In Python, there are several libraries using which one can generate DSA keys and use those DSA keys to create or verify digital signatures. Python pycryptodome is an example of one such module. Using the pycryptodome module, one can easily generate DSA keys and create or verify digital signatures using those DSA keys.
from Crypto.PublicKey import DSA from Crypto.Hash import SHA256 from Crypto.Signature import DSS KEYSIZE = 1024 message = "Hello".encode() key = DSA.generate(KEYSIZE) publickey = key.publickey() print(publickey.exportKey()) message_hash = SHA256.new(message) signer = DSS.new(key, 'fips-186-3') signature = signer.sign(message_hash) print(int.from_bytes(signature, "big", signed=False)) verifier = DSS.new(publickey, 'fips-186-3') try: verifier.verify(message_hash, signature) print("Verification successful") except ValueError: print("Verification failed")
Please note that DSA signatures are done on message hash so that even if there is the slightest change in the message, the generated digital signature will be completely different. We are using SHA-256 to create a message hash. Please also note that SHA256.new() method takes bytes as inputs. So, we are encoding the message “Hello” to generate bytes.
We are using FIPS 186-3 standard to create or verify digital signatures. And, DSA.generate() method returns an object that contains public and private key components. We can use the methods in the class to export or import keys.
In this article, we would implement the DSA key generation algorithm using Python. How does the DSA key generation algorithm work? We have already discussed that in this article: How does the Digital Signature Algorithm (DSA) work? Interested readers, please refer to the article first to understand the DSA key generation algorithm implementation in a better way. Also, we would be implementing a 1024-bit DSA key generation algorithm that can very easily run on a normal desktop computer.
0 Comments