From 2742acec5e7d44861dbb958b189ed6a69f032a29 Mon Sep 17 00:00:00 2001 From: seshanthS Date: Mon, 23 Dec 2024 10:02:25 +0530 Subject: [PATCH 1/4] add rsapss-sha384 --- .../prove_rsapss_sha384_65537_3072.circom | 6 + .../prove_rsapss_sha384_65537_4096.circom | 6 + .../sha2/sha384_temp/sha2_common.circom | 261 ++++++++++++++++++ .../sha2/sha384_temp/sha384_hash_bits.circom | 145 ++++++++++ .../sha384_temp/sha384_initial_value.circom | 26 ++ .../sha2/sha384_temp/sha512_compress.circom | 96 +++++++ .../sha2/sha384_temp/sha512_padding.circom | 39 +++ .../sha384_temp/sha512_round_const.circom | 37 +++ .../sha2/sha384_temp/sha512_rounds.circom | 122 ++++++++ .../sha2/sha384_temp/sha512_schedule.circom | 65 +++++ .../shaBytes/dynamic/sha384Bytes.circom | 8 +- .../hasher/shaBytes/shaBytesDynamic.circom | 8 +- .../utils/passport/signatureAlgorithm.circom | 13 + .../utils/passport/signatureVerifier.circom | 1 + circuits/tests/prove.test.ts | 2 + common/src/constants/constants.ts | 7 +- common/src/constants/mockCertificates.ts | 90 ++++++ common/src/constants/sampleDataHashes.ts | 51 ++++ common/src/utils/genMockPassportData.ts | 37 ++- common/src/utils/generateInputs.ts | 33 ++- 20 files changed, 1026 insertions(+), 27 deletions(-) create mode 100644 circuits/circuits/prove/instances/prove_rsapss_sha384_65537_3072.circom create mode 100644 circuits/circuits/prove/instances/prove_rsapss_sha384_65537_4096.circom create mode 100644 circuits/circuits/utils/circomlib/hasher/sha2/sha384_temp/sha2_common.circom create mode 100644 circuits/circuits/utils/circomlib/hasher/sha2/sha384_temp/sha384_hash_bits.circom create mode 100644 circuits/circuits/utils/circomlib/hasher/sha2/sha384_temp/sha384_initial_value.circom create mode 100644 circuits/circuits/utils/circomlib/hasher/sha2/sha384_temp/sha512_compress.circom create mode 100644 circuits/circuits/utils/circomlib/hasher/sha2/sha384_temp/sha512_padding.circom create mode 100644 circuits/circuits/utils/circomlib/hasher/sha2/sha384_temp/sha512_round_const.circom create mode 100644 circuits/circuits/utils/circomlib/hasher/sha2/sha384_temp/sha512_rounds.circom create mode 100644 circuits/circuits/utils/circomlib/hasher/sha2/sha384_temp/sha512_schedule.circom diff --git a/circuits/circuits/prove/instances/prove_rsapss_sha384_65537_3072.circom b/circuits/circuits/prove/instances/prove_rsapss_sha384_65537_3072.circom new file mode 100644 index 00000000..1f1f8d95 --- /dev/null +++ b/circuits/circuits/prove/instances/prove_rsapss_sha384_65537_3072.circom @@ -0,0 +1,6 @@ +pragma circom 2.1.9; + +include "../openpassport_prove.circom"; + +// component main { public [ scope, user_identifier, current_date] } = OPENPASSPORT_PROVE(18, 96, 32, 640, 256, 20); +component main { public [ scope, user_identifier, current_date] } = OPENPASSPORT_PROVE(18, 96, 32, 512, 256, 20); \ No newline at end of file diff --git a/circuits/circuits/prove/instances/prove_rsapss_sha384_65537_4096.circom b/circuits/circuits/prove/instances/prove_rsapss_sha384_65537_4096.circom new file mode 100644 index 00000000..d8f0d9ce --- /dev/null +++ b/circuits/circuits/prove/instances/prove_rsapss_sha384_65537_4096.circom @@ -0,0 +1,6 @@ +pragma circom 2.1.9; + +include "../openpassport_prove.circom"; + +// component main { public [ scope, user_identifier, current_date] } = OPENPASSPORT_PROVE(18, 96, 32, 640, 256, 20); +component main { public [ scope, user_identifier, current_date] } = OPENPASSPORT_PROVE(21, 64, 64, 512, 256, 20); \ No newline at end of file diff --git a/circuits/circuits/utils/circomlib/hasher/sha2/sha384_temp/sha2_common.circom b/circuits/circuits/utils/circomlib/hasher/sha2/sha384_temp/sha2_common.circom new file mode 100644 index 00000000..03dec29e --- /dev/null +++ b/circuits/circuits/utils/circomlib/hasher/sha2/sha384_temp/sha2_common.circom @@ -0,0 +1,261 @@ +pragma circom 2.0.0; + +//------------------------------------------------------------------------------ +// decompose a 2-bit number into a high and a low bit + +// template Bits2() { +// signal input xy; +// signal output lo; +// signal output hi; + +// lo <-- xy & 1; +// hi <-- (xy>>1) & 1; + +// lo*(1-lo) === 0; +// hi*(1-hi) === 0; + +// xy === 2*hi + lo; +// } + +// //------------------------------------------------------------------------------ +// // XOR 3 bits together + +// template XOR3_v1() { +// signal input x; +// signal input y; +// signal input z; +// signal output out; + +// component bs = Bits2(); +// bs.xy <== x + y + z; +// bs.lo ==> out; +// } + +// //------------------ +// // same number of constraints (that is, 2), in the general case +// // however circom can optimize y=0 or z=0, unlike with the above +// // and hopefully also x=0. + +// template XOR3_v2() { +// signal input x; +// signal input y; +// signal input z; +// signal output out; + +// signal tmp <== y*z; +// out <== x * (1 - 2*y - 2*z + 4*tmp) + y + z - 2*tmp; +// } + +//------------------------------------------------------------------------------ +// decompose an n-bit number into bits + +template ToBits(n) { + signal input inp; + signal output out[n]; + + var sum = 0; + for(var i=0; i> i) & 1; + out[i] * (1-out[i]) === 0; + sum += (1<> i) & 1; + out_bits[i] * (1-out_bits[i]) === 0; + sum += (1<> 32) & 1; + u*(1-u) === 0; + + inp === sum + (1<<32)*u; + out_word <== sum; +} + +//------------------------------------------------------------------------------ +// decompose a 34-bit number into the low 32 bits and the remaining 2 bits + +template Bits34() { + signal input inp; + signal output out_bits[32]; + signal output out_word; + signal u,v; + + var sum = 0; + for(var i=0; i<32; i++) { + out_bits[i] <-- (inp >> i) & 1; + out_bits[i] * (1-out_bits[i]) === 0; + sum += (1<> 32) & 1; + v <-- (inp >> 33) & 1; + u*(1-u) === 0; + v*(1-v) === 0; + + inp === sum + (1<<32)*u + (1<<33)*v; + out_word <== sum; +} + +//------------------------------------------------------------------------------ +// decompose a 35-bit number into the low 32 bits and the remaining 3 bits + +template Bits35() { + signal input inp; + signal output out_bits[32]; + signal output out_word; + signal u,v,w; + + var sum = 0; + for(var i=0; i<32; i++) { + out_bits[i] <-- (inp >> i) & 1; + out_bits[i] * (1-out_bits[i]) === 0; + sum += (1<> 32) & 1; + v <-- (inp >> 33) & 1; + w <-- (inp >> 34) & 1; + u*(1-u) === 0; + v*(1-v) === 0; + w*(1-w) === 0; + + inp === sum + (1<<32)*u + (1<<33)*v + (1<<34)*w; + out_word <== sum; +} + +//------------------------------------------------------------------------------ +// decompose a 65-bit number into the low 64 bits and the remaining 1 bit + +template Bits65() { + signal input inp; + signal output out_bits[64]; + signal output out_word; + signal u; + + var sum = 0; + for(var i=0; i<64; i++) { + out_bits[i] <-- (inp >> i) & 1; + out_bits[i] * (1-out_bits[i]) === 0; + sum += (1<> 64) & 1; + u*(1-u) === 0; + + inp === sum + (1<<64)*u; + out_word <== sum; +} + +//------------------------------------------------------------------------------ +// decompose a 66-bit number into the low 64 bits and the remaining 2 bit + +template Bits66() { + signal input inp; + signal output out_bits[64]; + signal output out_word; + signal u,v; + + var sum = 0; + for(var i=0; i<64; i++) { + out_bits[i] <-- (inp >> i) & 1; + out_bits[i] * (1-out_bits[i]) === 0; + sum += (1<> 64) & 1; + v <-- (inp >> 65) & 1; + u*(1-u) === 0; + v*(1-v) === 0; + + inp === sum + (1<<64)*u + (1<<65)*v; + out_word <== sum; +} + + +//------------------------------------------------------------------------------ +// decompose a 67-bit number into the low 64 bits and the remaining 3 bit + +template Bits67() { + signal input inp; + signal output out_bits[64]; + signal output out_word; + signal u,v,w; + + var sum = 0; + for(var i=0; i<64; i++) { + out_bits[i] <-- (inp >> i) & 1; + out_bits[i] * (1-out_bits[i]) === 0; + sum += (1<> 64) & 1; + v <-- (inp >> 65) & 1; + w <-- (inp >> 66) & 1; + u*(1-u) === 0; + v*(1-v) === 0; + w*(1-w) === 0; + + inp === sum + (1<<64)*u + (1<<65)*v + (1<<66)*w; + out_word <== sum; +} + +//------------------------------------------------------------------------------ +// converts a sequence of `n` big-endian 32-bit words to `4n` bytes +// (to be compatible with the output hex string of standard SHA2 tools) + +template DWordsToByteString(n) { + + signal input inp[n][32]; + signal output out[4*n]; + + for(var k=0; k chunks; + + component iv = Sha384_initial_value(); + iv.out ==> states[0]; + + component sch[nchunks]; + component rds[nchunks]; + + for (var m = 0; m < nchunks; m++) { + sch[m] = SHA2_384_512_schedule(); + rds[m] = SHA2_384_512_rounds(80); + + for (var k = 0; k < 16; k++) { + for (var i = 0; i < 64; i++) { + sch[m].chunk_bits[k][i] <== chunks[m][k * 64 + (63 - i)]; + } + } + + sch[m].out_words ==> rds[m].words; + rds[m].inp_hash <== states[m]; + rds[m].out_hash ==> states[m + 1]; + } + + signal inBlockIndex; + inBlockIndex <-- (paddedInLength >> 10); // paddedInLength / 1024 + paddedInLength === inBlockIndex * 1024; + + // Select the correct compression output for the given length + component arraySelectors[384]; + for (var j = 0; j < 6; j++) { + for (var i = 0; i < 64; i++) { + var idx = j * 64 + i; + arraySelectors[idx] = ItemAtIndex(nchunks); + for (var m = 0; m < nchunks; m++) { + arraySelectors[idx].in[m] <== states[m + 1][j][63 - i]; + } + arraySelectors[idx].index <== inBlockIndex - 1; + out[idx] <== arraySelectors[idx].out; + } + } +} + +template Sha384HashBitsStatic(lenBits) { + + signal input in[lenBits]; + signal output out[384]; + + var nchunks = SHA2_384_512_compute_number_of_chunks(lenBits); + + signal chunks[nchunks ][1024]; + signal states[nchunks+1][8][64]; + + component pad = SHA2_384_512_padding(lenBits); + pad.inp <== in; + pad.out ==> chunks; + + component iv = Sha384_initial_value(); + iv.out ==> states[0]; + + component sch[nchunks]; + component rds[nchunks]; + + for(var m=0; m rds[m].words; + + rds[m].inp_hash <== states[m ]; + rds[m].out_hash ==> states[m+1]; + } + + + for(var j=0; j<6; j++) { + for (var i = 0; i < 64; i++){ + out[j*64 + i] <== states[nchunks][j][63-i]; + } + } + +} + +template Sha384_hash_chunks(BLOCK_NUM) { + + signal input in[BLOCK_NUM * 1024]; + signal output out[384]; + + signal states[BLOCK_NUM+1][8][64]; + + component iv = Sha384_initial_value(); + iv.out ==> states[0]; + + component sch[BLOCK_NUM]; + component rds[BLOCK_NUM]; + + for(var m=0; m rds[m].words; + + rds[m].inp_hash <== states[m ]; + rds[m].out_hash ==> states[m+1]; + } + + for(var j=0; j<6; j++) { + for (var i = 0; i < 64; i++){ + out[j*64 + i] <== states[BLOCK_NUM][j][63-i]; + } + } +} diff --git a/circuits/circuits/utils/circomlib/hasher/sha2/sha384_temp/sha384_initial_value.circom b/circuits/circuits/utils/circomlib/hasher/sha2/sha384_temp/sha384_initial_value.circom new file mode 100644 index 00000000..f5c22474 --- /dev/null +++ b/circuits/circuits/utils/circomlib/hasher/sha2/sha384_temp/sha384_initial_value.circom @@ -0,0 +1,26 @@ +pragma circom 2.0.0; + +//------------------------------------------------------------------------------ +// initial hash value for SHA2-384 + +template Sha384_initial_value() { + + signal output out[8][64]; + + var initial_state[8] = + [ 0xcbbb9d5dc1059ed8 + , 0x629a292a367cd507 + , 0x9159015a3070dd17 + , 0x152fecd8f70e5939 + , 0x67332667ffc00b31 + , 0x8eb44a8768581511 + , 0xdb0c2e0d64f98fa7 + , 0x47b5481dbefa4fa4 + ]; + + for(var k=0; k<8; k++) { + for(var i=0; i<64; i++) { + out[k][i] <== (initial_state[k] >> i) & 1; + } + } +} diff --git a/circuits/circuits/utils/circomlib/hasher/sha2/sha384_temp/sha512_compress.circom b/circuits/circuits/utils/circomlib/hasher/sha2/sha384_temp/sha512_compress.circom new file mode 100644 index 00000000..ad3f2da9 --- /dev/null +++ b/circuits/circuits/utils/circomlib/hasher/sha2/sha384_temp/sha512_compress.circom @@ -0,0 +1,96 @@ +pragma circom 2.0.0; + +include "./sha2_common.circom"; + +//------------------------------------------------------------------------------ +// SHA384 / SHA512 compression function inner loop +// +// note: the d,h,inp,key inputs (and outputs) are 64 bit numbers; +// the rest are little-endian bit vectors. + +template SHA2_384_512_compress_inner() { + + signal input inp; + signal input key; + + signal input a[64]; + signal input b[64]; + signal input c[64]; + signal input dd; + signal input e[64]; + signal input f[64]; + signal input g[64]; + signal input hh; + + signal output out_a[64]; + signal output out_b[64]; + signal output out_c[64]; + signal output out_dd; + signal output out_e[64]; + signal output out_f[64]; + signal output out_g[64]; + signal output out_hh; + + var d_sum = 0; + var h_sum = 0; + for(var i=0; i<64; i++) { + out_g[i] <== f[i]; + out_f[i] <== e[i]; + out_c[i] <== b[i]; + out_b[i] <== a[i]; + d_sum += (1< out_e; + + component decompose_a = Bits67(); + decompose_a.inp <== overflow_a; + decompose_a.out_bits ==> out_a; + +} + +//------------------------------------------------------------------------------ diff --git a/circuits/circuits/utils/circomlib/hasher/sha2/sha384_temp/sha512_padding.circom b/circuits/circuits/utils/circomlib/hasher/sha2/sha384_temp/sha512_padding.circom new file mode 100644 index 00000000..53a35652 --- /dev/null +++ b/circuits/circuits/utils/circomlib/hasher/sha2/sha384_temp/sha512_padding.circom @@ -0,0 +1,39 @@ +pragma circom 2.0.0; + +//------------------------------------------------------------------------------ +// compute the number of chunks + +function SHA2_384_512_compute_number_of_chunks(len_bits) { + var nchunks = ((len_bits + 1 + 128) + 1023) \ 1024; + return nchunks; +} + +//------------------------------------------------------------------------------ +// padding for SHA2-384 and SHA2-512 (they are the same) +// NOTE: `len` should be given as the number of *bits* + +template SHA2_384_512_padding(len) { + + var nchunks = SHA2_384_512_compute_number_of_chunks(len); + var nbits = nchunks * 1024; + + signal input inp[len]; + signal output out[nchunks][1024]; + + for(var i=0; i out[i\1024][i%1024]; + } + + out[len\1024][len%1024] <== 1; + for(var i=len+1; i 0 ); + assert( n <= 80 ); + + signal input words[n]; // round words (64-bit words) + signal input inp_hash[8][64]; // initial state + signal output out_hash[8][64]; // final state after n rounds (n <= 80) + + signal a [n+1][64]; + signal b [n+1][64]; + signal c [n+1][64]; + signal dd[n+1]; + signal e [n+1][64]; + signal f [n+1][64]; + signal g [n+1][64]; + signal hh[n+1]; + + signal round_keys[80]; + component RC = SHA2_384_512_round_keys(); + round_keys <== RC.out; + + a[0] <== inp_hash[0]; + b[0] <== inp_hash[1]; + c[0] <== inp_hash[2]; + + e[0] <== inp_hash[4]; + f[0] <== inp_hash[5]; + g[0] <== inp_hash[6]; + + var sum_dd = 0; + var sum_hh = 0; + for(var i=0; i<64; i++) { + sum_dd += inp_hash[3][i] * (1< a [k+1]; + compress[k].out_b ==> b [k+1]; + compress[k].out_c ==> c [k+1]; + compress[k].out_dd ==> dd[k+1]; + compress[k].out_e ==> e [k+1]; + compress[k].out_f ==> f [k+1]; + compress[k].out_g ==> g [k+1]; + compress[k].out_hh ==> hh[k+1]; + } + + component modulo[8]; + for(var j=0; j<8; j++) { + modulo[j] = Bits65(); + } + + var sum_a = 0; + var sum_b = 0; + var sum_c = 0; + var sum_e = 0; + var sum_f = 0; + var sum_g = 0; + for(var i=0; i<64; i++) { + sum_a += (1< out_hash[j]; + } + +} + +// ----------------------------------------------------------------------------- diff --git a/circuits/circuits/utils/circomlib/hasher/sha2/sha384_temp/sha512_schedule.circom b/circuits/circuits/utils/circomlib/hasher/sha2/sha384_temp/sha512_schedule.circom new file mode 100644 index 00000000..f8f5902d --- /dev/null +++ b/circuits/circuits/utils/circomlib/hasher/sha2/sha384_temp/sha512_schedule.circom @@ -0,0 +1,65 @@ +pragma circom 2.0.0; + +include "./sha2_common.circom"; + +//------------------------------------------------------------------------------ +// message schedule for SHA384 / SHA512 +// +// NOTE: the individual 64 bit words are in little-endian order +// + +template SHA2_384_512_schedule() { + + signal input chunk_bits[16][64]; // 1024 bits = 16 qwords = 128 bytes + signal output out_words [80]; // 80 words + signal out_bits [80][64]; // 5120 bits = 80 qwords = 640 bytes + + for(var k=0; k<16; k++) { + var sum = 0; + for(var i=0; i<64; i++) { sum += (1< out_bits [m]; + modulo[r].out_word ==> out_words[m]; + + } +} + +//------------------------------------------------------------------------------ diff --git a/circuits/circuits/utils/circomlib/hasher/shaBytes/dynamic/sha384Bytes.circom b/circuits/circuits/utils/circomlib/hasher/shaBytes/dynamic/sha384Bytes.circom index cbb19d1b..9142114e 100644 --- a/circuits/circuits/utils/circomlib/hasher/shaBytes/dynamic/sha384Bytes.circom +++ b/circuits/circuits/utils/circomlib/hasher/shaBytes/dynamic/sha384Bytes.circom @@ -2,9 +2,11 @@ pragma circom 2.1.9; include "../../../bitify/bitify.circom"; include "../../../bitify/comparators.circom"; -include "../../other/fp.circom"; -include "../../other/array.circom"; -include "../../sha2/sha384/sha384_hash_bits.circom"; +// include "../../other/fp.circom"; +// include "../../other/array.circom"; +include "../../../utils/array.circom"; + +include "../../sha2/sha384_temp/sha384_hash_bits.circom"; template Sha384Bytes(maxByteLength) { signal input paddedIn[maxByteLength]; diff --git a/circuits/circuits/utils/circomlib/hasher/shaBytes/shaBytesDynamic.circom b/circuits/circuits/utils/circomlib/hasher/shaBytes/shaBytesDynamic.circom index 3eec400e..7be0fc76 100644 --- a/circuits/circuits/utils/circomlib/hasher/shaBytes/shaBytesDynamic.circom +++ b/circuits/circuits/utils/circomlib/hasher/shaBytes/shaBytesDynamic.circom @@ -2,7 +2,7 @@ pragma circom 2.1.9; include "./dynamic/sha1Bytes.circom"; include "./dynamic/sha256Bytes.circom"; -// include "./dynamic/sha384Bytes.circom"; +include "./dynamic/sha384Bytes.circom"; // include "./dynamic/sha512Bytes.circom"; template ShaBytesDynamic(hashLen, max_num_bytes) { @@ -14,9 +14,9 @@ template ShaBytesDynamic(hashLen, max_num_bytes) { // if (hashLen == 512) { // hash <== Sha512Bytes(max_num_bytes)(in_padded, in_len_padded_bytes); // } - // if (hashLen == 384) { - // hash <== Sha384Bytes(max_num_bytes)(in_padded, in_len_padded_bytes); - // } + if (hashLen == 384) { + hash <== Sha384Bytes(max_num_bytes)(in_padded, in_len_padded_bytes); + } if (hashLen == 256) { hash <== Sha256Bytes(max_num_bytes)(in_padded, in_len_padded_bytes); } diff --git a/circuits/circuits/utils/passport/signatureAlgorithm.circom b/circuits/circuits/utils/passport/signatureAlgorithm.circom index 59c3c90c..1ee37fe6 100644 --- a/circuits/circuits/utils/passport/signatureAlgorithm.circom +++ b/circuits/circuits/utils/passport/signatureAlgorithm.circom @@ -18,6 +18,7 @@ pragma circom 2.1.9; 17: rsapss_sha256_3_4096 18: rsapss_sha384_65537_3072 19: rsapss_sha256_65537_3072 + 21: rsapss_sha256_65537_3072 */ function getHashLength(signatureAlgorithm) { @@ -72,6 +73,9 @@ function getHashLength(signatureAlgorithm) { if (signatureAlgorithm == 20) { return 256; } + if (signatureAlgorithm == 21) { + return 384; + } return 0; } @@ -124,6 +128,9 @@ function getKeyLength(signatureAlgorithm) { if (signatureAlgorithm == 19) { return 3072; } + if (signatureAlgorithm == 21) { + return 4096; + } return 0; } @@ -177,6 +184,9 @@ function getKLengthFactor(signatureAlgorithm) { if (signatureAlgorithm == 19) { return 1; } + if (signatureAlgorithm == 21) { + return 1; + } return 0; } @@ -222,6 +232,9 @@ function getExponentBits(signatureAlgorithm) { if (signatureAlgorithm == 19) { return 17; } + if (signatureAlgorithm == 21) { + return 17; + } return 0; } diff --git a/circuits/circuits/utils/passport/signatureVerifier.circom b/circuits/circuits/utils/passport/signatureVerifier.circom index cac918e2..d242267c 100644 --- a/circuits/circuits/utils/passport/signatureVerifier.circom +++ b/circuits/circuits/utils/passport/signatureVerifier.circom @@ -58,6 +58,7 @@ template SignatureVerifier(signatureAlgorithm, n, k) { || signatureAlgorithm == 17 || signatureAlgorithm == 18 || signatureAlgorithm == 19 + || signatureAlgorithm == 21 ) { var pubKeyBitsLength = getKeyLength(signatureAlgorithm); var SALT_LEN = HASH_LEN_BITS / 8; diff --git a/circuits/tests/prove.test.ts b/circuits/tests/prove.test.ts index e4d52525..60f3752a 100644 --- a/circuits/tests/prove.test.ts +++ b/circuits/tests/prove.test.ts @@ -19,6 +19,8 @@ const sigAlgs = [ // { sigAlg: 'rsapss', hashFunction: 'sha256', domainParameter: '65537', keyLength: '4096' }, // { sigAlg: 'rsapss', hashFunction: 'sha256', domainParameter: '3', keyLength: '4096' }, // { sigAlg: 'rsapss', hashFunction: 'sha256', domainParameter: '3', keyLength: '3072' }, + { sigAlg: 'rsapss', hashFunction: 'sha384', domainParameter: '65537', keyLength: '3072' }, + { sigAlg: 'rsapss', hashFunction: 'sha384', domainParameter: '65537', keyLength: '4096' }, // { sigAlg: 'rsa', hashFunction: 'sha256', domainParameter: '3', keyLength: '2048' }, // { sigAlg: 'rsa', hashFunction: 'sha256', domainParameter: '65537', keyLength: '3072' }, // { sigAlg: 'ecdsa', hashFunction: 'sha256', domainParameter: 'secp256r1', keyLength: '256' }, diff --git a/common/src/constants/constants.ts b/common/src/constants/constants.ts index aa2f0d23..b9b9e498 100644 --- a/common/src/constants/constants.ts +++ b/common/src/constants/constants.ts @@ -33,7 +33,8 @@ export const MAX_PADDED_ECONTENT_LEN: Partial< rsapss_sha256_65537_3072: 384, rsapss_sha256_65537_4096: 384, rsapss_sha256_3_4096: 384, - rsapss_sha384_65537_3072: 384, + rsapss_sha384_65537_3072: 512, //640, //415, //384, + rsapss_sha384_65537_4096: 512, ecdsa_sha1_secp256r1_256: 320, ecdsa_sha256_secp256r1_256: 384, ecdsa_sha384_secp384r1_384: 512, @@ -52,6 +53,7 @@ export const MAX_PADDED_SIGNED_ATTR_LEN: Partial< rsapss_sha256_3_3072: 192, rsapss_sha256_3_4096: 192, rsapss_sha384_65537_3072: 256, + rsapss_sha384_65537_4096: 256, ecdsa_sha1_secp256r1_256: 192, ecdsa_sha256_secp256r1_256: 192, ecdsa_sha384_secp384r1_384: 192, @@ -98,7 +100,8 @@ export enum SignatureAlgorithmIndex { rsapss_sha256_3_3072 = 16, rsapss_sha256_3_4096 = 17, rsapss_sha384_65537_3072 = 18, - rsapss_sha256_65537_3072 = 19 + rsapss_sha256_65537_3072 = 19, + rsapss_sha384_65537_4096 = 21, } export const attributeToPosition = { diff --git a/common/src/constants/mockCertificates.ts b/common/src/constants/mockCertificates.ts index c0030e23..49f74da0 100644 --- a/common/src/constants/mockCertificates.ts +++ b/common/src/constants/mockCertificates.ts @@ -736,6 +736,96 @@ iy9uKJEqz9mZR8ApD0mFwjlY3+SZ6TMwTvSJNER9knW7rZWUUxdjQtSFjKc6U8+a jQ9V3syuNDAVMuzZ6X8H8JA5n+jIH9YCPWIm2QmS4Q== -----END CERTIFICATE-----`; +export const mock_dsc_key_sha384_rsapss_65537_4096 = ` +-----BEGIN PRIVATE KEY----- +MIIJQgIBADANBgkqhkiG9w0BAQEFAASCCSwwggkoAgEAAoICAQC/FZaoCIyQXNmS +qRsWDeixi4/75NhW+XrZ0qBaS6tEh6LUizcHU6+Ln5vN13h3HWhnqgygj444TfI0 +OXxoHoyi5615xF8mc1E2ycyvJP4Rpf4lqltGYdr56Z7lY6nlNWOZDK/PfaZ8/gF2 +NkY1ooAXH6zXLVBhNYxZsfbZM/WjX27ax8FG2u87VHfX5D1B9d7ZepOPQJGBuJ9y +SfmFfu2T8R8WSvbU0H/ISI0C9hrj2JxW5lK9X7PPxTZNYonukKWQoYEjr04UQkuA +ZDmAUhQKY0kDtxAPqOcOKVipcF3b2Dpx9uJ8w96MDQTJ47/CVsj3SISULtzCUa2Y +fzA/g/4G6W0lZ7b1XcR2Z054GbmcSAm4H5DEleiG1zWiG3wGJHlFgQmgVWlD3psp +N/dsK2npsYKy6aSDjO76seVHLyqjk3kGzJGbflPqdQvYGHjBUYPcEwJk1xFnzOtt +I8oq8G5g7sCeQ4vIX58zF4DaXpjNFyQzIhPHLDB6b9gzeiUeEVR+e8t+US932MHA +Q1WBJ+1tRjb+9HrP3zdnrs0wjNZ8CHeTrtYPd6IZkHQPf+HovPhnHfulyXWk/kef +hoAhcF/7qOsLj0Ik1NNXJ8AbpgyHCJh+QE9iSm3mck0pOHSo6u/L7lrzsCAgfGMH +dW51d7t5z+8sE2vidgUagJyDTH1/DwIDAQABAoICAEfw9tG4tkM70eZ3qGz7O5ps +sv7hP9ou/2O2+wxD5O1eK53d9A/cIAFvTBeJgh9GgSJWUX65zY/BOOkUo5QHvGcw +1o07s58kV3VLMLbYNJesaS0BIHA1M15X6Kzwgux6106uChsScXYpo58/+9sBnTwX +ftlchCC1Kmwypn9MIrUpnvDbuBbXIq6xtJUhpzaIPSigD6IlayLtwYoj87+g9A15 +AH1CKAAjp5heSEjPI3yY9vN4r7oAqBAXbcRgzxF0gAEd7SLkQ385HnfuQ//d5xGq +I7k0WOWsb6FTS8AvQAcfN5Hko4zZqZYM6Lqh9nZSekMvmEq6Af9fBP6fFCk1ppOI +vvawkGzSbU2UQUlLLWI+y/xbrD8XuAdkhMNEMvd/+zmeHv1fnns7L7YNh50FvBq6 +CfnJ7kaliGUyYrNuH61vPawLDsX2w4FF7z23XpSZKm7KAWIVoj6bB7aF8NTDlQCp +leXqkdCaK5AJui81FQ6w7gwYn/YfKyRbM7EuwcJbl4rgNEsglIoU/x9O+1vb9AKX +7aIlDzjgihehVy8nrT6b5nuExBNKYM7jdD7ur1pSKf/FELcJJtq81Us1IgUEjuvT +K2jh3Cj+byadFnCAuJorMUYZ49dip9oZGiYwkdfDS54de3pOc5enkTAw3G4uMgKw +eCfHWmQsVEOvgopDvpqRAoIBAQDrQE4Nn4xhrzNr/P0Rc5Bc2SpRdsrLkKrpphI/ +BITgmrEH0NrXJLz8AP48pv3wjpEof12B1vU6+0yLe4hdPG8cvtR7RsaZQ/rlUslo +KjAS7pxyuZWUk1frSWRLYJf+s3eWV98+oUPgcU/fLb015RwzC8Pm1hFhHZ6ZOsQW +TMbx18f3RzzHgqDLJg9MoRaZ3BQNTpHhHPPzcrvwM9HVel+kAhjbhzX/0xga3lgX +CsicWoaPwCUfZ/4paqzgQxNco+SpkCDPvqmC0S6b2zJJzwtIEBCkaSw+Ng+yXDy/ +Vse0pTshlv34f5kqrDTTqialB3nJniZxKIpXD69lns810TKjAoIBAQDP8AxABGNf +ihEPdUewyDiSdS9UyYncsiIkbHmV+YKv47WjxmDzSCDw47yTYMFs/9IR5blsnc2H +RSO2+8Tpgy2Qp3II99GUWRTLNaB0iskw0I3fPWqmfHDl3N36bedP1iI8w3kQaim7 +331c3ThZkRojWzhRgX6bEH+D8bMC82iEyuV1Rggskhs+kSrkn8K7OO9aeuIKHlJI +6FbhaP7HAGk9n4wZA3D2nUt+pB0D+AE2y7dFicCD5OYP0K8PbmX4eBYQETsqCUsc +Te28oFsaXchoKXXFy5h7vVxvl57bw8GozKg8kuhayjx1tSpNeLPkhqFQYyfLXkM9 +BY/rWGgY0nSlAoIBAGMhVcKn2J/RE/oNQRZ5e/ukBxEM3aep7ltGf6nOXa/Hf5Gr +kIvYD0qhoIAuXhNgAArwoJZ13iBchITCKVQggzG5uA+6YzVyT+cSW4xpOpi/s20k +hsN00zdyVbDtox7QwTO5E3lwuwl4tg91VqW/RYK9Em/TBL/Hm202Niqvb6W5J6or +epEXmmoAP7IqrztmYYy57v7NFH8hedBeBa3PQz35JEBdWYPTj/TCfJw5Dw/TlaA9 +d2ckixUovnBB04bWCSTqdukTjppxSxKh6y7u7/IN0vV03A/a+AJQm8iE6OJWPfSJ +i7uLCR/SMPCAYohn/gnXept0WdcV5PMNWIN1A8ECggEBAIHiB0TVeNzseMuXDji2 +V9/jorTrTlm0Su9FcozjVWZYbdTmzRgpLapKFjhYb3mOMcFMJQ5bY03jOfPKP608 +avG4JdrEMPzgx8RGsvsY1aLQIk4XJs7nW/24gE805w9PSgN6ddxy866OYtfmtpP7 +tr/u8ra2lEZ3f68DAjYNpHON6NXf8KsmeC4Urx4vTIt1fMyfhSGc3vj7Z4lU9A+J +ijMbvX7CT4U7qzRnflhEST3Y8ZlV+hJon+uxBig1ZSxWljFjEfmn5GrBooX4A+/s +NIobm5z5Fz3zghGSO4A6PnUZoNx1Rv2u5SUBDHNnubY9AfYceXbmYklzd/ohNqSK +kKECggEAYlclogfOITtGYJLXgjU94/BCP4ey6aYqbMj6W6kjjzRnWIYkFVmQD/y9 +rdZq1YP7nO4U3h/L0Qd1kyQDm4/3N01zUOqK3eCiCDlMeh+XKV9PErZAMPtm7MTa +IAMyyghghfu22a88QBPuTOD/wORy75euuIl+D9U3VPdCGBStM4507HPie5Kz+LIW +w5djzAZjYom2IqdowDzjPMxaOvx4gn/Em82+FKTw4VkliL7i3o88glpnyQKBsHkf +Kj3QR0+7Wn1ta2gVxii56lLOrXAXmI84+r7AOXb1L8IGQlXcMEiO2/SsvBXoRL+C +S1jILA++Dtd4WhdPOlHZaeUp2BA9Ew== +-----END PRIVATE KEY----- +` + +export const mock_dsc_sha384_rsapss_65537_4096 = `-----BEGIN CERTIFICATE----- +MIIFwjCCA3agAwIBAgIUdDmCIT44XyKwPzNi826EV44f1HwwQQYJKoZIhvcNAQEK +MDSgDzANBglghkgBZQMEAgIFAKEcMBoGCSqGSIb3DQEBCDANBglghkgBZQMEAgIF +AKIDAgEwMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEwHwYD +VQQKDBhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMjQxMjIzMDQxODA5WhcN +MjUwMTIyMDQxODA5WjBFMQswCQYDVQQGEwJBVTETMBEGA1UECAwKU29tZS1TdGF0 +ZTEhMB8GA1UECgwYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIICIjANBgkqhkiG +9w0BAQEFAAOCAg8AMIICCgKCAgEAvxWWqAiMkFzZkqkbFg3osYuP++TYVvl62dKg +WkurRIei1Is3B1Ovi5+bzdd4dx1oZ6oMoI+OOE3yNDl8aB6MouetecRfJnNRNsnM +ryT+EaX+JapbRmHa+eme5WOp5TVjmQyvz32mfP4BdjZGNaKAFx+s1y1QYTWMWbH2 +2TP1o19u2sfBRtrvO1R31+Q9QfXe2XqTj0CRgbifckn5hX7tk/EfFkr21NB/yEiN +AvYa49icVuZSvV+zz8U2TWKJ7pClkKGBI69OFEJLgGQ5gFIUCmNJA7cQD6jnDilY +qXBd29g6cfbifMPejA0EyeO/wlbI90iElC7cwlGtmH8wP4P+BultJWe29V3EdmdO +eBm5nEgJuB+QxJXohtc1oht8BiR5RYEJoFVpQ96bKTf3bCtp6bGCsumkg4zu+rHl +Ry8qo5N5BsyRm35T6nUL2Bh4wVGD3BMCZNcRZ8zrbSPKKvBuYO7AnkOLyF+fMxeA +2l6YzRckMyITxywwem/YM3olHhFUfnvLflEvd9jBwENVgSftbUY2/vR6z983Z67N +MIzWfAh3k67WD3eiGZB0D3/h6Lz4Zx37pcl1pP5Hn4aAIXBf+6jrC49CJNTTVyfA +G6YMhwiYfkBPYkpt5nJNKTh0qOrvy+5a87AgIHxjB3VudXe7ec/vLBNr4nYFGoCc +g0x9fw8CAwEAAaNCMEAwHQYDVR0OBBYEFCUFSOYvPOJ9/1MW/4Aifbqx9JdtMB8G +A1UdIwQYMBaAFPCyO3NiVitChNElz1+jZPtO0/N6MEEGCSqGSIb3DQEBCjA0oA8w +DQYJYIZIAWUDBAICBQChHDAaBgkqhkiG9w0BAQgwDQYJYIZIAWUDBAICBQCiAwIB +MAOCAgEAKTNUqhfNbKjFqSHFLE8eJMxyBHdGNlTDNZ0Nf7I92o/h88Vc2kxCae+8 +gNig9pKtOnMzTwt6EYZBdzT26TE3T4wEW4CmJQAyEMKN6roExSza/IJLKBvHbf6l +3HC6knU3Ww+UFtnHjHuFIiT/u3H3UgwZslZo+GUpGT81/ZZ+3TuY3ZtpgsjeplkR +6fjkpqnziChf5gQKIjRYjiIIAWnmdURxWgiXH2Gx16rCqtl8lQn8TKNwWKVVWpjA +jLeNMHOPQsmEpCogIPRLUC8pe72qr2dgyvVvFNjE+/gttNU4QWNaKu25AkRDbRt8 +pX/dhm1MooTBflaMH9/cosMv8LigRTfJVVRahJqTGHmwPwnmh9daiP+Yg+epHmdc +Q/xK0RvBoJRiHQX8/965ujDwmHQEk07EcgY8AXWxsC6gan5avtQxfdvvRDqS8K1W +cFblvuUB+ZSTAcPD084F6bprZvEprnseGF0cXOjzukxS3tQVz+qllu4YV6CUeVkP +ushCrU1qkwak8YB+sjdPD9PLV3fu5sN+zzYJtD0egj78jUgbcIxGEoPsFAeBxtE5 +X2A1786dt2vEwkXIywAHE92KUoqvcBQ83dXhvVPyPbGCi0RZ9deArz+e0ZThaj0C +6eFTLnNxGMsxdy291xamYoqzZVcyG2X6ZC0OSdNwxPP3z70Awm8= +-----END CERTIFICATE----- +` + export const mock_dsc_key_sha384_rsapss_65537_3072 = ` -----BEGIN PRIVATE KEY----- MIIG/QIBADANBgkqhkiG9w0BAQEFAASCBucwggbjAgEAAoIBgQDJiF1gdqiYPP7V diff --git a/common/src/constants/sampleDataHashes.ts b/common/src/constants/sampleDataHashes.ts index 8b9afccc..e7e0f216 100644 --- a/common/src/constants/sampleDataHashes.ts +++ b/common/src/constants/sampleDataHashes.ts @@ -57,3 +57,54 @@ export const sampleDataHashes_large = [ ], ], ] as [number, number[]][]; + +export const sampleDataHashes_large_sha384 = [ + [ + 2, + [ + -66, 82, -76, -21, -34, 33, 79, 50, -104, -120, -114, 35, 116, -32, 6, -14, -100, -115, -128, + -8, 10, 61, 98, 86, -8, 45, -49, -46, 90, -24, -81, 38, 12, 34, 56, 78, 90, 12, 34, 56, 78, 90, + 12, 34, 56, 78, 90, 12, + ], + ], + [ + 3, + [ + 0, -62, 104, 108, -19, -10, 97, -26, 116, -58, 69, 110, 26, 87, 17, 89, 110, -57, 108, -6, 36, + 21, 39, 87, 110, 102, -6, -43, -82, -125, -85, -82, 12, 34, 56, 78, 90, 12, 34, 56, 78, 90, 12, + 34, 56, 78, 90, 12, + ], + ], + [ + 11, + [ + -120, -101, 87, -112, 111, 15, -104, 127, 85, 25, -102, 81, 20, 58, 51, 75, -63, 116, -22, 0, + 60, 30, 29, 30, -73, -115, 72, -9, -1, -53, 100, 124, 12, 34, 56, 78, 90, 12, 34, 56, 78, 90, + 12, 34, 56, 78, 90, 12, + ], + ], + [ + 12, + [ + 41, -22, 106, 78, 31, 11, 114, -119, -19, 17, 92, 71, -122, 47, 62, 78, -67, -23, -55, -42, + 53, 4, 47, -67, -55, -123, 6, 121, 34, -125, 64, -114, 12, 34, 56, 78, 90, 12, 34, 56, 78, 90, + 12, 34, 56, 78, 90, 12, + ], + ], + [ + 13, + [ + 91, -34, -46, -63, 62, -34, 104, 82, 36, 41, -118, -3, 70, 15, -108, -48, -100, 45, 105, -85, + -15, -61, -71, 43, -39, -94, -110, -55, -34, 89, -18, 38, 12, 34, 56, 78, 90, 12, 34, 56, 78, + 90, 12, 34, 56, 78, 90, 12, + ], + ], + [ + 14, + [ + 76, 123, -40, 13, 51, -29, 72, -11, 59, -63, -18, -90, 103, 49, 23, -92, -85, -68, -62, -59, + -100, -69, -7, 28, -58, 95, 69, 15, -74, 56, 54, 38, 12, 34, 56, 78, 90, 12, 34, 56, 78, 90, + 12, 34, 56, 78, 90, 12, + ], + ], +] as [number, number[]][]; \ No newline at end of file diff --git a/common/src/utils/genMockPassportData.ts b/common/src/utils/genMockPassportData.ts index 5cc39916..4a0b223a 100644 --- a/common/src/utils/genMockPassportData.ts +++ b/common/src/utils/genMockPassportData.ts @@ -34,8 +34,10 @@ import { mock_dsc_sha256_rsapss_65537_3072, mock_dsc_key_rsapss_65537_4096, mock_dsc_sha256_rsapss_65537_4096, + mock_dsc_key_sha384_rsapss_65537_4096, + mock_dsc_sha384_rsapss_65537_4096, } from '../constants/mockCertificates'; -import { sampleDataHashes_small, sampleDataHashes_large } from '../constants/sampleDataHashes'; +import { sampleDataHashes_small, sampleDataHashes_large, sampleDataHashes_large_sha384 } from '../constants/sampleDataHashes'; import { countryCodes } from '../constants/constants'; import { parseCertificate } from './certificates/handleCertificate'; import { SignatureAlgorithm } from './types'; @@ -118,10 +120,15 @@ export function genMockPassportData( dsc = mock_dsc_sha256_rsapss_3_3072; break; case 'rsapss_sha384_65537_3072': - sampleDataHashes = sampleDataHashes_large; + sampleDataHashes = sampleDataHashes_large_sha384; privateKeyPem = mock_dsc_key_sha384_rsapss_65537_3072; dsc = mock_dsc_sha384_rsapss_65537_3072; break; + case 'rsapss_sha384_65537_4096': + sampleDataHashes = sampleDataHashes_large_sha384; + privateKeyPem = mock_dsc_key_sha384_rsapss_65537_4096; + dsc = mock_dsc_sha384_rsapss_65537_4096; + break; case 'ecdsa_sha256_secp256r1_256': sampleDataHashes = sampleDataHashes_large; privateKeyPem = mock_dsc_key_sha256_ecdsa; @@ -165,6 +172,7 @@ export function genMockPassportData( } const { hashFunction, hashLen } = parseCertificate(dsc); + console.log('hashFunction', hashFunction, hashLen); const mrzHash = hash(hashFunction, formatMrz(mrz)); const concatenatedDataHashes = formatAndConcatenateDataHashes( @@ -195,13 +203,24 @@ function sign(privateKeyPem: string, dsc: string, eContent: number[]): number[] if (signatureAlgorithm === 'rsapss') { const privateKey = forge.pki.privateKeyFromPem(privateKeyPem); - const md = forge.md.sha256.create(); - md.update(forge.util.binary.raw.encode(new Uint8Array(eContent))); - const pss = forge.pss.create({ - md: forge.md.sha256.create(), - mgf: forge.mgf.mgf1.create(forge.md.sha256.create()), - saltLength: 32, - }); + let md, pss; + if (hashFunction == 'sha384') { + md = forge.md.sha384.create(); + md.update(forge.util.binary.raw.encode(new Uint8Array(eContent))); + pss = forge.pss.create({ + md: forge.md.sha384.create(), + mgf: forge.mgf.mgf1.create(forge.md.sha384.create()), + saltLength: 48, + }); + } else { + md = forge.md.sha256.create(); + md.update(forge.util.binary.raw.encode(new Uint8Array(eContent))); + pss = forge.pss.create({ + md: forge.md.sha256.create(), + mgf: forge.mgf.mgf1.create(forge.md.sha256.create()), + saltLength: 32, + }); + } const signatureBytes = privateKey.sign(md, pss); return Array.from(signatureBytes, (c: string) => c.charCodeAt(0)); } else if (signatureAlgorithm === 'ecdsa') { diff --git a/common/src/utils/generateInputs.ts b/common/src/utils/generateInputs.ts index 7f8eb6c8..b266752c 100644 --- a/common/src/utils/generateInputs.ts +++ b/common/src/utils/generateInputs.ts @@ -4,7 +4,7 @@ import { MAX_PADDED_ECONTENT_LEN, MAX_PADDED_SIGNED_ATTR_LEN, } from '../constants/constants'; -import { assert, shaPad } from './shaPad'; +import { assert, sha384_512Pad, shaPad } from './shaPad'; import { PassportData } from './types'; import { bytesToBigDecimal, @@ -224,15 +224,30 @@ export function generateCircuitInputsProve( ); } - const [eContentPadded, eContentLen] = shaPad( - new Uint8Array(eContent), - MAX_PADDED_ECONTENT_LEN[signatureAlgorithmFullName] - ); + let eContentPadded, eContentLen, signedAttrPadded, signedAttrPaddedLen; + if (hashFunction === 'sha384' || hashFunction === 'sha512') { + [eContentPadded, eContentLen] = sha384_512Pad( + new Uint8Array(eContent), + MAX_PADDED_ECONTENT_LEN[signatureAlgorithmFullName] + ); + } else { + [eContentPadded, eContentLen] = shaPad( + new Uint8Array(eContent), + MAX_PADDED_ECONTENT_LEN[signatureAlgorithmFullName] + ); + } - const [signedAttrPadded, signedAttrPaddedLen] = shaPad( - new Uint8Array(signedAttr), - MAX_PADDED_SIGNED_ATTR_LEN[signatureAlgorithmFullName] - ); + if (hashFunction === 'sha384' || hashFunction === 'sha512') { + [signedAttrPadded, signedAttrPaddedLen] = sha384_512Pad( + new Uint8Array(signedAttr), + MAX_PADDED_SIGNED_ATTR_LEN[signatureAlgorithmFullName] + ); + } else { + [signedAttrPadded, signedAttrPaddedLen] = shaPad( + new Uint8Array(signedAttr), + MAX_PADDED_SIGNED_ATTR_LEN[signatureAlgorithmFullName] + ); + } const formattedMajority = majority.length === 1 ? `0${majority}` : majority; const majority_ascii = formattedMajority.split('').map((char) => char.charCodeAt(0)); From 7647466585089ccb02d07855500c56d365f22047 Mon Sep 17 00:00:00 2001 From: seshanthS Date: Mon, 23 Dec 2024 19:32:25 +0530 Subject: [PATCH 2/4] add rsapss-sha512 --- .../prove_rsapss_sha512_65537_3072.circom | 5 + .../sha2/sha512_temp/sha512_hash_bits.circom | 145 ++++++++++++++++++ .../sha512_temp/sha512_initial_value.circom | 27 ++++ .../shaBytes/dynamic/sha512Bytes.circom | 8 +- .../hasher/shaBytes/shaBytesDynamic.circom | 8 +- .../circomlib/signature/rsapss/mgf1.circom | 52 +++++++ .../circomlib/signature/rsapss/rsapss.circom | 53 ++++++- .../utils/passport/signatureAlgorithm.circom | 16 +- .../utils/passport/signatureVerifier.circom | 1 + circuits/tests/prove.test.ts | 1 + common/src/constants/constants.ts | 3 + common/src/constants/mockCertificates.ts | 71 +++++++++ common/src/constants/sampleDataHashes.ts | 57 +++++++ common/src/utils/genMockPassportData.ts | 17 +- common/src/utils/types.ts | 5 +- common/src/utils/utils.ts | 5 +- 16 files changed, 458 insertions(+), 16 deletions(-) create mode 100644 circuits/circuits/prove/instances/prove_rsapss_sha512_65537_3072.circom create mode 100644 circuits/circuits/utils/circomlib/hasher/sha2/sha512_temp/sha512_hash_bits.circom create mode 100644 circuits/circuits/utils/circomlib/hasher/sha2/sha512_temp/sha512_initial_value.circom diff --git a/circuits/circuits/prove/instances/prove_rsapss_sha512_65537_3072.circom b/circuits/circuits/prove/instances/prove_rsapss_sha512_65537_3072.circom new file mode 100644 index 00000000..e2059f95 --- /dev/null +++ b/circuits/circuits/prove/instances/prove_rsapss_sha512_65537_3072.circom @@ -0,0 +1,5 @@ +pragma circom 2.1.9; + +include "../openpassport_prove.circom"; + +component main { public [ scope, user_identifier, current_date] } = OPENPASSPORT_PROVE(22, 96, 32, 640, 320, 20); \ No newline at end of file diff --git a/circuits/circuits/utils/circomlib/hasher/sha2/sha512_temp/sha512_hash_bits.circom b/circuits/circuits/utils/circomlib/hasher/sha2/sha512_temp/sha512_hash_bits.circom new file mode 100644 index 00000000..90f2d2af --- /dev/null +++ b/circuits/circuits/utils/circomlib/hasher/sha2/sha512_temp/sha512_hash_bits.circom @@ -0,0 +1,145 @@ +pragma circom 2.0.0; + +include "../sha384_temp/sha2_common.circom"; +include "../sha384_temp/sha512_padding.circom"; +include "sha512_initial_value.circom"; +include "../sha384_temp/sha512_schedule.circom"; +include "../sha384_temp/sha512_rounds.circom"; +// include "../../other/array.circom"; +include "../../../utils/array.circom"; + + +template Sha512Dynamic(maxBits) { + signal input in[maxBits]; + signal input paddedInLength; + signal output out[512]; + + var nchunks = SHA2_384_512_compute_number_of_chunks(maxBits); + signal chunks[nchunks][1024]; + signal states[nchunks + 1][8][64]; + + component pad = SHA2_384_512_padding(maxBits); + pad.inp <== in; + pad.out ==> chunks; + + component iv = Sha512_initial_value(); + iv.out ==> states[0]; + + component sch[nchunks]; + component rds[nchunks]; + + for (var m = 0; m < nchunks; m++) { + sch[m] = SHA2_384_512_schedule(); + rds[m] = SHA2_384_512_rounds(80); + + for (var k = 0; k < 16; k++) { + for (var i = 0; i < 64; i++) { + sch[m].chunk_bits[k][i] <== chunks[m][k * 64 + (63 - i)]; + } + } + + sch[m].out_words ==> rds[m].words; + rds[m].inp_hash <== states[m]; + rds[m].out_hash ==> states[m + 1]; + } + + signal inBlockIndex; + inBlockIndex <-- (paddedInLength >> 10); + paddedInLength === inBlockIndex * 1024; + + component arraySelectors[512]; + for (var j = 0; j < 8; j++) { + for (var i = 0; i < 64; i++) { + var idx = j * 64 + i; + arraySelectors[idx] = ItemAtIndex(nchunks); + for (var m = 0; m < nchunks; m++) { + arraySelectors[idx].in[m] <== states[m + 1][j][63 - i]; + } + arraySelectors[idx].index <== inBlockIndex - 1; + out[idx] <== arraySelectors[idx].out; + } + } +} + +template Sha512HashBitsStatic(lenBits) { + + signal input in[lenBits]; + signal output out[512]; + + var nchunks = SHA2_384_512_compute_number_of_chunks(lenBits); + + signal chunks[nchunks ][1024]; + signal states[nchunks+1][8][64]; + + component pad = SHA2_384_512_padding(lenBits); + pad.inp <== in; + pad.out ==> chunks; + + component iv = Sha512_initial_value(); + iv.out ==> states[0]; + + component sch[nchunks]; + component rds[nchunks]; + + for(var m=0; m rds[m].words; + + rds[m].inp_hash <== states[m ]; + rds[m].out_hash ==> states[m+1]; + } + + + for(var j=0; j<8; j++) { + for (var i = 0; i < 64; i++){ + out[j*64 + i] <== states[nchunks][j][63-i]; + } + } + +} + +template Sha512_hash_chunks(BLOCK_NUM) { + + signal input in[BLOCK_NUM*1024]; + signal output out[512]; + + signal states[BLOCK_NUM+1][8][64]; + + component iv = Sha512_initial_value(); + iv.out ==> states[0]; + + component sch[BLOCK_NUM]; + component rds[BLOCK_NUM]; + + for(var m=0; m rds[m].words; + + rds[m].inp_hash <== states[m ]; + rds[m].out_hash ==> states[m+1]; + } + + for(var j=0; j<8; j++) { + for (var i = 0; i < 64; i++){ + out[j*64 + i] <== states[BLOCK_NUM][j][63-i]; + } + } +} diff --git a/circuits/circuits/utils/circomlib/hasher/sha2/sha512_temp/sha512_initial_value.circom b/circuits/circuits/utils/circomlib/hasher/sha2/sha512_temp/sha512_initial_value.circom new file mode 100644 index 00000000..1edb1a46 --- /dev/null +++ b/circuits/circuits/utils/circomlib/hasher/sha2/sha512_temp/sha512_initial_value.circom @@ -0,0 +1,27 @@ +pragma circom 2.0.0; + +//------------------------------------------------------------------------------ +// initial hash value for SHA2-512 + +template Sha512_initial_value() { + + signal output out[8][64]; + + var initial_state[8] = + [ 0x6a09e667f3bcc908 + , 0xbb67ae8584caa73b + , 0x3c6ef372fe94f82b + , 0xa54ff53a5f1d36f1 + , 0x510e527fade682d1 + , 0x9b05688c2b3e6c1f + , 0x1f83d9abfb41bd6b + , 0x5be0cd19137e2179 + ]; + + for(var k=0; k<8; k++) { + for(var i=0; i<64; i++) { + out[k][i] <== (initial_state[k] >> i) & 1; + } + } + +} diff --git a/circuits/circuits/utils/circomlib/hasher/shaBytes/dynamic/sha512Bytes.circom b/circuits/circuits/utils/circomlib/hasher/shaBytes/dynamic/sha512Bytes.circom index 6ac093eb..3eb0162f 100644 --- a/circuits/circuits/utils/circomlib/hasher/shaBytes/dynamic/sha512Bytes.circom +++ b/circuits/circuits/utils/circomlib/hasher/shaBytes/dynamic/sha512Bytes.circom @@ -2,9 +2,11 @@ pragma circom 2.1.9; include "../../../bitify/bitify.circom"; include "../../../bitify/comparators.circom"; -include "../../other/fp.circom"; -include "../../other/array.circom"; -include "../../sha2/sha512/sha512_hash_bits.circom"; +// include "../../other/fp.circom"; +// include "../../other/array.circom"; +include "../../../utils/array.circom"; + +include "../../sha2/sha512_temp/sha512_hash_bits.circom"; template Sha512Bytes(maxByteLength) { signal input paddedIn[maxByteLength]; diff --git a/circuits/circuits/utils/circomlib/hasher/shaBytes/shaBytesDynamic.circom b/circuits/circuits/utils/circomlib/hasher/shaBytes/shaBytesDynamic.circom index 7be0fc76..b460f835 100644 --- a/circuits/circuits/utils/circomlib/hasher/shaBytes/shaBytesDynamic.circom +++ b/circuits/circuits/utils/circomlib/hasher/shaBytes/shaBytesDynamic.circom @@ -3,7 +3,7 @@ pragma circom 2.1.9; include "./dynamic/sha1Bytes.circom"; include "./dynamic/sha256Bytes.circom"; include "./dynamic/sha384Bytes.circom"; -// include "./dynamic/sha512Bytes.circom"; +include "./dynamic/sha512Bytes.circom"; template ShaBytesDynamic(hashLen, max_num_bytes) { signal input in_padded[max_num_bytes]; @@ -11,9 +11,9 @@ template ShaBytesDynamic(hashLen, max_num_bytes) { signal output hash[hashLen]; - // if (hashLen == 512) { - // hash <== Sha512Bytes(max_num_bytes)(in_padded, in_len_padded_bytes); - // } + if (hashLen == 512) { + hash <== Sha512Bytes(max_num_bytes)(in_padded, in_len_padded_bytes); + } if (hashLen == 384) { hash <== Sha384Bytes(max_num_bytes)(in_padded, in_len_padded_bytes); } diff --git a/circuits/circuits/utils/circomlib/signature/rsapss/mgf1.circom b/circuits/circuits/utils/circomlib/signature/rsapss/mgf1.circom index ba3c3d5d..14ea3981 100644 --- a/circuits/circuits/utils/circomlib/signature/rsapss/mgf1.circom +++ b/circuits/circuits/utils/circomlib/signature/rsapss/mgf1.circom @@ -2,6 +2,58 @@ pragma circom 2.1.6; include "../../bitify/bitify.circom"; +template Mgf1Sha512(seedLen, maskLen) { //in bytes + var seedLenBits = seedLen * 8; + var maskLenBits = maskLen * 8; + var hashLen = 64; //output len of sha function in bytes + var hashLenBits = hashLen * 8;//output len of sha function in bits + + signal input seed[seedLenBits]; //each represents a bit + signal input dummy; + signal output out[maskLenBits]; + + assert(maskLen <= 0xffffffff * hashLen ); + var iterations = (maskLen \ hashLen) + 1; //adding 1, in-case maskLen \ hashLen is 0 + component sha512[iterations]; + component num2Bits[iterations]; + + for (var i = 0; i < iterations; i++) { + //512 + 32 bits for counter + sha512[i] = ShaHashBits(544, 512); + sha512[i].dummy <== dummy; + + num2Bits[i] = Num2Bits(32); + } + + var lengthPerIteration = 544; //seed + 32 bits(4 Bytes) for counter + var concated[hashLenBits + 32]; //seed + 32 bits(4 Bytes) for counter + signal hashed[hashLenBits * (iterations)]; + + for (var i = 0; i < seedLenBits; i++) { + concated[i] = seed[i]; + } + + for (var i = 0; i < iterations; i++) { + num2Bits[i].in <== i; //convert counter to bits + + for (var j = 0; j < 32; j++) { + //concat seed and counter + concated[seedLenBits + j] = num2Bits[i].out[31-j]; + } + + //hashing value + sha512[i].in <== concated; + + for (var j = 0; j < hashLenBits; j++) { + hashed[i * hashLenBits + j] <== sha512[i].out[j]; + } + } + + for (var i = 0; i < maskLenBits; i++) { + out[i] <== hashed[i]; + } +} + template Mgf1Sha384(SEED_LEN, MASK_LEN) { //in bytes var SEED_LEN_BITS = SEED_LEN * 8; var MASK_LEN_BITS = MASK_LEN * 8; diff --git a/circuits/circuits/utils/circomlib/signature/rsapss/rsapss.circom b/circuits/circuits/utils/circomlib/signature/rsapss/rsapss.circom index a4893a5f..c6cc6ac2 100644 --- a/circuits/circuits/utils/circomlib/signature/rsapss/rsapss.circom +++ b/circuits/circuits/utils/circomlib/signature/rsapss/rsapss.circom @@ -17,7 +17,7 @@ include "../../hasher/hash.circom"; * Use this for CHUNK_NUMBER == 2**n, otherwise error will occur. */ template VerifyRsaPssSig(CHUNK_SIZE, CHUNK_NUMBER, SALT_LEN, EXP, HASH_TYPE) { - assert((HASH_TYPE == 384 && SALT_LEN == 48) || (HASH_TYPE == 256 && SALT_LEN == 64) || (HASH_TYPE == 256 && SALT_LEN == 32)); + assert((HASH_TYPE == 512 && SALT_LEN == 64) || (HASH_TYPE == 384 && SALT_LEN == 48) || (HASH_TYPE == 256 && SALT_LEN == 64) || (HASH_TYPE == 256 && SALT_LEN == 32)); signal input pubkey[CHUNK_NUMBER]; signal input signature[CHUNK_NUMBER]; @@ -116,6 +116,18 @@ template VerifyRsaPssSig(CHUNK_SIZE, CHUNK_NUMBER, SALT_LEN, EXP, HASH_TYPE) { dbMask[i] <== MGF1_384.out[i]; } } + if (HASH_TYPE == 512) { + component MGF1_512 = Mgf1Sha512(HASH_LEN, DB_MASK_LEN); + MGF1_512.dummy <== dummy; + + for (var i = 0; i < (HASH_TYPE); i++) { + MGF1_512.seed[i] <== hash[i]; + } + + for (var i = 0; i < DB_MASK_LEN * 8; i++) { + dbMask[i] <== MGF1_512.out[i]; + } + } component xor = Xor2(DB_MASK_LEN * 8); @@ -138,7 +150,7 @@ template VerifyRsaPssSig(CHUNK_SIZE, CHUNK_NUMBER, SALT_LEN, EXP, HASH_TYPE) { salt[SALT_LEN_BITS - 1 - i] <== db[(DB_MASK_LEN * 8) - 1 - i]; } - signal mDash[1024]; + signal mDash[2048]; //adding 0s for (var i = 0; i < 64; i++) { mDash[i] <== 0; @@ -172,11 +184,16 @@ template VerifyRsaPssSig(CHUNK_SIZE, CHUNK_NUMBER, SALT_LEN, EXP, HASH_TYPE) { mDash[1016] <== 0; mDash[1015] <== 0; mDash[1014] <== 1; + + signal mDash256[1024]; + for (var i = 0; i < 1024; i++){ + mDash256[i] <== mDash[i]; + } //hashing component hDash256 = ShaHashChunks(2, HASH_TYPE); hDash256.dummy <== dummy; - hDash256.in <== mDash; + hDash256.in <== mDash256; hDash256.out === hash; } @@ -198,9 +215,14 @@ template VerifyRsaPssSig(CHUNK_SIZE, CHUNK_NUMBER, SALT_LEN, EXP, HASH_TYPE) { mDash[1015] <== 1; mDash[1014] <== 1; + signal mDash256[1024]; + for (var i = 0; i < 1024; i++){ + mDash256[i] <== mDash[i]; + } + component hDash256 = ShaHashChunks(2, HASH_TYPE); hDash256.dummy <== dummy; - hDash256.in <== mDash; + hDash256.in <== mDash256; hDash256.out === hash; } @@ -223,14 +245,35 @@ template VerifyRsaPssSig(CHUNK_SIZE, CHUNK_NUMBER, SALT_LEN, EXP, HASH_TYPE) { mDash[1016] <== 0; mDash[1015] <== 1; mDash[1014] <== 1; + + for (var i = 1024; i < 2048; i++){ + mDash[i] <== 0; + } + + signal mDash384[1024]; + for (var i = 0; i < 1024; i++){ + mDash384[i] <== mDash[i]; + } //hashing mDash component hDash384 = ShaHashChunks(1, HASH_TYPE); hDash384.dummy <== dummy; - hDash384.in <== mDash; + hDash384.in <== mDash384; hDash384.out === hash; } + + if (HASH_TYPE == 512 && SALT_LEN == 64) { + // 64 + 512 + 512 = 1088 + component hDash512 = ShaHashBits(64 + SALT_LEN_BITS + HASH_LEN * 8, 512); + hDash512.dummy <== dummy; + + for (var i = 0; i < 1088; i++) { + hDash512.in[i] <== mDash[i]; + } + + hDash512.out === hash; + } } /* diff --git a/circuits/circuits/utils/passport/signatureAlgorithm.circom b/circuits/circuits/utils/passport/signatureAlgorithm.circom index 1ee37fe6..7c317005 100644 --- a/circuits/circuits/utils/passport/signatureAlgorithm.circom +++ b/circuits/circuits/utils/passport/signatureAlgorithm.circom @@ -18,7 +18,9 @@ pragma circom 2.1.9; 17: rsapss_sha256_3_4096 18: rsapss_sha384_65537_3072 19: rsapss_sha256_65537_3072 - 21: rsapss_sha256_65537_3072 + 21: rsapss_sha384_65537_4096 + 22: rsapss_sha512_65537_3072 + 23: rsapss_sha512_65537_4096 */ function getHashLength(signatureAlgorithm) { @@ -76,6 +78,9 @@ function getHashLength(signatureAlgorithm) { if (signatureAlgorithm == 21) { return 384; } + if (signatureAlgorithm == 22) { + return 512; + } return 0; } @@ -131,6 +136,9 @@ function getKeyLength(signatureAlgorithm) { if (signatureAlgorithm == 21) { return 4096; } + if (signatureAlgorithm == 22) { + return 3072; + } return 0; } @@ -187,6 +195,9 @@ function getKLengthFactor(signatureAlgorithm) { if (signatureAlgorithm == 21) { return 1; } + if (signatureAlgorithm == 22) { + return 1; + } return 0; } @@ -235,6 +246,9 @@ function getExponentBits(signatureAlgorithm) { if (signatureAlgorithm == 21) { return 17; } + if (signatureAlgorithm == 22) { + return 17; + } return 0; } diff --git a/circuits/circuits/utils/passport/signatureVerifier.circom b/circuits/circuits/utils/passport/signatureVerifier.circom index d242267c..ed04d7f0 100644 --- a/circuits/circuits/utils/passport/signatureVerifier.circom +++ b/circuits/circuits/utils/passport/signatureVerifier.circom @@ -59,6 +59,7 @@ template SignatureVerifier(signatureAlgorithm, n, k) { || signatureAlgorithm == 18 || signatureAlgorithm == 19 || signatureAlgorithm == 21 + || signatureAlgorithm == 22 ) { var pubKeyBitsLength = getKeyLength(signatureAlgorithm); var SALT_LEN = HASH_LEN_BITS / 8; diff --git a/circuits/tests/prove.test.ts b/circuits/tests/prove.test.ts index 60f3752a..4cf3d36d 100644 --- a/circuits/tests/prove.test.ts +++ b/circuits/tests/prove.test.ts @@ -21,6 +21,7 @@ const sigAlgs = [ // { sigAlg: 'rsapss', hashFunction: 'sha256', domainParameter: '3', keyLength: '3072' }, { sigAlg: 'rsapss', hashFunction: 'sha384', domainParameter: '65537', keyLength: '3072' }, { sigAlg: 'rsapss', hashFunction: 'sha384', domainParameter: '65537', keyLength: '4096' }, + { sigAlg: 'rsapss', hashFunction: 'sha512', domainParameter: '65537', keyLength: '3072' }, // { sigAlg: 'rsa', hashFunction: 'sha256', domainParameter: '3', keyLength: '2048' }, // { sigAlg: 'rsa', hashFunction: 'sha256', domainParameter: '65537', keyLength: '3072' }, // { sigAlg: 'ecdsa', hashFunction: 'sha256', domainParameter: 'secp256r1', keyLength: '256' }, diff --git a/common/src/constants/constants.ts b/common/src/constants/constants.ts index b9b9e498..26f9d189 100644 --- a/common/src/constants/constants.ts +++ b/common/src/constants/constants.ts @@ -35,6 +35,7 @@ export const MAX_PADDED_ECONTENT_LEN: Partial< rsapss_sha256_3_4096: 384, rsapss_sha384_65537_3072: 512, //640, //415, //384, rsapss_sha384_65537_4096: 512, + rsapss_sha512_65537_3072: 640, ecdsa_sha1_secp256r1_256: 320, ecdsa_sha256_secp256r1_256: 384, ecdsa_sha384_secp384r1_384: 512, @@ -54,6 +55,7 @@ export const MAX_PADDED_SIGNED_ATTR_LEN: Partial< rsapss_sha256_3_4096: 192, rsapss_sha384_65537_3072: 256, rsapss_sha384_65537_4096: 256, + rsapss_sha512_65537_3072: 320, ecdsa_sha1_secp256r1_256: 192, ecdsa_sha256_secp256r1_256: 192, ecdsa_sha384_secp384r1_384: 192, @@ -102,6 +104,7 @@ export enum SignatureAlgorithmIndex { rsapss_sha384_65537_3072 = 18, rsapss_sha256_65537_3072 = 19, rsapss_sha384_65537_4096 = 21, + rsapss_sha512_65537_3072 = 22, } export const attributeToPosition = { diff --git a/common/src/constants/mockCertificates.ts b/common/src/constants/mockCertificates.ts index 49f74da0..21f8dcd7 100644 --- a/common/src/constants/mockCertificates.ts +++ b/common/src/constants/mockCertificates.ts @@ -533,6 +533,77 @@ sDghA5MyF+3oxZc3/gyhaM/zvGgyeF8m3xhmlySPXstIOBONiX7jw7hq8uIu1ctN 0Kc3XOb+BAqHQvSCXISshZ1xreF/xg== -----END CERTIFICATE-----` +export const mock_dsc_sha512_rsapss_65537_3072 = ` +-----BEGIN CERTIFICATE----- +MIIEwjCCAvagAwIBAgIUZM4Ia+yFdOTpwRFB/kDf4ZUKIk0wQQYJKoZIhvcNAQEK +MDSgDzANBglghkgBZQMEAgMFAKEcMBoGCSqGSIb3DQEBCDANBglghkgBZQMEAgMF +AKIDAgFAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEwHwYD +VQQKDBhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMjQxMjIyMTcxNjU1WhcN +MjUwMTIxMTcxNjU1WjBFMQswCQYDVQQGEwJBVTETMBEGA1UECAwKU29tZS1TdGF0 +ZTEhMB8GA1UECgwYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIIBojANBgkqhkiG +9w0BAQEFAAOCAY8AMIIBigKCAYEAmCHeDla1ZYulSYPhJkAZEgo09A3aeYA7FrZQ +helpp72QSI57jluQCAWnBM4Vll3a3qVhFeM7g6EfjO6Ud3hVhFwtHIyMeOF0yytW +s3hzz2b+HylDPZN8+Ycv/o+kYLyd5JPBhdjm9+gq1F6oZxnHuCyAoHN12gkL3Ugr +uUC7tQ7VFWfd656L8cJfMnTc+WEw92DO0w4lMB5ZrG2p9gn1y5L+d+HF/CWhiMK5 +9TgjTmsJl01pEpu9aedHC1zs+BH1y99tqIJU+qbw7mxxOVB2ioUZYRxfk0dbdMJ7 +RPoPhocUpOndgXojOUkYa4TUM7QH3/5dZXsdvuY37dVeUFaQodLvnB8xyu7trTPh +7QYhO+LUVJuhu1QQBgtfUNt1iLFC/cGol+DJgNevtZJVOYVy44Bkp/p0hZ0/++aB +Kp+nSV/9dadCQuKTSplNL2HStURlx9t6lGo2N8gH3XIiVrEHnYghNuBeEam0BxiI ++yC/20/nt2YBIKe56l1BCGjvl8g/AgMBAAGjQjBAMB0GA1UdDgQWBBRP9s/9Hxka +XJ6zoNTLVfHBWzCzkzAfBgNVHSMEGDAWgBSorBhpE4T9MstwUPofNuGM241TcjBB +BgkqhkiG9w0BAQowNKAPMA0GCWCGSAFlAwQCAwUAoRwwGgYJKoZIhvcNAQEIMA0G +CWCGSAFlAwQCAwUAogMCAUADggGBAESFO7iQFkgCxDvO9MFmvD5HffTJhrn/ZPcA +kF6Y3jeOY7qUsmU7ZKDqOUy9O/UKg7yXFE6PTiwcbXdKD5O3ztqheUlDH43tJl8x +DdROQOcFXk6tetPWstQhJ1BTUxUlq+XLJ9YL8v2+ZkoohMAMG+VDIKUywFf/XxJ5 +o36yUvIyDSuxx6wUjRv6HfdkZ/1ioXwpDPsPxF3/OAuFuQX1QAkjSnVBFuLNLR6a +eOhpeVBIzeNTECKVtUnekclfXnfJivKoJMyxJvyNjQecN/eFEE7B0Fu1AlJjxDW3 +BH28bzwN+OndckOgBs9kmV1yJV8TFFzvoqUys+nd/drYLq1v/7J3waQEOrIzPMwA +WAXF3IoYHjrWrYPVazGFBeT8rxEWOKgxMjPA0w5AQoRzubsR3TfwOyN4S90SKEsY +riaQfyw3Lcq3ZWJ5CgWygHmuEAMYW0XwqqnnfxIPOY5d1BYOcXrF6LWfzp/z9nbV +7k0lUxhUMEYXzrSE8lKlMVnE0oJ8VQ== +-----END CERTIFICATE-----` +export const mock_dsc_key_sha512_rsapss_65537_3072 = ` +-----BEGIN PRIVATE KEY----- +MIIG/AIBADANBgkqhkiG9w0BAQEFAASCBuYwggbiAgEAAoIBgQCYId4OVrVli6VJ +g+EmQBkSCjT0Ddp5gDsWtlCF6WmnvZBIjnuOW5AIBacEzhWWXdrepWEV4zuDoR+M +7pR3eFWEXC0cjIx44XTLK1azeHPPZv4fKUM9k3z5hy/+j6RgvJ3kk8GF2Ob36CrU +XqhnGce4LICgc3XaCQvdSCu5QLu1DtUVZ93rnovxwl8ydNz5YTD3YM7TDiUwHlms +ban2CfXLkv534cX8JaGIwrn1OCNOawmXTWkSm71p50cLXOz4EfXL322oglT6pvDu +bHE5UHaKhRlhHF+TR1t0wntE+g+GhxSk6d2BeiM5SRhrhNQztAff/l1lex2+5jft +1V5QVpCh0u+cHzHK7u2tM+HtBiE74tRUm6G7VBAGC19Q23WIsUL9waiX4MmA16+1 +klU5hXLjgGSn+nSFnT/75oEqn6dJX/11p0JC4pNKmU0vYdK1RGXH23qUajY3yAfd +ciJWsQediCE24F4RqbQHGIj7IL/bT+e3ZgEgp7nqXUEIaO+XyD8CAwEAAQKCAYBD +ZMlyr63HMNBFm3Mb10xj5fqkXRi6N3i1rIlKcWb5RKxMwDXzEBPjweFF6ye8B5Lk +i/3QzOu5+aA49h32OOwlaRIg8hBuom3zbR0I/2TKbdVIp6Zeel5kSiOUUTzgD96g +emZCLZ7QFt0WXGKc3dpQeAJ5UfzU3KoRWp3oAMnGwS3bQDqa3Q8gx9sVRpj3rrsa +85tb+wm1YdSW4rPmx23IQ7OQFwf2lhMTuzPW8ooNfLRwfv37nNuRtT+PRJjDomyC +cl4hFL0X4cioJFKmEsIuWiQdE2bNGtP3hrL+qFuMmSiyKT2xDiShSU5FHLlBp++S +aJADysirSSxXscEynkSiPl/D8cFXpkktGTOFCDb28oYeDbZmYBMS79w6U863zccb +HsDxmNtlP/C1UAbcDnR8Xw91gW2WaREM6xoDrgNbkGlL0Fsqw6W1W1IL17UotolB +6ZrtHuZS+5UxVrN2Qis78v8w771j0O7VRRzsq6pJg77WMjNBVMZp1dlp/1Jf6NkC +gcEAzE9oOdRDGa3JYgptOcs+OciNRmCScKqdzZPzhSKroeC5bwWnyVn5Hb51VIxm +xo6sxJpMAIp6ik0aBejM8tIM9wIv5DCKyDPlvfiaPsK1nJ55prS1tjsnljwOfya8 +k5paNwQ+PxxjJ6pP9CzZWDW6zhGk7isgqZWexajBiU6Etvq78xnYkPZHaylXHOy3 +5uFv6bvqc+2c2uGD0SjC9nYurr9eEAaI9ZDpPoUJqe9hLjA/MN8sFCI+hvZVE/ND +YbzJAoHBAL6fC8FNkl6MGedUL9hW+Sl5DE2ZMEFFMZFF0DAmPH3cKequb7Xudjxh +FmmtFxNcw6swVu12PUNsDGQITOtDNUueklk9HTwg2J2E27k3oHKUOFIIKSOZFAFD +SgKfMZQD8pZAqXcWr8pBxjBBQ3+9oIG30F0/PJUJf9rJe7oYLT/ZwtQUXRSJl1tS +ST0/XX2kIL+lZ2i+s5Q2+K4yv4Li/yXLvK8/iHGYSTbglrwHAWsr3iM9L+tjfNH4 +Jaeo55nIxwKBwGBZSjOLUCF5/TBI7n2ExVGGrGj1/dk3/LcIAJ1WXk42pfwfVKL1 +1S8btEUs+QLGId+NTC4tH+C8v3rt8EjKmeaal28rHSeQodVWuZbDR9YWPhRJwC+x +8dc9dzCrWd7ZuZWcYKZugqwf+xiRVeXtYKzxUTAoEn0m2/smvC4+YwPPdncMRz8F +hWSZ2EUBtTAiPB6jycrl0US/eORYLqj/zsAF6xvvmQMFVZlwL8B97PxVMFehxy2v +gIExBaok3C/pUQKBwC5be35dIRWBOON7I8+XBy1A1O8iLAwTicRsl/69rcRmAIOk +PGKgRXzVl5/Him8ZBjThoqJJOQjmg/Tn19z3EUT8oVa2eB+hVUypfM4Eay6yQSgh +9+9CUQ0lkiAlGueGNj64Jv5hNAsaB9rAZGvyb9BcJX4n3NHZ55ALo91T990pVipB +cYmHFJoO3uTYPiJKAfTZgtaEWiPXYo7qpIxuK+LDM3XjG4mUoWmJIN9FTOEFYBZt +0POL1FUz5eRqPTi3DQKBwEngi8iZb1D/8rdVTLgzjavN0MXEGFiFyYvWnlyG/j6U +sQFPm6wJKjT2QtnLz/j6sgS0zfgQdfEKqA7daSBPxaaLraw/ZRrVYgF46bTLJB4R +sHY0a0QPVvxJpysGACzjUpBlETKFojB9JsenLelnansLxiqIEfHcFhwtH9AFHidU +C6SLskAvPSfp1Z3Q4bgC/L771qJea2rpr0I5zt8Pr475ymPRHxDGwC6WgWM/zw+k +svOpcapIoGUxM65FrhoWpA== +-----END PRIVATE KEY-----` + export const mock_csca_key_rsapss_65537_4096 = ` -----BEGIN PRIVATE KEY----- MIIJQQIBADANBgkqhkiG9w0BAQEFAASCCSswggknAgEAAoICAQDCtr7PH3BjbF9c diff --git a/common/src/constants/sampleDataHashes.ts b/common/src/constants/sampleDataHashes.ts index e7e0f216..06114151 100644 --- a/common/src/constants/sampleDataHashes.ts +++ b/common/src/constants/sampleDataHashes.ts @@ -107,4 +107,61 @@ export const sampleDataHashes_large_sha384 = [ 12, 34, 56, 78, 90, 12, ], ], +] as [number, number[]][]; + +export const sampleDataHashes_sha512 = [ + [ + 2, + [ + -66, 82, -76, -21, -34, 33, 79, 50, -104, -120, -114, 35, 116, -32, 6, -14, + -100, -115, -128, -8, 10, 61, 98, 86, -8, 45, -49, -46, 90, -24, -81, 38, + 15, -61, 72, 89, -45, 12, 67, 91, -102, -18, 55, 43, -29, 84, -63, 27, + 45, 78, -93, 22, 67, -84, 15, -37, 98, 112, -45, 63, 89, -12, 34, 91 + ], + ], + [ + 3, + [ + 0, -62, 104, 108, -19, -10, 97, -26, 116, -58, 69, 110, 26, 87, 17, 89, + 110, -57, 108, -6, 36, 21, 39, 87, 110, 102, -6, -43, -82, -125, -85, -82, + 45, 78, -93, 22, 67, -84, 15, -37, 98, 112, -45, 63, 89, -12, 34, 91, + 83, -27, 45, 91, -78, 34, 56, 82, -91, 17, -63, 45, 78, -34, 91, 12 + ], + ], + [ + 11, + [ + -120, -101, 87, -112, 111, 15, -104, 127, 85, 25, -102, 81, 20, 58, 51, 75, + -63, 116, -22, 0, 60, 30, 29, 30, -73, -115, 72, -9, -1, -53, 100, 124, + 83, -27, 45, 91, -78, 34, 56, 82, -91, 17, -63, 45, 78, -34, 91, 12, + 41, -22, 106, 78, 31, 11, 114, -119, -19, 17, 92, 71, -122, 47, 62, 78 + ], + ], + [ + 12, + [ + 76, 123, -40, 13, 51, -29, 72, -11, 59, -63, -18, -90, 103, 49, 23, -92, + -85, -68, -62, -59, -100, -69, -7, 28, -58, 95, 69, 15, -74, 56, 54, 38, + 34, 89, -45, 67, 91, -34, 78, -12, 45, 89, -67, 34, 91, -45, 67, 23, + 91, -34, -46, -63, 62, -34, 104, 82, 36, 41, -118, -3, 70, 15, -108, -48 + ], + ], + [ + 13, + [ + 91, -34, -46, -63, 62, -34, 104, 82, 36, 41, -118, -3, 70, 15, -108, -48, + -100, 45, 105, -85, -15, -61, -71, 43, -39, -94, -110, -55, -34, 89, -18, 38, + 67, -45, 91, -34, 78, -12, 45, 89, -67, 34, 91, -45, 67, 23, -89, 45, + -67, -23, -55, -42, 53, 4, 47, -67, -55, -123, 6, 121, 34, -125, 64, -114 + ], + ], + [ + 14, + [ + 76, 123, -40, 13, 51, -29, 72, -11, 59, -63, -18, -90, 103, 49, 23, -92, + -85, -68, -62, -59, -100, -69, -7, 28, -58, 95, 69, 15, -74, 56, 54, 38, + 34, 89, -45, 67, 91, -34, 78, -12, 45, 89, -67, 34, 91, -45, 67, 23, + 15, -61, 72, 89, -45, 12, 67, 91, -102, -18, 55, 43, -29, 84, -63, 27 + ], + ], ] as [number, number[]][]; \ No newline at end of file diff --git a/common/src/utils/genMockPassportData.ts b/common/src/utils/genMockPassportData.ts index 4a0b223a..d6f50cf3 100644 --- a/common/src/utils/genMockPassportData.ts +++ b/common/src/utils/genMockPassportData.ts @@ -36,8 +36,10 @@ import { mock_dsc_sha256_rsapss_65537_4096, mock_dsc_key_sha384_rsapss_65537_4096, mock_dsc_sha384_rsapss_65537_4096, + mock_dsc_key_sha512_rsapss_65537_3072, + mock_dsc_sha512_rsapss_65537_3072, } from '../constants/mockCertificates'; -import { sampleDataHashes_small, sampleDataHashes_large, sampleDataHashes_large_sha384 } from '../constants/sampleDataHashes'; +import { sampleDataHashes_small, sampleDataHashes_large, sampleDataHashes_large_sha384, sampleDataHashes_sha512 } from '../constants/sampleDataHashes'; import { countryCodes } from '../constants/constants'; import { parseCertificate } from './certificates/handleCertificate'; import { SignatureAlgorithm } from './types'; @@ -129,6 +131,11 @@ export function genMockPassportData( privateKeyPem = mock_dsc_key_sha384_rsapss_65537_4096; dsc = mock_dsc_sha384_rsapss_65537_4096; break; + case 'rsapss_sha512_65537_3072': + sampleDataHashes = sampleDataHashes_sha512; + privateKeyPem = mock_dsc_key_sha512_rsapss_65537_3072; + dsc = mock_dsc_sha512_rsapss_65537_3072; + break; case 'ecdsa_sha256_secp256r1_256': sampleDataHashes = sampleDataHashes_large; privateKeyPem = mock_dsc_key_sha256_ecdsa; @@ -212,6 +219,14 @@ function sign(privateKeyPem: string, dsc: string, eContent: number[]): number[] mgf: forge.mgf.mgf1.create(forge.md.sha384.create()), saltLength: 48, }); + } if (hashFunction == 'sha512') { + md = forge.md.sha512.create(); + md.update(forge.util.binary.raw.encode(new Uint8Array(eContent))); + pss = forge.pss.create({ + md: forge.md.sha512.create(), + mgf: forge.mgf.mgf1.create(forge.md.sha512.create()), + saltLength: 64, + }); } else { md = forge.md.sha256.create(); md.update(forge.util.binary.raw.encode(new Uint8Array(eContent))); diff --git a/common/src/utils/types.ts b/common/src/utils/types.ts index 1901a58e..c5f6500e 100644 --- a/common/src/utils/types.ts +++ b/common/src/utils/types.ts @@ -29,7 +29,10 @@ export type SignatureAlgorithm = | 'rsa_sha256_65537_4096' | 'rsa_sha512_65537_4096' | 'rsapss_sha256_65537_3072' -| 'rsapss_sha256_65537_4096'; +| 'rsapss_sha256_65537_4096' +| 'rsapss_sha512_65537_3072' +| 'rsapss_sha512_65537_4096'; + export type Proof = { proof: { diff --git a/common/src/utils/utils.ts b/common/src/utils/utils.ts index fdb92983..27e1d6df 100644 --- a/common/src/utils/utils.ts +++ b/common/src/utils/utils.ts @@ -4,6 +4,7 @@ import { sha1 } from 'js-sha1'; import { sha384, sha512_256 } from 'js-sha512'; import { SMT } from '@openpassport/zk-kit-smt'; import forge from 'node-forge'; +import crypto from 'crypto'; import { n_dsc, n_dsc_3072, @@ -244,7 +245,9 @@ export function hash(hashFunction: string, bytesArray: number[]): number[] { hashResult = sha384(unsignedBytesArray); break; case 'sha512': - hashResult = sha512_256(unsignedBytesArray); + const hasher = crypto.createHash('sha512'); + hasher.update(Buffer.from(unsignedBytesArray)); + hashResult = hasher.digest('hex'); break; default: console.log('\x1b[31m%s\x1b[0m', `${hashFunction} not found in hash`); // Log in red From 86319d64d04d40e7d0d6e85fcf5d673a5b945214 Mon Sep 17 00:00:00 2001 From: seshanthS Date: Tue, 24 Dec 2024 00:02:16 +0530 Subject: [PATCH 3/4] add rsapss sha512 --- .../prove_rsapss_sha512_65537_3072.circom | 2 +- .../prove_rsapss_sha512_65537_4096.circom | 5 ++ .../utils/passport/signatureAlgorithm.circom | 12 +++ .../utils/passport/signatureVerifier.circom | 1 + circuits/tests/prove.test.ts | 3 +- common/src/constants/constants.ts | 5 +- common/src/constants/mockCertificates.ts | 88 ++++++++++++++++++- common/src/utils/genMockPassportData.ts | 7 ++ 8 files changed, 119 insertions(+), 4 deletions(-) create mode 100644 circuits/circuits/prove/instances/prove_rsapss_sha512_65537_4096.circom diff --git a/circuits/circuits/prove/instances/prove_rsapss_sha512_65537_3072.circom b/circuits/circuits/prove/instances/prove_rsapss_sha512_65537_3072.circom index e2059f95..ac908524 100644 --- a/circuits/circuits/prove/instances/prove_rsapss_sha512_65537_3072.circom +++ b/circuits/circuits/prove/instances/prove_rsapss_sha512_65537_3072.circom @@ -2,4 +2,4 @@ pragma circom 2.1.9; include "../openpassport_prove.circom"; -component main { public [ scope, user_identifier, current_date] } = OPENPASSPORT_PROVE(22, 96, 32, 640, 320, 20); \ No newline at end of file +component main { public [ scope, user_identifier, current_date] } = OPENPASSPORT_PROVE(22, 96, 32, 640, 640, 20); \ No newline at end of file diff --git a/circuits/circuits/prove/instances/prove_rsapss_sha512_65537_4096.circom b/circuits/circuits/prove/instances/prove_rsapss_sha512_65537_4096.circom new file mode 100644 index 00000000..ea5592c2 --- /dev/null +++ b/circuits/circuits/prove/instances/prove_rsapss_sha512_65537_4096.circom @@ -0,0 +1,5 @@ +pragma circom 2.1.9; + +include "../openpassport_prove.circom"; + +component main { public [ scope, user_identifier, current_date] } = OPENPASSPORT_PROVE(23, 64, 64, 640, 640, 20); \ No newline at end of file diff --git a/circuits/circuits/utils/passport/signatureAlgorithm.circom b/circuits/circuits/utils/passport/signatureAlgorithm.circom index 7c317005..834d071b 100644 --- a/circuits/circuits/utils/passport/signatureAlgorithm.circom +++ b/circuits/circuits/utils/passport/signatureAlgorithm.circom @@ -81,6 +81,9 @@ function getHashLength(signatureAlgorithm) { if (signatureAlgorithm == 22) { return 512; } + if (signatureAlgorithm == 23) { + return 512; + } return 0; } @@ -139,6 +142,9 @@ function getKeyLength(signatureAlgorithm) { if (signatureAlgorithm == 22) { return 3072; } + if (signatureAlgorithm == 23) { + return 4096; + } return 0; } @@ -198,6 +204,9 @@ function getKLengthFactor(signatureAlgorithm) { if (signatureAlgorithm == 22) { return 1; } + if (signatureAlgorithm == 23) { + return 1; + } return 0; } @@ -249,6 +258,9 @@ function getExponentBits(signatureAlgorithm) { if (signatureAlgorithm == 22) { return 17; } + if (signatureAlgorithm == 23) { + return 17; + } return 0; } diff --git a/circuits/circuits/utils/passport/signatureVerifier.circom b/circuits/circuits/utils/passport/signatureVerifier.circom index ed04d7f0..e371f2bf 100644 --- a/circuits/circuits/utils/passport/signatureVerifier.circom +++ b/circuits/circuits/utils/passport/signatureVerifier.circom @@ -60,6 +60,7 @@ template SignatureVerifier(signatureAlgorithm, n, k) { || signatureAlgorithm == 19 || signatureAlgorithm == 21 || signatureAlgorithm == 22 + || signatureAlgorithm == 23 ) { var pubKeyBitsLength = getKeyLength(signatureAlgorithm); var SALT_LEN = HASH_LEN_BITS / 8; diff --git a/circuits/tests/prove.test.ts b/circuits/tests/prove.test.ts index 4cf3d36d..7241c162 100644 --- a/circuits/tests/prove.test.ts +++ b/circuits/tests/prove.test.ts @@ -18,10 +18,11 @@ const sigAlgs = [ // { sigAlg: 'rsapss', hashFunction: 'sha256', domainParameter: '65537', keyLength: '3072' }, // { sigAlg: 'rsapss', hashFunction: 'sha256', domainParameter: '65537', keyLength: '4096' }, // { sigAlg: 'rsapss', hashFunction: 'sha256', domainParameter: '3', keyLength: '4096' }, - // { sigAlg: 'rsapss', hashFunction: 'sha256', domainParameter: '3', keyLength: '3072' }, + { sigAlg: 'rsapss', hashFunction: 'sha256', domainParameter: '3', keyLength: '3072' }, { sigAlg: 'rsapss', hashFunction: 'sha384', domainParameter: '65537', keyLength: '3072' }, { sigAlg: 'rsapss', hashFunction: 'sha384', domainParameter: '65537', keyLength: '4096' }, { sigAlg: 'rsapss', hashFunction: 'sha512', domainParameter: '65537', keyLength: '3072' }, + { sigAlg: 'rsapss', hashFunction: 'sha512', domainParameter: '65537', keyLength: '4096' }, // { sigAlg: 'rsa', hashFunction: 'sha256', domainParameter: '3', keyLength: '2048' }, // { sigAlg: 'rsa', hashFunction: 'sha256', domainParameter: '65537', keyLength: '3072' }, // { sigAlg: 'ecdsa', hashFunction: 'sha256', domainParameter: 'secp256r1', keyLength: '256' }, diff --git a/common/src/constants/constants.ts b/common/src/constants/constants.ts index 26f9d189..69dd6f93 100644 --- a/common/src/constants/constants.ts +++ b/common/src/constants/constants.ts @@ -36,6 +36,7 @@ export const MAX_PADDED_ECONTENT_LEN: Partial< rsapss_sha384_65537_3072: 512, //640, //415, //384, rsapss_sha384_65537_4096: 512, rsapss_sha512_65537_3072: 640, + rsapss_sha512_65537_4096: 640, ecdsa_sha1_secp256r1_256: 320, ecdsa_sha256_secp256r1_256: 384, ecdsa_sha384_secp384r1_384: 512, @@ -55,7 +56,8 @@ export const MAX_PADDED_SIGNED_ATTR_LEN: Partial< rsapss_sha256_3_4096: 192, rsapss_sha384_65537_3072: 256, rsapss_sha384_65537_4096: 256, - rsapss_sha512_65537_3072: 320, + rsapss_sha512_65537_3072: 640, + rsapss_sha512_65537_4096: 640, ecdsa_sha1_secp256r1_256: 192, ecdsa_sha256_secp256r1_256: 192, ecdsa_sha384_secp384r1_384: 192, @@ -105,6 +107,7 @@ export enum SignatureAlgorithmIndex { rsapss_sha256_65537_3072 = 19, rsapss_sha384_65537_4096 = 21, rsapss_sha512_65537_3072 = 22, + rsapss_sha512_65537_4096 = 23, } export const attributeToPosition = { diff --git a/common/src/constants/mockCertificates.ts b/common/src/constants/mockCertificates.ts index 21f8dcd7..911871c3 100644 --- a/common/src/constants/mockCertificates.ts +++ b/common/src/constants/mockCertificates.ts @@ -603,7 +603,93 @@ sHY0a0QPVvxJpysGACzjUpBlETKFojB9JsenLelnansLxiqIEfHcFhwtH9AFHidU C6SLskAvPSfp1Z3Q4bgC/L771qJea2rpr0I5zt8Pr475ymPRHxDGwC6WgWM/zw+k svOpcapIoGUxM65FrhoWpA== -----END PRIVATE KEY-----` - +export const mock_dsc_key_sha512_rsapss_65537_4096 = `-----BEGIN PRIVATE KEY----- +MIIJQgIBADANBgkqhkiG9w0BAQEFAASCCSwwggkoAgEAAoICAQCtDLxyXBQgpEn8 +XXhYrJ8HiSv3DqpqqDr3LcjAB7tNt/TA3EuIq9tYoB802XvNfwIBvkn8D2oEF8Mx +Yyoxh3BIgifmWPJGlzrqDJNxwIvkfNJRgtnhxRz7iq58gDgrP9bA93oCMcpf+VhF +gj/9sBwNL4Wp56FlsV8cUt4AbQQF8LKY0KIeoa0gdTJIJfHW7wnqt8WFl2LYyqkx +C9y/qfR1YG9cquIRHckYVnYgZ9Awc6tX1tNO5Ty3Oim7ySAnX9hgkkp/A3okuIBk +5YLypbMAYVyXBV7geTUDQ/lBYmvyg0JVA+5TinxpjUOsJ0OPqEGaYvGN6vDfjrZi +HfgErvUzpqRydSxEuPDJuB9MANw6Whnp3BFeUipkbtgRR7/JeZMEgaTP1bfCVhox +1reSzdou2FfuwmiUcsEKKyDvI9R/5Buu0SQqjkuc4u6sMaCxhaH7vo4bky39G4h6 +rSZnvRJw4ATtpjDT+1bQqy8iVbcf6tu28oO55/vH7qX0q6OZu1L6jF/94DunEnXn +fMnwN4ESOMDo5E3+aSDIFmxUdT3xTLb1b8sGJSNpfSI34mSPK+B5u2mvKGfZnvT5 +GgoO6SrwL/5qBA0RqNmuFoQXFHEYDiJYKBVi6gXc7IqiGskRn5ll8Vx6DsRdRi4O +LgnvFP7McBXbPQOrUzPtTz1bCH/7EQIDAQABAoICABD0tgRIlGpMXrl9GR0rMNvm +q2mmRLl1qW1tzYVPXKF1XGSHUVlfaXsqGVSu2KwefT5ZfFtX0U38XBJbQpeeyzg3 +lJxD691R1SJ4v/u935cwSdVVym6OR1Q4Vvd5AsfuFedLeGd9pHQ59NW+uPFtD5qV +JPYsbYqO0iBu2DTXebTxTDaf/rqcod+TzCz4ltU2D9UxU4fO+Q7/8IsPO/6Fsx/L +Jq5ASi1eK0WYtzNeqK4Or2PId2T8HjJf3xX40484G3X+75C5cP7nGyGHwYhwBvWL +FKzxiEXban/a6bHn6GbXSKkW3QPPhng7ML3ODRcm5+KuPjfnJNnq3GEJybL/x6Ox +0Ld7+KZ+R9A4fUomAeQX1KNKkEB67RnhN1KdXKlwlg3qCZ25CorlRqRI9AeyXiCZ +hZBmDSPHvipuiFBUPzqNdcK3RxBcbAX6e5vawaarv7AYq6SL5MTNG6fgERkSIznv +jdAQK2/EdnjpYVsr19y5CMBgLrRZJ230cPfiihdEzSmaU8xEnq18Rn7pr2HyLa7Q +axeQgdenymt7hT8WvMQI2TzciEY51qshAr5CPo+34mPVtJ1WwKF2OaO9N87HdIRV +4rEO92BVs9p5WydUPa8iC7vmNWXKpFTyACdMeucjMyppr2vcjt7eJtMdGakvHXRX +/DS0fAJQLxSEAq+rjpXpAoIBAQDyUD0ctVgNY9VS1hp7fn+hrIKbkqXg+lqnnwB2 +Ke/DNHdxaoSk9f9HWtGI7dKo7fFd4XHoL98QxPZkFgbWn6kfEzDQ/qAJme/OB7YN +hCDQk9rAHziu4soKi3YN0qXiskEGSaw/Yqtc4JxkajcRbR8QHaQX292klTrba0rZ +62FOSHHyv34iNapUsBtqCFMtbOsFkzbkZbB+ileSptiBwMFatJp46kFGfr1vsvw/ +5TkeePCBDmOUneklvNNjgSVjw+OpyiOj6OAcSGixS3qIUip4c43qZs+ZEfjrckQG +iab9OivaoO19d4xXQH0kBXsxkYA8sOye8ExNwSHSZo9lqEVlAoIBAQC20vh2ayU+ +KnIPtoVJpSpWKw+ysI0j9r0LFjrAHOyy3IIETnm6UvoFLZ+WZD7c1P/hHIh4AomI +5WgL5sY7zXRK/ZoLejYK7X/GCyqXGuTPCJf61e5zlGz6DBFzS9GC0WdVOgZhbGO+ +kHYFf24t0r3IryW7vIKCrUoBbpiJdpvGyEzIDhEtT8uMZjXzSkn+83F8fvaGhNoZ +oGpCFTteZUvyW219x4YELm47pPYwRLHTg7uI/pW7xpUBrUZ3+6qznY3fpIUjbY4Y +VJZ+nFlbdrfbIoDjwI4XmbXJR1uP7JcPl8rZNLhcfPoxncOXoXQyQa+RwVqghNaN +UPXmy4atk4o9AoIBAFMWQF4/sFmnCdbFo38E+S6uwHon5skmDz+6vaXG63e73dj9 +9U27LDWDZqXVJo7WSBUw4KYFBC/z2aioBOBDDvKg2fRP2wBv0FKNQleQHtBmYnPO +QNl22mCTQX+r40XAaZuGV5HEe431Vqr34LoQ+L3F7CZiNbXhlbT3LUtb8pmtLaVX +FCEW1bkESeIpyJui5VOcDw5x7/rz5ONcYpDbT3GSzAT6Djfl7X8HmIcwSk2wmocm +L+8d1nwiKznLZs62tLHbpizmBTKtgXiJsRJdWkLDHL5rUnPiPcA+BiVXvfLGp5Ln +64dCHtUsP7zCRGPSyG4HHJvDOebPepFyqWjqMiECggEAdgsT6AnYWyI20VRtDRb6 +lfZpxVtfVig6+UyaFG7YmcfsnvE4gYiP7AYAM694M0fIC0ZMCwjAWsacfoq71eMb +QkwqSVzYRggA5xNQpY30zIRk9M1qj+/2ySA/qCz9ErU4PfwgIIlGgcVunrAfqLCY +X1pPR784mT1gOjp5fNA7Vob/pHAIwTPzXiykividfGMdFGA5trNSyxcbZJ2m3pUT +C2Hi+UJ5knuUKyig2JuSIdq9nH+cmEho71M8272AA0coUo08dZqIE8eSAB/dRkQK +BBBsHiG23SAfEt3jDbOZ+bRtgf8bRoRfWufdYSsbBlQJE1g/tsLucQIkM6eXxr0r +lQKCAQEAupiHMIMaPlAC2JLhW2z78EGlPYKSG/Z6Ajj054ByZMqdbYPSnNQsL2a8 +jQqAFLLPWuPmQVSTuSEAf7IttygS+Wha921Hztf7cbr8BBhZaJPEmejADZ83Iogv +LqE3PWYdiANFcfL+ZDY/xrEoQ1ExqW00deDe4RPjKPQ+WWP9IP7TIVpqQBLwI8Nz +PvWPA5OUV4o98YHZCeBcR9ZU6FfUMXReM7fE9JSTbgWPLeXryV2vcPegmO0Shby4 +m/Ur28JzxCzqfAaKdGtcwIkBEFbqd+F3Myn0l8xvrN0tmg+uFqpENhN+xFENxPwk +EWIaUdHQk/ouZnV4bkBnIRDkAkh55A== +-----END PRIVATE KEY----- +` +export const mock_dsc_sha512_rsapss_65537_4096 = `-----BEGIN CERTIFICATE----- +MIIFwjCCA3agAwIBAgIUWPNc8XirXNdvsh3zVDfulFpj054wQQYJKoZIhvcNAQEK +MDSgDzANBglghkgBZQMEAgMFAKEcMBoGCSqGSIb3DQEBCDANBglghkgBZQMEAgMF +AKIDAgFAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEwHwYD +VQQKDBhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMjQxMjIzMTc1NDI0WhcN +MjUwMTIyMTc1NDI0WjBFMQswCQYDVQQGEwJBVTETMBEGA1UECAwKU29tZS1TdGF0 +ZTEhMB8GA1UECgwYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIICIjANBgkqhkiG +9w0BAQEFAAOCAg8AMIICCgKCAgEArQy8clwUIKRJ/F14WKyfB4kr9w6qaqg69y3I +wAe7Tbf0wNxLiKvbWKAfNNl7zX8CAb5J/A9qBBfDMWMqMYdwSIIn5ljyRpc66gyT +ccCL5HzSUYLZ4cUc+4qufIA4Kz/WwPd6AjHKX/lYRYI//bAcDS+FqeehZbFfHFLe +AG0EBfCymNCiHqGtIHUySCXx1u8J6rfFhZdi2MqpMQvcv6n0dWBvXKriER3JGFZ2 +IGfQMHOrV9bTTuU8tzopu8kgJ1/YYJJKfwN6JLiAZOWC8qWzAGFclwVe4Hk1A0P5 +QWJr8oNCVQPuU4p8aY1DrCdDj6hBmmLxjerw3462Yh34BK71M6akcnUsRLjwybgf +TADcOloZ6dwRXlIqZG7YEUe/yXmTBIGkz9W3wlYaMda3ks3aLthX7sJolHLBCisg +7yPUf+QbrtEkKo5LnOLurDGgsYWh+76OG5Mt/RuIeq0mZ70ScOAE7aYw0/tW0Ksv +IlW3H+rbtvKDuef7x+6l9KujmbtS+oxf/eA7pxJ153zJ8DeBEjjA6ORN/mkgyBZs +VHU98Uy29W/LBiUjaX0iN+Jkjyvgebtpryhn2Z70+RoKDukq8C/+agQNEajZrhaE +FxRxGA4iWCgVYuoF3OyKohrJEZ+ZZfFceg7EXUYuDi4J7xT+zHAV2z0Dq1Mz7U89 +Wwh/+xECAwEAAaNCMEAwHQYDVR0OBBYEFBqvDX6PgAP1c4nCY4qLJnGkcPkZMB8G +A1UdIwQYMBaAFCM644m3AlXuA143DZdW00qfJfa0MEEGCSqGSIb3DQEBCjA0oA8w +DQYJYIZIAWUDBAIDBQChHDAaBgkqhkiG9w0BAQgwDQYJYIZIAWUDBAIDBQCiAwIB +QAOCAgEAXyZebquj1Y48dnkN/1pBXO0c3w2lnH2C5HI8TF+XTnMkqn1LNwaxfIqc +mmXErp0ljF5BEZnO33QmfRX9/FwZNCSBz8/4Acopd0Iz049hM5u+c7Jx0hg3gEPq +kMS70WzEVK4UvvtY+T86Ipn261fb9vpMSdbGT/10KSmfcsdvLNsXm6E/2i3QMFwi +zu0+AfOrOza+JFRlGqSWeeFDoKfkpuh0aCZ69k7O9DYTYxxt1tnaMBsYugIImtdx +ws7ulLQAbcMWIF+KYk/4ZS0hmp7+bX+g6iKt8SNT2yp0/GiFv7+3MhS8HZqPwyDF +OscKaHo1G7wR9oKG/OfhAJqoESEoucqVHsNlRajqtgNaAlWRNlzQG39ntJkRo+ab +xb5lPubD8/F49UIFUT9B2pbft1MgUafPO59AJN8t9gaYSZKrzfY+OyKK5qaR+YFk +2SzDCOQ/BSBL3eNlz2KuXlmiS4M0fXTcZOz8Jc9+Z6e+xNcwVDdC6w35xnw4lh6F +TRLDugvuwGxEfnPXSzRQ+e0GIrvtHt7UW+cQxfAt15hnLO+jWF47XL85B5qFEun7 +ptV3VNFgpeDhzp3choI8vg9fQXI6UecC1MaBhg7gbf3Snm1A2N7eOuIL5flZgqxq +UiDYoZPEoUQLOduB6OcXyCmbT3S9YfDzKzBU+WAJ+HLmmkgeN04= +-----END CERTIFICATE----- +` export const mock_csca_key_rsapss_65537_4096 = ` -----BEGIN PRIVATE KEY----- MIIJQQIBADANBgkqhkiG9w0BAQEFAASCCSswggknAgEAAoICAQDCtr7PH3BjbF9c diff --git a/common/src/utils/genMockPassportData.ts b/common/src/utils/genMockPassportData.ts index d6f50cf3..6ee38f79 100644 --- a/common/src/utils/genMockPassportData.ts +++ b/common/src/utils/genMockPassportData.ts @@ -38,6 +38,8 @@ import { mock_dsc_sha384_rsapss_65537_4096, mock_dsc_key_sha512_rsapss_65537_3072, mock_dsc_sha512_rsapss_65537_3072, + mock_dsc_key_sha512_rsapss_65537_4096, + mock_dsc_sha512_rsapss_65537_4096, } from '../constants/mockCertificates'; import { sampleDataHashes_small, sampleDataHashes_large, sampleDataHashes_large_sha384, sampleDataHashes_sha512 } from '../constants/sampleDataHashes'; import { countryCodes } from '../constants/constants'; @@ -136,6 +138,11 @@ export function genMockPassportData( privateKeyPem = mock_dsc_key_sha512_rsapss_65537_3072; dsc = mock_dsc_sha512_rsapss_65537_3072; break; + case 'rsapss_sha512_65537_4096': + sampleDataHashes = sampleDataHashes_sha512; + privateKeyPem = mock_dsc_key_sha512_rsapss_65537_4096; + dsc = mock_dsc_sha512_rsapss_65537_4096; + break; case 'ecdsa_sha256_secp256r1_256': sampleDataHashes = sampleDataHashes_large; privateKeyPem = mock_dsc_key_sha256_ecdsa; From c58fc6eac37ab90ffb0805adda79f3d93d110637 Mon Sep 17 00:00:00 2001 From: seshanthS Date: Sat, 28 Dec 2024 01:07:29 +0530 Subject: [PATCH 4/4] fix hash -ts --- common/src/utils/genMockPassportData.ts | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/common/src/utils/genMockPassportData.ts b/common/src/utils/genMockPassportData.ts index 6ee38f79..4d09669e 100644 --- a/common/src/utils/genMockPassportData.ts +++ b/common/src/utils/genMockPassportData.ts @@ -226,7 +226,7 @@ function sign(privateKeyPem: string, dsc: string, eContent: number[]): number[] mgf: forge.mgf.mgf1.create(forge.md.sha384.create()), saltLength: 48, }); - } if (hashFunction == 'sha512') { + } else if (hashFunction == 'sha512') { md = forge.md.sha512.create(); md.update(forge.util.binary.raw.encode(new Uint8Array(eContent))); pss = forge.pss.create({