github/self
1
1
Fork 0
mirror of https://github.com/selfxyz/self.git synced 2026-04-05 03:00:53 -04:00
Code Issues Packages Projects Releases Wiki Activity

feat: support sha1 brainpool224r1

Browse Source
This commit is contained in:
ayman
2024-12-30 19:38:23 +05:30
parent 12184bc653
commit dbdeef8d3b
7 changed files with 67 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
common/src/constants/constants.ts
View File

@@ -45,6 +45,7 @@ export const MAX_PADDED_ECONTENT_LEN: Partial<
ecdsa_sha384_brainpoolP384r1_384: 512,
ecdsa_sha512_brainpoolP256r1_256: 640,
ecdsa_sha512_brainpoolP384r1_384: 640,
ecdsa_sha1_brainpoolP224r1_224: 320,
};
export const MAX_PADDED_SIGNED_ATTR_LEN: Partial<
@@ -69,6 +70,7 @@ export const MAX_PADDED_SIGNED_ATTR_LEN: Partial<
ecdsa_sha384_brainpoolP384r1_384: 256,
ecdsa_sha512_brainpoolP256r1_256: 256,
ecdsa_sha512_brainpoolP384r1_384: 256,
ecdsa_sha1_brainpoolP224r1_224: 192,
};
export const MAX_CERT_BYTES: Partial<Record<keyof typeof SignatureAlgorithmIndex, number>> = {
@@ -117,6 +119,7 @@ export enum SignatureAlgorithmIndex {
ecdsa_sha384_brainpoolP256r1_256 = 24,
ecdsa_sha512_brainpoolP256r1_256 = 25,
ecdsa_sha512_brainpoolP384r1_384 = 26,
ecdsa_sha1_brainpoolP224r1_224 = 27,
}
export const attributeToPosition = {

21
common/src/constants/mockCertificates.ts
View File

@@ -1244,6 +1244,27 @@ d+9Msdsovrc=
-----END CERTIFICATE-----
`;
export const mock_dsc_key_sha1_brainpoolP224r1 = `-----BEGIN EC PRIVATE KEY-----
MGwCAQEEHEtm6OSi3EClphbb0ovVMLNX6SCQ/ZpYsFTjlnqgCwYJKyQDAwIIAQEF
oTwDOgAEb8kcLsVLjpC1RWAjA/lRTHP2HVdW1ntmtfo1g2R6E6NkgLetsRXxc8Sn
CJ71v4bL9/50ksOiv+U=
-----END EC PRIVATE KEY-----
`;
export const mock_dsc_sha1_brainpoolP224r1 = `-----BEGIN CERTIFICATE-----
MIIBzTCCAX2gAwIBAgIUL2Uxhvbe1w8fdNbH+/nFp0LvkEYwCQYHKoZIzj0EATBF
MQswCQYDVQQGEwJBVTETMBEGA1UECAwKU29tZS1TdGF0ZTEhMB8GA1UECgwYSW50
ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMB4XDTI0MTIzMDA4NDQ0MVoXDTI1MTIzMDA4
NDQ0MVowRTELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUxITAfBgNV
BAoMGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDBSMBQGByqGSM49AgEGCSskAwMC
CAEBBQM6AARvyRwuxUuOkLVFYCMD+VFMc/YdV1bWe2a1+jWDZHoTo2SAt62xFfFz
xKcInvW/hsv3/nSSw6K/5aNTMFEwHQYDVR0OBBYEFHWg+dJpv6bTRvEWrInb/XtX
XIzPMB8GA1UdIwQYMBaAFHWg+dJpv6bTRvEWrInb/XtXXIzPMA8GA1UdEwEB/wQF
MAMBAf8wCQYHKoZIzj0EAQM/ADA8Ahx0BuqVqweU/EHvq42lTIH6ku+wPMoqvUL/
jnD0AhwDAIPS8xytmOiI0MuVj3kwdnzTLdsGslSkmj8l
-----END CERTIFICATE-----
`;
export const mock_dsc_key_sha256_brainpoolP256r1 = `-----BEGIN EC PRIVATE KEY-----
MHgCAQEEIGJigSc0XAA6G8o5znqeZyr6vM33jfVLKjIenqGZni8poAsGCSskAwMC
CAEBB6FEA0IABDu2bqyQM7+NJRN1jSaQK0DW2a99g2U6JjGGIVMq0n2gZYOKFx9E

2
common/src/utils/certificates/curves.ts
View File

@@ -96,6 +96,7 @@ export function identifyCurve(params: any): string {
export function getNamedCurve(oid: string): string {
const curves = {
'1.3.36.3.3.2.8.1.1.5': 'brainpoolP224r1',
'1.2.840.10045.3.1.7': 'secp256r1',
'1.3.132.0.34': 'secp384r1',
'1.3.132.0.35': 'secp521r1',
@@ -114,6 +115,7 @@ export function getCurveForElliptic(curveName: string): string {
secp256r1: 'p256',
secp384r1: 'p384',
secp521r1: 'p521',
brainpoolP224r1: 'brainpoolP224r1',
brainpoolP256r1: 'brainpoolP256r1',
brainpoolP384r1: 'brainpoolP384r1',
};

22
common/src/utils/certificates/publicKeyDetails.ts
View File

@@ -15,7 +15,7 @@ import {
} from './curves';
import { gethashFunctionName } from './handleCertificate';
import elliptic from 'elliptic';
import hash from 'hash.js';
const curves = elliptic.curves;
const PresetCurve = elliptic.curves.PresetCurve;
@@ -35,6 +35,21 @@ function defineCurve(name, options) {
});
}
defineCurve('brainpoolP224r1', {
type: 'short',
prime: null,
p: 'd7c134aa 26436686 2a183025 75d1d787 b09f0757 97da89f5 7ec8c0ff',
a: '68a5e62c a9ce6c1c 299803a6 c1530b51 4e182ad8 b0042a59 cad29f43',
b: '2580f63c cfe44138 870713b1 a92369e3 3e2135d2 66dbb372 386c400b',
n: 'd7c134aa 26436686 2a183025 75d0fb98 d116bc4b 6ddebca3 a5a7939f',
hash: hash.sha1,
gRed: false,
g: [
'0d9029ad 2c7e5cf4 340823b2 a87dc68c 9e4ce317 4c1e6efd ee12c07d',
'58aa56f7 72c0726f 24c6b89e 4ecdac24 354b9e99 caa3f6d3 761402cd',
],
});
defineCurve('brainpoolP256r1', {
type: 'short',
prime: null,
@@ -42,7 +57,7 @@ defineCurve('brainpoolP256r1', {
a: '7d5a0975 fc2c3057 eef67530 417affe7 fb8055c1 26dc5c6c e94a4b44 f330b5d9',
b: '26dc5c6c e94a4b44 f330b5d9 bbd77cbf 95841629 5cf7e1ce 6bccdc18 ff8c07b6',
n: 'a9fb57db a1eea9bc 3e660a90 9d838d71 8c397aa3 b561a6f7 901e0e82 974856a7',
hash: curves.p256.hash,
hash: hash.sha256,
gRed: false,
g: [
'8bd2aeb9 cb7e57cb 2c4b482f fc81b7af b9de27e1 e3bd23c2 3a4453bd 9ace3262',
@@ -57,7 +72,7 @@ defineCurve('brainpoolP384r1', {
a: '7bc382c6 3d8c150c 3c72080a ce05afa0 c2bea28e 4fb22787 139165ef ba91f90f 8aa5814a 503ad4eb 04a8c7dd 22ce2826',
b: '04a8c7dd 22ce2826 8b39b554 16f0447c 2fb77de1 07dcd2a6 2e880ea5 3eeb62d5 7cb43902 95dbc994 3ab78696 fa504c11',
n: '8cb91e82 a3386d28 0f5d6f7e 50e641df 152f7109 ed5456b3 1f166e6c ac0425a7 cf3ab6af 6b7fc310 3b883202 e9046565',
hash: curves.p384.hash,
hash: hash.sha384,
gRed: false,
g: [
'1d1c64f0 68cf45ff a2a63a81 b7c13f6b 8847a3e7 7ef14fe3 db7fcafe 0cbd10e8 e826e034 36d646aa ef87b2e2 47d4af1e',
@@ -116,6 +131,7 @@ export function parseECParameters(publicKeyInfo: any): PublicKeyDetailsECDSA {
const fieldSizeMap: { [key: string]: number } = {
secp256r1: 256,
secp384r1: 384,
brainpoolP224r1: 224,
brainpoolP256r1: 256,
brainpoolP384r1: 384,
};

15
common/src/utils/genMockPassportData.ts
View File

@@ -44,6 +44,8 @@ import {
mock_dsc_sha512_brainpoolP256r1,
mock_dsc_key_sha512_brainpoolP384r1,
mock_dsc_sha512_brainpoolP384r1,
mock_dsc_key_sha1_brainpoolP224r1,
mock_dsc_sha1_brainpoolP224r1,
} from '../constants/mockCertificates';
import { sampleDataHashes_small, sampleDataHashes_large } from '../constants/sampleDataHashes';
import { countryCodes } from '../constants/constants';
@@ -199,6 +201,11 @@ export function genMockPassportData(
privateKeyPem = mock_dsc_key_sha512_brainpoolP384r1;
dsc = mock_dsc_sha512_brainpoolP384r1;
break;
case 'ecdsa_sha1_brainpoolP224r1_224':
sampleDataHashes = genSampleDataHashes('large', 20);
privateKeyPem = mock_dsc_key_sha1_brainpoolP224r1;
dsc = mock_dsc_sha1_brainpoolP224r1;
break;
}
const { hashFunction, hashLen } = parseCertificate(dsc);
@@ -259,14 +266,22 @@ function sign(privateKeyPem: string, dsc: string, eContent: number[]): number[]
);
const asn1Data = asn1.fromBER(privateKeyDer);
const privateKeyBuffer = (asn1Data.result.valueBlock as any).value[1].valueBlock.valueHexView;
console.log('sig deets');
console.log('pk', privateKeyBuffer);
console.log('hashFUnction', hashFunction);
console.log('message', Buffer.from(eContent).toString('hex'));
const keyPair = ec.keyFromPrivate(privateKeyBuffer);
let md = forge.md[hashFunction].create();
md.update(forge.util.binary.raw.encode(new Uint8Array(eContent)));
console.log('message to sign', md.digest().toHex());
const signature = keyPair.sign(md.digest().toHex(), 'hex');
console.log(Buffer.from(signature.toDER(), 'hex').toString('hex'));
const signatureBytes = Array.from(Buffer.from(signature.toDER(), 'hex'));
console.log('sig', JSON.stringify(signatureBytes));
return signatureBytes;
} else {
const privKey = forge.pki.privateKeyFromPem(privateKeyPem);

3
common/src/utils/types.ts
View File

@@ -34,7 +34,8 @@ export type SignatureAlgorithm =
| 'rsapss_sha256_65537_3072'
| 'rsapss_sha256_65537_4096'
| 'ecdsa_sha384_brainpoolP384r1_384'
| 'ecdsa_sha512_brainpoolP384r1_384';
| 'ecdsa_sha512_brainpoolP384r1_384'
| 'ecdsa_sha1_brainpoolP224r1_224';
export type Proof = {
proof: {

6
common/src/utils/utils.ts
View File

@@ -37,7 +37,9 @@ export function getNAndK(sigAlg: SignatureAlgorithm) {
}
if (sigAlg.startsWith('ecdsa_')) {
if (sigAlg.endsWith('256')) {
if (sigAlg.endsWith('224')) {
return { n: 32, k: 7 };
} else if (sigAlg.endsWith('256')) {
return { n: n_dsc_ecdsa, k: 4 };
} else if (sigAlg.endsWith('384')) {
return { n: n_dsc_ecdsa, k: 6 };
@@ -45,6 +47,8 @@ export function getNAndK(sigAlg: SignatureAlgorithm) {
return { n: n_dsc_ecdsa, k: 8 };
} else if (sigAlg.endsWith('521')) {
return { n: n_dsc_ecdsa, k: 16 };
} else {
throw new Error('invalid key size');
}
}