mirror of
https://github.com/selfxyz/self.git
synced 2026-01-09 22:58:20 -05:00
feat: support sha384 brainpool256r1
This commit is contained in:
ayman
@@ -0,0 +1,5 @@
|
||||
pragma circom 2.1.9;
|
||||
|
||||
include "../openpassport_prove.circom";
|
||||
|
||||
component main { public [ scope, user_identifier, current_date] } = OPENPASSPORT_PROVE(24, 64, 4, 512, 256, 20);
|
||||
@@ -15,11 +15,18 @@ template EcdsaVerifier(signatureAlgorithm, n, k) {
|
||||
|
||||
signal hash[n * k];
|
||||
|
||||
for (var i = n * k - 1; i >= 0; i--) {
|
||||
if (i <= n * k - 1 - HASH_LEN_BITS) {
|
||||
hash[i] <== 0;
|
||||
}else {
|
||||
hash[i] <== hashParsed[i - n * k + HASH_LEN_BITS];
|
||||
if (HASH_LEN_BITS >= n * k) {
|
||||
for (var i = 0; i < n * k; i++) {
|
||||
hash[i] <== hashParsed[i];
|
||||
}
|
||||
}
|
||||
if (HASH_LEN_BITS < n * k) {
|
||||
for (var i = n * k - 1; i >= 0; i--) {
|
||||
if (i <= n * k - 1 - HASH_LEN_BITS) {
|
||||
hash[i] <== 0;
|
||||
} else {
|
||||
hash[i] <== hashParsed[i - n * k + HASH_LEN_BITS];
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@@ -93,7 +100,7 @@ template EcdsaVerifier(signatureAlgorithm, n, k) {
|
||||
ecdsa_verify.hashed <== hash;
|
||||
ecdsa_verify.dummy <== 0;
|
||||
}
|
||||
if (signatureAlgorithm == 21) {
|
||||
if (signatureAlgorithm == 21 || signatureAlgorithm == 24) {
|
||||
component ecdsa_verify = verifyECDSABits(n, k, [
|
||||
16810331318623712729,
|
||||
18122579188607900780,
|
||||
|
||||
@@ -18,9 +18,10 @@ pragma circom 2.1.9;
|
||||
17: rsapss_sha256_3_4096
|
||||
18: rsapss_sha384_65537_3072
|
||||
19: rsapss_sha256_65537_3072
|
||||
21: ecdsa_sha256_brainpool256r1_256
|
||||
22: ecdsa_sha384_brainpool384r1_384
|
||||
21: ecdsa_sha256_brainpoolP256r1_256
|
||||
22: ecdsa_sha384_brainpoolP384r1_384
|
||||
23: ecdsa_sha256_secp384r1_384
|
||||
24: ecdsa_sha384_brainpoolP256r1_256
|
||||
*/
|
||||
|
||||
function getHashLength(signatureAlgorithm) {
|
||||
@@ -84,6 +85,9 @@ function getHashLength(signatureAlgorithm) {
|
||||
if (signatureAlgorithm == 23) {
|
||||
return 256;
|
||||
}
|
||||
if (signatureAlgorithm == 24) {
|
||||
return 384;
|
||||
}
|
||||
return 0;
|
||||
}
|
||||
|
||||
@@ -145,6 +149,9 @@ function getKeyLength(signatureAlgorithm) {
|
||||
if (signatureAlgorithm == 23) {
|
||||
return 384;
|
||||
}
|
||||
if (signatureAlgorithm == 24) {
|
||||
return 256;
|
||||
}
|
||||
return 0;
|
||||
}
|
||||
|
||||
@@ -207,6 +214,9 @@ function getKLengthFactor(signatureAlgorithm) {
|
||||
if (signatureAlgorithm == 23) {
|
||||
return 2;
|
||||
}
|
||||
if (signatureAlgorithm == 24) {
|
||||
return 2;
|
||||
}
|
||||
return 0;
|
||||
|
||||
}
|
||||
|
||||
@@ -79,6 +79,7 @@ template SignatureVerifier(signatureAlgorithm, n, k) {
|
||||
|| signatureAlgorithm == 21
|
||||
|| signatureAlgorithm == 22
|
||||
|| signatureAlgorithm == 23
|
||||
|| signatureAlgorithm == 24
|
||||
) {
|
||||
EcdsaVerifier (signatureAlgorithm, n, k)(signature, pubKey, hash);
|
||||
}
|
||||
|
||||
@@ -1,6 +1,5 @@
|
||||
-----BEGIN EC PRIVATE KEY-----
|
||||
MIGkAgEBBDBZthN5/vhpqE/ALHj35A/pMkfSDRxFKKweTYs2IxR0eW6RJQlZhdgk
|
||||
TGP7rQ4EKF6gBwYFK4EEACKhZANiAASsl16vufqKa/qdJWIEDO5no2useouKh4Zk
|
||||
AdtBf3fWjDnsT3J9ulxe0Ep+QbC8010o3dGQZL5UqwzoarLGrFentQ4wTJYzLXX2
|
||||
VHrLCyDjwswia1U3+I9ZYLp1TA9+88A=
|
||||
MHgCAQEEIIhHbA4GKMOiNXQcXTiFlQUX2YFKz5U/Ya+vQa/YFo6foAsGCSskAwMC
|
||||
CAEBB6FEA0IABKje0Lfu0ACxcGqEJc2vF6AYckbw9LaoHIKRyM6ko91AFuNhEIsx
|
||||
pUF1FV+lornr3u0I7bOxL4PlOD+nZuRXGQE=
|
||||
-----END EC PRIVATE KEY-----
|
||||
|
||||
@@ -1,14 +1,13 @@
|
||||
-----BEGIN CERTIFICATE-----
|
||||
MIICHDCCAaKgAwIBAgIUIxGxDq5DcnphGZhSQNaAMWC5WtcwCgYIKoZIzj0EAwIw
|
||||
MIIB3zCCAYagAwIBAgIUNxoAJFWOPOCE9KOmtQZpg4NiEzMwCgYIKoZIzj0EAwMw
|
||||
RTELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUxITAfBgNVBAoMGElu
|
||||
dGVybmV0IFdpZGdpdHMgUHR5IEx0ZDAeFw0yNDEyMjgwNTMwMzlaFw0yNTEyMjgw
|
||||
NTMwMzlaMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEwHwYD
|
||||
VQQKDBhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwdjAQBgcqhkjOPQIBBgUrgQQA
|
||||
IgNiAASsl16vufqKa/qdJWIEDO5no2useouKh4ZkAdtBf3fWjDnsT3J9ulxe0Ep+
|
||||
QbC8010o3dGQZL5UqwzoarLGrFentQ4wTJYzLXX2VHrLCyDjwswia1U3+I9ZYLp1
|
||||
TA9+88CjUzBRMB0GA1UdDgQWBBQuToV7daaeM2l+EdWsqXX4NP1gFjAfBgNVHSME
|
||||
GDAWgBQuToV7daaeM2l+EdWsqXX4NP1gFjAPBgNVHRMBAf8EBTADAQH/MAoGCCqG
|
||||
SM49BAMCA2gAMGUCMFEUPb/G0QxEiAW0d1S7njA4UPPtgugQ44PDjWhFrwEowtEv
|
||||
gmDwQUgL/nKb+7GsSQIxANABnyvZSR9heu9rqqYxeW/0eGoQoDnSiZowdf7Z6fJP
|
||||
aiTuTmjxvd1KKxrCkmuSDg==
|
||||
dGVybmV0IFdpZGdpdHMgUHR5IEx0ZDAeFw0yNDEyMjgwNjE0MTZaFw0yNTEyMjgw
|
||||
NjE0MTZaMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEwHwYD
|
||||
VQQKDBhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwWjAUBgcqhkjOPQIBBgkrJAMD
|
||||
AggBAQcDQgAEqN7Qt+7QALFwaoQlza8XoBhyRvD0tqgcgpHIzqSj3UAW42EQizGl
|
||||
QXUVX6Wiueve7Qjts7Evg+U4P6dm5FcZAaNTMFEwHQYDVR0OBBYEFHB+vSzRl9Vy
|
||||
UedDOcm9V+sbVYlLMB8GA1UdIwQYMBaAFHB+vSzRl9VyUedDOcm9V+sbVYlLMA8G
|
||||
A1UdEwEB/wQFMAMBAf8wCgYIKoZIzj0EAwMDRwAwRAIgFv62dVvKdRlqCcRfQdax
|
||||
iSfNPb3k7L2E0ETWSZ0KLvICIC8csz7X6VOTuVspKl1YXlBM6hOx7gTVdaGKmTR2
|
||||
WtFT
|
||||
-----END CERTIFICATE-----
|
||||
|
||||
@@ -25,8 +25,9 @@ const sigAlgs = [
|
||||
// { sigAlg: 'ecdsa', hashFunction: 'sha256', domainParameter: 'secp256r1', keyLength: '256' },
|
||||
// { sigAlg: 'ecdsa', hashFunction: 'sha1', domainParameter: 'secp256r1', keyLength: '256' },
|
||||
// { sigAlg: 'ecdsa', hashFunction: 'sha256', domainParameter: 'brainpoolP256r1', keyLength: '256' },
|
||||
{ sigAlg: 'ecdsa', hashFunction: 'sha384', domainParameter: 'brainpoolP256r1', keyLength: '256' },
|
||||
// { sigAlg: 'ecdsa', hashFunction: 'sha384', domainParameter: 'secp384r1', keyLength: '384' },
|
||||
{ sigAlg: 'ecdsa', hashFunction: 'sha256', domainParameter: 'secp384r1', keyLength: '384' },
|
||||
// { sigAlg: 'ecdsa', hashFunction: 'sha256', domainParameter: 'secp384r1', keyLength: '384' },
|
||||
// { sigAlg: 'ecdsa', hashFunction: 'sha384', domainParameter: 'brainpoolP384r1', keyLength: '384' },
|
||||
];
|
||||
|
||||
|
||||
@@ -41,6 +41,7 @@ export const MAX_PADDED_ECONTENT_LEN: Partial<
|
||||
rsa_sha256_65537_3072: 384,
|
||||
rsa_sha256_3_2048: 384,
|
||||
ecdsa_sha256_brainpoolP256r1_256: 384,
|
||||
ecdsa_sha384_brainpoolP256r1_256: 512,
|
||||
ecdsa_sha384_brainpoolP384r1_384: 512,
|
||||
};
|
||||
|
||||
@@ -62,6 +63,7 @@ export const MAX_PADDED_SIGNED_ATTR_LEN: Partial<
|
||||
rsa_sha256_65537_3072: 192,
|
||||
rsa_sha256_3_2048: 192,
|
||||
ecdsa_sha256_brainpoolP256r1_256: 192,
|
||||
ecdsa_sha384_brainpoolP256r1_256: 256,
|
||||
ecdsa_sha384_brainpoolP384r1_384: 256,
|
||||
};
|
||||
|
||||
@@ -108,6 +110,7 @@ export enum SignatureAlgorithmIndex {
|
||||
ecdsa_sha256_brainpoolP256r1_256 = 21,
|
||||
ecdsa_sha384_brainpoolP384r1_384 = 22,
|
||||
ecdsa_sha256_secp384r1_384 = 23,
|
||||
ecdsa_sha384_brainpoolP256r1_256 = 24,
|
||||
}
|
||||
|
||||
export const attributeToPosition = {
|
||||
|
||||
@@ -1266,6 +1266,28 @@ Tvkpy9dRVAEaF2QmoiMtCHKnAiAe9FkZw6iO8h4GWKyeiAsvnk/tiRcLwkOQoLNc
|
||||
-----END CERTIFICATE-----
|
||||
`;
|
||||
|
||||
export const mock_dsc_key_sha384_brainpoolP256r1 = `-----BEGIN EC PRIVATE KEY-----
|
||||
MHgCAQEEIIhHbA4GKMOiNXQcXTiFlQUX2YFKz5U/Ya+vQa/YFo6foAsGCSskAwMC
|
||||
CAEBB6FEA0IABKje0Lfu0ACxcGqEJc2vF6AYckbw9LaoHIKRyM6ko91AFuNhEIsx
|
||||
pUF1FV+lornr3u0I7bOxL4PlOD+nZuRXGQE=
|
||||
-----END EC PRIVATE KEY-----
|
||||
`;
|
||||
|
||||
export const mock_dsc_sha384_brainpoolP256r1 = `-----BEGIN CERTIFICATE-----
|
||||
MIIB3zCCAYagAwIBAgIUNxoAJFWOPOCE9KOmtQZpg4NiEzMwCgYIKoZIzj0EAwMw
|
||||
RTELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUxITAfBgNVBAoMGElu
|
||||
dGVybmV0IFdpZGdpdHMgUHR5IEx0ZDAeFw0yNDEyMjgwNjE0MTZaFw0yNTEyMjgw
|
||||
NjE0MTZaMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEwHwYD
|
||||
VQQKDBhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwWjAUBgcqhkjOPQIBBgkrJAMD
|
||||
AggBAQcDQgAEqN7Qt+7QALFwaoQlza8XoBhyRvD0tqgcgpHIzqSj3UAW42EQizGl
|
||||
QXUVX6Wiueve7Qjts7Evg+U4P6dm5FcZAaNTMFEwHQYDVR0OBBYEFHB+vSzRl9Vy
|
||||
UedDOcm9V+sbVYlLMB8GA1UdIwQYMBaAFHB+vSzRl9VyUedDOcm9V+sbVYlLMA8G
|
||||
A1UdEwEB/wQFMAMBAf8wCgYIKoZIzj0EAwMDRwAwRAIgFv62dVvKdRlqCcRfQdax
|
||||
iSfNPb3k7L2E0ETWSZ0KLvICIC8csz7X6VOTuVspKl1YXlBM6hOx7gTVdaGKmTR2
|
||||
WtFT
|
||||
-----END CERTIFICATE-----
|
||||
`;
|
||||
|
||||
export const mock_dsc_key_sha256_secp384r1 = `-----BEGIN EC PRIVATE KEY-----
|
||||
MIGkAgEBBDBZthN5/vhpqE/ALHj35A/pMkfSDRxFKKweTYs2IxR0eW6RJQlZhdgk
|
||||
TGP7rQ4EKF6gBwYFK4EEACKhZANiAASsl16vufqKa/qdJWIEDO5no2useouKh4Zk
|
||||
|
||||
@@ -38,6 +38,8 @@ import {
|
||||
mock_dsc_sha384_brainpoolP384r1,
|
||||
mock_dsc_key_sha256_secp384r1,
|
||||
mock_dsc_sha256_secp384r1,
|
||||
mock_dsc_key_sha384_brainpoolP256r1,
|
||||
mock_dsc_sha384_brainpoolP256r1,
|
||||
} from '../constants/mockCertificates';
|
||||
import { sampleDataHashes_small, sampleDataHashes_large } from '../constants/sampleDataHashes';
|
||||
import { countryCodes } from '../constants/constants';
|
||||
@@ -153,6 +155,11 @@ export function genMockPassportData(
|
||||
privateKeyPem = mock_dsc_key_sha256_brainpoolP256r1;
|
||||
dsc = mock_dsc_sha256_brainpoolP256r1;
|
||||
break;
|
||||
case 'ecdsa_sha384_brainpoolP256r1_256':
|
||||
sampleDataHashes = genSampleDataHashes('large', 48);
|
||||
privateKeyPem = mock_dsc_key_sha384_brainpoolP256r1;
|
||||
dsc = mock_dsc_sha384_brainpoolP256r1;
|
||||
break;
|
||||
case 'rsa_sha256_3_2048':
|
||||
sampleDataHashes = genSampleDataHashes('large', 32);
|
||||
privateKeyPem = mock_dsc_key_sha256_rsa_3_2048;
|
||||
@@ -182,7 +189,7 @@ export function genMockPassportData(
|
||||
|
||||
const { hashFunction, hashLen } = parseCertificate(dsc);
|
||||
|
||||
console.log('hashFUnction', hashFunction);
|
||||
console.log('hashFunction', hashFunction);
|
||||
|
||||
const mrzHash = hash(hashFunction, formatMrz(mrz));
|
||||
const concatenatedDataHashes = formatAndConcatenateDataHashes(
|
||||
|
||||
@@ -25,6 +25,7 @@ export type SignatureAlgorithm =
|
||||
| 'ecdsa_sha384_secp384r1_384'
|
||||
| 'ecdsa_sha256_secp384r1_384'
|
||||
| 'ecdsa_sha256_brainpoolP256r1_256'
|
||||
| 'ecdsa_sha384_brainpoolP256r1_256'
|
||||
| 'rsa_sha256_3_2048'
|
||||
| 'rsa_sha256_65537_3072'
|
||||
| 'rsa_sha256_65537_4096'
|
||||
|
||||
Reference in New Issue
Block a user