id blindsign and verificated working

2026-02-06 19:06:43 +01:00 · 2017-12-29 00:44:38 +01:00
parent 845746f000
commit 082864de1c
10 changed files with 132 additions and 68 deletions
--- a/clientApp/GUI/views/main/main.html
+++ b/clientApp/GUI/views/main/main.html
@@ -25,7 +25,7 @@
                    <h4 class="card-title">
                        My IDs
                    </h4>
-                    <div class="row" style="height:200px;" ng-repeat="id in ids">
+                    <div class="row" style="height:160px;" ng-repeat="id in ids">
                        <div class="col-sm-6">
                            Public Key: {{id.pubK}}
                            <!--<br> Private Key: {{id.privK}}-->
@@ -40,11 +40,12 @@
                                <span class="badge c_o_green300" ng-show="id.verified">Verified</span>
                            </div>
                            <div class="pull-right">
-                                <span class="badge c_o_orange300" ng-show="!id.pubKSigned">Not signed</span>
-                                <span class="badge c_o_green300" ng-show="id.pubKSigned">Signed</span>
+                                <span class="badge c_o_orange300" ng-show="!id.unblindedsig">Not signed</span>
+                                <span class="badge c_o_blue300" ng-show="id.unblindedsig">Signed</span>
                            </div>
-                            <div ng-click="blindAndSendToSign(id.pubK)" ng-show="!id.pubKSigned" class="btn btn-sm btn-raised c_o_cyan300 pull-right">Send to serverIDsigner</div>
-                            <div ng-click="verify(id.pubK)"  ng-show="!id.verified"class="btn btn-sm btn-raised c_o_deepPurple300 pull-right">Verify</div>
+                            <br><br>
+                            <div ng-click="blindAndSendToSign(id.id)" ng-show="!id.unblindedsig" class="btn btn-sm btn-raised c_o_cyan300 pull-right">Send to serverIDsigner</div>
+                            <!--<div ng-click="verify(id.id)"  ng-show="!id.verified"class="btn btn-sm btn-raised c_o_deepPurple300 pull-right">Verify</div>-->
                        </div>
                    </div>
                </div>
--- a/clientApp/GUI/views/main/main.js
+++ b/clientApp/GUI/views/main/main.js
@@ -39,8 +39,8 @@ angular.module('app.main', ['ngRoute'])
                });
        };

-        $scope.blindAndSendToSign = function(pubK) {
-            $http.get(clientapi + 'blindandsendtosign/' + pubK)
+        $scope.blindAndSendToSign = function(id) {
+            $http.get(clientapi + 'blindandsendtosign/' + id)
                .then(function(data) {
                    console.log('data success');
                    console.log(data);
@@ -50,8 +50,8 @@ angular.module('app.main', ['ngRoute'])
                    console.log('data error');
                });
        };
-        $scope.verify = function(pubK) {
-            $http.get(clientapi + 'verify/' + pubK)
+        $scope.verify = function(id) {
+            $http.get(clientapi + 'verify/' + id)
                .then(function(data) {
                    console.log('data success');
                    console.log(data);
--- a/clientApp/clientApp.go
+++ b/clientApp/clientApp.go
@@ -12,6 +12,7 @@ import (

 	"github.com/cryptoballot/fdh"
 	"github.com/cryptoballot/rsablind"
+	"github.com/fatih/color"
 )

 func IDs() []Key {
@@ -51,18 +52,33 @@ type SignResponse struct {
 	PubK rsa.PublicKey `json:"pubK"`
 }

-func BlindAndSendToSign(keyID string) []byte {
+func BlindAndSendToSign(keyID string) []Key {
 	//get the key
 	key := getKeyByKeyID(keyID)
 	//privK := openPEMKey(key.PrivK)
-	pubK := openPublicPEMKey(key.PubK)
+	pubK, err := openPublicPEMKey(keysDir + "/" + key.PubK)
+	check(err)
+
+	//pubK to string
+	m, err := ExportRsaPublicKeyAsPemStr(pubK)
+	check(err)
+	mB := []byte(m)
+
+	//get serverPubK
+	var serverPubK *rsa.PublicKey
+	res, err := http.Get(config.Server)
+	check(err)
+	decoder := json.NewDecoder(res.Body)
+	err = decoder.Decode(&serverPubK)
+	if err != nil {
+		panic(err)
+	}
+	defer res.Body.Close()

-	//TODO pubK to string
-	m := []byte("pubK") //convert pubK to array of bytes
 	//blind the hashed message
 	// We do a SHA256 full-domain-hash expanded to 1536 bits (3/4 the key size)
-	hashed := fdh.Sum(crypto.SHA256, hashize, m)
-	blinded, unblinder, err := rsablind.Blind(&pubK, hashed)
+	hashed := fdh.Sum(crypto.SHA256, hashize, mB)
+	blinded, unblinder, err := rsablind.Blind(serverPubK, hashed)
 	if err != nil {
 		panic(err)
 	}
@@ -71,10 +87,10 @@ func BlindAndSendToSign(keyID string) []byte {
 	//send blinded to serverIDsigner
 	body := new(bytes.Buffer)
 	json.NewEncoder(body).Encode(askBlindSign)
-	res, err := http.Post(config.Server+"blindsign", "application/json", body)
+	res, err = http.Post(config.Server+"blindsign", "application/json", body)
 	check(err)
 	var signResponse SignResponse
-	decoder := json.NewDecoder(res.Body)
+	decoder = json.NewDecoder(res.Body)
 	err = decoder.Decode(&signResponse)
 	if err != nil {
 		panic(err)
@@ -82,13 +98,26 @@ func BlindAndSendToSign(keyID string) []byte {
 	defer res.Body.Close()

 	sig := signResponse.Sig
-	serverPubK := signResponse.PubK
+	//serverPubK := signResponse.PubK

 	//unblind the signedblind
-	unblindedSig := rsablind.Unblind(&serverPubK, sig, unblinder)
+	unblindedSig := rsablind.Unblind(serverPubK, sig, unblinder)
+	color.Green("unblindedSig")
 	fmt.Println(unblindedSig)

-	return unblindedSig
+	// Verify the original hashed message against the unblinded signature
+	if err := rsablind.VerifyBlindSignature(serverPubK, hashed, unblindedSig); err != nil {
+		fmt.Println(err)
+	} else {
+		color.Green("blind signature verified")
+		key.Verified = true
+	}
+	key.UnblindedSig = unblindedSig
+	key.Hashed = hashed
+	key.ServerVerifier = serverPubK
+	saveKey(key)
+	keys := readKeys()
+	return keys
 }

 func Verify(packPubK string) {
--- a/clientApp/clientAppRESTFunctions.go
+++ b/clientApp/clientAppRESTFunctions.go
@@ -40,9 +40,9 @@ func GetBlindAndSendToSign(w http.ResponseWriter, r *http.Request) {
 	idKey := vars["idKey"]
 	color.Green(idKey)

-	unblindedSig := BlindAndSendToSign(idKey)
+	keys := BlindAndSendToSign(idKey)

-	jResp, err := json.Marshal(unblindedSig)
+	jResp, err := json.Marshal(keys)
 	check(err)
 	fmt.Fprintln(w, string(jResp))
 }
--- a/clientApp/keys.go
+++ b/clientApp/keys.go
@@ -6,18 +6,67 @@ import (
 	"encoding/asn1"
 	"encoding/json"
 	"encoding/pem"
+	"errors"
+	"fmt"
 	"io/ioutil"
 	"os"
 	"time"
+
+	"github.com/fatih/color"
 )

 type Key struct {
-	ID       string    `json:"id"`
-	PrivK    string    `json:"privK"` //path of the PrivK file
-	PubK     string    `json:"pubK"`  //path of the PubK file
-	Date     time.Time `json:"date"`
-	Verified bool      `json:"verified"`
-	Signed   string    `json:"signed"`
+	ID             string         `json:"id"`
+	PrivK          string         `json:"privK"` //path of the PrivK file
+	PubK           string         `json:"pubK"`  //path of the PubK file
+	Date           time.Time      `json:"date"`
+	Hashed         []byte         `json:"hashed"`
+	UnblindedSig   []byte         `json:"unblindedsig"`
+	Verified       bool           `json:"verified"`
+	ServerVerifier *rsa.PublicKey `json:"serververifier"`
+}
+
+func ExportRsaPrivateKeyAsPemStr(privkey *rsa.PrivateKey) string {
+	privkey_bytes := x509.MarshalPKCS1PrivateKey(privkey)
+	privkey_pem := pem.EncodeToMemory(
+		&pem.Block{
+			Type:  "RSA PRIVATE KEY",
+			Bytes: privkey_bytes,
+		},
+	)
+	return string(privkey_pem)
+}
+
+func ParseRsaPrivateKeyFromPemStr(privPEM string) (*rsa.PrivateKey, error) {
+	block, _ := pem.Decode([]byte(privPEM))
+	if block == nil {
+		return nil, errors.New("failed to parse PEM block containing the key")
+	}
+	priv, err := x509.ParsePKCS1PrivateKey(block.Bytes)
+	if err != nil {
+		return nil, err
+	}
+	return priv, nil
+}
+
+func ExportRsaPublicKeyAsPemStr(pubkey rsa.PublicKey) (string, error) {
+	asn1Bytes, err := asn1.Marshal(pubkey)
+	check(err)
+	pubkey_pem := pem.EncodeToMemory(
+		&pem.Block{
+			Type:  "PUBLIC KEY",
+			Bytes: asn1Bytes,
+		},
+	)
+	color.Red("pubkey_pem")
+	fmt.Println(pubkey_pem)
+	return string(pubkey_pem), nil
+}
+
+func ParseRsaPublicKeyFromPemStr(pubPEM string) (pub rsa.PublicKey, err error) {
+	pemBlock, _ := pem.Decode([]byte(pubPEM))
+	_, err = asn1.Unmarshal(pemBlock.Bytes, &pub)
+	return
 }

 func savePEMKey(fileName string, key *rsa.PrivateKey) {
@@ -49,10 +98,20 @@ func savePublicPEMKey(fileName string, pubkey rsa.PublicKey) {
 	err = pem.Encode(pemfile, pemkey)
 	check(err)
 }
-func openPEMKey(path string) (key rsa.PrivateKey) {
+func openPEMKey(path string) (key *rsa.PrivateKey, err error) {
+	b, err := ioutil.ReadFile(path)
+	if err != nil {
+		fmt.Print(err)
+	}
+	key, err = ParseRsaPrivateKeyFromPemStr(string(b))
 	return
 }
-func openPublicPEMKey(path string) (key rsa.PublicKey) {
+func openPublicPEMKey(path string) (key rsa.PublicKey, err error) {
+	b, err := ioutil.ReadFile(path)
+	if err != nil {
+		fmt.Print(err)
+	}
+	key, err = ParseRsaPublicKeyFromPemStr(string(b))
 	return
 }
 func readKeys() []Key {
@@ -73,6 +132,16 @@ func saveKeys(keys []Key) {
 	err = ioutil.WriteFile(keysDir+"/keys.json", jsonKeys, 0644)
 	check(err)
 }
+func saveKey(k Key) {
+	fmt.Println(k)
+	keys := readKeys()
+	for i, key := range keys {
+		if key.ID == k.ID {
+			keys[i] = k
+		}
+	}
+	saveKeys(keys)
+}
 func getKeyByKeyID(keyID string) (k Key) {
 	keys := readKeys()
 	for _, key := range keys {