darkID-prototype/clientApp/clientApp.go

package main

import (
	"bytes"
	"crypto"
	"crypto/rand"
	"crypto/rsa"
	"crypto/sha1"
	"encoding/json"
	"fmt"
	"net/http"
	"os/exec"
	"time"

	"github.com/cryptoballot/fdh"
	"github.com/cryptoballot/rsablind"
	"github.com/fatih/color"
)

func IDs() []Key {
	//read the keys stored in /keys directory
	keys := readKeys()
	return keys
}
func NewID() []Key {
	//generate RSA keys pair
	reader := rand.Reader
	k, err := rsa.GenerateKey(reader, keysize)
	check(err)

	id := hash(time.Now().String())
	savePEMKey(keysDir+"/"+id+"private.pem", k)
	savePublicPEMKey(keysDir+"/"+id+"public.pem", k.PublicKey)

	var key Key
	key.ID = id
	key.PrivK = id + "private.pem"
	key.PubK = id + "public.pem"

	key.Date = time.Now()
	fmt.Println(key)

	keys := readKeys()
	keys = append(keys, key)
	saveKeys(keys)
	return keys
}

type AskBlindSign struct {
	M []byte `json:"m"`
}
type SignResponse struct {
	Sig  []byte        `json:"sig"`
	PubK rsa.PublicKey `json:"pubK"`
}

func BlindAndSendToSign(keyID string) []Key {
	//get the key
	key := getKeyByKeyID(keyID)
	//privK := openPEMKey(key.PrivK)
	pubK, err := openPublicPEMKey(keysDir + "/" + key.PubK)
	check(err)

	//pubK to string
	m, err := ExportRsaPublicKeyAsPemStr(pubK)
	check(err)
	mB := []byte(m)

	//get serverPubK
	var serverPubK *rsa.PublicKey
	res, err := http.Get(config.Server)
	check(err)
	decoder := json.NewDecoder(res.Body)
	err = decoder.Decode(&serverPubK)
	if err != nil {
		panic(err)
	}
	defer res.Body.Close()

	//blind the hashed message
	// We do a SHA256 full-domain-hash expanded to 1536 bits (3/4 the key size)
	hashed := fdh.Sum(crypto.SHA256, hashize, mB)
	blinded, unblinder, err := rsablind.Blind(serverPubK, hashed)
	if err != nil {
		panic(err)
	}
	var askBlindSign AskBlindSign
	askBlindSign.M = blinded
	//send blinded to serverIDsigner
	body := new(bytes.Buffer)
	json.NewEncoder(body).Encode(askBlindSign)
	res, err = http.Post(config.Server+"blindsign", "application/json", body)
	check(err)
	var signResponse SignResponse
	decoder = json.NewDecoder(res.Body)
	err = decoder.Decode(&signResponse)
	if err != nil {
		panic(err)
	}
	defer res.Body.Close()

	sig := signResponse.Sig
	//serverPubK := signResponse.PubK

	//unblind the signedblind
	unblindedSig := rsablind.Unblind(serverPubK, sig, unblinder)
	color.Green("unblindedSig")
	fmt.Println(unblindedSig)

	// Verify the original hashed message against the unblinded signature
	if err := rsablind.VerifyBlindSignature(serverPubK, hashed, unblindedSig); err != nil {
		fmt.Println(err)
	} else {
		color.Green("blind signature verified")
		key.Verified = true
	}
	key.UnblindedSig = unblindedSig
	key.Hashed = hashed
	key.ServerVerifier = serverPubK
	saveKey(key)
	keys := readKeys()
	return keys
}

func Verify(packPubK string) {

	return
}

func Delete(keyID string) []Key {
	originalKeys := readKeys()
	//remove key .pem files
	key := getKeyByKeyID(keyID)
	_, err := exec.Command("rm", keysDir+"/"+key.PrivK).CombinedOutput()
	check(err)
	_, err = exec.Command("rm", keysDir+"/"+key.PubK).CombinedOutput()
	check(err)

	//remove key from keys.json
	keys := removeKey(keyID, originalKeys)
	saveKeys(keys)
	return keys
}

func Encrypt(keyID string, encryptData EncryptData) EncryptData {
	key := getKeyByKeyID(keyID)
	pubK, err := openPublicPEMKey(keysDir + "/" + key.PubK)
	check(err)
	out, err := rsa.EncryptOAEP(sha1.New(), rand.Reader, &pubK, []byte(encryptData.M), []byte("orders"))
	check(err)
	fmt.Println(string(out))
	encryptData.C = out
	return encryptData
}

func Decrypt(keyID string, encryptData EncryptData) EncryptData {
	key := getKeyByKeyID(keyID)
	privK, err := openPEMKey(keysDir + "/" + key.PrivK)
	check(err)
	out, err := rsa.DecryptOAEP(sha1.New(), rand.Reader, privK, []byte(encryptData.C), []byte("orders"))
	check(err)
	fmt.Println(string(out))
	encryptData.M = string(out)
	return encryptData
}