github/self
1
1
Fork 0
mirror of https://github.com/selfxyz/self.git synced 2026-04-05 03:00:53 -04:00
Code Issues Packages Projects Releases Wiki Activity

fix genMockPassportData for ecdsa

Browse Source
This commit is contained in:
turnoffthiscomputer
2025-01-01 15:39:48 +01:00
parent 2ddc12f441
commit ae3bc6884e
2 changed files with 31 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
common/src/utils/certificate_parsing/curves.ts
View File

@@ -119,4 +119,20 @@ export function getECDSACurveBits(curveName: string): string {
}
console.log('\x1b[31m%s\x1b[0m', `curve name ${curveName} not found in curveBits`);
return "unknown";
}
export function getCurveForElliptic(curveName: string): string {
const curves = {
ECDSA_P256: 'p256',
ECDSA_P384: 'p384',
ECDSA_P521: 'p521',
brainpoolP224r1: 'brainpoolP224r1',
brainpoolP256r1: 'brainpoolP256r1',
brainpoolP384r1: 'brainpoolP384r1',
};
if (!curves[curveName]) {
throw new Error('Invalid curve: ' + curveName);
}
return curves[curveName];
}

22
common/src/utils/genMockPassportData.ts
View File

@@ -41,6 +41,7 @@ import { countryCodes } from '../constants/constants';
import { parseCertificateSimple } from './certificate_parsing/parseCertificateSimple';
import { SignatureAlgorithm } from './types';
import { PublicKeyDetailsECDSA } from './certificate_parsing/dataStructure';
import { getCurveForElliptic } from './certificate_parsing/curves';
export function genMockPassportData(
signatureType: SignatureAlgorithm,
nationality: keyof typeof countryCodes,
@@ -196,6 +197,7 @@ export function genMockPassportData(
function sign(privateKeyPem: string, dsc: string, eContent: number[]): number[] {
const { signatureAlgorithm, hashAlgorithm, publicKeyDetails } = parseCertificateSimple(dsc);
const curve = (publicKeyDetails as PublicKeyDetailsECDSA).curve;
if (signatureAlgorithm === 'rsapss') {
const privateKey = forge.pki.privateKeyFromPem(privateKeyPem);
@@ -209,7 +211,7 @@ function sign(privateKeyPem: string, dsc: string, eContent: number[]): number[]
const signatureBytes = privateKey.sign(md, pss);
return Array.from(signatureBytes, (c: string) => c.charCodeAt(0));
} else if (signatureAlgorithm === 'ecdsa') {
const curveForElliptic = (publicKeyDetails as PublicKeyDetailsECDSA).curve === 'secp256r1' ? 'p256' : 'p384';
let curveForElliptic = getCurveForElliptic(curve);
const ec = new elliptic.ec(curveForElliptic);
const privateKeyDer = Buffer.from(
@@ -218,22 +220,28 @@ function sign(privateKeyPem: string, dsc: string, eContent: number[]): number[]
);
const asn1Data = asn1.fromBER(privateKeyDer);
const privateKeyBuffer = (asn1Data.result.valueBlock as any).value[1].valueBlock.valueHexView;
// console.log('sig deets');
// console.log('pk', privateKeyBuffer);
// console.log('hashFUnction', hashAlgorithm);
// console.log('message', Buffer.from(eContent).toString('hex'));
const keyPair = ec.keyFromPrivate(privateKeyBuffer);
const md = hashAlgorithm === 'sha1' ? forge.md.sha1.create() : forge.md.sha256.create();
let md = forge.md[hashAlgorithm].create();
md.update(forge.util.binary.raw.encode(new Uint8Array(eContent)));
console.log('message to sign', md.digest().toHex());
const signature = keyPair.sign(md.digest().toHex(), 'hex');
console.log(Buffer.from(signature.toDER(), 'hex').toString('hex'));
const signatureBytes = Array.from(Buffer.from(signature.toDER(), 'hex'));
console.log('signatureBytes', signatureBytes);
console.log('signatureBytesLength', signatureBytes.length);
console.log('sig', JSON.stringify(signatureBytes));
return signatureBytes;
} else {
const privKey = forge.pki.privateKeyFromPem(privateKeyPem);
const md = hashAlgorithm === 'sha1' ? forge.md.sha1.create() : forge.md.sha256.create();
const md = forge.md[hashAlgorithm].create();
md.update(forge.util.binary.raw.encode(new Uint8Array(eContent)));
const forgeSignature = privKey.sign(md);
return Array.from(forgeSignature, (c: string) => c.charCodeAt(0));
}
}
}