mirror of
https://github.com/selfxyz/self.git
synced 2026-04-05 03:00:53 -04:00
merge dev into feat/brutforce-sigalg
This commit is contained in:
turnoffthiscomputer
@@ -40,21 +40,23 @@ export const DEFAULT_MAJORITY = '18';
|
||||
// rsa_sha256_65537_3072: 384,
|
||||
// rsa_sha256_3_2048: 384,
|
||||
// };
|
||||
export const hashAlgos = ['sha512', 'sha384', 'sha256', 'sha1'];
|
||||
export const hashAlgos = ['sha512', 'sha384', 'sha256', 'sha224', 'sha1'];
|
||||
export const saltLengths = [64, 48, 32];
|
||||
|
||||
export const MAX_PADDED_ECONTENT_LEN: Partial<Record<(typeof hashAlgos)[number], number>> = {
|
||||
sha1: 320,
|
||||
sha224: 384,
|
||||
sha256: 448,
|
||||
sha384: 576,
|
||||
sha512: 704,
|
||||
sha384: 640,
|
||||
sha512: 768,
|
||||
};
|
||||
|
||||
export const MAX_PADDED_SIGNED_ATTR_LEN: Partial<Record<(typeof hashAlgos)[number], number>> = {
|
||||
export const MAX_PADDED_SIGNED_ATTR_LEN: Record<(typeof hashAlgos)[number], number> = {
|
||||
sha1: 128,
|
||||
sha224: 128,
|
||||
sha256: 128,
|
||||
sha384: 128,
|
||||
sha512: 192,
|
||||
sha384: 256,
|
||||
sha512: 256,
|
||||
};
|
||||
|
||||
export const MAX_CERT_BYTES: Partial<Record<keyof typeof SignatureAlgorithmIndex, number>> = {
|
||||
@@ -97,6 +99,16 @@ export enum SignatureAlgorithmIndex {
|
||||
rsapss_sha256_3_4096 = 17,
|
||||
rsapss_sha384_65537_3072 = 18,
|
||||
rsapss_sha256_65537_3072 = 19,
|
||||
ecdsa_sha256_brainpoolP256r1_256 = 21,
|
||||
ecdsa_sha384_brainpoolP384r1_384 = 22,
|
||||
ecdsa_sha256_secp384r1_384 = 23,
|
||||
ecdsa_sha384_brainpoolP256r1_256 = 24,
|
||||
ecdsa_sha512_brainpoolP256r1_256 = 25,
|
||||
ecdsa_sha512_brainpoolP384r1_384 = 26,
|
||||
ecdsa_sha1_brainpoolP224r1_224 = 27,
|
||||
ecdsa_sha256_brainpoolP224r1_224 = 28,
|
||||
ecdsa_sha512_brainpoolP512r1_512 = 29,
|
||||
ecdsa_sha224_brainpoolP224r1_224 = 30,
|
||||
}
|
||||
|
||||
export const attributeToPosition = {
|
||||
|
||||
@@ -842,7 +842,7 @@ y00BVp5UAQry8PX44G2xkXpAEW4pBs5XlMRTAIZiv3DtCSvI7XEfJuPUXhBCA0E4
|
||||
A/1QCkPCcxlmlW0IEvGyp/sw72O3TOFDb5Gwf7WgYuu5en4ZmONNX7fKvqtq8Xsq
|
||||
Bqf6X9iYShjOpdHuX9tGURWgc3HzY1Ma6Q+8ls2mTUsA5ts8IXDXQDuG5cLoPMIF
|
||||
IaPHCe6w0yEsmBjqhqZfkPxbJwW6OimbDaP6Eh0FYBCv6rhakZIswUceWhdUQHaV
|
||||
OQk/OfA1zDMCggEBAKkhi/876Pjw4I0zbPZ2o+wxGhaIr93PIRwBPSByMPvqZFYy
|
||||
OQk/OfA1zDMCggEBAKkhi/876Pjw4I0zbPZ2o+wxGhaIr93PIRwBPSByMPvqZFYycd ..
|
||||
n2gf24JJtwsff2yYRRpVzpr8yKepv3jyAbmQCILKTUakvabyiBPxpUYH9nHsXo5C
|
||||
5jpmGxGgGPbsqyNP+6Y2DdmiUtKEoQiQjAE4q40s9T/8t+VNVagJqK6R7+zrjMe4
|
||||
inwkbQkA7CwhWlNPBWAsIf8EwN579OsPrIXknk4i7lia7BIMetrcHxXFqY/qJOpL
|
||||
@@ -1244,6 +1244,67 @@ d+9Msdsovrc=
|
||||
-----END CERTIFICATE-----
|
||||
`;
|
||||
|
||||
export const mock_dsc_key_sha1_brainpoolP224r1 = `-----BEGIN EC PRIVATE KEY-----
|
||||
MGwCAQEEHEtm6OSi3EClphbb0ovVMLNX6SCQ/ZpYsFTjlnqgCwYJKyQDAwIIAQEF
|
||||
oTwDOgAEb8kcLsVLjpC1RWAjA/lRTHP2HVdW1ntmtfo1g2R6E6NkgLetsRXxc8Sn
|
||||
CJ71v4bL9/50ksOiv+U=
|
||||
-----END EC PRIVATE KEY-----
|
||||
`;
|
||||
|
||||
export const mock_dsc_sha1_brainpoolP224r1 = `-----BEGIN CERTIFICATE-----
|
||||
MIIBzTCCAX2gAwIBAgIUL2Uxhvbe1w8fdNbH+/nFp0LvkEYwCQYHKoZIzj0EATBF
|
||||
MQswCQYDVQQGEwJBVTETMBEGA1UECAwKU29tZS1TdGF0ZTEhMB8GA1UECgwYSW50
|
||||
ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMB4XDTI0MTIzMDA4NDQ0MVoXDTI1MTIzMDA4
|
||||
NDQ0MVowRTELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUxITAfBgNV
|
||||
BAoMGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDBSMBQGByqGSM49AgEGCSskAwMC
|
||||
CAEBBQM6AARvyRwuxUuOkLVFYCMD+VFMc/YdV1bWe2a1+jWDZHoTo2SAt62xFfFz
|
||||
xKcInvW/hsv3/nSSw6K/5aNTMFEwHQYDVR0OBBYEFHWg+dJpv6bTRvEWrInb/XtX
|
||||
XIzPMB8GA1UdIwQYMBaAFHWg+dJpv6bTRvEWrInb/XtXXIzPMA8GA1UdEwEB/wQF
|
||||
MAMBAf8wCQYHKoZIzj0EAQM/ADA8Ahx0BuqVqweU/EHvq42lTIH6ku+wPMoqvUL/
|
||||
jnD0AhwDAIPS8xytmOiI0MuVj3kwdnzTLdsGslSkmj8l
|
||||
-----END CERTIFICATE-----
|
||||
`;
|
||||
|
||||
export const mock_dsc_key_sha224_braipoolP224r1 = `-----BEGIN EC PRIVATE KEY-----
|
||||
MGwCAQEEHD8zMUlakQzf4dhsIN/RlRKZqRRPX+y2LJj/6OWgCwYJKyQDAwIIAQEF
|
||||
oTwDOgAEVhYeSwufAC+rdeIw8skbC2bwM3g7giuR+5vl0brGHgiEIaUr33msAPHz
|
||||
epGlvTkSRQz+nOWMogI=
|
||||
-----END EC PRIVATE KEY-----`;
|
||||
|
||||
export const mock_dsc_sha224_brainpoolP224r1 = `-----BEGIN CERTIFICATE-----
|
||||
MIIB0DCCAX6gAwIBAgIUKS+C9XWWr12MLB1+rcVEaYGW53UwCgYIKoZIzj0EAwEw
|
||||
RTELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUxITAfBgNVBAoMGElu
|
||||
dGVybmV0IFdpZGdpdHMgUHR5IEx0ZDAeFw0yNTAxMDcwNzUxMDJaFw0yNjAxMDcw
|
||||
NzUxMDJaMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEwHwYD
|
||||
VQQKDBhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwUjAUBgcqhkjOPQIBBgkrJAMD
|
||||
AggBAQUDOgAEVhYeSwufAC+rdeIw8skbC2bwM3g7giuR+5vl0brGHgiEIaUr33ms
|
||||
APHzepGlvTkSRQz+nOWMogKjUzBRMB0GA1UdDgQWBBS7hFp/MRDFZ//5GxYHnpM+
|
||||
N8mqKTAfBgNVHSMEGDAWgBS7hFp/MRDFZ//5GxYHnpM+N8mqKTAPBgNVHRMBAf8E
|
||||
BTADAQH/MAoGCCqGSM49BAMBA0AAMD0CHQCT+jX3mCRjmvdXO2HKlb9faeYgKfiX
|
||||
frIJV5mBAhwEqIQRW2USNItxRt1iTO69eBj/20q67UOhDgK2
|
||||
-----END CERTIFICATE-----`;
|
||||
|
||||
export const mock_dsc_key_sha256_brainpoolP224r1 = `-----BEGIN EC PRIVATE KEY-----
|
||||
MGwCAQEEHEtm6OSi3EClphbb0ovVMLNX6SCQ/ZpYsFTjlnqgCwYJKyQDAwIIAQEF
|
||||
oTwDOgAEb8kcLsVLjpC1RWAjA/lRTHP2HVdW1ntmtfo1g2R6E6NkgLetsRXxc8Sn
|
||||
CJ71v4bL9/50ksOiv+U=
|
||||
-----END EC PRIVATE KEY-----
|
||||
`;
|
||||
|
||||
export const mock_dsc_sha256_brainpoolP224r1 = `-----BEGIN CERTIFICATE-----
|
||||
MIIB0DCCAX6gAwIBAgIUVaUBruPv+13YqSDtb28faYlca1UwCgYIKoZIzj0EAwIw
|
||||
RTELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUxITAfBgNVBAoMGElu
|
||||
dGVybmV0IFdpZGdpdHMgUHR5IEx0ZDAeFw0yNDEyMzAxNDA2NTZaFw0yNTEyMzAx
|
||||
NDA2NTZaMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEwHwYD
|
||||
VQQKDBhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwUjAUBgcqhkjOPQIBBgkrJAMD
|
||||
AggBAQUDOgAEb8kcLsVLjpC1RWAjA/lRTHP2HVdW1ntmtfo1g2R6E6NkgLetsRXx
|
||||
c8SnCJ71v4bL9/50ksOiv+WjUzBRMB0GA1UdDgQWBBR1oPnSab+m00bxFqyJ2/17
|
||||
V1yMzzAfBgNVHSMEGDAWgBR1oPnSab+m00bxFqyJ2/17V1yMzzAPBgNVHRMBAf8E
|
||||
BTADAQH/MAoGCCqGSM49BAMCA0AAMD0CHQCXfviMoPED3c43XbavcZkccHVwxOYq
|
||||
aUpntBqzAhwqxYeED8F9yQVTF3NWcAd1kmySSE79HoCpjdTZ
|
||||
-----END CERTIFICATE-----
|
||||
`;
|
||||
|
||||
export const mock_dsc_key_sha256_brainpoolP256r1 = `-----BEGIN EC PRIVATE KEY-----
|
||||
MHgCAQEEIHX6m0IJHboaDf9ps1k41yUU1WmNW9bU/IOXWW0qJAFCoAsGCSskAwMC
|
||||
CAEBB6FEA0IABFVMiAVBX0noMTcHttSx+StzGj9l23Zg4RAWI3DpaFFiePOvNjAl
|
||||
@@ -1267,6 +1328,148 @@ gg==
|
||||
-----END CERTIFICATE-----
|
||||
`;
|
||||
|
||||
export const mock_dsc_key_sha384_brainpoolP256r1 = `-----BEGIN EC PRIVATE KEY-----
|
||||
MHgCAQEEIIhHbA4GKMOiNXQcXTiFlQUX2YFKz5U/Ya+vQa/YFo6foAsGCSskAwMC
|
||||
CAEBB6FEA0IABKje0Lfu0ACxcGqEJc2vF6AYckbw9LaoHIKRyM6ko91AFuNhEIsx
|
||||
pUF1FV+lornr3u0I7bOxL4PlOD+nZuRXGQE=
|
||||
-----END EC PRIVATE KEY-----
|
||||
`;
|
||||
|
||||
export const mock_dsc_sha384_brainpoolP256r1 = `-----BEGIN CERTIFICATE-----
|
||||
MIIB3zCCAYagAwIBAgIUNxoAJFWOPOCE9KOmtQZpg4NiEzMwCgYIKoZIzj0EAwMw
|
||||
RTELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUxITAfBgNVBAoMGElu
|
||||
dGVybmV0IFdpZGdpdHMgUHR5IEx0ZDAeFw0yNDEyMjgwNjE0MTZaFw0yNTEyMjgw
|
||||
NjE0MTZaMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEwHwYD
|
||||
VQQKDBhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwWjAUBgcqhkjOPQIBBgkrJAMD
|
||||
AggBAQcDQgAEqN7Qt+7QALFwaoQlza8XoBhyRvD0tqgcgpHIzqSj3UAW42EQizGl
|
||||
QXUVX6Wiueve7Qjts7Evg+U4P6dm5FcZAaNTMFEwHQYDVR0OBBYEFHB+vSzRl9Vy
|
||||
UedDOcm9V+sbVYlLMB8GA1UdIwQYMBaAFHB+vSzRl9VyUedDOcm9V+sbVYlLMA8G
|
||||
A1UdEwEB/wQFMAMBAf8wCgYIKoZIzj0EAwMDRwAwRAIgFv62dVvKdRlqCcRfQdax
|
||||
iSfNPb3k7L2E0ETWSZ0KLvICIC8csz7X6VOTuVspKl1YXlBM6hOx7gTVdaGKmTR2
|
||||
WtFT
|
||||
-----END CERTIFICATE-----
|
||||
`;
|
||||
|
||||
export const mock_dsc_key_sha512_brainpoolP256r1 = `-----BEGIN EC PRIVATE KEY-----
|
||||
MHgCAQEEIFuQVhd8HfMpFLdTH60+UA1HfePAQkfeaGH6V9FJe5kioAsGCSskAwMC
|
||||
CAEBB6FEA0IABCAx2ey4sj3xDzMbrJyjyINrSw57z98QcllbStcRHCz2YIfUUvsh
|
||||
KwkgnEMAWec4iy3jeZ8yeLcoGk0fi6iCoLk=
|
||||
-----END EC PRIVATE KEY-----
|
||||
`;
|
||||
|
||||
export const mock_dsc_sha512_brainpoolP256r1 = `-----BEGIN CERTIFICATE-----
|
||||
MIIB3zCCAYagAwIBAgIUQYSjqrXJx+UTzjryNw2jl8a8bUowCgYIKoZIzj0EAwQw
|
||||
RTELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUxITAfBgNVBAoMGElu
|
||||
dGVybmV0IFdpZGdpdHMgUHR5IEx0ZDAeFw0yNDEyMjgwODU5NDFaFw0yNTEyMjgw
|
||||
ODU5NDFaMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEwHwYD
|
||||
VQQKDBhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwWjAUBgcqhkjOPQIBBgkrJAMD
|
||||
AggBAQcDQgAEIDHZ7LiyPfEPMxusnKPIg2tLDnvP3xByWVtK1xEcLPZgh9RS+yEr
|
||||
CSCcQwBZ5ziLLeN5nzJ4tygaTR+LqIKguaNTMFEwHQYDVR0OBBYEFDxCzGkoR6xw
|
||||
Im2XGg/24tJ+2fgyMB8GA1UdIwQYMBaAFDxCzGkoR6xwIm2XGg/24tJ+2fgyMA8G
|
||||
A1UdEwEB/wQFMAMBAf8wCgYIKoZIzj0EAwQDRwAwRAIgPC4h2/aUem5OMnwMy42R
|
||||
9j/NhYacXZGKXZv5KVBq5o4CIE/LcOS7bs7K3uNOdFxdJDCpK56YGV4H3O1paLpt
|
||||
VqPW
|
||||
-----END CERTIFICATE-----
|
||||
`;
|
||||
|
||||
export const mock_dsc_key_sha256_secp384r1 = `-----BEGIN EC PRIVATE KEY-----
|
||||
MIGkAgEBBDBZthN5/vhpqE/ALHj35A/pMkfSDRxFKKweTYs2IxR0eW6RJQlZhdgk
|
||||
TGP7rQ4EKF6gBwYFK4EEACKhZANiAASsl16vufqKa/qdJWIEDO5no2useouKh4Zk
|
||||
AdtBf3fWjDnsT3J9ulxe0Ep+QbC8010o3dGQZL5UqwzoarLGrFentQ4wTJYzLXX2
|
||||
VHrLCyDjwswia1U3+I9ZYLp1TA9+88A=
|
||||
-----END EC PRIVATE KEY-----
|
||||
`;
|
||||
|
||||
export const mock_dsc_sha256_secp384r1 = `-----BEGIN CERTIFICATE-----
|
||||
MIICHDCCAaKgAwIBAgIUIxGxDq5DcnphGZhSQNaAMWC5WtcwCgYIKoZIzj0EAwIw
|
||||
RTELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUxITAfBgNVBAoMGElu
|
||||
dGVybmV0IFdpZGdpdHMgUHR5IEx0ZDAeFw0yNDEyMjgwNTMwMzlaFw0yNTEyMjgw
|
||||
NTMwMzlaMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEwHwYD
|
||||
VQQKDBhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwdjAQBgcqhkjOPQIBBgUrgQQA
|
||||
IgNiAASsl16vufqKa/qdJWIEDO5no2useouKh4ZkAdtBf3fWjDnsT3J9ulxe0Ep+
|
||||
QbC8010o3dGQZL5UqwzoarLGrFentQ4wTJYzLXX2VHrLCyDjwswia1U3+I9ZYLp1
|
||||
TA9+88CjUzBRMB0GA1UdDgQWBBQuToV7daaeM2l+EdWsqXX4NP1gFjAfBgNVHSME
|
||||
GDAWgBQuToV7daaeM2l+EdWsqXX4NP1gFjAPBgNVHRMBAf8EBTADAQH/MAoGCCqG
|
||||
SM49BAMCA2gAMGUCMFEUPb/G0QxEiAW0d1S7njA4UPPtgugQ44PDjWhFrwEowtEv
|
||||
gmDwQUgL/nKb+7GsSQIxANABnyvZSR9heu9rqqYxeW/0eGoQoDnSiZowdf7Z6fJP
|
||||
aiTuTmjxvd1KKxrCkmuSDg==
|
||||
-----END CERTIFICATE-----
|
||||
`;
|
||||
|
||||
export const mock_dsc_key_sha384_brainpoolP384r1 = `-----BEGIN EC PRIVATE KEY-----
|
||||
MIGoAgEBBDAAqX21j3nsvbpheKxpL3Vbj9Q5rkMqZ1LTVOpykpFezXH8R+d9tYgl
|
||||
lMBGmlszFJSgCwYJKyQDAwIIAQELoWQDYgAEf0p2YN3Lru5iZ8KRhZfUthvwBa9u
|
||||
SZgsKlmeBE7epzdpJvkGL3QSHO2GiF7Nv8MYEerqpwyynlAL9YK8HAqAXOoOa+rP
|
||||
RvG+mFXRYyRZTMwIH5/ULI29H+tLqsRejx4x
|
||||
-----END EC PRIVATE KEY-----
|
||||
`;
|
||||
|
||||
export const mock_dsc_sha384_brainpoolP384r1 = `-----BEGIN CERTIFICATE-----
|
||||
MIICHzCCAaagAwIBAgIUIWM2gNwyhyOd0Tv2h8Hm63b/s54wCgYIKoZIzj0EAwMw
|
||||
RTELMAkGA1UEBhMCSU4xEzARBgNVBAgMClNvbWUtU3RhdGUxITAfBgNVBAoMGElu
|
||||
dGVybmV0IFdpZGdpdHMgUHR5IEx0ZDAeFw0yNDEyMjcwOTQzMjBaFw0yNTEyMjcw
|
||||
OTQzMjBaMEUxCzAJBgNVBAYTAklOMRMwEQYDVQQIDApTb21lLVN0YXRlMSEwHwYD
|
||||
VQQKDBhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwejAUBgcqhkjOPQIBBgkrJAMD
|
||||
AggBAQsDYgAEf0p2YN3Lru5iZ8KRhZfUthvwBa9uSZgsKlmeBE7epzdpJvkGL3QS
|
||||
HO2GiF7Nv8MYEerqpwyynlAL9YK8HAqAXOoOa+rPRvG+mFXRYyRZTMwIH5/ULI29
|
||||
H+tLqsRejx4xo1MwUTAdBgNVHQ4EFgQUpCaQbwuQL/GaEmjSH4oVu8zku44wHwYD
|
||||
VR0jBBgwFoAUpCaQbwuQL/GaEmjSH4oVu8zku44wDwYDVR0TAQH/BAUwAwEB/zAK
|
||||
BggqhkjOPQQDAwNnADBkAjArBhymHpn9modIUw0Q/t3wxyzGYO9UpuiAxJiiRWVM
|
||||
SduwTA4zUXYzfQUEn50j4lQCMHbwK7l1rwHW0FlpAMG3GDFgTNUaCU2I/m3J4A/E
|
||||
bKeq3jWgsSb2o7VSgneDGG70Qw==
|
||||
-----END CERTIFICATE-----
|
||||
`;
|
||||
|
||||
export const mock_dsc_key_sha512_brainpoolP384r1 = `-----BEGIN EC PRIVATE KEY-----
|
||||
MIGoAgEBBDB4JkHrXVXl2oWIH04Wh0ERPrGi+oW6Gm4Qs+QMlzMlZFz/pGn9BbFo
|
||||
VwHIejJ8fuWgCwYJKyQDAwIIAQELoWQDYgAEgFY8mpSYBoiXECveGnKHO/9PW96k
|
||||
WT80fBf3/tz8vytQGhLzqFS4kcxSsoO9lJXnfLk+PTqKyHGX8wPAqD9MvGcD8pj1
|
||||
uvEviUV7Hp99wos7JXGGdm8koJhAvfGSt6N3
|
||||
-----END EC PRIVATE KEY-----
|
||||
`;
|
||||
|
||||
export const mock_dsc_sha512_brainpoolP384r1 = `-----BEGIN CERTIFICATE-----
|
||||
MIICIDCCAaagAwIBAgIUUxZNjQROjb8L3QFE3qKEAOuGA/4wCgYIKoZIzj0EAwQw
|
||||
RTELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUxITAfBgNVBAoMGElu
|
||||
dGVybmV0IFdpZGdpdHMgUHR5IEx0ZDAeFw0yNDEyMjgxMDA3MDdaFw0yNTEyMjgx
|
||||
MDA3MDdaMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEwHwYD
|
||||
VQQKDBhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwejAUBgcqhkjOPQIBBgkrJAMD
|
||||
AggBAQsDYgAEgFY8mpSYBoiXECveGnKHO/9PW96kWT80fBf3/tz8vytQGhLzqFS4
|
||||
kcxSsoO9lJXnfLk+PTqKyHGX8wPAqD9MvGcD8pj1uvEviUV7Hp99wos7JXGGdm8k
|
||||
oJhAvfGSt6N3o1MwUTAdBgNVHQ4EFgQUUgkQRw5jvunoflxxAvX5Yc+ROgswHwYD
|
||||
VR0jBBgwFoAUUgkQRw5jvunoflxxAvX5Yc+ROgswDwYDVR0TAQH/BAUwAwEB/zAK
|
||||
BggqhkjOPQQDBANoADBlAjEAhtyXbjYqxVBT4KonoZcYciftQkRt+0DxBnPmRZ52
|
||||
d67SbyA9LP/7XDTg8qw++aPyAjAFYTG7tu/EGBqWfvSCjEo0aK9ZS/eS5HZoTfs7
|
||||
dzuXqOBuBj1L+HpiiBobsDhL63c=
|
||||
-----END CERTIFICATE-----
|
||||
`;
|
||||
|
||||
export const mock_dsc_key_sha512_brainpoolP512r1 = `-----BEGIN EC PRIVATE KEY-----
|
||||
MIHaAgEBBEBsh1A9ArliqvxSQg7Z4u9XszaGEJTw9qPD52QSVG9qWN7zfnl4xWmD
|
||||
m7ZCM00Lc2it0orK3FjymVEPr7GOcLgPoAsGCSskAwMCCAEBDaGBhQOBggAEjJkR
|
||||
N4I/rAdmNOyUfmz/xAZ8rhLQlKYk8qwdQg3XrW0r9VbXTRkdnJxZLo8m/PH9AlFL
|
||||
qHdloVKLJp+JkITdYWuLbDn+Y6wGUCsFLCfJR1YRByP5L0+gT4LcFlotLDmRm46B
|
||||
44q5Et+aQIimslTS9KAK6VlSSswSEaG2LqzSAD0=
|
||||
-----END EC PRIVATE KEY-----
|
||||
`;
|
||||
|
||||
export const mock_dsc_sha512_brainpoolP512r1 = `-----BEGIN CERTIFICATE-----
|
||||
MIICYzCCAcigAwIBAgIUAwDW2UZPk3oy12xQCOrtAi4J8dswCgYIKoZIzj0EAwQw
|
||||
RTELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUxITAfBgNVBAoMGElu
|
||||
dGVybmV0IFdpZGdpdHMgUHR5IEx0ZDAeFw0yNDEyMzAxNDUyMTdaFw0yNTEyMzAx
|
||||
NDUyMTdaMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEwHwYD
|
||||
VQQKDBhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwgZswFAYHKoZIzj0CAQYJKyQD
|
||||
AwIIAQENA4GCAASMmRE3gj+sB2Y07JR+bP/EBnyuEtCUpiTyrB1CDdetbSv1VtdN
|
||||
GR2cnFkujyb88f0CUUuod2WhUosmn4mQhN1ha4tsOf5jrAZQKwUsJ8lHVhEHI/kv
|
||||
T6BPgtwWWi0sOZGbjoHjirkS35pAiKayVNL0oArpWVJKzBIRobYurNIAPaNTMFEw
|
||||
HQYDVR0OBBYEFGNz0nQzf/S2dvSrGKeczYkAapabMB8GA1UdIwQYMBaAFGNz0nQz
|
||||
f/S2dvSrGKeczYkAapabMA8GA1UdEwEB/wQFMAMBAf8wCgYIKoZIzj0EAwQDgYgA
|
||||
MIGEAkBvgsKebJL2PQOXy3KWDvb50ygqXAXItDbbqLqxE+7h7zswDiqQz/tDtDeG
|
||||
tGGbBQIiYYwa1WlqaTJA+AjUpsZCAkBW+Z7PiQJE4DNms8za0bzom7u5kaHGaOGU
|
||||
fRSx8q4PN04hIQfS8Rm4/1Zg8VmHIQ4kdnYC4WLQgXOmshSS8LTi
|
||||
-----END CERTIFICATE-----
|
||||
`;
|
||||
|
||||
export const mock_dsc_key_sha256_rsa_65537_3072 = `-----BEGIN PRIVATE KEY-----
|
||||
MIIG/AIBADANBgkqhkiG9w0BAQEFAASCBuYwggbiAgEAAoIBgQCxoTQRUOf0mU86
|
||||
f71+4KF4MAU3EQ+XkTwdD8F4bKMhEOb0QpUtiQebkD5qyp04Ur/vRZWqpSJIwpvY
|
||||
@@ -1399,4 +1602,4 @@ cIlCXtLAlhwxvkvq6fXlDHODihiBrcmRBxz08o+IXvjgBYlfHWP5iDS4RO0lzId4
|
||||
JYSWvyeHGutMDlIMuw5KEE1kVxR2XXcZypc9dWHGaI6MrYwpmmvTB6oZg11FEZzm
|
||||
S8w23130L6pAB1EjCC8lUQubEkgDZ0bfy4UxpkOiqctzYdakvgo+zOwpORhN/Wxp
|
||||
Vnmv
|
||||
-----END CERTIFICATE-----`;
|
||||
-----END CERTIFICATE-----`;
|
||||
@@ -6,9 +6,9 @@ import * as asn1js from "asn1js";
|
||||
import * as forge from "node-forge";
|
||||
import { getCurveForElliptic } from "./certificate_parsing/curves";
|
||||
import { Certificate } from "pkijs";
|
||||
import { hash } from "./utils";
|
||||
|
||||
export function brutforceSignatureAlgorithmDsc(dsc: CertificateData, csca: CertificateData) {
|
||||
console.error("Brute forcing signature algorithm for DSC:", csca.signatureAlgorithm);
|
||||
if (csca.signatureAlgorithm === 'ecdsa') {
|
||||
const hashAlgorithm = brutforceHashAlgorithmDsc(dsc, csca, 'ecdsa');
|
||||
return {
|
||||
@@ -157,9 +157,8 @@ export function getTBSHash(
|
||||
const cert = new Certificate({ schema: asn1Data_cert.result });
|
||||
const tbsAsn1 = cert.encodeTBS();
|
||||
const tbsDer = tbsAsn1.toBER(false);
|
||||
const tbsBytes = Buffer.from(tbsDer).toString('binary');
|
||||
const md = forge.md[hashFunction].create();
|
||||
md.update(tbsBytes);
|
||||
const tbsCertificateHash = md.digest();
|
||||
return format === 'hex' ? tbsCertificateHash.toHex() : tbsCertificateHash.data;
|
||||
const tbsBytes = Buffer.from(tbsDer);
|
||||
const tbsBytesArray = Array.from(tbsBytes);
|
||||
const msgHash = hash(hashFunction, tbsBytesArray, format === 'hex' ? 'hex' : 'binary');
|
||||
return msgHash as string;
|
||||
}
|
||||
@@ -3,12 +3,13 @@ import { parseCertificateSimple } from './certificate_parsing/parseCertificateSi
|
||||
import {
|
||||
PublicKeyDetailsECDSA,
|
||||
} from './certificate_parsing/dataStructure';
|
||||
import forge from 'node-forge';
|
||||
import forge, { md } from 'node-forge';
|
||||
import * as asn1js from 'asn1js';
|
||||
import { initElliptic } from './certificate_parsing/elliptic';
|
||||
import { getCurveForElliptic } from './certificate_parsing/curves';
|
||||
import { Certificate } from 'pkijs';
|
||||
import { hashAlgos, saltLengths } from '../constants/constants';
|
||||
import { hash } from './utils';
|
||||
|
||||
|
||||
export function brutforceSignatureAlgorithm(passportData: PassportData) {
|
||||
@@ -84,9 +85,7 @@ function verifyECDSA(passportData: PassportData, hashAlgorithm: string) {
|
||||
const ec = new elliptic.ec(curveForElliptic);
|
||||
|
||||
const key = ec.keyFromPublic(publicKeyBuffer);
|
||||
const md = forge.md[hashAlgorithm].create();
|
||||
md.update(forge.util.binary.raw.encode(new Uint8Array(signedAttr)));
|
||||
const msgHash = md.digest().toHex();
|
||||
const msgHash = hash(hashAlgorithm, signedAttr, 'hex');
|
||||
const signature_crypto = Buffer.from(encryptedDigest).toString('hex');
|
||||
|
||||
return key.verify(msgHash, signature_crypto);
|
||||
@@ -96,13 +95,10 @@ function verifyRSA(passportData: PassportData, hashAlgorithm: string) {
|
||||
const { dsc, signedAttr, encryptedDigest } = passportData;
|
||||
const cert = forge.pki.certificateFromPem(dsc);
|
||||
const publicKey = cert.publicKey as forge.pki.rsa.PublicKey;
|
||||
|
||||
const md = forge.md[hashAlgorithm].create();
|
||||
md.update(forge.util.binary.raw.encode(new Uint8Array(signedAttr)));
|
||||
|
||||
const msgHash = hash(hashAlgorithm, signedAttr, 'binary');
|
||||
const signature = Buffer.from(encryptedDigest).toString('binary');
|
||||
try {
|
||||
return publicKey.verify(md.digest().bytes(), signature);
|
||||
return publicKey.verify(msgHash as string, signature);
|
||||
} catch (error) {
|
||||
return false;
|
||||
}
|
||||
@@ -112,8 +108,8 @@ function verifyRSAPSS(passportData: PassportData, hashAlgorithm: string, saltLen
|
||||
const { dsc, signedAttr, encryptedDigest } = passportData;
|
||||
const cert = forge.pki.certificateFromPem(dsc);
|
||||
const publicKey = cert.publicKey as forge.pki.rsa.PublicKey;
|
||||
const md = forge.md[hashAlgorithm].create();
|
||||
md.update(forge.util.binary.raw.encode(new Uint8Array(signedAttr)));
|
||||
const msgHash = hash(hashAlgorithm, signedAttr, 'binary');
|
||||
|
||||
const signature = Buffer.from(encryptedDigest).toString('binary');
|
||||
if (saltLength === 0) {
|
||||
throw new Error('Salt length is required for RSA-PSS');
|
||||
@@ -124,7 +120,7 @@ function verifyRSAPSS(passportData: PassportData, hashAlgorithm: string, saltLen
|
||||
mgf: forge.mgf.mgf1.create(forge.md[hashAlgorithm].create()),
|
||||
saltLength: saltLength,
|
||||
});
|
||||
return publicKey.verify(md.digest().bytes(), signature, pss);
|
||||
return publicKey.verify(msgHash as string, signature, pss);
|
||||
} catch (error) {
|
||||
return false;
|
||||
}
|
||||
|
||||
@@ -40,12 +40,31 @@ import {
|
||||
mock_dsc_sha256_rsapss_65537_3072,
|
||||
mock_dsc_key_rsapss_65537_4096,
|
||||
mock_dsc_sha256_rsapss_65537_4096,
|
||||
mock_dsc_key_sha384_brainpoolP384r1,
|
||||
mock_dsc_sha384_brainpoolP384r1,
|
||||
mock_dsc_key_sha256_secp384r1,
|
||||
mock_dsc_sha256_secp384r1,
|
||||
mock_dsc_key_sha384_brainpoolP256r1,
|
||||
mock_dsc_sha384_brainpoolP256r1,
|
||||
mock_dsc_key_sha512_brainpoolP256r1,
|
||||
mock_dsc_sha512_brainpoolP256r1,
|
||||
mock_dsc_key_sha512_brainpoolP384r1,
|
||||
mock_dsc_sha512_brainpoolP384r1,
|
||||
mock_dsc_key_sha1_brainpoolP224r1,
|
||||
mock_dsc_sha1_brainpoolP224r1,
|
||||
mock_dsc_key_sha256_brainpoolP224r1,
|
||||
mock_dsc_sha256_brainpoolP224r1,
|
||||
mock_dsc_key_sha512_brainpoolP512r1,
|
||||
mock_dsc_sha512_brainpoolP512r1,
|
||||
mock_dsc_key_sha224_braipoolP224r1,
|
||||
mock_dsc_sha224_brainpoolP224r1,
|
||||
} from '../constants/mockCertificates';
|
||||
import { countryCodes } from '../constants/constants';
|
||||
import { parseCertificateSimple } from './certificate_parsing/parseCertificateSimple';
|
||||
import { SignatureAlgorithm } from './types';
|
||||
import { PublicKeyDetailsECDSA, PublicKeyDetailsRSAPSS } from './certificate_parsing/dataStructure';
|
||||
import { getCurveForElliptic } from './certificate_parsing/curves';
|
||||
import { createHash } from 'crypto';
|
||||
|
||||
function generateRandomBytes(length: number): number[] {
|
||||
// Generate numbers between -128 and 127 to match the existing signed byte format
|
||||
@@ -159,10 +178,22 @@ export function genMockPassportData(
|
||||
privateKeyPem = mock_dsc_key_sha384_ecdsa;
|
||||
dsc = mock_dsc_sha384_ecdsa;
|
||||
break;
|
||||
case 'ecdsa_sha256_secp384r1_384':
|
||||
privateKeyPem = mock_dsc_key_sha256_secp384r1;
|
||||
dsc = mock_dsc_sha256_secp384r1;
|
||||
break;
|
||||
case 'ecdsa_sha256_brainpoolP256r1_256':
|
||||
privateKeyPem = mock_dsc_key_sha256_brainpoolP256r1;
|
||||
dsc = mock_dsc_sha256_brainpoolP256r1;
|
||||
break;
|
||||
case 'ecdsa_sha384_brainpoolP256r1_256':
|
||||
privateKeyPem = mock_dsc_key_sha384_brainpoolP256r1;
|
||||
dsc = mock_dsc_sha384_brainpoolP256r1;
|
||||
break;
|
||||
case 'ecdsa_sha512_brainpoolP256r1_256':
|
||||
privateKeyPem = mock_dsc_key_sha512_brainpoolP256r1;
|
||||
dsc = mock_dsc_sha512_brainpoolP256r1;
|
||||
break;
|
||||
case 'rsa_sha256_3_2048':
|
||||
privateKeyPem = mock_dsc_key_sha256_rsa_3_2048;
|
||||
dsc = mock_dsc_sha256_rsa_3_2048;
|
||||
@@ -179,17 +210,41 @@ export function genMockPassportData(
|
||||
privateKeyPem = mock_dsc_key_rsapss_65537_4096;
|
||||
dsc = mock_dsc_sha256_rsapss_65537_4096;
|
||||
break;
|
||||
case 'ecdsa_sha384_brainpoolP384r1_384':
|
||||
privateKeyPem = mock_dsc_key_sha384_brainpoolP384r1;
|
||||
dsc = mock_dsc_sha384_brainpoolP384r1;
|
||||
break;
|
||||
case 'ecdsa_sha512_brainpoolP384r1_384':
|
||||
privateKeyPem = mock_dsc_key_sha512_brainpoolP384r1;
|
||||
dsc = mock_dsc_sha512_brainpoolP384r1;
|
||||
break;
|
||||
case 'ecdsa_sha1_brainpoolP224r1_224':
|
||||
privateKeyPem = mock_dsc_key_sha1_brainpoolP224r1;
|
||||
dsc = mock_dsc_sha1_brainpoolP224r1;
|
||||
break;
|
||||
case 'ecdsa_sha224_brainpoolP224r1_224':
|
||||
privateKeyPem = mock_dsc_key_sha224_braipoolP224r1;
|
||||
dsc = mock_dsc_sha224_brainpoolP224r1;
|
||||
break;
|
||||
case 'ecdsa_sha256_brainpoolP224r1_224':
|
||||
privateKeyPem = mock_dsc_key_sha256_brainpoolP224r1;
|
||||
dsc = mock_dsc_sha256_brainpoolP224r1;
|
||||
break;
|
||||
case 'ecdsa_sha512_brainpoolP512r1_512':
|
||||
privateKeyPem = mock_dsc_key_sha512_brainpoolP512r1;
|
||||
dsc = mock_dsc_sha512_brainpoolP512r1;
|
||||
break;
|
||||
}
|
||||
|
||||
// Generate MRZ hash first
|
||||
const mrzHash = hash(dgHashAlgo, formatMrz(mrz));
|
||||
|
||||
// Generate random hashes for other DGs, passing mrzHash for DG1
|
||||
const dataGroupHashes = generateDataGroupHashes(mrzHash, getHashLen(dgHashAlgo));
|
||||
const dataGroupHashes = generateDataGroupHashes(mrzHash as number[], getHashLen(dgHashAlgo));
|
||||
|
||||
const eContent = formatAndConcatenateDataHashes(dataGroupHashes, 63);
|
||||
|
||||
const signedAttr = generateSignedAttr(hash(eContentHashAlgo, eContent));
|
||||
const signedAttr = generateSignedAttr(hash(eContentHashAlgo, eContent) as number[]);
|
||||
const hashAlgo = signatureType.split('_')[1];
|
||||
const signature = sign(privateKeyPem, dsc, hashAlgo, signedAttr);
|
||||
const signatureBytes = Array.from(signature, (byte) => (byte < 128 ? byte : byte - 256));
|
||||
@@ -236,22 +291,16 @@ function sign(
|
||||
);
|
||||
const asn1Data = asn1.fromBER(privateKeyDer);
|
||||
const privateKeyBuffer = (asn1Data.result.valueBlock as any).value[1].valueBlock.valueHexView;
|
||||
// console.log('sig deets');
|
||||
// console.log('pk', privateKeyBuffer);
|
||||
// console.log('hashFUnction', hashAlgorithm);
|
||||
// console.log('message', Buffer.from(eContent).toString('hex'));
|
||||
|
||||
const keyPair = ec.keyFromPrivate(privateKeyBuffer);
|
||||
let md = forge.md[hashAlgorithm].create();
|
||||
md.update(forge.util.binary.raw.encode(new Uint8Array(eContent)));
|
||||
// let md = forge.md[hashAlgorithm].create();
|
||||
// md.update(forge.util.binary.raw.encode(new Uint8Array(eContent)));
|
||||
const hasher = createHash(hashAlgorithm);
|
||||
const msgHash = hasher.update(new Uint8Array(eContent)).digest('hex');
|
||||
|
||||
// console.log('message to sign', md.digest().toHex());
|
||||
const signature = keyPair.sign(md.digest().toHex(), 'hex');
|
||||
// console.log(Buffer.from(signature.toDER(), 'hex').toString('hex'));
|
||||
const signature = keyPair.sign(msgHash, 'hex');
|
||||
const signatureBytes = Array.from(Buffer.from(signature.toDER(), 'hex'));
|
||||
|
||||
// console.log('sig', JSON.stringify(signatureBytes));
|
||||
|
||||
return signatureBytes;
|
||||
} else {
|
||||
const privKey = forge.pki.privateKeyFromPem(privateKeyPem);
|
||||
|
||||
@@ -4,7 +4,7 @@ import {
|
||||
MAX_PADDED_ECONTENT_LEN,
|
||||
MAX_PADDED_SIGNED_ATTR_LEN,
|
||||
} from '../constants/constants';
|
||||
import { assert, shaPad } from './shaPad';
|
||||
import { assert, sha384_512Pad, shaPad } from './shaPad';
|
||||
import { PassportData, SignatureAlgorithm } from './types';
|
||||
import {
|
||||
bytesToBigDecimal,
|
||||
@@ -221,13 +221,25 @@ export function generateCircuitInputsProve(
|
||||
);
|
||||
}
|
||||
|
||||
console.log('signatureAlgorithmFullName', signatureAlgorithmFullName);
|
||||
const [eContentPadded, eContentLen] = shaPad(
|
||||
const dg1PaddingFunction =
|
||||
passportMetadata.dg1HashFunction === 'sha1' ||
|
||||
passportMetadata.dg1HashFunction === 'sha224' ||
|
||||
passportMetadata.dg1HashFunction === 'sha256'
|
||||
? shaPad
|
||||
: sha384_512Pad;
|
||||
|
||||
const [eContentPadded, eContentLen] = dg1PaddingFunction(
|
||||
new Uint8Array(eContent),
|
||||
MAX_PADDED_ECONTENT_LEN[passportMetadata.dg1HashFunction]
|
||||
);
|
||||
|
||||
const [signedAttrPadded, signedAttrPaddedLen] = shaPad(
|
||||
const eContentPaddingFunction =
|
||||
passportMetadata.eContentHashFunction === 'sha1' ||
|
||||
passportMetadata.eContentHashFunction === 'sha224' ||
|
||||
passportMetadata.eContentHashFunction === 'sha256'
|
||||
? shaPad
|
||||
: sha384_512Pad;
|
||||
const [signedAttrPadded, signedAttrPaddedLen] = eContentPaddingFunction(
|
||||
new Uint8Array(signedAttr),
|
||||
MAX_PADDED_SIGNED_ATTR_LEN[passportMetadata.eContentHashFunction]
|
||||
);
|
||||
|
||||
@@ -37,7 +37,7 @@ export interface PassportMetadata {
|
||||
function findHashSizeOfEContent(eContent: number[], signedAttr: number[]) {
|
||||
for (const hashFunction of hashAlgos) {
|
||||
const hashValue = hash(hashFunction, eContent);
|
||||
const hashOffset = findSubarrayIndex(signedAttr, hashValue);
|
||||
const hashOffset = findSubarrayIndex(signedAttr, hashValue as number[]);
|
||||
if (hashOffset !== -1) {
|
||||
return { hashFunction, offset: hashOffset };
|
||||
}
|
||||
@@ -53,11 +53,11 @@ function findDG1HashInEContent(
|
||||
|
||||
for (const hashFunction of hashAlgos) {
|
||||
const hashValue = hash(hashFunction, formattedMrz);
|
||||
const normalizedHash = hashValue.map((byte) => (byte > 127 ? byte - 256 : byte));
|
||||
const normalizedHash = (hashValue as number[]).map((byte) => (byte > 127 ? byte - 256 : byte));
|
||||
const hashOffset = findSubarrayIndex(eContent, normalizedHash);
|
||||
|
||||
if (hashOffset !== -1) {
|
||||
return { hash: hashValue, hashFunction, offset: hashOffset };
|
||||
return { hash: hashValue as number[], hashFunction, offset: hashOffset };
|
||||
}
|
||||
}
|
||||
return null;
|
||||
@@ -156,4 +156,4 @@ export function parsePassportData(passportData: PassportData): PassportMetadata
|
||||
cscaSignatureAlgorithmBits: brutForcedPublicKeyDetailsDsc.cscaSignatureAlgorithmBits,
|
||||
dsc: passportData.dsc,
|
||||
};
|
||||
}
|
||||
}
|
||||
@@ -23,12 +23,21 @@ export type SignatureAlgorithm =
|
||||
| 'ecdsa_sha256_secp256r1_256'
|
||||
| 'ecdsa_sha1_secp256r1_256'
|
||||
| 'ecdsa_sha384_secp384r1_384'
|
||||
| 'ecdsa_sha256_secp384r1_384'
|
||||
| 'ecdsa_sha384_brainpoolP256r1_256'
|
||||
| 'ecdsa_sha512_brainpoolP256r1_256'
|
||||
| 'ecdsa_sha256_brainpoolP256r1_256'
|
||||
| 'rsa_sha256_3_2048'
|
||||
| 'rsa_sha256_65537_3072'
|
||||
| 'rsa_sha256_65537_4096'
|
||||
| 'rsa_sha512_65537_4096'
|
||||
| 'rsapss_sha256_65537_3072'
|
||||
| 'ecdsa_sha384_brainpoolP384r1_384'
|
||||
| 'ecdsa_sha512_brainpoolP384r1_384'
|
||||
| 'ecdsa_sha1_brainpoolP224r1_224'
|
||||
| 'ecdsa_sha224_brainpoolP224r1_224'
|
||||
| 'ecdsa_sha256_brainpoolP224r1_224'
|
||||
| 'ecdsa_sha512_brainpoolP512r1_512'
|
||||
| 'rsapss_sha256_65537_4096';
|
||||
|
||||
export type Proof = {
|
||||
|
||||
@@ -1,7 +1,7 @@
|
||||
import { LeanIMT } from '@openpassport/zk-kit-lean-imt';
|
||||
import { sha256 } from 'js-sha256';
|
||||
import { sha224, sha256 } from 'js-sha256';
|
||||
import { sha1 } from 'js-sha1';
|
||||
import { sha384, sha512_256 } from 'js-sha512';
|
||||
import { sha384, sha512 } from 'js-sha512';
|
||||
import { SMT } from '@openpassport/zk-kit-smt';
|
||||
import forge from 'node-forge';
|
||||
import {
|
||||
@@ -37,7 +37,19 @@ export function getNAndK(sigAlg: SignatureAlgorithm) {
|
||||
}
|
||||
|
||||
if (sigAlg.startsWith('ecdsa_')) {
|
||||
return { n: n_dsc_ecdsa, k: k_dsc_ecdsa }; // 256/32 = 8
|
||||
if (sigAlg.endsWith('224')) {
|
||||
return { n: 32, k: 7 };
|
||||
} else if (sigAlg.endsWith('256')) {
|
||||
return { n: n_dsc_ecdsa, k: 4 };
|
||||
} else if (sigAlg.endsWith('384')) {
|
||||
return { n: n_dsc_ecdsa, k: 6 };
|
||||
} else if (sigAlg.endsWith('512')) {
|
||||
return { n: n_dsc_ecdsa, k: 8 };
|
||||
} else if (sigAlg.endsWith('521')) {
|
||||
return { n: n_dsc_ecdsa, k: 16 };
|
||||
} else {
|
||||
throw new Error('invalid key size');
|
||||
}
|
||||
}
|
||||
|
||||
if (sigAlg.startsWith('rsapss_')) {
|
||||
@@ -228,7 +240,7 @@ export function hexToDecimal(hex: string): string {
|
||||
}
|
||||
|
||||
// hash logic here because the one in utils.ts only works with node
|
||||
export function hash(hashFunction: string, bytesArray: number[]): number[] {
|
||||
export function hash(hashFunction: string, bytesArray: number[], format: string = 'bytes'): string | number[] {
|
||||
const unsignedBytesArray = bytesArray.map((byte) => byte & 0xff);
|
||||
let hashResult: string;
|
||||
|
||||
@@ -236,6 +248,9 @@ export function hash(hashFunction: string, bytesArray: number[]): number[] {
|
||||
case 'sha1':
|
||||
hashResult = sha1(unsignedBytesArray);
|
||||
break;
|
||||
case 'sha224':
|
||||
hashResult = sha224(unsignedBytesArray);
|
||||
break;
|
||||
case 'sha256':
|
||||
hashResult = sha256(unsignedBytesArray);
|
||||
break;
|
||||
@@ -243,13 +258,22 @@ export function hash(hashFunction: string, bytesArray: number[]): number[] {
|
||||
hashResult = sha384(unsignedBytesArray);
|
||||
break;
|
||||
case 'sha512':
|
||||
hashResult = sha512_256(unsignedBytesArray);
|
||||
hashResult = sha512(unsignedBytesArray);
|
||||
break;
|
||||
default:
|
||||
console.log('\x1b[31m%s\x1b[0m', `${hashFunction} not found in hash`); // Log in red
|
||||
hashResult = sha256(unsignedBytesArray); // Default to sha256
|
||||
}
|
||||
return hexToSignedBytes(hashResult);
|
||||
if (format === 'hex') {
|
||||
return hashResult;
|
||||
}
|
||||
if (format === 'bytes') {
|
||||
return hexToSignedBytes(hashResult);
|
||||
}
|
||||
if (format === 'binary') {
|
||||
return forge.util.binary.raw.encode(new Uint8Array(hexToSignedBytes(hashResult)));
|
||||
}
|
||||
throw new Error(`Invalid format: ${format}`);
|
||||
}
|
||||
|
||||
export function hexToSignedBytes(hexString: string): number[] {
|
||||
@@ -311,6 +335,8 @@ export function getHashLen(hashFunction: string) {
|
||||
switch (hashFunction) {
|
||||
case 'sha1':
|
||||
return 20;
|
||||
case 'sha224':
|
||||
return 28;
|
||||
case 'sha256':
|
||||
return 32;
|
||||
case 'sha384':
|
||||
@@ -491,9 +517,9 @@ function checkStringLength(str: string) {
|
||||
function stringToBigInt(str: string): bigint {
|
||||
return BigInt(
|
||||
'1' +
|
||||
Array.from(str)
|
||||
.map((char) => char.charCodeAt(0).toString().padStart(3, '0'))
|
||||
.join('')
|
||||
Array.from(str)
|
||||
.map((char) => char.charCodeAt(0).toString().padStart(3, '0'))
|
||||
.join('')
|
||||
);
|
||||
}
|
||||
|
||||
|
||||
Reference in New Issue
Block a user