chore: change n and k params for ecdsa

circuits/circuits/prove/instances/prove_ecdsa_sha1_secp256r1_256.circom

@@ -2,4 +2,4 @@ pragma circom 2.1.9;
 
 include "../openpassport_prove.circom";
 
-component main { public [  scope, user_identifier, current_date] } = OPENPASSPORT_PROVE(7, 43, 6, 320, 192, 20);
+component main { public [  scope, user_identifier, current_date] } = OPENPASSPORT_PROVE(7, 64, 4, 320, 192, 20);

circuits/circuits/prove/instances/prove_ecdsa_sha256_secp256r1_256.circom

@@ -2,4 +2,4 @@ pragma circom 2.1.9;
 
 include "../openpassport_prove.circom";
 
-component main { public [  scope, user_identifier, current_date] } = OPENPASSPORT_PROVE(8, 43, 6, 384, 192, 20);
+component main { public [  scope, user_identifier, current_date] } = OPENPASSPORT_PROVE(8, 64, 4, 384, 192, 20);

circuits/circuits/prove/openpassport_prove.circom

@@ -58,7 +58,6 @@ template OPENPASSPORT_PROVE(signatureAlgorithm, n, k, MAX_ECONTENT_PADDED_LEN, M
     signal isWrongSelectorMode <== IsEqual()([2*selector_mode[0] + selector_mode[1], 1]);
     isWrongSelectorMode === 0;
 
-
     // verify passport signature
     PassportVerifier(signatureAlgorithm, n, k, MAX_ECONTENT_PADDED_LEN, MAX_SIGNED_ATTR_PADDED_LEN)(dg1,dg1_hash_offset, dg2_hash, eContent,eContent_padded_length, signed_attr, signed_attr_padded_length, signed_attr_econtent_hash_offset, pubKey, signature, dummy);
     // verify passport is not expired

circuits/circuits/utils/passport/passportVerifier.circom

@@ -39,11 +39,10 @@ template PassportVerifier(signatureAlgorithm, n, k, MAX_ECONTENT_LEN, MAX_SIGNED
         for (var j = 0; j < 8; j++) {
             dg1Bits[i * 8 + j] <== n2b[i].out[7 - j];
         }
+    }
 
-    }
     signal dg1Sha[HASH_LEN_BITS] <== ShaHashBits(93 * 8, HASH_LEN_BITS)(dg1Bits, 0);
-    for (var i = 0; i < HASH_LEN_BITS; i++) {
-    }
+    
 
     component dg1ShaBytes[HASH_LEN_BYTES];
     for (var i = 0; i < HASH_LEN_BYTES; i++) {

circuits/circuits/utils/passport/secp256r1Verifier.circom

@@ -8,23 +8,21 @@ template Secp256r1Verifier(signatureAlgorithm, n, k) {
     var kScaled = k * kLengthFactor;
 
     var HASH_LEN_BITS = getHashLength(signatureAlgorithm);
-    var msg_len = (HASH_LEN_BITS + n) \ n;
 
     signal input signature[kScaled];
     signal input pubKey[kScaled];
-    signal input hashParsed[msg_len];
+    signal input hashParsed[HASH_LEN_BITS];
 
-    signal msgHash[6];
+    signal hash[n * k];
 
-    for(var i = 0; i < 6; i++) {
-        if (i < msg_len) {
-            msgHash[i] <== hashParsed[i];
-        } else {
-            msgHash[i] <== 0;
+    for (var i = n * k - 1; i >= 0; i--) {
+        if (i <= n * k - 1 - HASH_LEN_BITS) {
+            hash[i] <== 0;
+        }else { 
+            hash[i] <== hashParsed[i - n * k + HASH_LEN_BITS];
         }
     }
 
-
     signal signature_r[k]; // ECDSA signature component r
     signal signature_s[k]; // ECDSA signature component s
     signal pubKey_x[k];
@@ -39,8 +37,7 @@ template Secp256r1Verifier(signatureAlgorithm, n, k) {
     signal pubkey_xy[2][k] <== [pubKey_x, pubKey_y];
 
     // verify eContentHash signature
-    // component ecdsa_verify = ECDSAVerifyNoPubkeyCheck(n, k);
-    component ecdsa_verify = verifyECDSABigInt(n, k, [ 
+    component ecdsa_verify = verifyECDSABits(n, k, [ 
         18446744073709551612, 
         4294967295, 
         0, 
@@ -57,18 +54,10 @@ template Secp256r1Verifier(signatureAlgorithm, n, k) {
         4294967295, 
         0, 
         18446744069414584321 
-    ]);
+    ], n * k);
 
     ecdsa_verify.pubkey <== pubkey_xy;
     ecdsa_verify.signature <== [signature_r, signature_s];
-    ecdsa_verify.hashed <== hashParsed;
+    ecdsa_verify.hashed <== hash;
     ecdsa_verify.dummy <== 0;
-
-    // ecdsa_verify.r <== signature_r;
-    // ecdsa_verify.s <== signature_s;
-    // ecdsa_verify.msghash <== msgHash;
-    // ecdsa_verify.pubkey <== pubkey_xy;
-
-    // 1 === ecdsa_verify.result;
-
 }

circuits/circuits/utils/passport/signatureVerifier.circom

@@ -3,6 +3,8 @@ pragma circom 2.1.9;
 // include "../rsa/rsaPkcs1.circom";
 // include "secp256r1Verifier.circom";
 include "../circomlib/signature/rsapss/rsapss.circom";
+include "secp256r1Verifier.circom";
+// include "../rsapss/rsapss.circom";
 // include "../rsa/rsa.circom";
 include "../circomlib/signature/rsa/verifyRsaPkcs1v1_5.circom";
 include "../circomlib/utils/bytes.circom";
@@ -75,10 +77,10 @@ template SignatureVerifier(signatureAlgorithm, n, k) {
 
     }
     if (signatureAlgorithm == 7) {
-        // Secp256r1Verifier (signatureAlgorithm,n,k)(signature, pubKey,hashParsed);
+        Secp256r1Verifier (signatureAlgorithm, n, k)(signature, pubKey, hash);
     }
     if (signatureAlgorithm == 8) {
-        // Secp256r1Verifier (signatureAlgorithm,n,k)(signature, pubKey,hashParsed);
+        Secp256r1Verifier (signatureAlgorithm,n,k)(signature, pubKey, hash);
     }
     if (signatureAlgorithm == 9) {
     }

circuits/tests/dsc.test.ts

@@ -46,7 +46,13 @@ sigAlgs.forEach(({ sigAlg, hashFunction, domainParameter, keyLength }) => {
         throw new Error('Unsupported signature algorithm and hash function combination');
     }
 
-    const inputs = generateCircuitInputsDSC(BigInt(salt).toString(), dscCertPem, max_cert_bytes, true);
+    const inputs = generateCircuitInputsDSC(
+      BigInt(salt).toString(),
+      dscCertPem,
+      max_cert_bytes,
+      true
+    );
+    console.log('inputs', inputs.inputs);
 
     before(async () => {
       circuit = await wasm_tester(

circuits/tests/prove.test.ts

@@ -11,6 +11,7 @@ import { customHasher } from '../../common/src/utils/pubkeyTree';
 import { poseidon2 } from 'poseidon-lite';
 import { SMT } from '@openpassport/zk-kit-smt';
 import namejson from '../../common/ofacdata/outputs/nameSMT.json';
+import { log } from 'console';
 
 const sigAlgs = [
   { sigAlg: 'rsa', hashFunction: 'sha1', domainParameter: '65537', keyLength: '2048' },
@@ -23,12 +24,12 @@ const sigAlgs = [
   // { sigAlg: 'rsapss', hashFunction: 'sha384', domainParameter: '65537', keyLength: '3072' },
   { sigAlg: 'rsa', hashFunction: 'sha256', domainParameter: '3', keyLength: '2048' },
   { sigAlg: 'rsa', hashFunction: 'sha256', domainParameter: '65537', keyLength: '3072' },
-  // { sigAlg: 'ecdsa', hashFunction: 'sha256', domainParameter: 'secp256r1', keyLength: '256' },
-  // { sigAlg: 'ecdsa', hashFunction: 'sha1', domainParameter: 'secp256r1', keyLength: '256' },
+  { sigAlg: 'ecdsa', hashFunction: 'sha256', domainParameter: 'secp256r1', keyLength: '256' },
+  { sigAlg: 'ecdsa', hashFunction: 'sha1', domainParameter: 'secp256r1', keyLength: '256' },
 ];
 
 sigAlgs.forEach(({ sigAlg, hashFunction, domainParameter, keyLength }) => {
-  describe(`Prove - ${hashFunction.toUpperCase()} ${sigAlg.toUpperCase()} ${domainParameter} ${keyLength}`, function () {
+  describe.only(`Prove - ${hashFunction.toUpperCase()} ${sigAlg.toUpperCase()} ${domainParameter} ${keyLength}`, function () {
     this.timeout(0);
     let circuit: any;
 
@@ -38,6 +39,7 @@ sigAlgs.forEach(({ sigAlg, hashFunction, domainParameter, keyLength }) => {
       '000101',
       '300101'
     );
+
     const majority = '18';
     const user_identifier = crypto.randomUUID();
     const scope = '@coboyApp';
@@ -66,9 +68,6 @@ sigAlgs.forEach(({ sigAlg, hashFunction, domainParameter, keyLength }) => {
       user_identifier
     );
 
-    // console.log('sig');
-    // return;
-
     before(async () => {
       circuit = await wasm_tester(
         path.join(
@@ -92,6 +91,12 @@ sigAlgs.forEach(({ sigAlg, hashFunction, domainParameter, keyLength }) => {
     it('should calculate the witness with correct inputs', async function () {
       const w = await circuit.calculateWitness(inputs);
       await circuit.checkConstraints(w);
+      // circuits.getOutput takes way too long for ecdsa
+      if (sigAlg === 'ecdsa') {
+        console.log('skipping printing outputs to console for ecdsa');
+        return;
+      }
+
       const nullifier = (await circuit.getOutput(w, ['nullifier'])).nullifier;
       console.log('\x1b[34m%s\x1b[0m', 'nullifier', nullifier);
       const commitment = (await circuit.getOutput(w, ['commitment'])).commitment;
@@ -101,51 +106,51 @@ sigAlgs.forEach(({ sigAlg, hashFunction, domainParameter, keyLength }) => {
       console.log('\x1b[34m%s\x1b[0m', 'blinded_dsc_commitment', blinded_dsc_commitment);
 
       // const ofac_result = (await circuit.getOutput(w, ['ofac_result'])).ofac_result;
-      // console.log('\x1b[34m%s\x1b[0m', 'ofac_result', ofac_result);
+      // console.log('\x1b[34m%s\x1b[0m', 'ofac_result', ofac_result);`
 
       expect(blinded_dsc_commitment).to.be.not.null;
       expect(nullifier).to.be.not.null;
     });
 
-    // it('should fail to calculate witness with invalid mrz', async function () {
-    //   try {
-    //     const invalidInputs = {
-    //       ...inputs,
-    //       dg1: Array(93)
-    //         .fill(0)
-    //         .map((byte) => BigInt(byte).toString()),
-    //     };
-    //     await circuit.calculateWitness(invalidInputs);
-    //     expect.fail('Expected an error but none was thrown.');
-    //   } catch (error) {
-    //     expect(error.message).to.include('Assert Failed');
-    //   }
-    // });
+    it('should fail to calculate witness with invalid mrz', async function () {
+      try {
+        const invalidInputs = {
+          ...inputs,
+          dg1: Array(93)
+            .fill(0)
+            .map((byte) => BigInt(byte).toString()),
+        };
+        await circuit.calculateWitness(invalidInputs);
+        expect.fail('Expected an error but none was thrown.');
+      } catch (error) {
+        expect(error.message).to.include('Assert Failed');
+      }
+    });
 
-    // it('should fail to calculate witness with invalid eContent', async function () {
-    //   try {
-    //     const invalidInputs = {
-    //       ...inputs,
-    //       eContent: inputs.eContent.map((byte: string) => String((parseInt(byte, 10) + 1) % 256)),
-    //     };
-    //     await circuit.calculateWitness(invalidInputs);
-    //     expect.fail('Expected an error but none was thrown.');
-    //   } catch (error) {
-    //     expect(error.message).to.include('Assert Failed');
-    //   }
-    // });
+    it('should fail to calculate witness with invalid eContent', async function () {
+      try {
+        const invalidInputs = {
+          ...inputs,
+          eContent: inputs.eContent.map((byte: string) => String((parseInt(byte, 10) + 1) % 256)),
+        };
+        await circuit.calculateWitness(invalidInputs);
+        expect.fail('Expected an error but none was thrown.');
+      } catch (error) {
+        expect(error.message).to.include('Assert Failed');
+      }
+    });
 
-    // it('should fail to calculate witness with invalid signature', async function () {
-    //   try {
-    //     const invalidInputs = {
-    //       ...inputs,
-    //       signature: inputs.signature.map((byte: string) => String((parseInt(byte, 10) + 1) % 256)),
-    //     };
-    //     await circuit.calculateWitness(invalidInputs);
-    //     expect.fail('Expected an error but none was thrown.');
-    //   } catch (error) {
-    //     expect(error.message).to.include('Assert Failed');
-    //   }
-    // });
+    it('should fail to calculate witness with invalid signature', async function () {
+      try {
+        const invalidInputs = {
+          ...inputs,
+          signature: inputs.signature.map((byte: string) => String((parseInt(byte, 10) + 1) % 256)),
+        };
+        await circuit.calculateWitness(invalidInputs);
+        expect.fail('Expected an error but none was thrown.');
+      } catch (error) {
+        expect(error.message).to.include('Assert Failed');
+      }
+    });
   });
 });

common/src/utils/genMockPassportData.ts

@@ -166,6 +166,7 @@ export function genMockPassportData(
 
   const { hashFunction, hashLen } = parseCertificate(dsc);
 
+  console.log(mrz);
   const mrzHash = hash(hashFunction, formatMrz(mrz));
   const concatenatedDataHashes = formatAndConcatenateDataHashes(
     [[1, mrzHash], ...sampleDataHashes],