mirror of
https://github.com/selfxyz/self.git
synced 2026-04-05 03:00:53 -04:00
clean/refactor fix devmode
This commit is contained in:
turnoffthiscomputer
@@ -50,10 +50,12 @@ export const ECDSA_K_LENGTH_FACTOR = 2;
|
||||
// possible values because of sha1 constaints: 192,320,384, 448, 576, 640
|
||||
|
||||
export const circuitNameFromMode = {
|
||||
prove: 'prove',
|
||||
prove_onchain: 'prove',
|
||||
prove_offchain: 'prove',
|
||||
register: 'prove',
|
||||
vc_and_disclose: 'vc_and_disclose',
|
||||
dsc: 'dsc',
|
||||
}
|
||||
|
||||
export enum SignatureAlgorithmIndex {
|
||||
|
||||
@@ -14,6 +14,7 @@ export interface OpenPassportAppPartial {
|
||||
sessionId: string;
|
||||
userId: string;
|
||||
userIdType: UserIdType;
|
||||
devMode: boolean;
|
||||
}
|
||||
|
||||
export interface OpenPassportApp extends OpenPassportAppPartial {
|
||||
|
||||
@@ -5,6 +5,8 @@ import elliptic from 'elliptic';
|
||||
import { parseRsaPublicKey, parseRsaPssPublicKey, parseECParameters } from './publicKeyDetails';
|
||||
import { PublicKeyDetailsRSAPSS } from './dataStructure';
|
||||
import { getNamedCurve } from './curves';
|
||||
import { circuitNameFromMode } from '../../constants/constants';
|
||||
import { Mode } from '../appType';
|
||||
|
||||
if (typeof global.Buffer === 'undefined') {
|
||||
global.Buffer = require('buffer').Buffer;
|
||||
@@ -48,12 +50,16 @@ export function parseCertificate(pem: string) {
|
||||
|
||||
}
|
||||
|
||||
export const getCircuitName = (circuitType: string, signatureAlgorithm: string, hashFunction: string) => {
|
||||
if (signatureAlgorithm === 'ecdsa') {
|
||||
return circuitType + "_" + signatureAlgorithm + "_secp256r1_" + hashFunction;
|
||||
export const getCircuitName = (circuitMode: Mode, signatureAlgorithm: string, hashFunction: string) => {
|
||||
const circuit = circuitNameFromMode[circuitMode];
|
||||
if (circuit == 'vc_and_disclose') {
|
||||
return 'vc_and_disclose';
|
||||
}
|
||||
else if (signatureAlgorithm === 'ecdsa') {
|
||||
return circuit + "_" + signatureAlgorithm + "_secp256r1_" + hashFunction;
|
||||
}
|
||||
else {
|
||||
return circuitType + "_" + signatureAlgorithm + "_65537_" + hashFunction;
|
||||
return circuit + "_" + signatureAlgorithm + "_65537_" + hashFunction;
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
import { sha1Pad, sha256Pad } from "./shaPad";
|
||||
import { shaPad } from "./shaPad";
|
||||
import * as forge from "node-forge";
|
||||
import { bytesToBigDecimal, extractRSFromSignature, getNAndK, getNAndKCSCA, hexToDecimal, splitToWords } from "./utils";
|
||||
import { CSCA_TREE_DEPTH, MODAL_SERVER_ADDRESS } from "../constants/constants";
|
||||
@@ -9,13 +9,16 @@ import axios from "axios";
|
||||
import { parseCertificate } from "./certificates/handleCertificate";
|
||||
import { getLeafCSCA } from "./pubkeyTree";
|
||||
import { SKI_PEM, SKI_PEM_DEV } from "../constants/skiPem";
|
||||
|
||||
export function findStartIndex(modulus: string, messagePadded: Uint8Array): number {
|
||||
console.log('messagePadded', messagePadded);
|
||||
const modulusNumArray = [];
|
||||
for (let i = 0; i < modulus.length; i += 2) {
|
||||
const hexPair = modulus.slice(i, i + 2);
|
||||
const number = parseInt(hexPair, 16);
|
||||
modulusNumArray.push(number);
|
||||
}
|
||||
console.log('modulusNumArray', modulusNumArray);
|
||||
const messagePaddedNumber = [];
|
||||
for (let i = 0; i < messagePadded.length; i += 1) {
|
||||
const number = Number(messagePadded[i]);
|
||||
@@ -26,17 +29,18 @@ export function findStartIndex(modulus: string, messagePadded: Uint8Array): numb
|
||||
if (modulusNumArray[0] === messagePaddedNumber[i]) {
|
||||
for (let j = 0; j < modulusNumArray.length; j++) {
|
||||
if (modulusNumArray[j] !== messagePaddedNumber[i + j]) {
|
||||
//console.log("NO MODULUS FOUND IN CERTIFICATE");
|
||||
break;
|
||||
}
|
||||
else if (j === modulusNumArray.length - 1) {
|
||||
//console.log("MODULUS FOUND IN CERTIFICATE");
|
||||
startIndex = i;
|
||||
}
|
||||
}
|
||||
break;
|
||||
}
|
||||
}
|
||||
if (startIndex === -1) {
|
||||
throw new Error('DSC Pubkey not found in CSCA certificate');
|
||||
}
|
||||
return startIndex;
|
||||
}
|
||||
|
||||
@@ -52,18 +56,7 @@ export function generateCircuitInputsDSC(dscSecret: string, dscCertificate: any,
|
||||
const { signatureAlgorithm, hashFunction, publicKeyDetails, x, y, modulus, curve, exponent, bits, subjectKeyIdentifier, authorityKeyIdentifier } = parseCertificate(dscCertificate);
|
||||
let dsc_message_padded;
|
||||
let dsc_messagePaddedLen;
|
||||
switch (hashFunction) {
|
||||
case 'sha1':
|
||||
[dsc_message_padded, dsc_messagePaddedLen] = sha1Pad(dscTbsCertUint8Array, max_cert_bytes);
|
||||
break;
|
||||
case 'sha256':
|
||||
[dsc_message_padded, dsc_messagePaddedLen] = sha256Pad(dscTbsCertUint8Array, max_cert_bytes);
|
||||
break;
|
||||
default:
|
||||
console.log("Signature algorithm not recognized", signatureAlgorithm);
|
||||
[dsc_message_padded, dsc_messagePaddedLen] = sha256Pad(dscTbsCertUint8Array, max_cert_bytes);
|
||||
break;
|
||||
}
|
||||
[dsc_message_padded, dsc_messagePaddedLen] = shaPad(dscTbsCertUint8Array, max_cert_bytes);
|
||||
|
||||
const { n, k } = getNAndK(signatureAlgorithm);
|
||||
// Extract the signature from the DSC certificate
|
||||
@@ -78,6 +71,7 @@ export function generateCircuitInputsDSC(dscSecret: string, dscCertificate: any,
|
||||
const dsc_messagePaddedLen_formatted = BigInt(dsc_messagePaddedLen).toString()
|
||||
|
||||
const cscaPem = getCSCAFromSKI(authorityKeyIdentifier, devMode);
|
||||
console.log('cscaPem', cscaPem);
|
||||
|
||||
const { x: csca_x, y: csca_y, modulus: csca_modulus, signature_algorithm: csca_signature_algorithm } = parseCertificate(cscaPem);
|
||||
const { n: n_csca, k: k_csca } = getNAndKCSCA(csca_signature_algorithm);
|
||||
@@ -139,12 +133,13 @@ export function generateCircuitInputsDSC(dscSecret: string, dscCertificate: any,
|
||||
|
||||
}
|
||||
|
||||
export function getCSCAFromSKI(ski: string, devMode: boolean): string | null {
|
||||
export function getCSCAFromSKI(ski: string, devMode: boolean): string {
|
||||
const cscaPemPROD = (SKI_PEM as any)[ski];
|
||||
const cscaPemDEV = (SKI_PEM_DEV as any)[ski];
|
||||
const cscaPem = devMode ? cscaPemDEV || cscaPemPROD : cscaPemPROD;
|
||||
if (!cscaPem) {
|
||||
console.log('\x1b[31m%s\x1b[0m', `CSCA with SKI ${ski} not found`, 'devMode: ', devMode);
|
||||
throw new Error(`CSCA not found, authorityKeyIdentifier: ${ski}, areMockPassportsAllowed: ${devMode},`);
|
||||
}
|
||||
return cscaPem;
|
||||
}
|
||||
|
||||
@@ -218,12 +218,10 @@ export function generateCircuitInputsProve(
|
||||
}
|
||||
|
||||
const [eContentPadded, eContentLen] = shaPad(
|
||||
signatureAlgorithm,
|
||||
new Uint8Array(eContent),
|
||||
MAX_PADDED_ECONTENT_LEN[signatureAlgorithmFullName]
|
||||
);
|
||||
const [signedAttrPadded, signedAttrPaddedLen] = shaPad(
|
||||
signatureAlgorithm,
|
||||
new Uint8Array(signedAttr),
|
||||
MAX_PADDED_SIGNED_ATTR_LEN[signatureAlgorithmFullName]
|
||||
);
|
||||
|
||||
@@ -1,37 +1,7 @@
|
||||
// Copied from zk-email cuz it uses crypto so can't import it here.
|
||||
|
||||
export function shaPad(signatureAlgorithm: string, prehash_prepad_m: Uint8Array, maxShaBytes: number): [Uint8Array, number] {
|
||||
if (signatureAlgorithm == 'sha1WithRSAEncryption') {
|
||||
return sha1Pad(prehash_prepad_m, maxShaBytes);
|
||||
} else {
|
||||
return sha256Pad(prehash_prepad_m, maxShaBytes);
|
||||
}
|
||||
}
|
||||
|
||||
// Puts an end selector, a bunch of 0s, then the length, then fill the rest with 0s.
|
||||
export function sha1Pad(prehash_prepad_m: Uint8Array, maxShaBytes: number): [Uint8Array, number] {
|
||||
let length_bits = prehash_prepad_m.length * 8; // bytes to bits
|
||||
let length_in_bytes = int64toBytes(length_bits);
|
||||
prehash_prepad_m = mergeUInt8Arrays(prehash_prepad_m, int8toBytes(2 ** 7)); // Add the 1 on the end, length 505
|
||||
while ((prehash_prepad_m.length * 8 + length_in_bytes.length * 8) % 512 !== 0) {
|
||||
prehash_prepad_m = mergeUInt8Arrays(prehash_prepad_m, int8toBytes(0));
|
||||
}
|
||||
prehash_prepad_m = mergeUInt8Arrays(prehash_prepad_m, length_in_bytes);
|
||||
assert((prehash_prepad_m.length * 8) % 512 === 0, "Padding did not complete properly!");
|
||||
let messageLen = prehash_prepad_m.length;
|
||||
while (prehash_prepad_m.length < maxShaBytes) {
|
||||
prehash_prepad_m = mergeUInt8Arrays(prehash_prepad_m, int64toBytes(0));
|
||||
}
|
||||
assert(
|
||||
prehash_prepad_m.length === maxShaBytes,
|
||||
`Padding to max length did not complete properly! Your padded message is ${prehash_prepad_m.length} long but max is ${maxShaBytes}!`
|
||||
);
|
||||
return [prehash_prepad_m, messageLen];
|
||||
}
|
||||
|
||||
|
||||
// Puts an end selector, a bunch of 0s, then the length, then fill the rest with 0s.
|
||||
export function sha256Pad(prehash_prepad_m: Uint8Array, maxShaBytes: number): [Uint8Array, number] {
|
||||
export function shaPad(prehash_prepad_m: Uint8Array, maxShaBytes: number): [Uint8Array, number] {
|
||||
let length_bits = prehash_prepad_m.length * 8; // bytes to bits
|
||||
let length_in_bytes = int64toBytes(length_bits);
|
||||
prehash_prepad_m = mergeUInt8Arrays(prehash_prepad_m, int8toBytes(2 ** 7)); // Add the 1 on the end, length 505
|
||||
|
||||
Reference in New Issue
Block a user