feat: add sha256 secp384r1 support

2026-04-05 03:00:53 -04:00 · 2024-12-28 11:41:06 +05:30
parent e052e8a1ea
commit a133cb4235
11 changed files with 71 additions and 16 deletions
--- a/common/src/constants/constants.ts
+++ b/common/src/constants/constants.ts
@@ -37,6 +37,7 @@ export const MAX_PADDED_ECONTENT_LEN: Partial<
  ecdsa_sha1_secp256r1_256: 320,
  ecdsa_sha256_secp256r1_256: 384,
  ecdsa_sha384_secp384r1_384: 512,
+  ecdsa_sha256_secp384r1_384: 384,
  rsa_sha256_65537_3072: 384,
  rsa_sha256_3_2048: 384,
  ecdsa_sha256_brainpoolP256r1_256: 384,
@@ -57,6 +58,7 @@ export const MAX_PADDED_SIGNED_ATTR_LEN: Partial<
  ecdsa_sha1_secp256r1_256: 192,
  ecdsa_sha256_secp256r1_256: 192,
  ecdsa_sha384_secp384r1_384: 256,
+  ecdsa_sha256_secp384r1_384: 192,
  rsa_sha256_65537_3072: 192,
  rsa_sha256_3_2048: 192,
  ecdsa_sha256_brainpoolP256r1_256: 192,
@@ -105,6 +107,7 @@ export enum SignatureAlgorithmIndex {
  rsapss_sha256_65537_3072 = 19,
  ecdsa_sha256_brainpoolP256r1_256 = 21,
  ecdsa_sha384_brainpoolP384r1_384 = 22,
+  ecdsa_sha256_secp384r1_384 = 23,
 }

 export const attributeToPosition = {
--- a/common/src/constants/mockCertificates.ts
+++ b/common/src/constants/mockCertificates.ts
@@ -1266,6 +1266,30 @@ Tvkpy9dRVAEaF2QmoiMtCHKnAiAe9FkZw6iO8h4GWKyeiAsvnk/tiRcLwkOQoLNc
 -----END CERTIFICATE-----
 `;

+export const mock_dsc_key_sha256_secp384r1 = `-----BEGIN EC PRIVATE KEY-----
+MIGkAgEBBDBZthN5/vhpqE/ALHj35A/pMkfSDRxFKKweTYs2IxR0eW6RJQlZhdgk
+TGP7rQ4EKF6gBwYFK4EEACKhZANiAASsl16vufqKa/qdJWIEDO5no2useouKh4Zk
+AdtBf3fWjDnsT3J9ulxe0Ep+QbC8010o3dGQZL5UqwzoarLGrFentQ4wTJYzLXX2
+VHrLCyDjwswia1U3+I9ZYLp1TA9+88A=
+-----END EC PRIVATE KEY-----
+`;
+
+export const mock_dsc_sha256_secp384r1 = `-----BEGIN CERTIFICATE-----
+MIICHDCCAaKgAwIBAgIUIxGxDq5DcnphGZhSQNaAMWC5WtcwCgYIKoZIzj0EAwIw
+RTELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUxITAfBgNVBAoMGElu
+dGVybmV0IFdpZGdpdHMgUHR5IEx0ZDAeFw0yNDEyMjgwNTMwMzlaFw0yNTEyMjgw
+NTMwMzlaMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEwHwYD
+VQQKDBhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwdjAQBgcqhkjOPQIBBgUrgQQA
+IgNiAASsl16vufqKa/qdJWIEDO5no2useouKh4ZkAdtBf3fWjDnsT3J9ulxe0Ep+
+QbC8010o3dGQZL5UqwzoarLGrFentQ4wTJYzLXX2VHrLCyDjwswia1U3+I9ZYLp1
+TA9+88CjUzBRMB0GA1UdDgQWBBQuToV7daaeM2l+EdWsqXX4NP1gFjAfBgNVHSME
+GDAWgBQuToV7daaeM2l+EdWsqXX4NP1gFjAPBgNVHRMBAf8EBTADAQH/MAoGCCqG
+SM49BAMCA2gAMGUCMFEUPb/G0QxEiAW0d1S7njA4UPPtgugQ44PDjWhFrwEowtEv
+gmDwQUgL/nKb+7GsSQIxANABnyvZSR9heu9rqqYxeW/0eGoQoDnSiZowdf7Z6fJP
+aiTuTmjxvd1KKxrCkmuSDg==
+-----END CERTIFICATE-----
+`;
+
 export const mock_dsc_key_sha384_brainpoolP384r1 = `-----BEGIN EC PRIVATE KEY-----
 MIGoAgEBBDAAqX21j3nsvbpheKxpL3Vbj9Q5rkMqZ1LTVOpykpFezXH8R+d9tYgl
 lMBGmlszFJSgCwYJKyQDAwIIAQELoWQDYgAEf0p2YN3Lru5iZ8KRhZfUthvwBa9u
--- a/common/src/utils/genMockPassportData.ts
+++ b/common/src/utils/genMockPassportData.ts
@@ -36,6 +36,8 @@ import {
  mock_dsc_sha256_rsapss_65537_4096,
  mock_dsc_key_sha384_brainpoolP384r1,
  mock_dsc_sha384_brainpoolP384r1,
+  mock_dsc_key_sha256_secp384r1,
+  mock_dsc_sha256_secp384r1,
 } from '../constants/mockCertificates';
 import { sampleDataHashes_small, sampleDataHashes_large } from '../constants/sampleDataHashes';
 import { countryCodes } from '../constants/constants';
@@ -141,6 +143,11 @@ export function genMockPassportData(
      privateKeyPem = mock_dsc_key_sha384_ecdsa;
      dsc = mock_dsc_sha384_ecdsa;
      break;
+    case 'ecdsa_sha256_secp384r1_384':
+      sampleDataHashes = genSampleDataHashes('large', 32);
+      privateKeyPem = mock_dsc_key_sha256_secp384r1;
+      dsc = mock_dsc_sha256_secp384r1;
+      break;
    case 'ecdsa_sha256_brainpoolP256r1_256':
      sampleDataHashes = genSampleDataHashes('large', 32);
      privateKeyPem = mock_dsc_key_sha256_brainpoolP256r1;
@@ -175,6 +182,8 @@ export function genMockPassportData(

  const { hashFunction, hashLen } = parseCertificate(dsc);

+  console.log('hashFUnction', hashFunction);
+
  const mrzHash = hash(hashFunction, formatMrz(mrz));
  const concatenatedDataHashes = formatAndConcatenateDataHashes(
    [[1, mrzHash], ...sampleDataHashes],
--- a/common/src/utils/types.ts
+++ b/common/src/utils/types.ts
@@ -23,6 +23,7 @@ export type SignatureAlgorithm =
  | 'ecdsa_sha256_secp256r1_256'
  | 'ecdsa_sha1_secp256r1_256'
  | 'ecdsa_sha384_secp384r1_384'
+  | 'ecdsa_sha256_secp384r1_384'
  | 'ecdsa_sha256_brainpoolP256r1_256'
  | 'rsa_sha256_3_2048'
  | 'rsa_sha256_65537_3072'