diff --git a/trial4/KeyGen.c b/trial4/KeyGen.c
index 0958bd0..c287564 100644
--- a/trial4/KeyGen.c
+++ b/trial4/KeyGen.c
@@ -37,6 +37,8 @@ Every key derivation should start with a new KD contxt
 **/
 
 /*
+
+/////////////////////////////////////TODO////////////////////
 void cleanup()
 {
 	mbedtls_entropy_free(&entropyCtx);
@@ -133,19 +135,8 @@ DIMASTATUS AsymmKeyGen(KeyDrv_context * KD_ctx)
 if(DEBUG)
 	printf("PASS 1\n");
 
-	mbedtls_pk_context key_ctx;
-	mbedtls_pk_init(&key_ctx);
-/*
-	mbedtls_mpi N, P, Q, D, E, DP, DQ, QP;
-	mbedtls_mpi_init( &N ); 
-	mbedtls_mpi_init( &P ); 
-	mbedtls_mpi_init( &Q );
-	mbedtls_mpi_init( &D ); 
-	mbedtls_mpi_init( &E ); 
-	mbedtls_mpi_init( &DP );
-	mbedtls_mpi_init( &DQ ); 
-	mbedtls_mpi_init( &QP );
-*/
+	mbedtls_pk_context pkey_ctx;
+	mbedtls_pk_init(&pkey_ctx);
 
 	//assign entropy source and derive seed for key gen
 
@@ -207,7 +198,7 @@ if(DEBUG)
 
 	if(KD_ctx->PKC_MODE == isECC)
 	{
-		ret = mbedtls_pk_setup(&key_ctx,mbedtls_pk_info_from_type((mbedtls_pk_type_t)MBEDTLS_PK_ECKEY));
+		ret = mbedtls_pk_setup(&pkey_ctx,mbedtls_pk_info_from_type((mbedtls_pk_type_t)MBEDTLS_PK_ECKEY));
 		if(ret < DIMASUCCESS)
 		{
 			perror("DIMAPKFAILURE\n");
@@ -215,7 +206,7 @@ if(DEBUG)
 			exit(DIMAPKFAILURE);
 		}
 
-		ret = mbedtls_ecp_gen_key( (mbedtls_ecp_group_id) ECC_CURVE, mbedtls_pk_ec( key_ctx ), 
+		ret = mbedtls_ecp_gen_key( (mbedtls_ecp_group_id) ECC_CURVE, mbedtls_pk_ec( pkey_ctx ), 
 									mbedtls_ctr_drbg_random, &drbgCtx );
 		if(ret < DIMASUCCESS)
 		{
@@ -224,9 +215,9 @@ if(DEBUG)
 			exit(DIMAECCFAILURE);
 		}
 
-		if( mbedtls_pk_get_type( &key_ctx ) == MBEDTLS_PK_ECKEY )
+		if( mbedtls_pk_get_type( &pkey_ctx ) == MBEDTLS_PK_ECKEY )
     	{
-        	mbedtls_ecp_keypair *ecp = mbedtls_pk_ec( key_ctx );
+        	mbedtls_ecp_keypair *ecp = mbedtls_pk_ec( pkey_ctx );
         	if(DEBUG)
         	{
 				printf( "curve: %s\n", mbedtls_ecp_curve_info_from_grp_id( ecp->grp.id )->name );
@@ -259,7 +250,7 @@ if(DEBUG)
 		mbedtls_mpi_init( &DQ ); 
 		mbedtls_mpi_init( &QP );
     	
-    	ret = mbedtls_pk_setup(&key_ctx, mbedtls_pk_info_from_type((mbedtls_pk_type_t) MBEDTLS_PK_RSA));
+    	ret = mbedtls_pk_setup(&pkey_ctx, mbedtls_pk_info_from_type((mbedtls_pk_type_t) MBEDTLS_PK_RSA));
     	if(ret < DIMASUCCESS)
 		{
 			perror("DIMAPKFAILURE\n");
@@ -267,7 +258,7 @@ if(DEBUG)
 			exit(DIMAPKFAILURE);
 		}
 
-		ret = mbedtls_rsa_gen_key( mbedtls_pk_rsa( key_ctx ), mbedtls_ctr_drbg_random, &drbgCtx, RSA_SIZE, RSA_EXP );
+		ret = mbedtls_rsa_gen_key( mbedtls_pk_rsa( pkey_ctx ), mbedtls_ctr_drbg_random, &drbgCtx, RSA_SIZE, RSA_EXP );
 		if(ret < DIMASUCCESS)
 		{
 			perror("DIMARSAFAILURE\n");
@@ -275,9 +266,9 @@ if(DEBUG)
 			exit(DIMARSAFAILURE);
 		}
 
-		if( mbedtls_pk_get_type( &key_ctx ) == MBEDTLS_PK_RSA )
+		if( mbedtls_pk_get_type( &pkey_ctx ) == MBEDTLS_PK_RSA )
     	{
-        	mbedtls_rsa_context *rsa = mbedtls_pk_rsa( key_ctx );
+        	mbedtls_rsa_context *rsa = mbedtls_pk_rsa( pkey_ctx );
 
         	if( ( ret = mbedtls_rsa_export    ( rsa, &N, &P, &Q, &D, &E ) ) != 0 ||
             	( ret = mbedtls_rsa_export_crt( rsa, &DP, &DQ, &QP ) )      != 0 )
@@ -306,12 +297,150 @@ if(DEBUG)
 		exit(DIMAINVALIDSTATE);
     }
 
+    ret = WritePrivKey(KD_ctx,&pkey_ctx);
 
 
+    ret = WritePubKey(KD_ctx, &pkey_ctx);
 
+    ////////////////////////////TODO///////////////////////////
     //free block
 
     return DIMASUCCESS;
 }
 
+//#define DFL_PUB		"keys/DID_pub." DFL_FORM
+//#define DFL_PRIV		"SecureStorage/DID_priv" DFL_FORM
 
+DIMASTATUS WritePrivKey(KeyDrv_context * KD_ctx, mbedtls_pk_context * pkey_ctx)
+{
+	DIMASTATUS ret = 0;
+	int i = 0;
+	size_t	len;
+	FILE *fp;
+	unsigned char dest_file[50];
+	unsigned char * outbuf = calloc(1,sizeof(unsigned char)*KEY_BUF_SIZE);
+
+
+	if(strcmp(KD_ctx -> phrase, IDENTITY))
+	{
+		if(DEBUG)
+		{
+			printf("Private DID key should be stored only inside secure storage.\n");
+		}
+		//codeblock to check existance of SS. 
+		//return with warning otherwise
+		//exit?
+		//////////////////////////////TODO///////////////////
+
+
+		strcpy(dest_file,"SecureStorage/");
+		}
+	else
+	{
+		strcpy(dest_file,"keys/");
+	}
+
+printf("%s,%s\n",KD_ctx->phrase,IDENTITY );
+	strcat(dest_file, KD_ctx->phrase);
+	strcat(dest_file, "_priv");
+
+	if(KD_ctx->KEY_FORM == PEM)
+	{
+		strcat(dest_file, ".pem");
+		//write pem does not return no of bytes written....stupid
+		len = mbedtls_pk_write_key_pem(pkey_ctx, outbuf, KEY_BUF_SIZE);	
+		if(len < 0)
+		{
+			perror("DIMAOUTPUTERROR:");
+			return(DIMAOUTPUTERROR);
+		}
+	}
+	else if(KD_ctx->KEY_FORM == DER)
+	{
+		strcat(dest_file, ".der");
+		len = mbedtls_pk_write_key_der(pkey_ctx, outbuf, KEY_BUF_SIZE);
+		if(len < 0)
+		{
+			perror("DIMAOUTPUTERROR:");
+			return(DIMAOUTPUTERROR);
+		}
+	}
+	else
+	{
+		perror("DIMAINVALIDSTATE : Check key format in Key Derivation struct\n");
+		//cleanup();
+		exit(DIMAINVALIDSTATE);
+	}
+
+	len = strlen( (char *) outbuf );
+
+	if( ( fp = fopen( dest_file, "w" ) ) == NULL )
+	{
+		perror("DIMAOUTPUTERROR: ");
+		return(DIMAOUTPUTERROR);
+	}
+
+    fwrite( outbuf, 1, len, fp );
+    fclose( fp );
+
+    return(DIMASUCCESS);
+
+}
+
+
+DIMASTATUS WritePubKey(KeyDrv_context * KD_ctx, mbedtls_pk_context * pkey_ctx)
+{
+	DIMASTATUS ret = 0;
+	int i = 0;
+	size_t len;
+	FILE * fp;
+	unsigned char dest_file[50];
+	unsigned char * outbuf = calloc(1,sizeof(unsigned char)*KEY_BUF_SIZE);
+
+	strcpy(dest_file,"keys/");
+	strcat(dest_file, KD_ctx->phrase);
+	strcat(dest_file, "_pub");
+
+	
+	if(KD_ctx->KEY_FORM == PEM)
+	{
+		strcat(dest_file, ".pem");
+		//write pem does not return no of bytes written....stupid
+		len = mbedtls_pk_write_pubkey_pem(pkey_ctx, outbuf, KEY_BUF_SIZE);	
+		if(len < 0)
+		{
+			perror("DIMAOUTPUTERROR:");
+			return(DIMAOUTPUTERROR);
+		}
+	}
+	else if(KD_ctx->KEY_FORM == DER)
+	{
+		strcat(dest_file, ".der");
+		len = mbedtls_pk_write_pubkey_der(pkey_ctx, outbuf, KEY_BUF_SIZE);
+		if(len < 0)
+		{
+			perror("DIMAOUTPUTERROR:");
+			return(DIMAOUTPUTERROR);
+		}
+	}
+	else
+	{
+		perror("DIMAINVALIDSTATE : Check key format in Key Derivation struct\n");
+		//cleanup();
+		exit(DIMAINVALIDSTATE);
+	}
+
+	len = strlen( (char *) outbuf );
+	
+	if( ( fp = fopen( dest_file, "w" ) ) == NULL )
+	{
+		perror("DIMAOUTPUTERROR: ");
+		return(DIMAOUTPUTERROR);
+	}
+
+    fwrite( outbuf, 1, len, fp );
+    fclose( fp );
+
+    return(DIMASUCCESS);
+
+}
diff --git a/trial4/KeyGen.h b/trial4/KeyGen.h
index fb4975c..c031a55 100644
--- a/trial4/KeyGen.h
+++ b/trial4/KeyGen.h
@@ -29,4 +29,21 @@ DIMASTATUS use_dev_random(void *data, unsigned char *output, size_t len, size_t
 DIMASTATUS seedRNGSource(void *data, unsigned char *output, size_t len);
 */
 
-DIMASTATUS AsymmKeyGen(KeyDrv_context * KD_ctx);
\ No newline at end of file
+
+	//Create Asymmetric device key from CDI key
+
+	//Create KD contxt, fill in information required for the asymm key derivation
+	//call KeyGen with KD ctx
+	//export Pub key?
+	//export Pub cert?
+	//what else can we do? key chains?
+
+
+
+DIMASTATUS AsymmKeyGen(KeyDrv_context * KD_ctx);
+
+
+//If KD->phrase is IDENTITY, do not write priv key file outside SS. issue warning.
+DIMASTATUS WritePrivKey(KeyDrv_context * KD_ctx, mbedtls_pk_context * key_ctx);
+DIMASTATUS WritePubKey(KeyDrv_context * KD_ctx, mbedtls_pk_context * key_ctx);
+
diff --git a/trial4/RANDFILE b/trial4/RANDFILE
deleted file mode 100644
index fd3981b..0000000
Binary files a/trial4/RANDFILE and /dev/null differ
diff --git a/trial4/ROMprotocol.c b/trial4/ROMprotocol.c
index 71ccf4c..39f4b26 100644
--- a/trial4/ROMprotocol.c
+++ b/trial4/ROMprotocol.c
@@ -45,7 +45,7 @@ DIMASTATUS ROMprotocol()
 	//Calculating UDS hash
 
 	FILE *fp = NULL;
-	fp = fopen("RANDFILE", "rb");
+	fp = fopen("SecureStorage/RANDFILE", "rb");
 	if(!fp)
 	{
 		perror("DIMAFILENOTFOUND: Unable to access UDS\n");
@@ -179,29 +179,10 @@ if(DEBUG)
 if(DEBUG)
 {printf("PASS 5\n");}
 
-	//Create Asymmetric device key from CDI key
 
-	//Create KD contxt, fill in information required for the asymm key derivation
-	//call KeyGen with KD ctx
-	//export Pub key?
-	//export Pub cert?
-	//what else can we do?
-
-/*      
-    int 					ENT_MODE;		//SW_PRNG,HW_TRNG,DETERM,
-    int 					PKC_MODE;		//isRSA, isECC
-    const uint8_t * 		seed;			
-    const char *			phrase;			
-    int 					KEY_FORM;		//BIN,PEM,DER
-    char * 					pub_file;
-    						priv_file;
-
-} KeyDrv_context;
-
-
-*/
 
 	//Every key derivation should start with a new KD contxt
+	//setting context for DID
 
 	KeyDrv_context DID_ctx;
 	DID_ctx.ENT_MODE = DFL_ENT;
@@ -209,12 +190,13 @@ if(DEBUG)
 	DID_ctx.seed = CDIKEY;
 	DID_ctx.phrase = IDENTITY;
 	DID_ctx.KEY_FORM = DFL_FORM;
-	DID_ctx.pub_file = "DID_pub.pem";
-	DID_ctx.priv_file = "DID_priv.pem";			//Dont save DID priv
+	//DID_ctx.pub_file = DFL_PUB;
+	//DID_ctx.priv_file = DFL_PRIV;			//Dont save DID priv outside SS
 
 if(DEBUG)
 {printf("PASS 6\n");}
 
+	//Deriving and storing DID
 	ret = AsymmKeyGen(&DID_ctx);
 	if(ret < DIMASUCCESS)
 	{
@@ -223,10 +205,22 @@ if(DEBUG)
 		exit(DIMAFAILURE);
 	}
 
+	free(CDIKEY);
+	//delete DID_ctx??
+
+	//setting context for Alias keys
+
+	//deriving alisa keys
+
+	//session keys?
+
+
+
+
 if(DEBUG)
 {printf("PASS 7\n");}
 
-	free(CDIKEY);
+
 
 
 if(DEBUG)
diff --git a/trial4/defines.h b/trial4/defines.h
index 8ccff30..f100963 100644
--- a/trial4/defines.h
+++ b/trial4/defines.h
@@ -21,11 +21,9 @@
 #define DIMAFAILUREUNKWN	-1111
 
 
-
+////////////////////////////////////////////////
 
 /* CONSTANTS TO BE USED IN DIMA */
-
-
 #define SHA256_DGST_SIZE 	32			//bytes
 #define UDS_SIZE			8
 #define CDI_KEY_SIZE		32
@@ -34,31 +32,7 @@
 #define RSA_HASH_ID			MBEDTLS_MD_SHA256 
 #define RSA_SIZE			2048	//4096
 #define RSA_EXP				65537
-
-
-
-
-/* DEFAULT CONFIGURATIONS */
-#define DEBUG			1			//print all values when 1
-
-#define isRSA			0
-#define isECC 			1
-#define DFL_PKC			isECC		// isECC, 1 = ECC, 0= RSA
-
-#define BIN 			0
-#define PEM 			1
-#define DER 			2
-#define	DFL_FORM		PEM
-
-
-//DRBG entropy source
-#define SW_PRNG 	0
-#define HW_TRNG 	1
-#define DETERM 		2
-#define DFL_ENT		HW_TRNG
-
-
-
+#define KEY_BUF_SIZE		16000
 
 /* SPECIFIC AND SPECIAL VALUES */
 /* DO NOT CHANGE THIS BLOCK */
@@ -69,7 +43,37 @@
 #define ENTROPY_LEN			32
 
 
-/* typedes */
+////////////////////////////////////////////////
+
+/* DEFAULT CONFIGURATIONS */
+
+#define DEBUG			1			//print all values when 1
+
+#define isRSA			0
+#define isECC 			1
+#define DFL_PKC			isRSA		// isECC, 1 = ECC, 0= RSA
+
+//#define BIN 			2
+#define PEM 			0
+#define DER 			1
+#define	DFL_FORM		PEM
+//#define DFL_PUB			"keys/DID_pub." DFL_FORM
+//#define DFL_PRIV		"SecureStorage/DID_priv" DFL_FORM
+
+
+
+
+//DRBG entropy source
+#define SW_PRNG 	0
+#define HW_TRNG 	1
+#define DETERM 		2
+#define DFL_ENT		DETERM
+
+
+//////////////////////////////////////////////////
+
+
+/* typedefs */
 
 typedef struct
 {
@@ -96,3 +100,5 @@ typedef struct
 	size_t					inLen;
 	uint8_t * 				outbuf;			//out buf			
 } Hash_contxt;
+
+//useless structure ^ this one
diff --git a/trial4/makefile b/trial4/makefile
index 99766ca..e080dbe 100644
--- a/trial4/makefile
+++ b/trial4/makefile
@@ -20,7 +20,15 @@ debug:
 trial:
 	${CC} -g -o $(ODIR)/trial ECCtrial.c -lm -lmbedcrypto -lmbedtls -lmbedx509 
 
+remake:
+	rm -r $(ODIR)/*
+	${CC} -o $(ODIR)/main main.c KeyGen.c ROMprotocol.c -lm -lmbedcrypto -lmbedtls -lmbedx509
+
 clean: 
 	rm -r $(ODIR)/* 
 	rm -r ./keys/*
+	rm -r ./SecureStorage/*.pem
+	rm -r ./SecureStorage/*.der
+
+	
 
diff --git a/trial4/out/main b/trial4/out/main
index 4925b66..ba99235 100755
Binary files a/trial4/out/main and b/trial4/out/main differ