hash.
We are here signing a message using Crypto.Signature.DSS. Using this signature scheme, we can create or verify DSA signatures. We are providing two arguments to the function DSS.new(). The first one is the key pair that has private key components and the second one is the mode. In ‘fips-186-3’ mode, the signature generation is randomized and it follows FIPS 186-3 standards.
The created signature can be sent to a recipient along with the message. The sent signature can then be verified in the following way:
def verify_signature(filename, message, signature1): with open(filename, "rb") as file1: public_key1 = DSA.importKey(file1.read()) message_hash = SHA256.new(message.encode()) verifier = DSS.new(public_key1, 'fips-186-3') try: verifier.verify(message_hash, signature1) print("Verification is successful") except ValueError: print("Verification failed")
Please note that we are using the private key for creating the DSA signature and the public key for verifying the same signature. At the time of verification also, we are first generating the message hash using the SHA 256 algorithm and then using the message hash for the verification purpose. Here also we are using Crypto.Signature.DSS for signature verification.
The complete code for generating DSA keys, creating DSA signatures, and verifying DSA signatures is given below:
from Crypto.PublicKey import DSA from Crypto.Hash import SHA256 from Crypto.Signature import DSS def create_signature(message, filename): with open(filename, "rb") as file1: private_key = DSA.importKey(file1.read(), 'MyPassphrase') message_hash = SHA256.new(message.encode()) signer = DSS.new(private_key, 'fips-186-3') signature1 = signer.sign(message_hash) return signature1 def verify_signature(filename, message, signature1): with open(filename, "rb") as file1: public_key1 = DSA.importKey(file1.read()) message_hash = SHA256.new(message.encode()) verifier = DSS.new(public_key1, 'fips-186-3') try: verifier.verify(message_hash, signature1) print("Verification is successful") except ValueError: print("Verification failed") keypair = DSA.generate(2048) public_key = keypair.publickey() with open("public_key_dsa.pem", "wb") as file: file.write(public_key.exportKey('PEM')) file.close() with open("private_key_dsa.pem", "wb") as file: file.write(keypair.exportKey('PEM', True, 'MyPassphrase')) file.close() text = "Secret Message" signature = create_signature(text, 'private_key_dsa.pem') print(signature) verify_signature('public_key_dsa.pem', text, signature)
Interested readers who want to know more on how to implement the DSA algorithm in Python, please refer to the following articles:
How to implement the DSA key generation algorithm in Python?
How to implement the DSA signature creation and verification algorithm in Python?
I hope this helps. However, readers who want to know more about how different cryptographic algorithms work and how they are used in various secure network protocols can refer to the book “Cryptography And Public Key Infrastructure.”
0 Comments