implementing with rsa library

7 years ago · 845746f000
18 changed files with 396 additions and 473 deletions
--- a/clientApp/.gitignore
+++ b/clientApp/.gitignore
@ -1 +1,2 @@
 keys.json
 keys
--- a/clientApp/GUI/views/main/main.html
+++ b/clientApp/GUI/views/main/main.html
@ -14,6 +14,11 @@
                            <div ng-click="newID()" class="btn btn-raised btn-block c_o_pink300">Create new ID</div>
                        </div>
                    </div>
                    <div class="row">
                        <div class="progress progress-striped" ng-show="generatingID">
                          <div class="progress-bar progress-bar-success active" style="width: 100%"></div>
                        </div>
                    </div>
                </div>
                <hr>
                <div class="card-body">
--- a/clientApp/GUI/views/main/main.js
+++ b/clientApp/GUI/views/main/main.js
@ -13,6 +13,7 @@ angular.module('app.main', ['ngRoute'])

        $rootScope.server = JSON.parse(localStorage.getItem("darkID_server"));

        $scope.generatingID = false;
        $scope.ids = [];
        $http.get(clientapi + 'ids')
            .then(function(data) {
@ -25,11 +26,13 @@ angular.module('app.main', ['ngRoute'])
            });

        $scope.newID = function() {
            $scope.generatingID = true;
            $http.get(clientapi + 'newid')
                .then(function(data) {
                    console.log('data success');
                    console.log(data);
                    $scope.ids = data.data;
                    $scope.generatingID = false;

                }, function(data) {
                    console.log('data error');
--- a/clientApp/clientApp.go
+++ b/clientApp/clientApp.go
@ -0,0 +1,97 @@
 package main

 import (
 	"bytes"
 	"crypto"
 	"crypto/rand"
 	"crypto/rsa"
 	"encoding/json"
 	"fmt"
 	"net/http"
 	"time"

 	"github.com/cryptoballot/fdh"
 	"github.com/cryptoballot/rsablind"
 )

 func IDs() []Key {
 	//read the keys stored in /keys directory
 	keys := readKeys()
 	return keys
 }
 func NewID() []Key {
 	//generate RSA keys pair
 	reader := rand.Reader
 	k, err := rsa.GenerateKey(reader, keysize)
 	check(err)

 	id := hash(time.Now().String())
 	savePEMKey(keysDir+"/"+id+"private.pem", k)
 	savePublicPEMKey(keysDir+"/"+id+"public.pem", k.PublicKey)

 	var key Key
 	key.ID = id
 	key.PrivK = id + "private.pem"
 	key.PubK = id + "public.pem"

 	key.Date = time.Now()
 	fmt.Println(key)

 	keys := readKeys()
 	keys = append(keys, key)
 	saveKeys(keys)
 	return keys
 }

 type AskBlindSign struct {
 	M []byte `json:"m"`
 }
 type SignResponse struct {
 	Sig  []byte        `json:"sig"`
 	PubK rsa.PublicKey `json:"pubK"`
 }

 func BlindAndSendToSign(keyID string) []byte {
 	//get the key
 	key := getKeyByKeyID(keyID)
 	//privK := openPEMKey(key.PrivK)
 	pubK := openPublicPEMKey(key.PubK)

 	//TODO pubK to string
 	m := []byte("pubK") //convert pubK to array of bytes
 	//blind the hashed message
 	// We do a SHA256 full-domain-hash expanded to 1536 bits (3/4 the key size)
 	hashed := fdh.Sum(crypto.SHA256, hashize, m)
 	blinded, unblinder, err := rsablind.Blind(&pubK, hashed)
 	if err != nil {
 		panic(err)
 	}
 	var askBlindSign AskBlindSign
 	askBlindSign.M = blinded
 	//send blinded to serverIDsigner
 	body := new(bytes.Buffer)
 	json.NewEncoder(body).Encode(askBlindSign)
 	res, err := http.Post(config.Server+"blindsign", "application/json", body)
 	check(err)
 	var signResponse SignResponse
 	decoder := json.NewDecoder(res.Body)
 	err = decoder.Decode(&signResponse)
 	if err != nil {
 		panic(err)
 	}
 	defer res.Body.Close()

 	sig := signResponse.Sig
 	serverPubK := signResponse.PubK

 	//unblind the signedblind
 	unblindedSig := rsablind.Unblind(&serverPubK, sig, unblinder)
 	fmt.Println(unblindedSig)

 	return unblindedSig
 }

 func Verify(packPubK string) {

 	return
 }
--- a/clientApp/clientAppRESTFunctions.go
+++ b/clientApp/clientAppRESTFunctions.go
@ -1,13 +1,10 @@
 package main

 import (
 	"bytes"
 	"encoding/json"
 	"fmt"
 	"net/http"
 	"time"

 	ownrsa "./ownrsa"
 	"github.com/fatih/color"
 	"github.com/gorilla/mux"
 )
@ -15,157 +12,48 @@ import (
 //TODO use rsa library instead own rsa functions

 func Index(w http.ResponseWriter, r *http.Request) {
 	fmt.Fprintln(w, "serverIDsigner")
 	fmt.Fprintln(w, "clientApp")
 }

 func GetServer(w http.ResponseWriter, r *http.Request) {
 	color.Green(config.Server)
 	fmt.Fprintln(w, config.Server)
 }
 func IDs(w http.ResponseWriter, r *http.Request) {
 	//read the keys stored in /keys directory
 	keys := readKeys("keys.json")
 	saveKeys(keys, "keys.json")
 func GetIDs(w http.ResponseWriter, r *http.Request) {
 	keys := IDs()

 	jResp, err := json.Marshal(keys)
 	check(err)
 	fmt.Fprintln(w, string(jResp))
 }
 func NewID(w http.ResponseWriter, r *http.Request) {
 	//generate RSA keys pair
 	newKey := ownrsa.GenerateKeyPair()
 func GetNewID(w http.ResponseWriter, r *http.Request) {
 	key := NewID()

 	key := ownrsa.PackKey(newKey)
 	key.Date = time.Now()
 	fmt.Println(key)

 	keys := readKeys("keys.json")
 	keys = append(keys, key)
 	saveKeys(keys, "keys.json")

 	jResp, err := json.Marshal(keys)
 	jResp, err := json.Marshal(key)
 	check(err)
 	fmt.Fprintln(w, string(jResp))
 }

 type AskBlindSign struct {
 	M string `json:"m"`
 }

 func BlindAndSendToSign(w http.ResponseWriter, r *http.Request) {
 func GetBlindAndSendToSign(w http.ResponseWriter, r *http.Request) {
 	vars := mux.Vars(r)
 	packPubK := vars["pubK"]
 	color.Green(packPubK)

 	//read the keys stored in /keys directory
 	keys := readKeys("keys.json")

 	var key ownrsa.RSA
 	//search for complete key
 	for _, k := range keys {
 		if k.PubK == packPubK {
 			key = ownrsa.UnpackKey(k)
 		}
 	}
 	//blind the key.PubK
 	var m []int
 	//convert packPubK to []bytes
 	mBytes := []byte(packPubK)
 	for _, byte := range mBytes {
 		m = append(m, int(byte))
 	}
 	rVal := 101
 	blinded := ownrsa.Blind(m, rVal, key.PubK, key.PrivK)
 	fmt.Println(blinded)

 	//convert blinded to string
 	var askBlindSign AskBlindSign
 	askBlindSign.M = ownrsa.ArrayIntToString(blinded, "_")

 	//send to the serverIDsigner the key.PubK blinded
 	color.Green(askBlindSign.M)
 	body := new(bytes.Buffer)
 	json.NewEncoder(body).Encode(askBlindSign)
 	res, err := http.Post(config.Server+"blindsign", "application/json", body)
 	check(err)
 	fmt.Println(res)

 	decoder := json.NewDecoder(res.Body)
 	//var sigmaString string
 	err = decoder.Decode(&askBlindSign)
 	if err != nil {
 		panic(err)
 	}
 	defer r.Body.Close()

 	fmt.Println("sigmaString")
 	fmt.Println(askBlindSign)
 	sigma := ownrsa.StringToArrayInt(askBlindSign.M, "_")
 	fmt.Println(sigma)

 	//get the serverIDsigner pubK
 	serverPubK := getServerPubK(config.Server)

 	//unblind the response
 	mSigned := ownrsa.Unblind(sigma, rVal, serverPubK)
 	fmt.Print("mSigned: ")
 	fmt.Println(mSigned)

 	verified := ownrsa.Verify(m, mSigned, serverPubK)
 	fmt.Println(verified)
 	idKey := vars["idKey"]
 	color.Green(idKey)

 	var iKey int
 	for i, k := range keys {
 		if k.PubK == packPubK {
 			iKey = i
 			//save to k the key updated
 			k.PubKSigned = ownrsa.ArrayIntToString(mSigned, "_")
 			k.Verified = verified
 		}
 		fmt.Println(k)
 	}
 	keys[iKey].PubKSigned = ownrsa.ArrayIntToString(mSigned, "_")
 	keys[iKey].Verified = verified
 	fmt.Println(keys)
 	saveKeys(keys, "keys.json")
 	unblindedSig := BlindAndSendToSign(idKey)

 	jResp, err := json.Marshal(keys)
 	jResp, err := json.Marshal(unblindedSig)
 	check(err)
 	fmt.Fprintln(w, string(jResp))
 }

 func Verify(w http.ResponseWriter, r *http.Request) {
 func GetVerify(w http.ResponseWriter, r *http.Request) {
 	vars := mux.Vars(r)
 	packPubK := vars["pubK"]
 	color.Green(packPubK)

 	//read the keys stored in /keys directory
 	keys := readKeys("keys.json")

 	var key ownrsa.PackRSA
 	//search for complete key
 	for _, k := range keys {
 		if k.PubK == packPubK {
 			key = k
 		}
 	}

 	//get the serverIDsigner pubK
 	serverPubK := getServerPubK(config.Server)
 	m := ownrsa.StringToArrayInt(key.PubK, "_")
 	mSigned := ownrsa.StringToArrayInt(key.PubKSigned, "_")

 	verified := ownrsa.Verify(m, mSigned, serverPubK)
 	fmt.Println(verified)

 	for _, k := range keys {
 		if k.PubK == packPubK {
 			//save to k the key updated
 			k.PubKSigned = ownrsa.ArrayIntToString(mSigned, "_")
 			k.Verified = verified
 		}
 	}
 	saveKeys(keys, "keys.json")
 	//keys := Verify(packPubK)
 	keys := "a"

 	jResp, err := json.Marshal(keys)
 	check(err)
--- a/clientApp/config.json
+++ b/clientApp/config.json
@ -1,5 +1,4 @@
 {
    "port": "4100",
    "keysDirectory": "keys",
    "server": "http://127.0.0.1:3130/"
 }
--- a/clientApp/hash.go
+++ b/clientApp/hash.go
@ -0,0 +1,12 @@
 package main

 import (
 	"crypto/sha256"
 	"encoding/base64"
 )

 func hash(s string) string {
 	h := sha256.New()
 	h.Write([]byte(s))
 	return base64.URLEncoding.EncodeToString(h.Sum(nil))
 }
--- a/clientApp/keys.go
+++ b/clientApp/keys.go
@ -1,17 +1,63 @@
 package main

 import (
 	"crypto/rsa"
 	"crypto/x509"
 	"encoding/asn1"
 	"encoding/json"
 	"fmt"
 	"encoding/pem"
 	"io/ioutil"
 	"net/http"

 	ownrsa "./ownrsa"
 	"github.com/fatih/color"
 	"os"
 	"time"
 )

 func readKeys(path string) []ownrsa.PackRSA {
 	var keys []ownrsa.PackRSA
 type Key struct {
 	ID       string    `json:"id"`
 	PrivK    string    `json:"privK"` //path of the PrivK file
 	PubK     string    `json:"pubK"`  //path of the PubK file
 	Date     time.Time `json:"date"`
 	Verified bool      `json:"verified"`
 	Signed   string    `json:"signed"`
 }

 func savePEMKey(fileName string, key *rsa.PrivateKey) {
 	outFile, err := os.Create(fileName)
 	check(err)
 	defer outFile.Close()

 	var privateKey = &pem.Block{
 		Type:  "PRIVATE KEY",
 		Bytes: x509.MarshalPKCS1PrivateKey(key),
 	}

 	err = pem.Encode(outFile, privateKey)
 	check(err)
 }
 func savePublicPEMKey(fileName string, pubkey rsa.PublicKey) {
 	asn1Bytes, err := asn1.Marshal(pubkey)
 	check(err)

 	var pemkey = &pem.Block{
 		Type:  "PUBLIC KEY",
 		Bytes: asn1Bytes,
 	}

 	pemfile, err := os.Create(fileName)
 	check(err)
 	defer pemfile.Close()

 	err = pem.Encode(pemfile, pemkey)
 	check(err)
 }
 func openPEMKey(path string) (key rsa.PrivateKey) {
 	return
 }
 func openPublicPEMKey(path string) (key rsa.PublicKey) {
 	return
 }
 func readKeys() []Key {
 	path := keysDir + "/keys.json"
 	var keys []Key

 	file, err := ioutil.ReadFile(path)
 	check(err)
@ -21,13 +67,23 @@ func readKeys(path string) []ownrsa.PackRSA {
 	return keys
 }

 func saveKeys(keys []ownrsa.PackRSA, path string) {
 func saveKeys(keys []Key) {
 	jsonKeys, err := json.Marshal(keys)
 	check(err)
 	err = ioutil.WriteFile(path, jsonKeys, 0644)
 	err = ioutil.WriteFile(keysDir+"/keys.json", jsonKeys, 0644)
 	check(err)
 }
 func getKeyByKeyID(keyID string) (k Key) {
 	keys := readKeys()
 	for _, key := range keys {
 		if key.ID == keyID {
 			k = key
 		}
 	}
 	return k
 }

 /*
 func getServerPubK(url string) ownrsa.RSAPublicKey {
 	r, err := http.Get(url + "/")
 	check(err)
@ -45,3 +101,4 @@ func getServerPubK(url string) ownrsa.RSAPublicKey {
 	fmt.Println(pubK)
 	return pubK
 }
 */
--- a/clientApp/main.go
+++ b/clientApp/main.go
@ -4,17 +4,25 @@ import (
 	"fmt"
 	"log"
 	"net/http"
 	"os"

 	"github.com/fatih/color"
 	"github.com/gorilla/handlers"
 )

 const keysDir = "keys"
 const keysize = 2048
 const hashize = 1536

 func main() {
 	color.Blue("Starting darkID clientApp")

 	readConfig("config.json")
 	fmt.Println(config)

 	//create models directory
 	_ = os.Mkdir(keysDir, os.ModePerm)

 	//run thw webserver
 	go GUI()

--- a/clientApp/ownrsa/prime.go
+++ b/clientApp/ownrsa/prime.go
@ -1,54 +0,0 @@
 package ownrsa

 import "math/rand"

 func randInt(min int, max int) int {
 	r := rand.Intn(max-min) + min
 	return r
 }
 func randPrime(min int, max int) int {
 	primes := sieveOfEratosthenes(max)

 	randN := rand.Intn(len(primes)-0) + 0

 	return primes[randN]

 }

 // return list of primes less than N
 func sieveOfEratosthenes(N int) (primes []int) {
 	b := make([]bool, N)
 	for i := 2; i < N; i++ {
 		if b[i] == true {
 			continue
 		}
 		primes = append(primes, i)
 		for k := i * i; k < N; k += i {
 			b[k] = true
 		}
 	}
 	return
 }

 func gcd(a, b int) int {
 	var bgcd func(a, b, res int) int

 	bgcd = func(a, b, res int) int {
 		switch {
 		case a == b:
 			return res * a
 		case a%2 == 0 && b%2 == 0:
 			return bgcd(a/2, b/2, 2*res)
 		case a%2 == 0:
 			return bgcd(a/2, b, res)
 		case b%2 == 0:
 			return bgcd(a, b/2, res)
 		case a > b:
 			return bgcd(a-b, b, res)
 		default:
 			return bgcd(a, b-a, res)
 		}
 	}

 	return bgcd(a, b, 1)
 }
--- a/clientApp/ownrsa/rsa.go
+++ b/clientApp/ownrsa/rsa.go
@ -1,229 +0,0 @@
 package ownrsa

 import (
 	"errors"
 	"fmt"
 	"math/big"
 	"math/rand"
 	"strconv"
 	"strings"
 	"time"
 )

 type RSAPublicKey struct {
 	E *big.Int `json:"e"`
 	N *big.Int `json:"n"`
 }
 type RSAPublicKeyString struct {
 	E string `json:"e"`
 	N string `json:"n"`
 }
 type RSAPrivateKey struct {
 	D *big.Int `json:"d"`
 	N *big.Int `json:"n"`
 }

 type RSA struct {
 	PubK  RSAPublicKey
 	PrivK RSAPrivateKey
 }

 type PackRSA struct {
 	PubK       string    `json:"pubK"`
 	PrivK      string    `json:"privK"`
 	Date       time.Time `json:"date"`
 	PubKSigned string    `json:"pubKSigned"`
 	Verified   bool      `json:"verified"`
 }

 const maxPrime = 500
 const minPrime = 100

 func GenerateKeyPair() RSA {

 	rand.Seed(time.Now().Unix())
 	p := randPrime(minPrime, maxPrime)
 	q := randPrime(minPrime, maxPrime)
 	fmt.Print("p:")
 	fmt.Println(p)
 	fmt.Print("q:")
 	fmt.Println(q)

 	n := p * q
 	phi := (p - 1) * (q - 1)
 	e := 65537
 	var pubK RSAPublicKey
 	pubK.E = big.NewInt(int64(e))
 	pubK.N = big.NewInt(int64(n))

 	d := new(big.Int).ModInverse(big.NewInt(int64(e)), big.NewInt(int64(phi)))

 	var privK RSAPrivateKey
 	privK.D = d
 	privK.N = big.NewInt(int64(n))

 	var rsa RSA
 	rsa.PubK = pubK
 	rsa.PrivK = privK
 	return rsa
 }
 func Encrypt(m string, pubK RSAPublicKey) []int {
 	var c []int
 	mBytes := []byte(m)
 	for _, byte := range mBytes {
 		c = append(c, EncryptInt(int(byte), pubK))
 	}
 	return c
 }
 func Decrypt(c []int, privK RSAPrivateKey) string {
 	var m string
 	var mBytes []byte
 	for _, indC := range c {
 		mBytes = append(mBytes, byte(DecryptInt(indC, privK)))
 	}
 	m = string(mBytes)
 	return m
 }

 func EncryptBigInt(bigint *big.Int, pubK RSAPublicKey) *big.Int {
 	Me := new(big.Int).Exp(bigint, pubK.E, nil)
 	c := new(big.Int).Mod(Me, pubK.N)
 	return c
 }
 func DecryptBigInt(bigint *big.Int, privK RSAPrivateKey) *big.Int {
 	Cd := new(big.Int).Exp(bigint, privK.D, nil)
 	m := new(big.Int).Mod(Cd, privK.N)
 	return m
 }

 func EncryptInt(char int, pubK RSAPublicKey) int {
 	charBig := big.NewInt(int64(char))
 	Me := charBig.Exp(charBig, pubK.E, nil)
 	c := Me.Mod(Me, pubK.N)
 	return int(c.Int64())
 }
 func DecryptInt(val int, privK RSAPrivateKey) int {
 	valBig := big.NewInt(int64(val))
 	Cd := valBig.Exp(valBig, privK.D, nil)
 	m := Cd.Mod(Cd, privK.N)
 	return int(m.Int64())
 }

 func Blind(m []int, r int, pubK RSAPublicKey, privK RSAPrivateKey) []int {
 	var mBlinded []int
 	rBigInt := big.NewInt(int64(r))
 	for i := 0; i < len(m); i++ {
 		mBigInt := big.NewInt(int64(m[i]))
 		rE := new(big.Int).Exp(rBigInt, pubK.E, nil)
 		mrE := new(big.Int).Mul(mBigInt, rE)
 		mrEmodN := new(big.Int).Mod(mrE, privK.N)
 		mBlinded = append(mBlinded, int(mrEmodN.Int64()))
 	}
 	return mBlinded
 }

 func BlindSign(m []int, privK RSAPrivateKey) []int {
 	var r []int
 	for i := 0; i < len(m); i++ {
 		mBigInt := big.NewInt(int64(m[i]))
 		sigma := new(big.Int).Exp(mBigInt, privK.D, privK.N)
 		r = append(r, int(sigma.Int64()))
 	}
 	return r
 }
 func Unblind(blindsigned []int, r int, pubK RSAPublicKey) []int {
 	var mSigned []int
 	rBigInt := big.NewInt(int64(r))
 	for i := 0; i < len(blindsigned); i++ {
 		bsBigInt := big.NewInt(int64(blindsigned[i]))
 		//r1 := new(big.Int).Exp(rBigInt, big.NewInt(int64(-1)), nil)
 		r1 := new(big.Int).ModInverse(rBigInt, pubK.N)
 		bsr := new(big.Int).Mul(bsBigInt, r1)
 		sig := new(big.Int).Mod(bsr, pubK.N)
 		mSigned = append(mSigned, int(sig.Int64()))
 	}
 	return mSigned
 }
 func Verify(msg []int, mSigned []int, pubK RSAPublicKey) bool {
 	if len(msg) != len(mSigned) {
 		return false
 	}
 	var mSignedDecrypted []int
 	for _, ms := range mSigned {
 		msBig := big.NewInt(int64(ms))
 		//decrypt the mSigned with pubK
 		Cd := new(big.Int).Exp(msBig, pubK.E, nil)
 		m := new(big.Int).Mod(Cd, pubK.N)
 		mSignedDecrypted = append(mSignedDecrypted, int(m.Int64()))
 	}
 	fmt.Print("msg signed decrypted: ")
 	fmt.Println(mSignedDecrypted)
 	r := true
 	//check if the mSignedDecrypted == msg
 	for i := 0; i < len(msg); i++ {
 		if msg[i] != mSignedDecrypted[i] {
 			r = false
 		}
 	}
 	return r
 }

 func HomomorphicMultiplication(c1 int, c2 int, pubK RSAPublicKey) int {
 	c1BigInt := big.NewInt(int64(c1))
 	c2BigInt := big.NewInt(int64(c2))
 	c1c2 := new(big.Int).Mul(c1BigInt, c2BigInt)
 	n2 := new(big.Int).Mul(pubK.N, pubK.N)
 	d := new(big.Int).Mod(c1c2, n2)
 	r := int(d.Int64())
 	return r
 }

 func PubKStringToBigInt(kS RSAPublicKeyString) (RSAPublicKey, error) {
 	var k RSAPublicKey
 	var ok bool
 	k.E, ok = new(big.Int).SetString(kS.E, 10)
 	if !ok {
 		return k, errors.New("error parsing big int E")
 	}
 	k.N, ok = new(big.Int).SetString(kS.N, 10)
 	if !ok {
 		return k, errors.New("error parsing big int N")
 	}
 	return k, nil
 }

 func PackKey(k RSA) PackRSA {
 	var p PackRSA
 	p.PubK = k.PubK.E.String() + "," + k.PubK.N.String()
 	p.PrivK = k.PrivK.D.String() + "," + k.PrivK.N.String()
 	return p
 }

 func UnpackKey(p PackRSA) RSA {
 	var k RSA
 	var ok bool
 	k.PubK.E, ok = new(big.Int).SetString(strings.Split(p.PubK, ",")[0], 10)
 	k.PubK.N, ok = new(big.Int).SetString(strings.Split(p.PubK, ",")[1], 10)
 	k.PrivK.D, ok = new(big.Int).SetString(strings.Split(p.PrivK, ",")[0], 10)
 	k.PrivK.N, ok = new(big.Int).SetString(strings.Split(p.PrivK, ",")[1], 10)
 	if !ok {
 		fmt.Println("error on Unpacking Keys")
 	}
 	return k
 }

 func ArrayIntToString(a []int, delim string) string {
 	return strings.Trim(strings.Replace(fmt.Sprint(a), " ", delim, -1), "[]")
 }
 func StringToArrayInt(s string, delim string) []int {
 	var a []int
 	arrayString := strings.Split(s, delim)
 	for _, s := range arrayString {
 		i, err := strconv.Atoi(s)
 		if err != nil {
 			fmt.Println(err)
 		}
 		a = append(a, i)
 	}
 	return a
 }
--- a/clientApp/readConfig.go
+++ b/clientApp/readConfig.go
@ -7,9 +7,8 @@ import (

 //Config reads the config
 type Config struct {
 	Port          string `json:"port"`
 	KeysDirectory string `json:"keysDirectory"`
 	Server        string `json:"server"`
 	Port   string `json:"port"`
 	Server string `json:"server"`
 }

 var config Config
--- a/clientApp/restRoutes.go
+++ b/clientApp/restRoutes.go
@ -16,27 +16,27 @@ var routes = Routes{
 		GetServer,
 	},
 	Route{
 		"IDs",
 		"GetIDs",
 		"GET",
 		"/ids",
 		IDs,
 		GetIDs,
 	},
 	Route{
 		"NewID",
 		"GetNewID",
 		"GET",
 		"/newid",
 		NewID,
 		GetNewID,
 	},
 	Route{
 		"BlindAndSendToSign",
 		"GetBlindAndSendToSign",
 		"GET",
 		"/blindandsendtosign/{pubK}",
 		BlindAndSendToSign,
 		"/blindandsendtosign/{idKey}",
 		GetBlindAndSendToSign,
 	},
 	Route{
 		"Verify",
 		"GetVerify",
 		"GET",
 		"/verify/{pubK}",
 		Verify,
 		"/verify/{idKey}",
 		GetVerify,
 	},
 }
--- a/serverIDsigner/keys.go
+++ b/serverIDsigner/keys.go
@ -0,0 +1,104 @@
 package main

 import (
 	"crypto/rsa"
 	"crypto/x509"
 	"encoding/asn1"
 	"encoding/json"
 	"encoding/pem"
 	"io/ioutil"
 	"os"
 	"time"
 )

 type Key struct {
 	ID       string    `json:"id"`
 	PrivK    string    `json:"privK"` //path of the PrivK file
 	PubK     string    `json:"pubK"`  //path of the PubK file
 	Date     time.Time `json:"date"`
 	Verified bool      `json:"verified"`
 	Signed   string    `json:"signed"`
 }

 func savePEMKey(fileName string, key *rsa.PrivateKey) {
 	outFile, err := os.Create(fileName)
 	check(err)
 	defer outFile.Close()

 	var privateKey = &pem.Block{
 		Type:  "PRIVATE KEY",
 		Bytes: x509.MarshalPKCS1PrivateKey(key),
 	}

 	err = pem.Encode(outFile, privateKey)
 	check(err)
 }
 func savePublicPEMKey(fileName string, pubkey rsa.PublicKey) {
 	asn1Bytes, err := asn1.Marshal(pubkey)
 	check(err)

 	var pemkey = &pem.Block{
 		Type:  "PUBLIC KEY",
 		Bytes: asn1Bytes,
 	}

 	pemfile, err := os.Create(fileName)
 	check(err)
 	defer pemfile.Close()

 	err = pem.Encode(pemfile, pemkey)
 	check(err)
 }
 func openPEMKey(path string) (key rsa.PrivateKey) {
 	return
 }
 func openPublicPEMKey(path string) (key rsa.PublicKey) {
 	return
 }
 func readKeys() []Key {
 	path := keysDir + "/keys.json"
 	var keys []Key

 	file, err := ioutil.ReadFile(path)
 	check(err)
 	content := string(file)
 	json.Unmarshal([]byte(content), &keys)

 	return keys
 }

 func saveKeys(keys []Key) {
 	jsonKeys, err := json.Marshal(keys)
 	check(err)
 	err = ioutil.WriteFile(keysDir+"/keys.json", jsonKeys, 0644)
 	check(err)
 }
 func getKeyByKeyID(keyID string) (k Key) {
 	keys := readKeys()
 	for _, key := range keys {
 		if key.ID == keyID {
 			k = key
 		}
 	}
 	return k
 }

 /*
 func getServerPubK(url string) ownrsa.RSAPublicKey {
 	r, err := http.Get(url + "/")
 	check(err)
 	fmt.Println(r)

 	decoder := json.NewDecoder(r.Body)
 	//var sigmaString string
 	var pubK ownrsa.RSAPublicKey
 	err = decoder.Decode(&pubK)
 	if err != nil {
 		panic(err)
 	}
 	defer r.Body.Close()
 	color.Blue("received server pubK:")
 	fmt.Println(pubK)
 	return pubK
 }
 */
--- a/serverIDsigner/keys/server_private.pem
+++ b/serverIDsigner/keys/server_private.pem
@ -0,0 +1,27 @@
 -----BEGIN PRIVATE KEY-----
 MIIEpQIBAAKCAQEA061q3ahXEG9rHf/uekmIk4fSvtG8p7OwkjP3PlafFjxeA4BS
 8dkjPUEboXMftQCFrzWc5nLyQR4Ig5xMzjaEbQv/JBdpP/E1nl+fC6ca45Rov0OE
 7OQrDyEPb1qNJ3uQmh+N9ZvTLNndT3bBxtBfmIRyMq+78mMumzNvFbx6zfNpwv9T
 HDgBnfZoAZ7gpIZeKn/yFasQmzFwpy9hfqZ21SCL7GmiU+nAz2TxtyFkUttMeIxD
 gSSKLYxzt6mKdElNv0K97tBU1eRaXz4hpq/I0dtmcidrS/45MtXij6wO1agIvnH+
 pygSI5QF3rE+lVYaDuKJZ6QBvnNEF9/cu7j/ZQIDAQABAoIBAQDAP+apPnUkpi0B
 aCqtwg9a/qb3TAItxdN+VdgeNAn05gr03x12LiIFRhbUQXzwpXLFOMoxuwAvCBnv
 fot7VqRbbePiYajjvC1Yk7wdlz2iqG2iGK6ngGtjKEGefv1oeJ9Se4oxIb9gItcP
 jupbqXDJUrFtO5JViKMRrlsbwL1AQkWafiBJyfaeO9f6fikrv9dWJCE/wDN6F4XB
 cVZj30GzBVpLfq6cuP1I7o1txNdRivPza4S6zufy53CfkFqsyjehFfvmlMCK+6/p
 6EDd1pag3tfr/+1k1BGKwSgQyOBUYWS3FwW9J6wMm6bkUFmhAgJhl/cQmOPTas1/
 5OQxmaqZAoGBANthrMTPuMefYypKxbb+AxURpe09W+AVxm3PjtaOWkGKYIKFZD/+
 q4t9Jgc6H8vj92XMC7fsE8W9hJa5btTvvHzhLp+5lxxpO9idh2E7whFf7JpVs4aZ
 8WhITZKiOja5sMXe0u8/L2zLN8ANmHo4Yh87pKd+DvNYaANYTQxtxvLfAoGBAPcC
 iiwQ4FtlBXba305NqOwwPg126+Jl1hZ1gECHAPpnB05cIq584dDPEW2Crqs3zYEG
 JyvXmAdB+GqVgY2OpRJDCB05kIzevDFSiu4wE7WA2/tMHcP4hNGtnG/iOUyiHPMq
 pdxWDCq7pyvZELl8CHsL1PZ1uVZKqVnn4VBbt7o7AoGBAMRZ4slwZaD9rkLvE5Ea
 PmYAGrOAxJeGxcgJCn5MgMnCcWjAvR5t8NnzFDNJuaXCju5kt2RRfszwOBizNViO
 jfRzk0hQUsiSA4d4TvAfDS6B3YGxDPJ/HEtK02tXmaTbhDVFnyOVOPw10tspD/zs
 NB5iQpfKwtTYnpfH04Y5RuSfAoGAMVzfkgjZXUpl+iepYrOgY3sMm5I9d6QUUa6v
 r7WLG3+FdUJyZ95rHliTSghIsczYE8XQBDH0ntavN1Wja0+ra2fb8kMzwQMuJskx
 HIKdHbOfwqumcyhyGpkQX0edXdQz5uCJ/utvSQbxVJDvh7Hi2/w0VgCWxkjraR0u
 6Ok7YUsCgYEAjiJng9gj3GGZ6noBZ+lcK2VU839yExkJzj68lBzviMeD0kuyVN7R
 fNpUOtjgR1a2paJLyXFq2a2AyhakA6r87GGGAGW3o6TCEw3jTXcc2L3CX113Ee5N
 DbXbE9rXB8OT0q/x1ugoel+nFQMW+wwAigMl50DcENczyStJNQoXP9I=
 -----END PRIVATE KEY-----
--- a/serverIDsigner/keys/server_public.pem
+++ b/serverIDsigner/keys/server_public.pem
@ -0,0 +1,8 @@
 -----BEGIN PUBLIC KEY-----
 MIIBCgKCAQEA061q3ahXEG9rHf/uekmIk4fSvtG8p7OwkjP3PlafFjxeA4BS8dkj
 PUEboXMftQCFrzWc5nLyQR4Ig5xMzjaEbQv/JBdpP/E1nl+fC6ca45Rov0OE7OQr
 DyEPb1qNJ3uQmh+N9ZvTLNndT3bBxtBfmIRyMq+78mMumzNvFbx6zfNpwv9THDgB
 nfZoAZ7gpIZeKn/yFasQmzFwpy9hfqZ21SCL7GmiU+nAz2TxtyFkUttMeIxDgSSK
 LYxzt6mKdElNv0K97tBU1eRaXz4hpq/I0dtmcidrS/45MtXij6wO1agIvnH+pygS
 I5QF3rE+lVYaDuKJZ6QBvnNEF9/cu7j/ZQIDAQAB
 -----END PUBLIC KEY-----
--- a/serverIDsigner/main.go
+++ b/serverIDsigner/main.go
@ -1,21 +1,25 @@
 package main

 import (
 	"fmt"
 	"crypto/rand"
 	"crypto/rsa"
 	"log"
 	"net/http"
 	"os"

 	mgo "gopkg.in/mgo.v2"

 	"github.com/fatih/color"
 	"github.com/gorilla/handlers"

 	ownrsa "./ownrsa"
 )

 const keysDir = "keys"
 const keysize = 2048
 const hashize = 1536

 var userCollection *mgo.Collection

 var serverRSA ownrsa.RSA
 var serverKey *rsa.PrivateKey

 func main() {
 	color.Blue("Starting serverIDsigner")
@ -23,14 +27,20 @@ func main() {
 	//read configuration file
 	readConfig("config.json")

 	//create models directory
 	_ = os.Mkdir(keysDir, os.ModePerm)

 	initializeToken()

 	//initialize RSA
 	serverRSA = ownrsa.GenerateKeyPair()
 	color.Blue("Public Key:")
 	fmt.Println(serverRSA.PubK)
 	color.Green("Private Key:")
 	fmt.Println(serverRSA.PrivK)
 	//generate RSA keys pair
 	reader := rand.Reader
 	k, err := rsa.GenerateKey(reader, keysize)
 	check(err)
 	serverKey = k

 	savePEMKey(keysDir+"/server_private.pem", k)
 	savePublicPEMKey(keysDir+"/server_public.pem", k.PublicKey)

 	//mongodb
 	session, err := getSession()
--- a/serverIDsigner/userRESTFunctions.go
+++ b/serverIDsigner/userRESTFunctions.go
@ -1,16 +1,15 @@
 package main

 import (
 	"crypto/rsa"
 	"encoding/json"
 	"fmt"
 	"net/http"
 	"strconv"
 	"strings"

 	"github.com/fatih/color"
 	"github.com/cryptoballot/rsablind"
 	"gopkg.in/mgo.v2/bson"

 	ownrsa "./ownrsa"
 )

 type User struct {
@ -23,7 +22,7 @@ type User struct {
 func Index(w http.ResponseWriter, r *http.Request) {
 	//TODO return the public key, to allow others verifign signed strings by this server

 	jResp, err := json.Marshal(serverRSA.PubK)
 	jResp, err := json.Marshal("a")
 	if err != nil {
 		panic(err)
 	}
@ -103,9 +102,11 @@ type Sign struct {
 }

 type AskBlindSign struct {
 	/*PubKString ownrsa.RSAPublicKeyString `json:"pubKstring"`
 	PubK       ownrsa.RSAPublicKey       `json:"pubK"`*/
 	M string `json:"m"`
 	M []byte `json:"m"`
 }
 type SignResponse struct {
 	Sig  []byte        `json:"sig"`
 	PubK rsa.PublicKey `json:"pubK"`
 }

 func BlindSign(w http.ResponseWriter, r *http.Request) {
@ -116,38 +117,25 @@ func BlindSign(w http.ResponseWriter, r *http.Request) {
 		panic(err)
 	}
 	defer r.Body.Close()
 	color.Red(askBlindSign.M)
 	fmt.Println(askBlindSign)
 	blinded := askBlindSign.M

 	/*fmt.Println(askBlindSign)
 	askBlindSign.PubK, err = ownrsa.PubKStringToBigInt(askBlindSign.PubKString)
 	if err != nil {
 		fmt.Fprintln(w, "error")
 		return
 	}*/

 	//convert msg to []int
 	/*var m []int
 	mBytes := []byte(askBlindSign.M)
 	for _, byte := range mBytes {
 		m = append(m, int(byte))
 	}*/

 	m := ownrsa.StringToArrayInt(askBlindSign.M, "_")

 	sigma := ownrsa.BlindSign(m, serverRSA.PrivK) //here the privK will be the CA privK, not the m emmiter's one. The pubK is the user's one
 	fmt.Print("Sigma': ")
 	fmt.Println(sigma)
 	sigmaString := ownrsa.ArrayIntToString(sigma, "_")
 	askBlindSign.M = sigmaString
 	/*privK := openPEMKey(keysDir + "/server_private.pem")
 	pubK := openPublicPEMKey(keysDir + "/server_public.pem")*/
 	sig, err := rsablind.BlindSign(serverKey, blinded)
 	check(err)
 	var signResponse SignResponse
 	signResponse.Sig = sig
 	signResponse.PubK = serverKey.PublicKey

 	jResp, err := json.Marshal(askBlindSign)
 	jResp, err := json.Marshal(signResponse)
 	if err != nil {
 		panic(err)
 	}
 	fmt.Fprintln(w, string(jResp))
 }

 //TODO verifysign will not be necessary in this server
 type PetitionVerifySign struct {
 	M       string `json:"m"`
 	MSigned string `json:"mSigned"`
@ -180,7 +168,7 @@ func VerifySign(w http.ResponseWriter, r *http.Request) {
 		mSignedInts = append(mSignedInts, i)
 	}

 	verified := ownrsa.Verify(mOriginal, mSignedInts, serverRSA.PubK)

 	//verified := ownrsa.Verify(mOriginal, mSignedInts, serverRSA.PubK)
 	verified := false
 	fmt.Fprintln(w, verified)
 }