feat: support sha512 brainpoolP256r1

common/src/constants/constants.ts

@@ -42,6 +42,7 @@ export const MAX_PADDED_ECONTENT_LEN: Partial<
   rsa_sha256_3_2048: 384,
   ecdsa_sha256_brainpoolP256r1_256: 384,
   ecdsa_sha384_brainpoolP256r1_256: 512,
+  ecdsa_sha512_brainpoolP256r1_256: 640,
   ecdsa_sha384_brainpoolP384r1_384: 512,
 };
 
@@ -65,6 +66,7 @@ export const MAX_PADDED_SIGNED_ATTR_LEN: Partial<
   ecdsa_sha256_brainpoolP256r1_256: 192,
   ecdsa_sha384_brainpoolP256r1_256: 256,
   ecdsa_sha384_brainpoolP384r1_384: 256,
+  ecdsa_sha512_brainpoolP256r1_256: 256,
 };
 
 export const MAX_CERT_BYTES: Partial<Record<keyof typeof SignatureAlgorithmIndex, number>> = {
@@ -111,6 +113,7 @@ export enum SignatureAlgorithmIndex {
   ecdsa_sha384_brainpoolP384r1_384 = 22,
   ecdsa_sha256_secp384r1_384 = 23,
   ecdsa_sha384_brainpoolP256r1_256 = 24,
+  ecdsa_sha512_brainpoolP256r1_256 = 25,
 }
 
 export const attributeToPosition = {

common/src/constants/mockCertificates.ts

@@ -1288,6 +1288,28 @@ WtFT
 -----END CERTIFICATE-----
 `;
 
+export const mock_dsc_key_sha512_brainpoolP256r1 = `-----BEGIN EC PRIVATE KEY-----
+MHgCAQEEIFuQVhd8HfMpFLdTH60+UA1HfePAQkfeaGH6V9FJe5kioAsGCSskAwMC
+CAEBB6FEA0IABCAx2ey4sj3xDzMbrJyjyINrSw57z98QcllbStcRHCz2YIfUUvsh
+KwkgnEMAWec4iy3jeZ8yeLcoGk0fi6iCoLk=
+-----END EC PRIVATE KEY-----
+`;
+
+export const mock_dsc_sha512_brainpoolP256r1 = `-----BEGIN CERTIFICATE-----
+MIIB3zCCAYagAwIBAgIUQYSjqrXJx+UTzjryNw2jl8a8bUowCgYIKoZIzj0EAwQw
+RTELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUxITAfBgNVBAoMGElu
+dGVybmV0IFdpZGdpdHMgUHR5IEx0ZDAeFw0yNDEyMjgwODU5NDFaFw0yNTEyMjgw
+ODU5NDFaMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEwHwYD
+VQQKDBhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwWjAUBgcqhkjOPQIBBgkrJAMD
+AggBAQcDQgAEIDHZ7LiyPfEPMxusnKPIg2tLDnvP3xByWVtK1xEcLPZgh9RS+yEr
+CSCcQwBZ5ziLLeN5nzJ4tygaTR+LqIKguaNTMFEwHQYDVR0OBBYEFDxCzGkoR6xw
+Im2XGg/24tJ+2fgyMB8GA1UdIwQYMBaAFDxCzGkoR6xwIm2XGg/24tJ+2fgyMA8G
+A1UdEwEB/wQFMAMBAf8wCgYIKoZIzj0EAwQDRwAwRAIgPC4h2/aUem5OMnwMy42R
+9j/NhYacXZGKXZv5KVBq5o4CIE/LcOS7bs7K3uNOdFxdJDCpK56YGV4H3O1paLpt
+VqPW
+-----END CERTIFICATE-----
+`;
+
 export const mock_dsc_key_sha256_secp384r1 = `-----BEGIN EC PRIVATE KEY-----
 MIGkAgEBBDBZthN5/vhpqE/ALHj35A/pMkfSDRxFKKweTYs2IxR0eW6RJQlZhdgk
 TGP7rQ4EKF6gBwYFK4EEACKhZANiAASsl16vufqKa/qdJWIEDO5no2useouKh4Zk

common/src/utils/genMockPassportData.ts

@@ -40,6 +40,8 @@ import {
   mock_dsc_sha256_secp384r1,
   mock_dsc_key_sha384_brainpoolP256r1,
   mock_dsc_sha384_brainpoolP256r1,
+  mock_dsc_key_sha512_brainpoolP256r1,
+  mock_dsc_sha512_brainpoolP256r1,
 } from '../constants/mockCertificates';
 import { sampleDataHashes_small, sampleDataHashes_large } from '../constants/sampleDataHashes';
 import { countryCodes } from '../constants/constants';
@@ -160,6 +162,11 @@ export function genMockPassportData(
       privateKeyPem = mock_dsc_key_sha384_brainpoolP256r1;
       dsc = mock_dsc_sha384_brainpoolP256r1;
       break;
+    case 'ecdsa_sha512_brainpoolP256r1_256':
+      sampleDataHashes = genSampleDataHashes('large', 64);
+      privateKeyPem = mock_dsc_key_sha512_brainpoolP256r1;
+      dsc = mock_dsc_sha512_brainpoolP256r1;
+      break;
     case 'rsa_sha256_3_2048':
       sampleDataHashes = genSampleDataHashes('large', 32);
       privateKeyPem = mock_dsc_key_sha256_rsa_3_2048;
@@ -189,8 +196,6 @@ export function genMockPassportData(
 
   const { hashFunction, hashLen } = parseCertificate(dsc);
 
-  console.log('hashFunction', hashFunction);
-
   const mrzHash = hash(hashFunction, formatMrz(mrz));
   const concatenatedDataHashes = formatAndConcatenateDataHashes(
     [[1, mrzHash], ...sampleDataHashes],

common/src/utils/generateInputs.ts

@@ -211,6 +211,9 @@ export function generateCircuitInputsProve(
   const dg1HashOffset = findSubarrayIndex(eContent, dg1Hash);
   console.log('\x1b[90m%s\x1b[0m', 'dg1HashOffset', dg1HashOffset);
   assert(dg1HashOffset !== -1, `DG1 hash ${dg1Hash} not found in eContent`);
+  console.log(
+    JSON.stringify(eContent.slice(dg1HashOffset, dg1HashOffset + 512 / 8).map((x) => x & 0xff))
+  );
 
   const eContentHash = hash(hashFunction, eContent);
   const eContentHashOffset = findSubarrayIndex(signedAttr, eContentHash);

common/src/utils/types.ts

@@ -26,6 +26,7 @@ export type SignatureAlgorithm =
   | 'ecdsa_sha256_secp384r1_384'
   | 'ecdsa_sha256_brainpoolP256r1_256'
   | 'ecdsa_sha384_brainpoolP256r1_256'
+  | 'ecdsa_sha512_brainpoolP256r1_256'
   | 'rsa_sha256_3_2048'
   | 'rsa_sha256_65537_3072'
   | 'rsa_sha256_65537_4096'

common/src/utils/utils.ts

@@ -1,7 +1,7 @@
 import { LeanIMT } from '@openpassport/zk-kit-lean-imt';
 import { sha256 } from 'js-sha256';
 import { sha1 } from 'js-sha1';
-import { sha384, sha512_256 } from 'js-sha512';
+import { sha384, sha512 } from 'js-sha512';
 import { SMT } from '@openpassport/zk-kit-smt';
 import forge from 'node-forge';
 import {
@@ -252,7 +252,7 @@ export function hash(hashFunction: string, bytesArray: number[]): number[] {
       hashResult = sha384(unsignedBytesArray);
       break;
     case 'sha512':
-      hashResult = sha512_256(unsignedBytesArray);
+      hashResult = sha512(unsignedBytesArray);
       break;
     default:
       console.log('\x1b[31m%s\x1b[0m', `${hashFunction} not found in hash`); // Log in red