Sign and Verify data in a text file using DSA(Digital Signature algorithm)

Question

I want to sign data in a text document(.txt) using a digital signature algorithm in Python.I have generated a public and private key using RSA algorithm. Then I sign and verify data using code given below.

from __future__ import print_function
import cv2
import numpy as np
import rsa
from base64 import b64encode, b64decode
import base64
f=open("2.txt",'r') 
msg1=f.read()
keysize = 2048
(public,private) = rsa.newkeys(keysize)

#encrypted = b64encode(rsa.encrypt(msg1, public))

signature = b64encode(rsa.sign(msg1, private, "SHA-512"))

print("Signature: " + signature)

For verifying at the receiver

from __future__ import print_function
import os
from PIL import Image
import cv2
import numpy as np
import rsa
import base64
from base64 import b64encode, b64decode
from digsig import public
from digsig import signature
f1=open("2.txt",'r') 
msg1=f1.read()
f=open("3.txt",'r') 
msg2=f.read()


#decrypted = rsa.decrypt(b64decode(msg2), private)
#print("Decrypted: '%s'" % decrypted)

verify = rsa.verify(msg1, b64decode(signature), public)
print("Verify: %s" % verify)
rsa.verify(msg2, b64decode(signature), public)

This Rsa.py has function defined

rsa.py

    from Crypto.PublicKey import RSA
    from Crypto.Cipher import PKCS1_OAEP
    from Crypto.Signature import PKCS1_v1_5
    from Crypto.Hash import SHA512, SHA384, SHA256, SHA, MD5
    from Crypto import Random

from base64 import b64encode, b64decode

hash = "SHA-256"

def newkeys(keysize):
    random_generator = Random.new().read
    key = RSA.generate(keysize, random_generator)
    private, public = key, key.publickey()
    return public, private

def importKey(externKey):
    return RSA.importKey(externKey)

def getpublickey(priv_key):
    return priv_key.publickey()

def encrypt(message, pub_key):
    #RSA encryption protocol according to PKCS#1 OAEP
    cipher = PKCS1_OAEP.new(pub_key)
    return cipher.encrypt(message)

def decrypt(ciphertext, priv_key):
    #RSA encryption protocol according to PKCS#1 OAEP
    cipher = PKCS1_OAEP.new(priv_key)
    return cipher.decrypt(ciphertext)



def sign(message, priv_key, hashAlg="SHA-256"):
    global hash
    hash = hashAlg
    signer = PKCS1_v1_5.new(priv_key)
    if (hash == "SHA-512"):
        digest = SHA512.new()
    elif (hash == "SHA-384"):
        digest = SHA384.new()
    elif (hash == "SHA-256"):
        digest = SHA256.new()
    elif (hash == "SHA-1"):
        digest = SHA.new()
    else:
        digest = MD5.new()
    digest.update(message)
    return signer.sign(digest)

def verify(message, signature, pub_key):
    signer = PKCS1_v1_5.new(pub_key)
    if (hash == "SHA-512"):
        digest = SHA512.new()
    elif (hash == "SHA-384"):
        digest = SHA384.new()
    elif (hash == "SHA-256"):
        digest = SHA256.new()
    elif (hash == "SHA-1"):
        digest = SHA.new()
    else:
        digest = MD5.new()
    digest.update(message)
    return signer.verify(digest, signature)

So while verifying data if I change some data from a file. I get the verification procedure true that is both data as same even though they are not same. I cannot figure out why is this happening. I have not used DSA algorithm just followed the procedure of digital signature i.e private key is used to encrypt the data at sender side and decrypt that data using the public key at the receiver side and then verify both data in files.

Answer 1

You can only generate private/public key pairs. Try RSA.generate(bits).