RSA is two algorithms: one for asymmetric encryption and one for signatures. It so happened that both algorithms can use the same private key structure (this is a source of confusion: many documents, including the RSA standard , try to explain the signature as "encryption using the private key", which is inaccurate at best).
Using the same key for both uses is possible, but not recommended, because the interactions between both types of uses have not been fully understood; In addition, encryption keys and signature keys usually have different life cycles with different protection mechanisms (for example, you usually want to back up the private encryption key to prevent data loss: losing a private key means losing all the data that has been encrypted with this key, while you do not need a backup of the signature key).
Your script is a bit unclear. Asymmetric encryption uses the public key, and signature generation uses the private key. If A wants to send message B with encryption (to ensure confidentiality) and signature (for integrity), then A will encrypt the data using a public key for which B knows the private key; and A will sign the data with the private key, for which B knows the public key. This requires two key pairs: one pair is used for encryption and decryption (A encrypts, B decrypts, B knows the private key), and the other pair is used for signatures (signs A, B checks, A knows the private key). If both A and B know the secret key, then they have a common secret, and it is much easier (and faster) to use symmetric encryption ( AES ) and integrity checks ( HMAC ).
The standard denial expression is:. It looks like you are developing your own cryptographic protocol. Do not do it. This road leads to the same security breaches that countless other smart people have stumbled upon. Use a proven and proven protocol, such as SSL / TLS or OpenPGP .