) # (1, 'Crypto.PublicKey.RSA') # (2, 'Crypto.PublicKey.DSA') # (2, 'Crypto.PublicKey.ElGamal') # You share pubkey with Friend pubkey = key.publickey() # You send message (plaintext) and signature to Friend. # Friend knows how to compute hash. # Friend verifies the message came from you this way: assert pubkey.verify(hash, signature) # A different hash should not pass the test. assert not pubkey.verify(hash[:-1], signature)
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With