I recognize the importance of properly implement cryptographic functions. Since this is my first time using them I really wanted a second opinion on my method. Therefore, I was wondering if my method of sign-then-encrypt as implemented would be a valid method of safely achieving those results.
import rsa import textwrap def gen_keys(size): print('Generating new keys...') pubkey, privkey = rsa.newkeys(size, poolsize=8) print('Keys generated!') return pubkey, privkey def encrypt_full_message(message, _pubkey, privkey): parts = textwrap.wrap(message, max) message_to_send = b'' for part in parts: part = part.encode('utf-8') signature = rsa.sign(part, privkey, 'SHA-256') encrypted_message = rsa.encrypt(part, _pubkey) print(len(signature), len(encrypted_message)) message_to_send += encrypted_message message_to_send += signature return message_to_send def decrypt_full_message(message, privkey, _pubkey): parts = [message[i:i+256] for i in range(0, len(message), 256)] messages = parts[::2] signatures = parts[1::2] fmessage = b'' for signature in signatures: for message in messages: message = rsa.decrypt(message, privkey) if rsa.verify(message, signature, _pubkey): fmessage += message else: print('Message has been tampered with.') return message