github/self
1
1
Fork 0
mirror of https://github.com/selfxyz/self.git synced 2026-04-27 03:01:15 -04:00
Code Issues Packages Projects Releases Wiki Activity

small clean

Browse Source
This commit is contained in:
turnoffthiscomputer
2025-01-06 16:46:13 +01:00
parent b816b759d8
commit 339302e5fd
9 changed files with 307 additions and 298 deletions
Download Patch File Download Diff File Expand all files Collapse all files

0
common/src/utils/brutForceDscSignature.ts Normal file
View File

4
common/src/utils/brutForce.ts → common/src/utils/brutForcePassportSignature.ts
View File

@@ -1,11 +1,11 @@
import { PassportData } from '../../../common/src/utils/types';
import { PassportData } from './types';
import { parseCertificateSimple } from './certificate_parsing/parseCertificateSimple';
import {
PublicKeyDetailsECDSA,
} from './certificate_parsing/dataStructure';
import forge from 'node-forge';
import * as asn1js from 'asn1js';
import { initElliptic } from './elliptic';
import { initElliptic } from './certificate_parsing/elliptic';
import { getCurveForElliptic } from './certificate_parsing/curves';
import { Certificate } from 'pkijs';
import { hashAlgos, saltLengths } from '../constants/constants';

0
common/src/utils/elliptic.ts → common/src/utils/certificate_parsing/elliptic.ts
View File

16
common/src/utils/certificate_parsing/parseCertificate.ts
View File

@@ -20,8 +20,14 @@ export function parseCertificate(pem: string, fileName: string): any {
};
try {
certificateData = parseCertificateSimple(pem);
const tempCertPath = `/tmp/${fileName}.pem`;
fs.writeFileSync(tempCertPath, pem);
const baseFileName = fileName.replace('.pem', '');
const tempCertPath = `/tmp/${baseFileName}.pem`;
const formattedPem = pem.includes('-----BEGIN CERTIFICATE-----')
? pem
: `-----BEGIN CERTIFICATE-----\n${pem}\n-----END CERTIFICATE-----`;
fs.writeFileSync(tempCertPath, formattedPem);
try {
const openSslOutput = execSync(`openssl x509 -in ${tempCertPath} -text -noout`).toString();
certificateData.rawTxt = openSslOutput;
@@ -29,7 +35,11 @@ export function parseCertificate(pem: string, fileName: string): any {
console.error(`Error executing OpenSSL command: ${error}`);
certificateData.rawTxt = 'Error: Unable to generate human-readable format';
} finally {
fs.unlinkSync(tempCertPath);
try {
fs.unlinkSync(tempCertPath);
} catch (e) {
// Ignore cleanup errors
}
}
return certificateData;

562
common/src/utils/certificate_parsing/parseCertificateSimple.ts
View File

@@ -2,330 +2,330 @@ import * as asn1js from 'asn1js';
import { Certificate, RSAPublicKey, RSASSAPSSParams } from 'pkijs';
import { getFriendlyName } from './oids';
import {
CertificateData,
PublicKeyDetailsECDSA,
PublicKeyDetailsRSA,
PublicKeyDetailsRSAPSS,
CertificateData,
PublicKeyDetailsECDSA,
PublicKeyDetailsRSA,
PublicKeyDetailsRSAPSS,
} from './dataStructure';
import { getCurveForElliptic, getECDSACurveBits, identifyCurve, StandardCurve } from './curves';
import { getIssuerCountryCode, getSubjectKeyIdentifier } from './utils';
import { circuitNameFromMode } from '../../constants/constants';
import { Mode } from '../appType';
import { initElliptic } from '../elliptic';
import { initElliptic } from './elliptic';
export function parseCertificateSimple(pem: string): CertificateData {
let certificateData: CertificateData = {
id: '',
issuer: '',
validity: {
notBefore: '',
notAfter: '',
},
subjectKeyIdentifier: '',
authorityKeyIdentifier: '',
signatureAlgorithm: '',
hashAlgorithm: '',
publicKeyDetails: undefined,
rawPem: '',
rawTxt: '',
};
try {
const pemFormatted = pem.replace(/(-----(BEGIN|END) CERTIFICATE-----|\n|\r)/g, '');
const binary = Buffer.from(pemFormatted, 'base64');
const arrayBuffer = new ArrayBuffer(binary.length);
const view = new Uint8Array(arrayBuffer);
for (let i = 0; i < binary.length; i++) {
view[i] = binary[i];
}
const asn1 = asn1js.fromBER(arrayBuffer);
if (asn1.offset === -1) {
throw new Error(`ASN.1 parsing error: ${asn1.result.error}`);
}
const cert = new Certificate({ schema: asn1.result });
const publicKeyAlgoOID = cert.subjectPublicKeyInfo.algorithm.algorithmId;
const publicKeyAlgoFN = getFriendlyName(publicKeyAlgoOID);
const signatureAlgoOID = cert.signatureAlgorithm.algorithmId;
const signatureAlgoFN = getFriendlyName(signatureAlgoOID);
certificateData.hashAlgorithm = getHashAlgorithm(signatureAlgoFN);
let params;
if (publicKeyAlgoFN === 'RSA') {
certificateData.signatureAlgorithm = 'rsa';
params = getParamsRSA(cert);
} else if (publicKeyAlgoFN === 'ECC') {
certificateData.signatureAlgorithm = 'ecdsa';
params = getParamsECDSA(cert);
} else if (publicKeyAlgoFN === 'RSASSA_PSS') {
certificateData.signatureAlgorithm = 'rsapss';
params = getParamsRSAPSS(cert);
} else {
console.log(publicKeyAlgoFN);
}
certificateData.publicKeyDetails = params;
certificateData.issuer = getIssuerCountryCode(cert);
certificateData.validity = {
notBefore: cert.notBefore.value.toString(),
notAfter: cert.notAfter.value.toString(),
let certificateData: CertificateData = {
id: '',
issuer: '',
validity: {
notBefore: '',
notAfter: '',
},
subjectKeyIdentifier: '',
authorityKeyIdentifier: '',
signatureAlgorithm: '',
hashAlgorithm: '',
publicKeyDetails: undefined,
rawPem: '',
rawTxt: '',
};
const ski = getSubjectKeyIdentifier(cert);
certificateData.id = ski.slice(0, 12);
certificateData.subjectKeyIdentifier = ski;
certificateData.rawPem = pem;
try {
const pemFormatted = pem.replace(/(-----(BEGIN|END) CERTIFICATE-----|\n|\r)/g, '');
const binary = Buffer.from(pemFormatted, 'base64');
const arrayBuffer = new ArrayBuffer(binary.length);
const view = new Uint8Array(arrayBuffer);
for (let i = 0; i < binary.length; i++) {
view[i] = binary[i];
}
const authorityKeyIdentifier = getAuthorityKeyIdentifier(cert);
certificateData.authorityKeyIdentifier = authorityKeyIdentifier;
const asn1 = asn1js.fromBER(arrayBuffer);
if (asn1.offset === -1) {
throw new Error(`ASN.1 parsing error: ${asn1.result.error}`);
}
// corner case for rsapss
if (certificateData.signatureAlgorithm === 'rsapss' && !certificateData.hashAlgorithm) {
certificateData.hashAlgorithm = (
certificateData.publicKeyDetails as PublicKeyDetailsRSAPSS
).hashAlgorithm;
const cert = new Certificate({ schema: asn1.result });
const publicKeyAlgoOID = cert.subjectPublicKeyInfo.algorithm.algorithmId;
const publicKeyAlgoFN = getFriendlyName(publicKeyAlgoOID);
const signatureAlgoOID = cert.signatureAlgorithm.algorithmId;
const signatureAlgoFN = getFriendlyName(signatureAlgoOID);
certificateData.hashAlgorithm = getHashAlgorithm(signatureAlgoFN);
let params;
if (publicKeyAlgoFN === 'RSA') {
certificateData.signatureAlgorithm = 'rsa';
params = getParamsRSA(cert);
} else if (publicKeyAlgoFN === 'ECC') {
certificateData.signatureAlgorithm = 'ecdsa';
params = getParamsECDSA(cert);
} else if (publicKeyAlgoFN === 'RSASSA_PSS') {
certificateData.signatureAlgorithm = 'rsapss';
params = getParamsRSAPSS(cert);
} else {
console.log(publicKeyAlgoFN);
}
certificateData.publicKeyDetails = params;
certificateData.issuer = getIssuerCountryCode(cert);
certificateData.validity = {
notBefore: cert.notBefore.value.toString(),
notAfter: cert.notAfter.value.toString(),
};
const ski = getSubjectKeyIdentifier(cert);
certificateData.id = ski.slice(0, 12);
certificateData.subjectKeyIdentifier = ski;
certificateData.rawPem = pem;
const authorityKeyIdentifier = getAuthorityKeyIdentifier(cert);
certificateData.authorityKeyIdentifier = authorityKeyIdentifier;
// corner case for rsapss
if (certificateData.signatureAlgorithm === 'rsapss' && !certificateData.hashAlgorithm) {
certificateData.hashAlgorithm = (
certificateData.publicKeyDetails as PublicKeyDetailsRSAPSS
).hashAlgorithm;
}
return certificateData;
} catch (error) {
console.error(`Error processing certificate`, error);
throw error;
}
return certificateData;
} catch (error) {
console.error(`Error processing certificate`, error);
throw error;
}
}
function getParamsRSA(cert: Certificate): PublicKeyDetailsRSA {
const publicKeyValue = cert.subjectPublicKeyInfo.parsedKey as RSAPublicKey;
const modulusBytes = publicKeyValue.modulus.valueBlock.valueHexView;
const modulusHex = Buffer.from(modulusBytes).toString('hex');
const exponentBigInt = publicKeyValue.publicExponent.toBigInt();
const exponentDecimal = exponentBigInt.toString();
const actualBits = modulusBytes.length * 8;
const publicKeyValue = cert.subjectPublicKeyInfo.parsedKey as RSAPublicKey;
const modulusBytes = publicKeyValue.modulus.valueBlock.valueHexView;
const modulusHex = Buffer.from(modulusBytes).toString('hex');
const exponentBigInt = publicKeyValue.publicExponent.toBigInt();
const exponentDecimal = exponentBigInt.toString();
const actualBits = modulusBytes.length * 8;
return {
modulus: modulusHex,
exponent: exponentDecimal,
bits: actualBits.toString(),
};
return {
modulus: modulusHex,
exponent: exponentDecimal,
bits: actualBits.toString(),
};
}
function getParamsRSAPSS(cert: Certificate): PublicKeyDetailsRSAPSS {
// Get the subjectPublicKey BitString
const spki = cert.subjectPublicKeyInfo;
const spkiValueHex = spki.subjectPublicKey.valueBlock.valueHexView;
// Get the subjectPublicKey BitString
const spki = cert.subjectPublicKeyInfo;
const spkiValueHex = spki.subjectPublicKey.valueBlock.valueHexView;
// Parse the public key ASN.1 structure
const asn1PublicKey = asn1js.fromBER(spkiValueHex);
if (asn1PublicKey.offset === -1) {
throw new Error('Error parsing public key ASN.1 structure');
}
// Parse the public key ASN.1 structure
const asn1PublicKey = asn1js.fromBER(spkiValueHex);
if (asn1PublicKey.offset === -1) {
throw new Error('Error parsing public key ASN.1 structure');
}
// The public key is an RSAPublicKey structure
const rsaPublicKey = new RSAPublicKey({ schema: asn1PublicKey.result });
const modulusBytes = rsaPublicKey.modulus.valueBlock.valueHexView;
const modulusHex = Buffer.from(modulusBytes).toString('hex');
const exponentBigInt = rsaPublicKey.publicExponent.toBigInt();
const exponentDecimal = exponentBigInt.toString();
const actualBits = modulusBytes.length * 8;
// The public key is an RSAPublicKey structure
const rsaPublicKey = new RSAPublicKey({ schema: asn1PublicKey.result });
const modulusBytes = rsaPublicKey.modulus.valueBlock.valueHexView;
const modulusHex = Buffer.from(modulusBytes).toString('hex');
const exponentBigInt = rsaPublicKey.publicExponent.toBigInt();
const exponentDecimal = exponentBigInt.toString();
const actualBits = modulusBytes.length * 8;
const sigAlgParams = cert.signatureAlgorithm.algorithmParams;
const pssParams = new RSASSAPSSParams({ schema: sigAlgParams });
const hashAlgorithm = getFriendlyName(pssParams.hashAlgorithm.algorithmId);
const mgf = getFriendlyName(pssParams.maskGenAlgorithm.algorithmId);
const sigAlgParams = cert.signatureAlgorithm.algorithmParams;
const pssParams = new RSASSAPSSParams({ schema: sigAlgParams });
const hashAlgorithm = getFriendlyName(pssParams.hashAlgorithm.algorithmId);
const mgf = getFriendlyName(pssParams.maskGenAlgorithm.algorithmId);
return {
modulus: modulusHex,
exponent: exponentDecimal,
bits: actualBits.toString(),
hashAlgorithm: hashAlgorithm,
mgf: mgf,
saltLength: pssParams.saltLength.toString(),
};
return {
modulus: modulusHex,
exponent: exponentDecimal,
bits: actualBits.toString(),
hashAlgorithm: hashAlgorithm,
mgf: mgf,
saltLength: pssParams.saltLength.toString(),
};
}
export function getParamsECDSA(cert: Certificate): PublicKeyDetailsECDSA {
try {
const algorithmParams = cert.subjectPublicKeyInfo.algorithm.algorithmParams;
try {
const algorithmParams = cert.subjectPublicKeyInfo.algorithm.algorithmParams;
if (!algorithmParams) {
console.error('No algorithm params found');
return {
curve: 'Unknown',
params: {} as StandardCurve,
bits: 'Unknown',
x: 'Unknown',
y: 'Unknown',
};
if (!algorithmParams) {
console.error('No algorithm params found');
return {
curve: 'Unknown',
params: {} as StandardCurve,
bits: 'Unknown',
x: 'Unknown',
y: 'Unknown',
};
}
let curveName,
bits,
x,
y = 'Unknown';
let curveParams: StandardCurve = {} as StandardCurve;
// Try to get the curve name from the OID
if (algorithmParams instanceof asn1js.ObjectIdentifier) {
const curveOid = algorithmParams.valueBlock.toString();
curveName = getFriendlyName(curveOid) || 'Unknown';
bits = getECDSACurveBits(curveName);
}
// If the OID of the curve is not present, we try to get the curve parameters and identify the curve from them
else {
const params = asn1js.fromBER(algorithmParams.valueBeforeDecodeView).result;
const valueBlock: any = params.valueBlock;
if (valueBlock.value && valueBlock.value.length >= 5) {
const curveParams: StandardCurve = {} as StandardCurve;
// Field ID (index 1)
const fieldId = valueBlock.value[1];
if (fieldId && fieldId.valueBlock && fieldId.valueBlock.value) {
const fieldType = fieldId.valueBlock.value[0];
const prime = fieldId.valueBlock.value[1];
//curveParams.fieldType = fieldType.valueBlock.toString();
curveParams.p = Buffer.from(prime.valueBlock.valueHexView).toString('hex');
}
// Curve Coefficients (index 2)
const curveCoefficients = valueBlock.value[2];
if (
curveCoefficients &&
curveCoefficients.valueBlock &&
curveCoefficients.valueBlock.value
) {
const a = curveCoefficients.valueBlock.value[0];
const b = curveCoefficients.valueBlock.value[1];
curveParams.a = Buffer.from(a.valueBlock.valueHexView).toString('hex');
curveParams.b = Buffer.from(b.valueBlock.valueHexView).toString('hex');
}
// Base Point G (index 3)
const basePoint = valueBlock.value[3];
if (basePoint && basePoint.valueBlock) {
curveParams.G = Buffer.from(basePoint.valueBlock.valueHexView).toString('hex');
}
// Order n (index 4)
const order = valueBlock.value[4];
if (order && order.valueBlock) {
curveParams.n = Buffer.from(order.valueBlock.valueHexView).toString('hex');
}
if (valueBlock.value.length >= 6) {
// Cofactor h (index 5)
const cofactor = valueBlock.value[5];
if (cofactor && cofactor.valueBlock) {
curveParams.h = Buffer.from(cofactor.valueBlock.valueHexView).toString('hex');
}
} else {
curveParams.h = '01';
}
const identifiedCurve = identifyCurve(curveParams);
curveName = identifiedCurve;
bits = getECDSACurveBits(curveName);
} else {
if (valueBlock.value) {
console.log(valueBlock.value);
} else {
console.log('No value block found');
}
}
}
// Get the public key x and y parameters
const publicKeyBuffer = cert.subjectPublicKeyInfo.subjectPublicKey.valueBlock.valueHexView;
if (publicKeyBuffer && curveName !== 'Unknown') {
const elliptic = initElliptic();
const ec = new elliptic.ec(getCurveForElliptic(curveName));
const key = ec.keyFromPublic(publicKeyBuffer);
x = key.getPublic().getX().toString('hex');
y = key.getPublic().getY().toString('hex');
}
return { curve: curveName, params: curveParams, bits: bits, x: x, y: y };
} catch (error) {
console.error('Error parsing EC parameters:', error);
return {
curve: 'Error',
params: {} as StandardCurve,
bits: 'Unknown',
x: 'Unknown',
y: 'Unknown',
};
}
let curveName,
bits,
x,
y = 'Unknown';
let curveParams: StandardCurve = {} as StandardCurve;
// Try to get the curve name from the OID
if (algorithmParams instanceof asn1js.ObjectIdentifier) {
const curveOid = algorithmParams.valueBlock.toString();
curveName = getFriendlyName(curveOid) || 'Unknown';
bits = getECDSACurveBits(curveName);
}
// If the OID of the curve is not present, we try to get the curve parameters and identify the curve from them
else {
const params = asn1js.fromBER(algorithmParams.valueBeforeDecodeView).result;
const valueBlock: any = params.valueBlock;
if (valueBlock.value && valueBlock.value.length >= 5) {
const curveParams: StandardCurve = {} as StandardCurve;
// Field ID (index 1)
const fieldId = valueBlock.value[1];
if (fieldId && fieldId.valueBlock && fieldId.valueBlock.value) {
const fieldType = fieldId.valueBlock.value[0];
const prime = fieldId.valueBlock.value[1];
//curveParams.fieldType = fieldType.valueBlock.toString();
curveParams.p = Buffer.from(prime.valueBlock.valueHexView).toString('hex');
}
// Curve Coefficients (index 2)
const curveCoefficients = valueBlock.value[2];
if (
curveCoefficients &&
curveCoefficients.valueBlock &&
curveCoefficients.valueBlock.value
) {
const a = curveCoefficients.valueBlock.value[0];
const b = curveCoefficients.valueBlock.value[1];
curveParams.a = Buffer.from(a.valueBlock.valueHexView).toString('hex');
curveParams.b = Buffer.from(b.valueBlock.valueHexView).toString('hex');
}
// Base Point G (index 3)
const basePoint = valueBlock.value[3];
if (basePoint && basePoint.valueBlock) {
curveParams.G = Buffer.from(basePoint.valueBlock.valueHexView).toString('hex');
}
// Order n (index 4)
const order = valueBlock.value[4];
if (order && order.valueBlock) {
curveParams.n = Buffer.from(order.valueBlock.valueHexView).toString('hex');
}
if (valueBlock.value.length >= 6) {
// Cofactor h (index 5)
const cofactor = valueBlock.value[5];
if (cofactor && cofactor.valueBlock) {
curveParams.h = Buffer.from(cofactor.valueBlock.valueHexView).toString('hex');
}
} else {
curveParams.h = '01';
}
const identifiedCurve = identifyCurve(curveParams);
curveName = identifiedCurve;
bits = getECDSACurveBits(curveName);
} else {
if (valueBlock.value) {
console.log(valueBlock.value);
} else {
console.log('No value block found');
}
}
}
// Get the public key x and y parameters
const publicKeyBuffer = cert.subjectPublicKeyInfo.subjectPublicKey.valueBlock.valueHexView;
if (publicKeyBuffer && curveName !== 'Unknown') {
const elliptic = initElliptic();
const ec = new elliptic.ec(getCurveForElliptic(curveName));
const key = ec.keyFromPublic(publicKeyBuffer);
x = key.getPublic().getX().toString('hex');
y = key.getPublic().getY().toString('hex');
}
return { curve: curveName, params: curveParams, bits: bits, x: x, y: y };
} catch (error) {
console.error('Error parsing EC parameters:', error);
return {
curve: 'Error',
params: {} as StandardCurve,
bits: 'Unknown',
x: 'Unknown',
y: 'Unknown',
};
}
}
export const getAuthorityKeyIdentifier = (cert: Certificate): string => {
const authorityKeyIdentifier = cert.extensions.find((ext) => ext.extnID === '2.5.29.35');
if (authorityKeyIdentifier) {
let akiValue = Buffer.from(authorityKeyIdentifier.extnValue.valueBlock.valueHexView).toString(
'hex'
);
akiValue = akiValue.replace(/^(?:3016)?(?:0414)?/, '');
// cur off the first 2 bytes
akiValue = akiValue.slice(4);
return akiValue;
}
return null;
const authorityKeyIdentifier = cert.extensions.find((ext) => ext.extnID === '2.5.29.35');
if (authorityKeyIdentifier) {
let akiValue = Buffer.from(authorityKeyIdentifier.extnValue.valueBlock.valueHexView).toString(
'hex'
);
akiValue = akiValue.replace(/^(?:3016)?(?:0414)?/, '');
// cur off the first 2 bytes
akiValue = akiValue.slice(4);
return akiValue;
}
return null;
};
export const getCircuitName = (
circuitMode: 'prove' | 'dsc' | 'vc_and_disclose',
signatureAlgorithm: string,
hashFunction: string,
domainParameter: string,
keyLength: string
circuitMode: 'prove' | 'dsc' | 'vc_and_disclose',
signatureAlgorithm: string,
hashFunction: string,
domainParameter: string,
keyLength: string
) => {
const circuit = circuitNameFromMode[circuitMode];
if (circuit == 'vc_and_disclose') {
return 'vc_and_disclose';
}
if (circuit == 'dsc') {
const circuit = circuitNameFromMode[circuitMode];
if (circuit == 'vc_and_disclose') {
return 'vc_and_disclose';
}
if (circuit == 'dsc') {
return (
circuit +
'_' +
signatureAlgorithm +
'_' +
hashFunction +
'_' +
domainParameter +
'_' +
keyLength
);
}
return (
circuit +
'_' +
signatureAlgorithm +
'_' +
hashFunction +
'_' +
domainParameter +
'_' +
keyLength
circuit +
'_' +
signatureAlgorithm +
'_' +
hashFunction +
'_' +
domainParameter +
'_' +
keyLength
);
}
return (
circuit +
'_' +
signatureAlgorithm +
'_' +
hashFunction +
'_' +
domainParameter +
'_' +
keyLength
);
};
export const getCircuitNameOld = (
circuitMode: Mode,
signatureAlgorithm: string,
hashFunction: string
circuitMode: Mode,
signatureAlgorithm: string,
hashFunction: string
) => {
const circuit = circuitNameFromMode[circuitMode];
if (circuit == 'vc_and_disclose') {
return 'vc_and_disclose';
} else if (signatureAlgorithm === 'ecdsa') {
return circuit + '_' + signatureAlgorithm + '_secp256r1_' + hashFunction;
} else {
return circuit + '_' + signatureAlgorithm + '_65537_' + hashFunction;
}
const circuit = circuitNameFromMode[circuitMode];
if (circuit == 'vc_and_disclose') {
return 'vc_and_disclose';
} else if (signatureAlgorithm === 'ecdsa') {
return circuit + '_' + signatureAlgorithm + '_secp256r1_' + hashFunction;
} else {
return circuit + '_' + signatureAlgorithm + '_65537_' + hashFunction;
}
};
export function getHashAlgorithm(rawSignatureAlgorithm: string) {
const input = rawSignatureAlgorithm.toLowerCase();
const patterns = [/sha-?1/i, /sha-?256/i, /sha-?384/i, /sha-?512/i];
const input = rawSignatureAlgorithm.toLowerCase();
const patterns = [/sha-?1/i, /sha-?256/i, /sha-?384/i, /sha-?512/i];
for (const pattern of patterns) {
const match = input.match(pattern);
if (match) {
// Remove any hyphens and return standardized format
return match[0].replace('-', '');
for (const pattern of patterns) {
const match = input.match(pattern);
if (match) {
// Remove any hyphens and return standardized format
return match[0].replace('-', '');
}
}
}
return 'unknown';
return 'unknown';
}

10
common/src/utils/circuitsName.ts
View File

@@ -38,12 +38,4 @@ export function getCircuitNameFromPassportData(passportData: PassportData) {
} else {
throw new Error('Unsupported signature algorithm');
}
}
export function getCurveOrExponent(dsc: any) {
const parsedDsc = parseCertificateSimple(dsc);
if (parsedDsc.signatureAlgorithm === 'ecdsa') {
return (parsedDsc.publicKeyDetails as PublicKeyDetailsECDSA).curve;
}
return (parsedDsc.publicKeyDetails as PublicKeyDetailsRSA).exponent;
}
}

0
common/src/utils/parseDscCertificateData.ts Normal file
View File

2
common/src/utils/parsePassportData.ts
View File

@@ -9,7 +9,7 @@ import {
} from './certificate_parsing/dataStructure';
import { getCSCAFromSKI } from './csca';
import { hashAlgos } from '../constants/constants';
import { brutforceSignatureAlgorithm } from './brutForce';
import { brutforceSignatureAlgorithm } from './brutForcePassportSignature';
export interface PassportMetadata {
dataGroups: string;

11
registry/src/buildJson.ts
View File

@@ -1,6 +1,8 @@
import fs from 'fs';
import path from 'path';
import { parseCertificateSimple } from '../../common/src/utils/certificate_parsing/parseCertificateSimple';
import { parseCertificate } from '../../common/src/utils/certificate_parsing/parseCertificate';
import { CertificateData } from '../../common/src/utils/certificate_parsing/dataStructure';
const pemDirectory = path.join(__dirname, '..', 'outputs', 'csca', 'pem_masterlist');
const ski_pem_path = path.join(__dirname, '..', 'outputs', 'ski_pem.json');
@@ -51,6 +53,9 @@ async function main() {
console.log('\x1b[90m%s\x1b[0m', `processing ${prodCertificate}`);
try {
const certificateData = parseCertificateSimple(pemContent);
skiPemJson[certificateData.subjectKeyIdentifier] = pemContent;
} catch (error) {
console.log('\x1b[90m%s\x1b[0m', `certificate ${prodCertificate} is invalid.`);
@@ -60,13 +65,15 @@ async function main() {
try {
const certificateData = parseCertificateSimple(devCertificate);
skiPemDevJson[certificateData.subjectKeyIdentifier] = devCertificate;
} catch (error) {
console.log('\x1b[90m%s\x1b[0m', `certificate ${devCertificate} is invalid.`);
}
}
fs.writeFileSync(ski_pem_path, JSON.stringify(skiPemJson, null, 2));
fs.writeFileSync(ski_pem_dev_path, JSON.stringify(skiPemDevJson, null, 2));
// fs.writeFileSync(ski_pem_path, JSON.stringify(skiPemJson, null, 2));
// fs.writeFileSync(ski_pem_dev_path, JSON.stringify(skiPemDevJson, null, 2));
}