feat: support sha512 brainpoolP512r1

2026-04-05 03:00:53 -04:00 · 2025-01-06 12:34:35 +05:30
parent c9d56364a0
commit 80caa3223c
17 changed files with 107739 additions and 82 deletions
--- a/common/src/constants/constants.ts
+++ b/common/src/constants/constants.ts
@@ -47,6 +47,7 @@ export const MAX_PADDED_ECONTENT_LEN: Partial<
  ecdsa_sha512_brainpoolP384r1_384: 640,
  ecdsa_sha1_brainpoolP224r1_224: 320,
  ecdsa_sha256_brainpoolP224r1_224: 384,
+  ecdsa_sha512_brainpoolP512r1_512: 640,
 };

 export const MAX_PADDED_SIGNED_ATTR_LEN: Partial<
@@ -73,6 +74,7 @@ export const MAX_PADDED_SIGNED_ATTR_LEN: Partial<
  ecdsa_sha512_brainpoolP384r1_384: 256,
  ecdsa_sha1_brainpoolP224r1_224: 192,
  ecdsa_sha256_brainpoolP224r1_224: 192,
+  ecdsa_sha512_brainpoolP512r1_512: 256,
 };

 export const MAX_CERT_BYTES: Partial<Record<keyof typeof SignatureAlgorithmIndex, number>> = {
@@ -123,6 +125,7 @@ export enum SignatureAlgorithmIndex {
  ecdsa_sha512_brainpoolP384r1_384 = 26,
  ecdsa_sha1_brainpoolP224r1_224 = 27,
  ecdsa_sha256_brainpoolP224r1_224 = 28,
+  ecdsa_sha512_brainpoolP512r1_512 = 29,
 }

 export const attributeToPosition = {
--- a/common/src/constants/mockCertificates.ts
+++ b/common/src/constants/mockCertificates.ts
@@ -1424,6 +1424,32 @@ dzuXqOBuBj1L+HpiiBobsDhL63c=
 -----END CERTIFICATE-----
 `;

+export const mock_dsc_key_sha512_brainpoolP512r1 = `-----BEGIN EC PRIVATE KEY-----
+MIHaAgEBBEBsh1A9ArliqvxSQg7Z4u9XszaGEJTw9qPD52QSVG9qWN7zfnl4xWmD
+m7ZCM00Lc2it0orK3FjymVEPr7GOcLgPoAsGCSskAwMCCAEBDaGBhQOBggAEjJkR
+N4I/rAdmNOyUfmz/xAZ8rhLQlKYk8qwdQg3XrW0r9VbXTRkdnJxZLo8m/PH9AlFL
+qHdloVKLJp+JkITdYWuLbDn+Y6wGUCsFLCfJR1YRByP5L0+gT4LcFlotLDmRm46B
+44q5Et+aQIimslTS9KAK6VlSSswSEaG2LqzSAD0=
+-----END EC PRIVATE KEY-----
+`;
+
+export const mock_dsc_sha512_brainpoolP512r1 = `-----BEGIN CERTIFICATE-----
+MIICYzCCAcigAwIBAgIUAwDW2UZPk3oy12xQCOrtAi4J8dswCgYIKoZIzj0EAwQw
+RTELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUxITAfBgNVBAoMGElu
+dGVybmV0IFdpZGdpdHMgUHR5IEx0ZDAeFw0yNDEyMzAxNDUyMTdaFw0yNTEyMzAx
+NDUyMTdaMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEwHwYD
+VQQKDBhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwgZswFAYHKoZIzj0CAQYJKyQD
+AwIIAQENA4GCAASMmRE3gj+sB2Y07JR+bP/EBnyuEtCUpiTyrB1CDdetbSv1VtdN
+GR2cnFkujyb88f0CUUuod2WhUosmn4mQhN1ha4tsOf5jrAZQKwUsJ8lHVhEHI/kv
+T6BPgtwWWi0sOZGbjoHjirkS35pAiKayVNL0oArpWVJKzBIRobYurNIAPaNTMFEw
+HQYDVR0OBBYEFGNz0nQzf/S2dvSrGKeczYkAapabMB8GA1UdIwQYMBaAFGNz0nQz
+f/S2dvSrGKeczYkAapabMA8GA1UdEwEB/wQFMAMBAf8wCgYIKoZIzj0EAwQDgYgA
+MIGEAkBvgsKebJL2PQOXy3KWDvb50ygqXAXItDbbqLqxE+7h7zswDiqQz/tDtDeG
+tGGbBQIiYYwa1WlqaTJA+AjUpsZCAkBW+Z7PiQJE4DNms8za0bzom7u5kaHGaOGU
+fRSx8q4PN04hIQfS8Rm4/1Zg8VmHIQ4kdnYC4WLQgXOmshSS8LTi
+-----END CERTIFICATE-----
+`;
+
 export const mock_dsc_key_sha256_rsa_65537_3072 = `-----BEGIN PRIVATE KEY-----
 MIIG/AIBADANBgkqhkiG9w0BAQEFAASCBuYwggbiAgEAAoIBgQCxoTQRUOf0mU86
 f71+4KF4MAU3EQ+XkTwdD8F4bKMhEOb0QpUtiQebkD5qyp04Ur/vRZWqpSJIwpvY
--- a/common/src/utils/certificates/curves.ts
+++ b/common/src/utils/certificates/curves.ts
@@ -102,6 +102,7 @@ export function getNamedCurve(oid: string): string {
    '1.3.132.0.35': 'secp521r1',
    '1.3.36.3.3.2.8.1.1.7': 'brainpoolP256r1',
    '1.3.36.3.3.2.8.1.1.11': 'brainpoolP384r1',
+    '1.3.36.3.3.2.8.1.1.13': 'brainpoolP512r1',
    // Add more curve OIDs as needed
  };
  if (!curves[oid]) {
@@ -118,6 +119,7 @@ export function getCurveForElliptic(curveName: string): string {
    brainpoolP224r1: 'brainpoolP224r1',
    brainpoolP256r1: 'brainpoolP256r1',
    brainpoolP384r1: 'brainpoolP384r1',
+    brainpoolP512r1: 'brainpoolP512r1',
  };

  if (!curves[curveName]) {
--- a/common/src/utils/certificates/publicKeyDetails.ts
+++ b/common/src/utils/certificates/publicKeyDetails.ts
@@ -80,6 +80,31 @@ defineCurve('brainpoolP384r1', {
  ],
 });

+defineCurve('brainpoolP512r1', {
+  type: 'short',
+  prime: null,
+  p:
+    'AADD9DB8 DBE9C48B 3FD4E6AE 33C9FC07 CB308DB3 B3C9D20E D6639CCA 70330871' +
+    '7D4D9B00 9BC66842 AECDA12A E6A380E6 2881FF2F 2D82C685 28AA6056 583A48F3',
+  a:
+    '7830A331 8B603B89 E2327145 AC234CC5 94CBDD8D 3DF91610 A83441CA EA9863BC' +
+    '2DED5D5A A8253AA1 0A2EF1C9 8B9AC8B5 7F1117A7 2BF2C7B9 E7C1AC4D 77FC94CA',
+  b:
+    '3DF91610 A83441CA EA9863BC 2DED5D5A A8253AA1 0A2EF1C9 8B9AC8B5 7F1117A7' +
+    '2BF2C7B9 E7C1AC4D 77FC94CA DC083E67 984050B7 5EBAE5DD 2809BD63 8016F723',
+  n:
+    'AADD9DB8 DBE9C48B 3FD4E6AE 33C9FC07 CB308DB3 B3C9D20E D6639CCA 70330870' +
+    '553E5C41 4CA92619 41866119 7FAC1047 1DB1D381 085DDADD B5879682 9CA90069',
+  hash: hash.sha512,
+  gRed: false,
+  g: [
+    '81AEE4BDD82ED9645A21322E9C4C6A9385ED9F70B5D916C1B43B62EEF4D009' +
+      '8EFF3B1F78E2D0D48D50D1687B93B97D5F7C6D5047406A5E688B352209BCB9F822',
+    '7DDE385D566332ECC0EABFA9CF7822FDF209F70024A57B1AA000C55B881F81' +
+      '11B2DCDE494A5F485E5BCA4BD88A2763AED1CA2B2FA8F0540678CD1E0F3AD80892',
+  ],
+});
+
 export function parseRsaPublicKey(subjectPublicKeyInfo: any): PublicKeyDetailsRSA {
  const publicKey = subjectPublicKeyInfo.subjectPublicKey;
  const asn1PublicKey = fromBER(publicKey.valueBlock.valueHexView);
@@ -134,6 +159,7 @@ export function parseECParameters(publicKeyInfo: any): PublicKeyDetailsECDSA {
      brainpoolP224r1: 224,
      brainpoolP256r1: 256,
      brainpoolP384r1: 384,
+      brainpoolP512r1: 512,
    };
    const bits = fieldSizeMap[curve];

--- a/common/src/utils/genMockPassportData.ts
+++ b/common/src/utils/genMockPassportData.ts
@@ -48,6 +48,8 @@ import {
  mock_dsc_sha1_brainpoolP224r1,
  mock_dsc_key_sha256_brainpoolP224r1,
  mock_dsc_sha256_brainpoolP224r1,
+  mock_dsc_key_sha512_brainpoolP512r1,
+  mock_dsc_sha512_brainpoolP512r1,
 } from '../constants/mockCertificates';
 import { sampleDataHashes_small, sampleDataHashes_large } from '../constants/sampleDataHashes';
 import { countryCodes } from '../constants/constants';
@@ -213,6 +215,11 @@ export function genMockPassportData(
      privateKeyPem = mock_dsc_key_sha256_brainpoolP224r1;
      dsc = mock_dsc_sha256_brainpoolP224r1;
      break;
+    case 'ecdsa_sha512_brainpoolP512r1_512':
+      sampleDataHashes = genSampleDataHashes('large', 64);
+      privateKeyPem = mock_dsc_key_sha512_brainpoolP512r1;
+      dsc = mock_dsc_sha512_brainpoolP512r1;
+      break;
  }

  const { hashFunction, hashLen } = parseCertificate(dsc);
--- a/common/src/utils/generateInputs.ts
+++ b/common/src/utils/generateInputs.ts
@@ -229,7 +229,6 @@ export function generateCircuitInputsProve(
    );
  }

-  console.log('hashFunction', hashFunction);
  const paddingFunction =
    hashFunction == 'sha1' || hashFunction == 'sha256' ? shaPad : sha384_512Pad;

--- a/common/src/utils/types.ts
+++ b/common/src/utils/types.ts
@@ -36,7 +36,8 @@ export type SignatureAlgorithm =
  | 'ecdsa_sha384_brainpoolP384r1_384'
  | 'ecdsa_sha512_brainpoolP384r1_384'
  | 'ecdsa_sha1_brainpoolP224r1_224'
-  | 'ecdsa_sha256_brainpoolP224r1_224';
+  | 'ecdsa_sha256_brainpoolP224r1_224'
+  | 'ecdsa_sha512_brainpoolP512r1_512';

 export type Proof = {
  proof: {