From 9e8e49cfaf62fb1e502a0fc7ca45930c030bda2d Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E2=80=9CSpekulaas=E2=80=9D?= <“ryan@aterve.nl”>
Date: Fri, 15 Sep 2023 10:03:04 +0200
Subject: [PATCH] finished ex2 week 3

---
 .../Signature.py                              | 66 +++++++++++++++++++
 .../Signature_t.py                            | 47 +++++++++++++
 2 files changed, 113 insertions(+)
 create mode 100644 period_1/03-cryptography/304_EX2_A04_Digital_Signature_byte/Signature.py
 create mode 100644 period_1/03-cryptography/304_EX2_A04_Digital_Signature_byte/Signature_t.py

diff --git a/period_1/03-cryptography/304_EX2_A04_Digital_Signature_byte/Signature.py b/period_1/03-cryptography/304_EX2_A04_Digital_Signature_byte/Signature.py
new file mode 100644
index 0000000..ac267c1
--- /dev/null
+++ b/period_1/03-cryptography/304_EX2_A04_Digital_Signature_byte/Signature.py
@@ -0,0 +1,66 @@
+#!/usr/bin/env python3
+"""Asymmetric Cryptography -> Digital Signature: Exercise 1
+
+The goal of this exercise is to learn how to sign and verify messages using asymmetric keys.
+In this implementation the passed message as an argument is a string converted to a byte object.
+When signing a message the RSA sign-function requires a specific hash like SHA256, and padding such as PSS. 
+Be aware that verification must use the same algorithms to correctly verify the signature.
+
+Your task is to:
+    * locate the TODOs in this file
+    * complete the missing part from the code 
+    * run the test of this exercise located in same folder.
+
+To test run 'Signature_t.py' in your command line
+
+Notes:
+    * do not change class structure or method signature to not break unit tests
+    * visit this url for more information on this topic:
+    https://cryptography.io/en/latest/hazmat/primitives/asymmetric/rsa/
+"""
+from cryptography.exceptions import *
+from cryptography.hazmat.primitives.asymmetric import rsa
+from cryptography.hazmat.primitives import hashes
+from cryptography.hazmat.primitives.asymmetric import padding
+from cryptography.hazmat.primitives import serialization
+
+# TODO 1: Generate first a private key, then a public key. As a result return both values.
+# Make sure you generate the keys in the correct order. 
+# Use recommended algorithms values where possible
+def generate_keys():
+    private_key = rsa.generate_private_key(public_exponent=65537,key_size=2048)
+    public_key = private_key.public_key()
+    return private_key, public_key
+
+# TODO 2: Sign a passed message using the passed private key
+# Signing and verifying algorithms must be the same
+def sign(message, private):
+    sig = private.sign(
+        message,
+        padding.PSS(
+            mgf=padding.MGF1(hashes.SHA256()),
+            salt_length=padding.PSS.MAX_LENGTH
+        ),
+        hashes.SHA256()
+    )
+    return sig
+
+
+# TODO 3: Verify a signature for a message with the passed public key
+# Signing and verifying algorithms values must be the same
+# Make sure to handle exception properly if verification fails 
+def verify(message, sig, public):
+    try:
+
+        public.verify(
+            sig,
+            message,
+            padding.PSS(
+                mgf=padding.MGF1(hashes.SHA256()),
+                salt_length=padding.PSS.MAX_LENGTH
+            ),
+            hashes.SHA256()
+        )
+        return True
+    except:
+        return False
diff --git a/period_1/03-cryptography/304_EX2_A04_Digital_Signature_byte/Signature_t.py b/period_1/03-cryptography/304_EX2_A04_Digital_Signature_byte/Signature_t.py
new file mode 100644
index 0000000..aead7b2
--- /dev/null
+++ b/period_1/03-cryptography/304_EX2_A04_Digital_Signature_byte/Signature_t.py
@@ -0,0 +1,47 @@
+#!/usr/bin/env python3
+"""
+This test case will verify if the provided solution by a student for Signature.py is correct.
+"""
+from Signature import *
+
+if __name__ == '__main__':
+    
+    # Generate asymmetric keys for two users
+    alex_prv, alex_pbc = generate_keys()
+    mike_prv, mike_pbc = generate_keys()
+
+    alex_message = b'pay 10 euro to bob'
+
+    # Verification of a signature using public key:
+    # If Alex sign it:
+    alex_signature = sign(alex_message, alex_prv)
+    
+    verified = verify(alex_message, alex_signature, alex_pbc)
+    if verified:
+        print('Success: Valid signature is verified.')
+    else:
+        print('Fail: Valid signature is not verified.')
+
+    # If Mike sign it:
+    f_signature = sign(alex_message, mike_prv)
+    
+    verified = verify(alex_message, f_signature, alex_pbc)
+    if verified:
+        print('Fail: Invalid signature is verified.')
+    else:
+        print('Success: Invalid signature is not verified.')
+
+    # Check originality of message using public key:
+    received_message = b'pay 10 euro to bob'
+    correct = verify(received_message, alex_signature, alex_pbc)
+    if correct:
+        print('Success: The received message is validated as original.')
+    else:
+        print('Fail: The received message is validated as tampered.')
+
+    t_message = b'pay 100 euro to bob'
+    correct = verify(t_message, alex_signature, alex_pbc)
+    if correct:
+        print('Fail: The tampered Message is not validated as original.')
+    else:
+        print('Success: The tampered Message is correctly detected.')