finished ex2 week 3

2023-09-15 10:03:04 +02:00 · 2023-09-15 10:03:04 +02:00 · 9e8e49cfaf
commit 9e8e49cfaf
parent 23af09eeca
2 changed files with 113 additions and 0 deletions
--- a/period_1/03-cryptography/304_EX2_A04_Digital_Signature_byte/Signature.py
+++ b/period_1/03-cryptography/304_EX2_A04_Digital_Signature_byte/Signature.py
@ -0,0 +1,66 @@
+#!/usr/bin/env python3
+"""Asymmetric Cryptography -> Digital Signature: Exercise 1
+
+The goal of this exercise is to learn how to sign and verify messages using asymmetric keys.
+In this implementation the passed message as an argument is a string converted to a byte object.
+When signing a message the RSA sign-function requires a specific hash like SHA256, and padding such as PSS. 
+Be aware that verification must use the same algorithms to correctly verify the signature.
+
+Your task is to:
+    * locate the TODOs in this file
+    * complete the missing part from the code 
+    * run the test of this exercise located in same folder.
+
+To test run 'Signature_t.py' in your command line
+
+Notes:
+    * do not change class structure or method signature to not break unit tests
+    * visit this url for more information on this topic:
+    https://cryptography.io/en/latest/hazmat/primitives/asymmetric/rsa/
+"""
+from cryptography.exceptions import *
+from cryptography.hazmat.primitives.asymmetric import rsa
+from cryptography.hazmat.primitives import hashes
+from cryptography.hazmat.primitives.asymmetric import padding
+from cryptography.hazmat.primitives import serialization
+
+# TODO 1: Generate first a private key, then a public key. As a result return both values.
+# Make sure you generate the keys in the correct order. 
+# Use recommended algorithms values where possible
+def generate_keys():
+    private_key = rsa.generate_private_key(public_exponent=65537,key_size=2048)
+    public_key = private_key.public_key()
+    return private_key, public_key
+
+# TODO 2: Sign a passed message using the passed private key
+# Signing and verifying algorithms must be the same
+def sign(message, private):
+    sig = private.sign(
+        message,
+        padding.PSS(
+            mgf=padding.MGF1(hashes.SHA256()),
+            salt_length=padding.PSS.MAX_LENGTH
+        ),
+        hashes.SHA256()
+    )
+    return sig
+
+
+# TODO 3: Verify a signature for a message with the passed public key
+# Signing and verifying algorithms values must be the same
+# Make sure to handle exception properly if verification fails 
+def verify(message, sig, public):
+    try:
+
+        public.verify(
+            sig,
+            message,
+            padding.PSS(
+                mgf=padding.MGF1(hashes.SHA256()),
+                salt_length=padding.PSS.MAX_LENGTH
+            ),
+            hashes.SHA256()
+        )
+        return True
+    except:
+        return False
--- a/period_1/03-cryptography/304_EX2_A04_Digital_Signature_byte/Signature_t.py
+++ b/period_1/03-cryptography/304_EX2_A04_Digital_Signature_byte/Signature_t.py
@ -0,0 +1,47 @@
+#!/usr/bin/env python3
+"""
+This test case will verify if the provided solution by a student for Signature.py is correct.
+"""
+from Signature import *
+
+if __name__ == '__main__':
+    
+    # Generate asymmetric keys for two users
+    alex_prv, alex_pbc = generate_keys()
+    mike_prv, mike_pbc = generate_keys()
+
+    alex_message = b'pay 10 euro to bob'
+
+    # Verification of a signature using public key:
+    # If Alex sign it:
+    alex_signature = sign(alex_message, alex_prv)
+    
+    verified = verify(alex_message, alex_signature, alex_pbc)
+    if verified:
+        print('Success: Valid signature is verified.')
+    else:
+        print('Fail: Valid signature is not verified.')
+
+    # If Mike sign it:
+    f_signature = sign(alex_message, mike_prv)
+    
+    verified = verify(alex_message, f_signature, alex_pbc)
+    if verified:
+        print('Fail: Invalid signature is verified.')
+    else:
+        print('Success: Invalid signature is not verified.')
+
+    # Check originality of message using public key:
+    received_message = b'pay 10 euro to bob'
+    correct = verify(received_message, alex_signature, alex_pbc)
+    if correct:
+        print('Success: The received message is validated as original.')
+    else:
+        print('Fail: The received message is validated as tampered.')
+
+    t_message = b'pay 100 euro to bob'
+    correct = verify(t_message, alex_signature, alex_pbc)
+    if correct:
+        print('Fail: The tampered Message is not validated as original.')
+    else:
+        print('Success: The tampered Message is correctly detected.')