From 14f90efc036b90e397f289388617421515c6cd28 Mon Sep 17 00:00:00 2001 From: Ayman Date: Fri, 29 Aug 2025 16:05:26 +0530 Subject: [PATCH 1/5] feat: increase sha256 byte size and add new rsa circuits --- .../dsc_sha256_rsa_107903_4096.circom | 5 + .../dsc_sha256_rsa_122125_4096.circom | 5 + .../dsc_sha256_rsa_130689_4096.circom | 5 + .../dsc_sha256_rsa_56611_4096.circom | 5 + ...ister_sha1_sha1_sha1_rsa_64321_4096.circom | 5 + ...r_sha1_sha256_sha256_rsa_65537_4096.circom | 2 +- ...ter_sha256_sha1_sha1_rsa_65537_4096.circom | 5 + ...ha256_sha256_sha224_ecdsa_secp224r1.circom | 2 +- ...sha256_sha256_ecdsa_brainpoolP256r1.circom | 2 +- ...sha256_sha256_ecdsa_brainpoolP384r1.circom | 2 +- ...ha256_sha256_sha256_ecdsa_secp256r1.circom | 2 +- ...ha256_sha256_sha256_ecdsa_secp384r1.circom | 2 +- ...ter_sha256_sha256_sha256_rsa_3_4096.circom | 2 +- ...sha256_sha256_sha256_rsa_65537_4096.circom | 2 +- ...a256_sha256_sha256_rsapss_3_32_2048.circom | 2 +- ..._sha256_sha256_rsapss_65537_32_2048.circom | 2 +- ..._sha256_sha256_rsapss_65537_32_3072.circom | 2 +- ..._sha256_sha256_rsapss_65537_32_4096.circom | 5 + ..._sha256_sha256_rsapss_65537_64_2048.circom | 2 +- ..._sha512_sha256_rsapss_65537_32_2048.circom | 5 + ...d_sha1_sha256_sha256_rsa_65537_4096.circom | 2 +- ...ha256_sha256_sha224_ecdsa_secp224r1.circom | 2 +- ...sha256_sha256_ecdsa_brainpoolP256r1.circom | 2 +- ...sha256_sha256_ecdsa_brainpoolP384r1.circom | 2 +- ...ha256_sha256_sha256_ecdsa_secp256r1.circom | 2 +- ...ha256_sha256_sha256_ecdsa_secp384r1.circom | 2 +- ..._id_sha256_sha256_sha256_rsa_3_4096.circom | 2 +- ...sha256_sha256_sha256_rsa_65537_4096.circom | 2 +- ...a256_sha256_sha256_rsapss_3_32_2048.circom | 2 +- ..._sha256_sha256_rsapss_65537_32_2048.circom | 2 +- ..._sha256_sha256_rsapss_65537_32_3072.circom | 2 +- ..._sha256_sha256_rsapss_65537_64_2048.circom | 2 +- ..._sha512_sha256_rsapss_65537_32_2048.circom | 5 + .../utils/rsa/test_rsa_sha1_64321_4096.circom | 13 + .../rsa/test_rsa_sha256_107903_4096.circom | 13 + .../rsa/test_rsa_sha256_122125_4096.circom | 13 + .../rsa/test_rsa_sha256_130689_4096.circom | 13 + .../rsa/test_rsa_sha256_56611_4096.circom | 13 + .../utils/crypto/signature/FpPowMod.circom | 365 ++++++++++++++- .../rsa/verifyRsa107903Pkcs1v1_5.circom | 51 ++ .../rsa/verifyRsa122125Pkcs1v1_5.circom | 51 ++ .../rsa/verifyRsa130689Pkcs1v1_5.circom | 51 ++ .../rsa/verifyRsa56611Pkcs1v1_5.circom | 51 ++ .../rsa/verifyRsa64321Pkcs1v1_5.circom | 51 ++ .../utils/passport/signatureAlgorithm.circom | 107 ++++- .../utils/passport/signatureVerifier.circom | 74 ++- circuits/tests/dsc/test_cases.ts | 7 +- circuits/tests/register/test_cases.ts | 13 +- circuits/tests/register_id/test_cases.ts | 7 +- .../utils/generateMockInputsInCircuits.ts | 25 + circuits/tests/utils/rsaPkcs1v1_5.test.ts | 8 +- common/src/constants/constants.ts | 4 +- common/src/constants/mockCertificates.ts | 436 ++++++++++++++++++ common/src/constants/skiPem.ts | 5 + .../sha1_rsa_64321_4096/mock_csca.key | 52 +++ .../sha1_rsa_64321_4096/mock_csca.pem | 33 ++ .../sha1_rsa_64321_4096/mock_dsc.key | 52 +++ .../sha1_rsa_64321_4096/mock_dsc.pem | 32 ++ .../sha256_rsa_107903_4096/mock_csca.key | 52 +++ .../sha256_rsa_107903_4096/mock_csca.pem | 33 ++ .../sha256_rsa_107903_4096/mock_dsc.key | 52 +++ .../sha256_rsa_107903_4096/mock_dsc.pem | 32 ++ .../sha256_rsa_122125_4096/mock_csca.key | 52 +++ .../sha256_rsa_122125_4096/mock_csca.pem | 33 ++ .../sha256_rsa_122125_4096/mock_dsc.key | 52 +++ .../sha256_rsa_122125_4096/mock_dsc.pem | 32 ++ .../sha256_rsa_130689_4096/mock_csca.key | 52 +++ .../sha256_rsa_130689_4096/mock_csca.pem | 33 ++ .../sha256_rsa_130689_4096/mock_dsc.key | 52 +++ .../sha256_rsa_130689_4096/mock_dsc.pem | 32 ++ .../sha256_rsa_56611_4096/mock_csca.key | 52 +++ .../sha256_rsa_56611_4096/mock_csca.pem | 33 ++ .../sha256_rsa_56611_4096/mock_dsc.key | 52 +++ .../sha256_rsa_56611_4096/mock_dsc.pem | 32 ++ common/src/scripts/generateCertificates.sh | 15 +- .../utils/passports/genMockPassportData.ts | 2 +- common/src/utils/passports/getMockDSC.ts | 28 ++ .../passport_parsing/brutForceDscSignature.ts | 2 +- common/src/utils/types.ts | 9 +- 79 files changed, 2290 insertions(+), 75 deletions(-) create mode 100644 circuits/circuits/dsc/instances/dsc_sha256_rsa_107903_4096.circom create mode 100644 circuits/circuits/dsc/instances/dsc_sha256_rsa_122125_4096.circom create mode 100644 circuits/circuits/dsc/instances/dsc_sha256_rsa_130689_4096.circom create mode 100644 circuits/circuits/dsc/instances/dsc_sha256_rsa_56611_4096.circom create mode 100644 circuits/circuits/register/instances/register_sha1_sha1_sha1_rsa_64321_4096.circom create mode 100644 circuits/circuits/register/instances/register_sha256_sha1_sha1_rsa_65537_4096.circom create mode 100644 circuits/circuits/register/instances/register_sha256_sha256_sha256_rsapss_65537_32_4096.circom create mode 100644 circuits/circuits/register/instances/register_sha512_sha512_sha256_rsapss_65537_32_2048.circom create mode 100644 circuits/circuits/register_id/instances/register_id_sha512_sha512_sha256_rsapss_65537_32_2048.circom create mode 100644 circuits/circuits/tests/utils/rsa/test_rsa_sha1_64321_4096.circom create mode 100644 circuits/circuits/tests/utils/rsa/test_rsa_sha256_107903_4096.circom create mode 100644 circuits/circuits/tests/utils/rsa/test_rsa_sha256_122125_4096.circom create mode 100644 circuits/circuits/tests/utils/rsa/test_rsa_sha256_130689_4096.circom create mode 100644 circuits/circuits/tests/utils/rsa/test_rsa_sha256_56611_4096.circom create mode 100644 circuits/circuits/utils/crypto/signature/rsa/verifyRsa107903Pkcs1v1_5.circom create mode 100644 circuits/circuits/utils/crypto/signature/rsa/verifyRsa122125Pkcs1v1_5.circom create mode 100644 circuits/circuits/utils/crypto/signature/rsa/verifyRsa130689Pkcs1v1_5.circom create mode 100644 circuits/circuits/utils/crypto/signature/rsa/verifyRsa56611Pkcs1v1_5.circom create mode 100644 circuits/circuits/utils/crypto/signature/rsa/verifyRsa64321Pkcs1v1_5.circom create mode 100644 common/src/mock_certificates/sha1_rsa_64321_4096/mock_csca.key create mode 100644 common/src/mock_certificates/sha1_rsa_64321_4096/mock_csca.pem create mode 100644 common/src/mock_certificates/sha1_rsa_64321_4096/mock_dsc.key create mode 100644 common/src/mock_certificates/sha1_rsa_64321_4096/mock_dsc.pem create mode 100644 common/src/mock_certificates/sha256_rsa_107903_4096/mock_csca.key create mode 100644 common/src/mock_certificates/sha256_rsa_107903_4096/mock_csca.pem create mode 100644 common/src/mock_certificates/sha256_rsa_107903_4096/mock_dsc.key create mode 100644 common/src/mock_certificates/sha256_rsa_107903_4096/mock_dsc.pem create mode 100644 common/src/mock_certificates/sha256_rsa_122125_4096/mock_csca.key create mode 100644 common/src/mock_certificates/sha256_rsa_122125_4096/mock_csca.pem create mode 100644 common/src/mock_certificates/sha256_rsa_122125_4096/mock_dsc.key create mode 100644 common/src/mock_certificates/sha256_rsa_122125_4096/mock_dsc.pem create mode 100644 common/src/mock_certificates/sha256_rsa_130689_4096/mock_csca.key create mode 100644 common/src/mock_certificates/sha256_rsa_130689_4096/mock_csca.pem create mode 100644 common/src/mock_certificates/sha256_rsa_130689_4096/mock_dsc.key create mode 100644 common/src/mock_certificates/sha256_rsa_130689_4096/mock_dsc.pem create mode 100644 common/src/mock_certificates/sha256_rsa_56611_4096/mock_csca.key create mode 100644 common/src/mock_certificates/sha256_rsa_56611_4096/mock_csca.pem create mode 100644 common/src/mock_certificates/sha256_rsa_56611_4096/mock_dsc.key create mode 100644 common/src/mock_certificates/sha256_rsa_56611_4096/mock_dsc.pem diff --git a/circuits/circuits/dsc/instances/dsc_sha256_rsa_107903_4096.circom b/circuits/circuits/dsc/instances/dsc_sha256_rsa_107903_4096.circom new file mode 100644 index 000000000..728809a09 --- /dev/null +++ b/circuits/circuits/dsc/instances/dsc_sha256_rsa_107903_4096.circom @@ -0,0 +1,5 @@ +pragma circom 2.1.9; + +include "../dsc.circom"; + +component main { public [ merkle_root ] } = DSC(50, 120, 35); diff --git a/circuits/circuits/dsc/instances/dsc_sha256_rsa_122125_4096.circom b/circuits/circuits/dsc/instances/dsc_sha256_rsa_122125_4096.circom new file mode 100644 index 000000000..b1348b975 --- /dev/null +++ b/circuits/circuits/dsc/instances/dsc_sha256_rsa_122125_4096.circom @@ -0,0 +1,5 @@ +pragma circom 2.1.9; + +include "../dsc.circom"; + +component main { public [ merkle_root ] } = DSC(49, 120, 35); diff --git a/circuits/circuits/dsc/instances/dsc_sha256_rsa_130689_4096.circom b/circuits/circuits/dsc/instances/dsc_sha256_rsa_130689_4096.circom new file mode 100644 index 000000000..d07b7f6ee --- /dev/null +++ b/circuits/circuits/dsc/instances/dsc_sha256_rsa_130689_4096.circom @@ -0,0 +1,5 @@ +pragma circom 2.1.9; + +include "../dsc.circom"; + +component main { public [ merkle_root ] } = DSC(48, 120, 35); diff --git a/circuits/circuits/dsc/instances/dsc_sha256_rsa_56611_4096.circom b/circuits/circuits/dsc/instances/dsc_sha256_rsa_56611_4096.circom new file mode 100644 index 000000000..c1342a0e7 --- /dev/null +++ b/circuits/circuits/dsc/instances/dsc_sha256_rsa_56611_4096.circom @@ -0,0 +1,5 @@ +pragma circom 2.1.9; + +include "../dsc.circom"; + +component main { public [ merkle_root ] } = DSC(51, 120, 35); diff --git a/circuits/circuits/register/instances/register_sha1_sha1_sha1_rsa_64321_4096.circom b/circuits/circuits/register/instances/register_sha1_sha1_sha1_rsa_64321_4096.circom new file mode 100644 index 000000000..4932564eb --- /dev/null +++ b/circuits/circuits/register/instances/register_sha1_sha1_sha1_rsa_64321_4096.circom @@ -0,0 +1,5 @@ +pragma circom 2.1.9; + +include "../register.circom"; + +component main { public [ merkle_root ] } = REGISTER(160, 160, 47, 120, 35, 384, 128); diff --git a/circuits/circuits/register/instances/register_sha1_sha256_sha256_rsa_65537_4096.circom b/circuits/circuits/register/instances/register_sha1_sha256_sha256_rsa_65537_4096.circom index 4c6bd0fd5..b36a73b04 100644 --- a/circuits/circuits/register/instances/register_sha1_sha256_sha256_rsa_65537_4096.circom +++ b/circuits/circuits/register/instances/register_sha1_sha256_sha256_rsa_65537_4096.circom @@ -2,4 +2,4 @@ pragma circom 2.1.9; include "../register.circom"; -component main { public [ merkle_root ] } = REGISTER(160, 256, 1, 120, 35, 384, 128); \ No newline at end of file +component main { public [ merkle_root ] } = REGISTER(160, 256, 1, 120, 35, 384, 256); diff --git a/circuits/circuits/register/instances/register_sha256_sha1_sha1_rsa_65537_4096.circom b/circuits/circuits/register/instances/register_sha256_sha1_sha1_rsa_65537_4096.circom new file mode 100644 index 000000000..62abed94c --- /dev/null +++ b/circuits/circuits/register/instances/register_sha256_sha1_sha1_rsa_65537_4096.circom @@ -0,0 +1,5 @@ +pragma circom 2.1.9; + +include "../register.circom"; + +component main { public [ merkle_root ] } = REGISTER(256, 160, 3, 120, 35, 512, 128); diff --git a/circuits/circuits/register/instances/register_sha256_sha256_sha224_ecdsa_secp224r1.circom b/circuits/circuits/register/instances/register_sha256_sha256_sha224_ecdsa_secp224r1.circom index 40734f947..90f280b3d 100644 --- a/circuits/circuits/register/instances/register_sha256_sha256_sha224_ecdsa_secp224r1.circom +++ b/circuits/circuits/register/instances/register_sha256_sha256_sha224_ecdsa_secp224r1.circom @@ -2,4 +2,4 @@ pragma circom 2.1.9; include "../register.circom"; -component main { public [ merkle_root ] } = REGISTER(256, 224, 44, 32, 7, 512, 128); +component main { public [ merkle_root ] } = REGISTER(256, 224, 44, 32, 7, 512, 256); diff --git a/circuits/circuits/register/instances/register_sha256_sha256_sha256_ecdsa_brainpoolP256r1.circom b/circuits/circuits/register/instances/register_sha256_sha256_sha256_ecdsa_brainpoolP256r1.circom index dec36e7c1..473911f52 100644 --- a/circuits/circuits/register/instances/register_sha256_sha256_sha256_ecdsa_brainpoolP256r1.circom +++ b/circuits/circuits/register/instances/register_sha256_sha256_sha256_ecdsa_brainpoolP256r1.circom @@ -2,4 +2,4 @@ pragma circom 2.1.9; include "../register.circom"; -component main { public [ merkle_root ] } = REGISTER(256, 256, 21, 64, 4, 512, 128); \ No newline at end of file +component main { public [ merkle_root ] } = REGISTER(256, 256, 21, 64, 4, 512, 256); diff --git a/circuits/circuits/register/instances/register_sha256_sha256_sha256_ecdsa_brainpoolP384r1.circom b/circuits/circuits/register/instances/register_sha256_sha256_sha256_ecdsa_brainpoolP384r1.circom index a43c4c67d..dff40dfff 100644 --- a/circuits/circuits/register/instances/register_sha256_sha256_sha256_ecdsa_brainpoolP384r1.circom +++ b/circuits/circuits/register/instances/register_sha256_sha256_sha256_ecdsa_brainpoolP384r1.circom @@ -2,4 +2,4 @@ pragma circom 2.1.9; include "../register.circom"; -component main { public [ merkle_root ] } = REGISTER(256, 256, 37, 64, 6, 512, 128); \ No newline at end of file +component main { public [ merkle_root ] } = REGISTER(256, 256, 37, 64, 6, 512, 256); diff --git a/circuits/circuits/register/instances/register_sha256_sha256_sha256_ecdsa_secp256r1.circom b/circuits/circuits/register/instances/register_sha256_sha256_sha256_ecdsa_secp256r1.circom index a0682a0e3..13b1d5af5 100644 --- a/circuits/circuits/register/instances/register_sha256_sha256_sha256_ecdsa_secp256r1.circom +++ b/circuits/circuits/register/instances/register_sha256_sha256_sha256_ecdsa_secp256r1.circom @@ -2,4 +2,4 @@ pragma circom 2.1.9; include "../register.circom"; -component main { public [ merkle_root ] } = REGISTER(256, 256, 8, 64, 4, 512, 128); \ No newline at end of file +component main { public [ merkle_root ] } = REGISTER(256, 256, 8, 64, 4, 512, 256); diff --git a/circuits/circuits/register/instances/register_sha256_sha256_sha256_ecdsa_secp384r1.circom b/circuits/circuits/register/instances/register_sha256_sha256_sha256_ecdsa_secp384r1.circom index 1b0083ac1..8411e6686 100644 --- a/circuits/circuits/register/instances/register_sha256_sha256_sha256_ecdsa_secp384r1.circom +++ b/circuits/circuits/register/instances/register_sha256_sha256_sha256_ecdsa_secp384r1.circom @@ -2,4 +2,4 @@ pragma circom 2.1.9; include "../register.circom"; -component main { public [ merkle_root ] } = REGISTER(256, 256, 23, 64, 6, 512, 128); \ No newline at end of file +component main { public [ merkle_root ] } = REGISTER(256, 256, 23, 64, 6, 512, 256); diff --git a/circuits/circuits/register/instances/register_sha256_sha256_sha256_rsa_3_4096.circom b/circuits/circuits/register/instances/register_sha256_sha256_sha256_rsa_3_4096.circom index a669a2e6d..38fb0f675 100644 --- a/circuits/circuits/register/instances/register_sha256_sha256_sha256_rsa_3_4096.circom +++ b/circuits/circuits/register/instances/register_sha256_sha256_sha256_rsa_3_4096.circom @@ -2,4 +2,4 @@ pragma circom 2.1.9; include "../register.circom"; -component main { public [ merkle_root ] } = REGISTER(256, 256, 13, 120, 35, 512, 128); \ No newline at end of file +component main { public [ merkle_root ] } = REGISTER(256, 256, 13, 120, 35, 512, 256); diff --git a/circuits/circuits/register/instances/register_sha256_sha256_sha256_rsa_65537_4096.circom b/circuits/circuits/register/instances/register_sha256_sha256_sha256_rsa_65537_4096.circom index 0f9390dab..3b4b1c576 100644 --- a/circuits/circuits/register/instances/register_sha256_sha256_sha256_rsa_65537_4096.circom +++ b/circuits/circuits/register/instances/register_sha256_sha256_sha256_rsa_65537_4096.circom @@ -2,4 +2,4 @@ pragma circom 2.1.9; include "../register.circom"; -component main { public [ merkle_root ] } = REGISTER(256, 256, 1, 120, 35, 512, 128); \ No newline at end of file +component main { public [ merkle_root ] } = REGISTER(256, 256, 1, 120, 35, 512, 256); diff --git a/circuits/circuits/register/instances/register_sha256_sha256_sha256_rsapss_3_32_2048.circom b/circuits/circuits/register/instances/register_sha256_sha256_sha256_rsapss_3_32_2048.circom index d93c073ec..7121d07b1 100644 --- a/circuits/circuits/register/instances/register_sha256_sha256_sha256_rsapss_3_32_2048.circom +++ b/circuits/circuits/register/instances/register_sha256_sha256_sha256_rsapss_3_32_2048.circom @@ -2,4 +2,4 @@ pragma circom 2.1.9; include "../register.circom"; -component main { public [ merkle_root ] } = REGISTER(256, 256, 43, 120, 35, 512, 128); \ No newline at end of file +component main { public [ merkle_root ] } = REGISTER(256, 256, 43, 120, 35, 512, 256); diff --git a/circuits/circuits/register/instances/register_sha256_sha256_sha256_rsapss_65537_32_2048.circom b/circuits/circuits/register/instances/register_sha256_sha256_sha256_rsapss_65537_32_2048.circom index 2d0fcf083..802728388 100644 --- a/circuits/circuits/register/instances/register_sha256_sha256_sha256_rsapss_65537_32_2048.circom +++ b/circuits/circuits/register/instances/register_sha256_sha256_sha256_rsapss_65537_32_2048.circom @@ -2,4 +2,4 @@ pragma circom 2.1.9; include "../register.circom"; -component main { public [ merkle_root ] } = REGISTER(256, 256, 4, 120, 35, 512, 128); \ No newline at end of file +component main { public [ merkle_root ] } = REGISTER(256, 256, 4, 120, 35, 512, 256); diff --git a/circuits/circuits/register/instances/register_sha256_sha256_sha256_rsapss_65537_32_3072.circom b/circuits/circuits/register/instances/register_sha256_sha256_sha256_rsapss_65537_32_3072.circom index 7683207f5..37c210471 100644 --- a/circuits/circuits/register/instances/register_sha256_sha256_sha256_rsapss_65537_32_3072.circom +++ b/circuits/circuits/register/instances/register_sha256_sha256_sha256_rsapss_65537_32_3072.circom @@ -2,4 +2,4 @@ pragma circom 2.1.9; include "../register.circom"; -component main { public [ merkle_root ] } = REGISTER(256, 256, 19, 120, 35, 512, 128); \ No newline at end of file +component main { public [ merkle_root ] } = REGISTER(256, 256, 19, 120, 35, 512, 256); diff --git a/circuits/circuits/register/instances/register_sha256_sha256_sha256_rsapss_65537_32_4096.circom b/circuits/circuits/register/instances/register_sha256_sha256_sha256_rsapss_65537_32_4096.circom new file mode 100644 index 000000000..55f701c63 --- /dev/null +++ b/circuits/circuits/register/instances/register_sha256_sha256_sha256_rsapss_65537_32_4096.circom @@ -0,0 +1,5 @@ +pragma circom 2.1.9; + +include "../register.circom"; + +component main { public [ merkle_root ] } = REGISTER(256, 256, 12, 120, 35, 512, 256); diff --git a/circuits/circuits/register/instances/register_sha256_sha256_sha256_rsapss_65537_64_2048.circom b/circuits/circuits/register/instances/register_sha256_sha256_sha256_rsapss_65537_64_2048.circom index f46580d55..472d33aa0 100644 --- a/circuits/circuits/register/instances/register_sha256_sha256_sha256_rsapss_65537_64_2048.circom +++ b/circuits/circuits/register/instances/register_sha256_sha256_sha256_rsapss_65537_64_2048.circom @@ -2,4 +2,4 @@ pragma circom 2.1.9; include "../register.circom"; -component main { public [ merkle_root ] } = REGISTER(256, 256, 46, 120, 35, 512, 128); \ No newline at end of file +component main { public [ merkle_root ] } = REGISTER(256, 256, 46, 120, 35, 512, 256); diff --git a/circuits/circuits/register/instances/register_sha512_sha512_sha256_rsapss_65537_32_2048.circom b/circuits/circuits/register/instances/register_sha512_sha512_sha256_rsapss_65537_32_2048.circom new file mode 100644 index 000000000..db3bb4b18 --- /dev/null +++ b/circuits/circuits/register/instances/register_sha512_sha512_sha256_rsapss_65537_32_2048.circom @@ -0,0 +1,5 @@ +pragma circom 2.1.9; + +include "../register.circom"; + +component main { public [ merkle_root ] } = REGISTER(512, 512, 4, 120, 35, 896, 256); diff --git a/circuits/circuits/register_id/instances/register_id_sha1_sha256_sha256_rsa_65537_4096.circom b/circuits/circuits/register_id/instances/register_id_sha1_sha256_sha256_rsa_65537_4096.circom index c0c7df893..6c810a4d6 100644 --- a/circuits/circuits/register_id/instances/register_id_sha1_sha256_sha256_rsa_65537_4096.circom +++ b/circuits/circuits/register_id/instances/register_id_sha1_sha256_sha256_rsa_65537_4096.circom @@ -2,4 +2,4 @@ pragma circom 2.1.9; include "../register_id.circom"; -component main { public [ merkle_root ] } = REGISTER_ID(160, 256, 1, 120, 35, 384, 128); \ No newline at end of file +component main { public [ merkle_root ] } = REGISTER_ID(160, 256, 1, 120, 35, 384, 256); diff --git a/circuits/circuits/register_id/instances/register_id_sha256_sha256_sha224_ecdsa_secp224r1.circom b/circuits/circuits/register_id/instances/register_id_sha256_sha256_sha224_ecdsa_secp224r1.circom index bae54f562..fca6950d8 100644 --- a/circuits/circuits/register_id/instances/register_id_sha256_sha256_sha224_ecdsa_secp224r1.circom +++ b/circuits/circuits/register_id/instances/register_id_sha256_sha256_sha224_ecdsa_secp224r1.circom @@ -2,4 +2,4 @@ pragma circom 2.1.9; include "../register_id.circom"; -component main { public [ merkle_root ] } = REGISTER_ID(256, 224, 44, 32, 7, 512, 128); +component main { public [ merkle_root ] } = REGISTER_ID(256, 224, 44, 32, 7, 512, 256); diff --git a/circuits/circuits/register_id/instances/register_id_sha256_sha256_sha256_ecdsa_brainpoolP256r1.circom b/circuits/circuits/register_id/instances/register_id_sha256_sha256_sha256_ecdsa_brainpoolP256r1.circom index 693fd4a36..dcc1d12dd 100644 --- a/circuits/circuits/register_id/instances/register_id_sha256_sha256_sha256_ecdsa_brainpoolP256r1.circom +++ b/circuits/circuits/register_id/instances/register_id_sha256_sha256_sha256_ecdsa_brainpoolP256r1.circom @@ -2,4 +2,4 @@ pragma circom 2.1.9; include "../register_id.circom"; -component main { public [ merkle_root ] } = REGISTER_ID(256, 256, 21, 64, 4, 512, 128); \ No newline at end of file +component main { public [ merkle_root ] } = REGISTER_ID(256, 256, 21, 64, 4, 512, 256); diff --git a/circuits/circuits/register_id/instances/register_id_sha256_sha256_sha256_ecdsa_brainpoolP384r1.circom b/circuits/circuits/register_id/instances/register_id_sha256_sha256_sha256_ecdsa_brainpoolP384r1.circom index d11893f18..bfbe0faa0 100644 --- a/circuits/circuits/register_id/instances/register_id_sha256_sha256_sha256_ecdsa_brainpoolP384r1.circom +++ b/circuits/circuits/register_id/instances/register_id_sha256_sha256_sha256_ecdsa_brainpoolP384r1.circom @@ -2,4 +2,4 @@ pragma circom 2.1.9; include "../register_id.circom"; -component main { public [ merkle_root ] } = REGISTER_ID(256, 256, 37, 64, 6, 512, 128); \ No newline at end of file +component main { public [ merkle_root ] } = REGISTER_ID(256, 256, 37, 64, 6, 512, 256); diff --git a/circuits/circuits/register_id/instances/register_id_sha256_sha256_sha256_ecdsa_secp256r1.circom b/circuits/circuits/register_id/instances/register_id_sha256_sha256_sha256_ecdsa_secp256r1.circom index a80ccb932..b4b8f829f 100644 --- a/circuits/circuits/register_id/instances/register_id_sha256_sha256_sha256_ecdsa_secp256r1.circom +++ b/circuits/circuits/register_id/instances/register_id_sha256_sha256_sha256_ecdsa_secp256r1.circom @@ -2,4 +2,4 @@ pragma circom 2.1.9; include "../register_id.circom"; -component main { public [ merkle_root ] } = REGISTER_ID(256, 256, 8, 64, 4, 512, 128); \ No newline at end of file +component main { public [ merkle_root ] } = REGISTER_ID(256, 256, 8, 64, 4, 512, 256); diff --git a/circuits/circuits/register_id/instances/register_id_sha256_sha256_sha256_ecdsa_secp384r1.circom b/circuits/circuits/register_id/instances/register_id_sha256_sha256_sha256_ecdsa_secp384r1.circom index 98fb5e2a2..34a0a79fb 100644 --- a/circuits/circuits/register_id/instances/register_id_sha256_sha256_sha256_ecdsa_secp384r1.circom +++ b/circuits/circuits/register_id/instances/register_id_sha256_sha256_sha256_ecdsa_secp384r1.circom @@ -2,4 +2,4 @@ pragma circom 2.1.9; include "../register_id.circom"; -component main { public [ merkle_root ] } = REGISTER_ID(256, 256, 23, 64, 6, 512, 128); \ No newline at end of file +component main { public [ merkle_root ] } = REGISTER_ID(256, 256, 23, 64, 6, 512, 256); diff --git a/circuits/circuits/register_id/instances/register_id_sha256_sha256_sha256_rsa_3_4096.circom b/circuits/circuits/register_id/instances/register_id_sha256_sha256_sha256_rsa_3_4096.circom index ec5fc557d..c316614bb 100644 --- a/circuits/circuits/register_id/instances/register_id_sha256_sha256_sha256_rsa_3_4096.circom +++ b/circuits/circuits/register_id/instances/register_id_sha256_sha256_sha256_rsa_3_4096.circom @@ -2,4 +2,4 @@ pragma circom 2.1.9; include "../register_id.circom"; -component main { public [ merkle_root ] } = REGISTER_ID(256, 256, 13, 120, 35, 512, 128); \ No newline at end of file +component main { public [ merkle_root ] } = REGISTER_ID(256, 256, 13, 120, 35, 512, 256); diff --git a/circuits/circuits/register_id/instances/register_id_sha256_sha256_sha256_rsa_65537_4096.circom b/circuits/circuits/register_id/instances/register_id_sha256_sha256_sha256_rsa_65537_4096.circom index 2a100eef1..c8158d6a7 100644 --- a/circuits/circuits/register_id/instances/register_id_sha256_sha256_sha256_rsa_65537_4096.circom +++ b/circuits/circuits/register_id/instances/register_id_sha256_sha256_sha256_rsa_65537_4096.circom @@ -2,4 +2,4 @@ pragma circom 2.1.9; include "../register_id.circom"; -component main { public [ merkle_root ] } = REGISTER_ID(256, 256, 1, 120, 35, 512, 128); \ No newline at end of file +component main { public [ merkle_root ] } = REGISTER_ID(256, 256, 1, 120, 35, 512, 256); diff --git a/circuits/circuits/register_id/instances/register_id_sha256_sha256_sha256_rsapss_3_32_2048.circom b/circuits/circuits/register_id/instances/register_id_sha256_sha256_sha256_rsapss_3_32_2048.circom index 6a4bbd897..4ee798a8c 100644 --- a/circuits/circuits/register_id/instances/register_id_sha256_sha256_sha256_rsapss_3_32_2048.circom +++ b/circuits/circuits/register_id/instances/register_id_sha256_sha256_sha256_rsapss_3_32_2048.circom @@ -2,4 +2,4 @@ pragma circom 2.1.9; include "../register_id.circom"; -component main { public [ merkle_root ] } = REGISTER_ID(256, 256, 43, 120, 35, 512, 128); \ No newline at end of file +component main { public [ merkle_root ] } = REGISTER_ID(256, 256, 43, 120, 35, 512, 256); diff --git a/circuits/circuits/register_id/instances/register_id_sha256_sha256_sha256_rsapss_65537_32_2048.circom b/circuits/circuits/register_id/instances/register_id_sha256_sha256_sha256_rsapss_65537_32_2048.circom index c6f3a8fb1..c6ce0626f 100644 --- a/circuits/circuits/register_id/instances/register_id_sha256_sha256_sha256_rsapss_65537_32_2048.circom +++ b/circuits/circuits/register_id/instances/register_id_sha256_sha256_sha256_rsapss_65537_32_2048.circom @@ -2,4 +2,4 @@ pragma circom 2.1.9; include "../register_id.circom"; -component main { public [ merkle_root ] } = REGISTER_ID(256, 256, 4, 120, 35, 512, 128); \ No newline at end of file +component main { public [ merkle_root ] } = REGISTER_ID(256, 256, 4, 120, 35, 512, 256); diff --git a/circuits/circuits/register_id/instances/register_id_sha256_sha256_sha256_rsapss_65537_32_3072.circom b/circuits/circuits/register_id/instances/register_id_sha256_sha256_sha256_rsapss_65537_32_3072.circom index 4fc7274d6..8fe838470 100644 --- a/circuits/circuits/register_id/instances/register_id_sha256_sha256_sha256_rsapss_65537_32_3072.circom +++ b/circuits/circuits/register_id/instances/register_id_sha256_sha256_sha256_rsapss_65537_32_3072.circom @@ -2,4 +2,4 @@ pragma circom 2.1.9; include "../register_id.circom"; -component main { public [ merkle_root ] } = REGISTER_ID(256, 256, 19, 120, 35, 512, 128); \ No newline at end of file +component main { public [ merkle_root ] } = REGISTER_ID(256, 256, 19, 120, 35, 512, 256); diff --git a/circuits/circuits/register_id/instances/register_id_sha256_sha256_sha256_rsapss_65537_64_2048.circom b/circuits/circuits/register_id/instances/register_id_sha256_sha256_sha256_rsapss_65537_64_2048.circom index 4f351ae21..d20f3f07a 100644 --- a/circuits/circuits/register_id/instances/register_id_sha256_sha256_sha256_rsapss_65537_64_2048.circom +++ b/circuits/circuits/register_id/instances/register_id_sha256_sha256_sha256_rsapss_65537_64_2048.circom @@ -2,4 +2,4 @@ pragma circom 2.1.9; include "../register_id.circom"; -component main { public [ merkle_root ] } = REGISTER_ID(256, 256, 46, 120, 35, 512, 128); \ No newline at end of file +component main { public [ merkle_root ] } = REGISTER_ID(256, 256, 46, 120, 35, 512, 256); diff --git a/circuits/circuits/register_id/instances/register_id_sha512_sha512_sha256_rsapss_65537_32_2048.circom b/circuits/circuits/register_id/instances/register_id_sha512_sha512_sha256_rsapss_65537_32_2048.circom new file mode 100644 index 000000000..3242a4d6f --- /dev/null +++ b/circuits/circuits/register_id/instances/register_id_sha512_sha512_sha256_rsapss_65537_32_2048.circom @@ -0,0 +1,5 @@ +pragma circom 2.1.9; + +include "../register_id.circom"; + +component main { public [ merkle_root ] } = REGISTER_ID(512, 512, 4, 120, 35, 896, 256); diff --git a/circuits/circuits/tests/utils/rsa/test_rsa_sha1_64321_4096.circom b/circuits/circuits/tests/utils/rsa/test_rsa_sha1_64321_4096.circom new file mode 100644 index 000000000..4d5a7221c --- /dev/null +++ b/circuits/circuits/tests/utils/rsa/test_rsa_sha1_64321_4096.circom @@ -0,0 +1,13 @@ +pragma circom 2.1.9; + +include "../../../utils/crypto/signature/rsa/verifyRsa64321Pkcs1v1_5.circom"; + +template VerifyRsaPkcs1v1_5Tester() { + signal input signature[35]; + signal input modulus[35]; + signal input message[35]; + + VerifyRsa64321Pkcs1v1_5(120, 35, 160)(signature, modulus, message); +} + +component main = VerifyRsaPkcs1v1_5Tester(); diff --git a/circuits/circuits/tests/utils/rsa/test_rsa_sha256_107903_4096.circom b/circuits/circuits/tests/utils/rsa/test_rsa_sha256_107903_4096.circom new file mode 100644 index 000000000..2168d989b --- /dev/null +++ b/circuits/circuits/tests/utils/rsa/test_rsa_sha256_107903_4096.circom @@ -0,0 +1,13 @@ +pragma circom 2.1.9; + +include "../../../utils/crypto/signature/rsa/verifyRsa107903Pkcs1v1_5.circom"; + +template VerifyRsaPkcs1v1_5Tester() { + signal input signature[35]; + signal input modulus[35]; + signal input message[35]; + + VerifyRsa107903Pkcs1v1_5(120, 35, 256)(signature, modulus, message); +} + +component main = VerifyRsaPkcs1v1_5Tester(); diff --git a/circuits/circuits/tests/utils/rsa/test_rsa_sha256_122125_4096.circom b/circuits/circuits/tests/utils/rsa/test_rsa_sha256_122125_4096.circom new file mode 100644 index 000000000..93fc1b2f2 --- /dev/null +++ b/circuits/circuits/tests/utils/rsa/test_rsa_sha256_122125_4096.circom @@ -0,0 +1,13 @@ +pragma circom 2.1.9; + +include "../../../utils/crypto/signature/rsa/verifyRsa122125Pkcs1v1_5.circom"; + +template VerifyRsaPkcs1v1_5Tester() { + signal input signature[35]; + signal input modulus[35]; + signal input message[35]; + + VerifyRsa122125Pkcs1v1_5(120, 35, 256)(signature, modulus, message); +} + +component main = VerifyRsaPkcs1v1_5Tester(); diff --git a/circuits/circuits/tests/utils/rsa/test_rsa_sha256_130689_4096.circom b/circuits/circuits/tests/utils/rsa/test_rsa_sha256_130689_4096.circom new file mode 100644 index 000000000..40376bb4e --- /dev/null +++ b/circuits/circuits/tests/utils/rsa/test_rsa_sha256_130689_4096.circom @@ -0,0 +1,13 @@ +pragma circom 2.1.9; + +include "../../../utils/crypto/signature/rsa/verifyRsa130689Pkcs1v1_5.circom"; + +template VerifyRsaPkcs1v1_5Tester() { + signal input signature[35]; + signal input modulus[35]; + signal input message[35]; + + VerifyRsa130689Pkcs1v1_5(120, 35, 256)(signature, modulus, message); +} + +component main = VerifyRsaPkcs1v1_5Tester(); diff --git a/circuits/circuits/tests/utils/rsa/test_rsa_sha256_56611_4096.circom b/circuits/circuits/tests/utils/rsa/test_rsa_sha256_56611_4096.circom new file mode 100644 index 000000000..9b9b1a757 --- /dev/null +++ b/circuits/circuits/tests/utils/rsa/test_rsa_sha256_56611_4096.circom @@ -0,0 +1,13 @@ +pragma circom 2.1.9; + +include "../../../utils/crypto/signature/rsa/verifyRsa56611Pkcs1v1_5.circom"; + +template VerifyRsaPkcs1v1_5Tester() { + signal input signature[35]; + signal input modulus[35]; + signal input message[35]; + + VerifyRsa56611Pkcs1v1_5(120, 35, 256)(signature, modulus, message); +} + +component main = VerifyRsaPkcs1v1_5Tester(); diff --git a/circuits/circuits/utils/crypto/signature/FpPowMod.circom b/circuits/circuits/utils/crypto/signature/FpPowMod.circom index 61c26a14f..c7c63c9e7 100644 --- a/circuits/circuits/utils/crypto/signature/FpPowMod.circom +++ b/circuits/circuits/utils/crypto/signature/FpPowMod.circom @@ -80,4 +80,367 @@ template FpPow65537Mod(n, k) { for (var j = 0; j < k; j++) { out[j] <== adder.out[j]; } -} \ No newline at end of file +} + +/// @title FpPow64321Mod +/// @notice Computes base^64321 mod modulus +/// @dev Does not necessarily reduce fully mod modulus (the answer could be too big by a multiple of modulus) +/// @param n Number of bits per chunk the modulus is split into. +/// @param k Number of chunks the modulus is split into. +/// @input base The base to exponentiate; assumes to consist of `k` chunks, each of which must fit in `n` bits +/// @input modulus The modulus; assumes to consist of `k` chunks, each of which must fit in `n` bits +/// @output out The result of the exponentiation. +template FpPow64321Mod(n, k) { + signal input base[k]; + signal input modulus[k]; + signal output out[k]; + + // We need powers up to 2^15 (since the largest term is 2^15) + component doublers[15]; + for (var i = 0; i < 15; i++) { + doublers[i] = FpMul(n, k); + } + + // Component for accumulating the result + component muls[8]; // one for each '1' bit except the first + for (var i = 0; i < 8; i++) { + muls[i] = FpMul(n, k); + } + + // Set modulus for all + for (var j = 0; j < k; j++) { + for (var i = 0; i < 15; i++) { + doublers[i].p[j] <== modulus[j]; + } + for (var i = 0; i < 8; i++) { + muls[i].p[j] <== modulus[j]; + } + } + + for (var j = 0; j < k; j++) { + doublers[0].a[j] <== base[j]; + doublers[0].b[j] <== base[j]; + } + + for (var i = 0; i < 14; i++) { + for (var j = 0; j < k; j++) { + doublers[i+1].a[j] <== doublers[i].out[j]; + doublers[i+1].b[j] <== doublers[i].out[j]; + } + } + + var indices[8] = [15, 14, 13, 12, 11, 9, 8, 6]; + + for (var i = 0; i < k; i++) { + muls[0].a[i] <== doublers[indices[0] - 1].out[i]; + muls[0].b[i] <== doublers[indices[1] - 1].out[i]; + } + + for (var i = 1; i < 7; i++) { + for (var j = 0; j < k; j++) { + muls[i].a[j] <== muls[i - 1].out[j]; + muls[i].b[j] <== doublers[indices[i + 1] - 1].out[j]; + } + } + + for (var i = 0; i < k; i++) { + muls[7].a[i] <== muls[6].out[i]; + muls[7].b[i] <== base[i]; + } + + // Output + for (var j = 0; j < k; j++) { + out[j] <== muls[7].out[j]; + } +} + +/// @title FpPow130689Mod +/// @notice Computes base^130689 mod modulus +/// @dev Does not necessarily reduce fully mod modulus (the answer could be too big by a multiple of modulus) +/// @param n Number of bits per chunk the modulus is split into. +/// @param k Number of chunks the modulus is split into. +/// @input base The base to exponentiate; assumes to consist of `k` chunks, each of which must fit in `n` bits +/// @input modulus The modulus; assumes to consist of `k` chunks, each of which must fit in `n` bits +/// @output out The result of the exponentiation. +template FpPow130689Mod(n, k) { + signal input base[k]; + signal input modulus[k]; + signal output out[k]; + + component doublers[16]; + for (var i = 0; i < 16; i++) { + doublers[i] = FpMul(n, k); + } + + // Component for accumulating the result + component muls[9]; // one for each '1' bit except the first + for (var i = 0; i < 9; i++) { + muls[i] = FpMul(n, k); + } + + // Set modulus for all + for (var j = 0; j < k; j++) { + for (var i = 0; i < 16; i++) { + doublers[i].p[j] <== modulus[j]; + } + for (var i = 0; i < 9; i++) { + muls[i].p[j] <== modulus[j]; + } + } + + for (var j = 0; j < k; j++) { + doublers[0].a[j] <== base[j]; + doublers[0].b[j] <== base[j]; + } + + for (var i = 0; i < 15; i++) { + for (var j = 0; j < k; j++) { + doublers[i+1].a[j] <== doublers[i].out[j]; + doublers[i+1].b[j] <== doublers[i].out[j]; + } + } + + var indices[9] = [16, 15, 14, 13, 12, 11, 10, 9, 7]; + + for (var i = 0; i < k; i++) { + muls[0].a[i] <== doublers[indices[0] - 1].out[i]; + muls[0].b[i] <== doublers[indices[1] - 1].out[i]; + } + + for (var i = 1; i < 8; i++) { + for (var j = 0; j < k; j++) { + muls[i].a[j] <== muls[i - 1].out[j]; + muls[i].b[j] <== doublers[indices[i + 1] - 1].out[j]; + } + } + + for (var i = 0; i < k; i++) { + muls[8].a[i] <== muls[7].out[i]; + muls[8].b[i] <== base[i]; + } + + // Output + for (var j = 0; j < k; j++) { + out[j] <== muls[8].out[j]; + } +} + +//11101110100001101 = 122125 +//2^0 + 2^2 + 2^3 + 2^8 + 2^10 + 2^11 + 2^12 + 2^14 + 2^15 + 2^16 +/// @title FpPow122125Mod +/// @notice Computes base^122125 mod modulus +/// @dev Does not necessarily reduce fully mod modulus (the answer could be too big by a multiple of modulus) +/// @param n Number of bits per chunk the modulus is split into. +/// @param k Number of chunks the modulus is split into. +/// @input base The base to exponentiate; assumes to consist of `k` chunks, each of which must fit in `n` bits +/// @input modulus The modulus; assumes to consist of `k` chunks, each of which must fit in `n` bits +/// @output out The result of the exponentiation. +template FpPow122125Mod(n, k) { + signal input base[k]; + signal input modulus[k]; + signal output out[k]; + + component doublers[16]; + for (var i = 0; i < 16; i++) { + doublers[i] = FpMul(n, k); + } + + // Component for accumulating the result + component muls[9]; // one for each '1' bit except the first + for (var i = 0; i < 9; i++) { + muls[i] = FpMul(n, k); + } + + // Set modulus for all + for (var j = 0; j < k; j++) { + for (var i = 0; i < 16; i++) { + doublers[i].p[j] <== modulus[j]; + } + for (var i = 0; i < 9; i++) { + muls[i].p[j] <== modulus[j]; + } + } + + for (var j = 0; j < k; j++) { + doublers[0].a[j] <== base[j]; + doublers[0].b[j] <== base[j]; + } + + for (var i = 0; i < 15; i++) { + for (var j = 0; j < k; j++) { + doublers[i+1].a[j] <== doublers[i].out[j]; + doublers[i+1].b[j] <== doublers[i].out[j]; + } + } + + var indices[9] = [16, 15, 14, 12, 11, 10, 8, 3, 2]; + + for (var i = 0; i < k; i++) { + muls[0].a[i] <== doublers[indices[0] - 1].out[i]; + muls[0].b[i] <== doublers[indices[1] - 1].out[i]; + } + + for (var i = 1; i < 8; i++) { + for (var j = 0; j < k; j++) { + muls[i].a[j] <== muls[i - 1].out[j]; + muls[i].b[j] <== doublers[indices[i + 1] - 1].out[j]; + } + } + + for (var i = 0; i < k; i++) { + muls[8].a[i] <== muls[7].out[i]; + muls[8].b[i] <== base[i]; + } + + // Output + for (var j = 0; j < k; j++) { + out[j] <== muls[8].out[j]; + } +} + +//11010010101111111 = 107903 +//2^0 + 2^1 + 2^2 + 2^3 + 2^4 + 2^5 + 2^6 + 2^8 + 2^10 + 2^13 + 2^15 + 2^16 +/// @title FpPow107903Mod +/// @notice Computes base^107903 mod modulus +/// @dev Does not necessarily reduce fully mod modulus (the answer could be too big by a multiple of modulus) +/// @param n Number of bits per chunk the modulus is split into. +/// @param k Number of chunks the modulus is split into. +/// @input base The base to exponentiate; assumes to consist of `k` chunks, each of which must fit in `n` bits +/// @input modulus The modulus; assumes to consist of `k` chunks, each of which must fit in `n` bits +/// @output out The result of the exponentiation. +template FpPow107903Mod(n, k) { + signal input base[k]; + signal input modulus[k]; + signal output out[k]; + + component doublers[16]; + for (var i = 0; i < 16; i++) { + doublers[i] = FpMul(n, k); + } + + // Component for accumulating the result + component muls[11]; // one for each '1' bit except the first + for (var i = 0; i < 11; i++) { + muls[i] = FpMul(n, k); + } + + // Set modulus for all + for (var j = 0; j < k; j++) { + for (var i = 0; i < 16; i++) { + doublers[i].p[j] <== modulus[j]; + } + for (var i = 0; i < 11; i++) { + muls[i].p[j] <== modulus[j]; + } + } + + for (var j = 0; j < k; j++) { + doublers[0].a[j] <== base[j]; + doublers[0].b[j] <== base[j]; + } + + for (var i = 0; i < 15; i++) { + for (var j = 0; j < k; j++) { + doublers[i+1].a[j] <== doublers[i].out[j]; + doublers[i+1].b[j] <== doublers[i].out[j]; + } + } + + var indices[11] = [16, 15, 13, 10, 8, 6, 5, 4, 3, 2, 1]; + + for (var i = 0; i < k; i++) { + muls[0].a[i] <== doublers[indices[0] - 1].out[i]; + muls[0].b[i] <== doublers[indices[1] - 1].out[i]; + } + + for (var i = 1; i < 10; i++) { + for (var j = 0; j < k; j++) { + muls[i].a[j] <== muls[i - 1].out[j]; + muls[i].b[j] <== doublers[indices[i + 1] - 1].out[j]; + } + } + + for (var i = 0; i < k; i++) { + muls[10].a[i] <== muls[9].out[i]; + muls[10].b[i] <== base[i]; + } + + // Output + for (var j = 0; j < k; j++) { + out[j] <== muls[10].out[j]; + } +} + +///1101110100100011 = 56611 +///2^0 + 2^1 + 2^5 + 2^8 + 2^10 + 2^11 + 2^12 + 2^14 + 2^15 +/// @title FpPow56611Mod +/// @notice Computes base^56611 mod modulus +/// @dev Does not necessarily reduce fully mod modulus (the answer could be too big by a multiple of modulus) +/// @param n Number of bits per chunk the modulus is split into. +/// @param k Number of chunks the modulus is split into. +/// @input base The base to exponentiate; assumes to consist of `k` chunks, each of which must fit in `n` bits +/// @input modulus The modulus; assumes to consist of `k` chunks, each of which must fit in `n` bits +/// @output out The result of the exponentiation. +template FpPow56611Mod(n, k) { + signal input base[k]; + signal input modulus[k]; + signal output out[k]; + + // We need powers up to 2^15 (since the largest term is 2^15) + component doublers[15]; + for (var i = 0; i < 15; i++) { + doublers[i] = FpMul(n, k); + } + + // Component for accumulating the result + component muls[8]; // one for each '1' bit except the first + for (var i = 0; i < 8; i++) { + muls[i] = FpMul(n, k); + } + + // Set modulus for all + for (var j = 0; j < k; j++) { + for (var i = 0; i < 15; i++) { + doublers[i].p[j] <== modulus[j]; + } + for (var i = 0; i < 8; i++) { + muls[i].p[j] <== modulus[j]; + } + } + + for (var j = 0; j < k; j++) { + doublers[0].a[j] <== base[j]; + doublers[0].b[j] <== base[j]; + } + + for (var i = 0; i < 14; i++) { + for (var j = 0; j < k; j++) { + doublers[i+1].a[j] <== doublers[i].out[j]; + doublers[i+1].b[j] <== doublers[i].out[j]; + } + } + + var indices[8] = [15, 14, 12, 11, 10, 8, 5, 1]; + + for (var i = 0; i < k; i++) { + muls[0].a[i] <== doublers[indices[0] - 1].out[i]; + muls[0].b[i] <== doublers[indices[1] - 1].out[i]; + } + + for (var i = 1; i < 7; i++) { + for (var j = 0; j < k; j++) { + muls[i].a[j] <== muls[i - 1].out[j]; + muls[i].b[j] <== doublers[indices[i + 1] - 1].out[j]; + } + } + + for (var i = 0; i < k; i++) { + muls[7].a[i] <== muls[6].out[i]; + muls[7].b[i] <== base[i]; + } + + // Output + for (var j = 0; j < k; j++) { + out[j] <== muls[7].out[j]; + } +} diff --git a/circuits/circuits/utils/crypto/signature/rsa/verifyRsa107903Pkcs1v1_5.circom b/circuits/circuits/utils/crypto/signature/rsa/verifyRsa107903Pkcs1v1_5.circom new file mode 100644 index 000000000..9c859a025 --- /dev/null +++ b/circuits/circuits/utils/crypto/signature/rsa/verifyRsa107903Pkcs1v1_5.circom @@ -0,0 +1,51 @@ +pragma circom 2.1.9; + +include "@openpassport/zk-email-circuits/lib/bigint.circom"; +include "./pkcs1v1_5Padding.circom"; +include "../FpPowMod.circom"; + +/// @title VerifyRsa107903Pkcs1v1_5 +/// @notice Verifies RSA signatures with exponent 107903 using PKCS#1 v1.5 padding +/// @dev Supports RSA key sizes of 2048, 3072, and 4096 bits +/// @param CHUNK_SIZE Number of bits per chunk (typically 64) +/// @param CHUNK_NUMBER Number of chunks (32 for 2048-bit RSA, 48 for 3072-bit, 64 for 4096-bit) +/// @param HASH_SIZE Size of the hash in bits (160 for SHA1, 256 for SHA256, 384 for SHA384 and 512 for SHA512) +/// @input signature The RSA signature split into chunks +/// @input modulus The RSA modulus split into chunks +/// @input message The message hash to verify +template VerifyRsa107903Pkcs1v1_5(CHUNK_SIZE, CHUNK_NUMBER, HASH_SIZE) { + signal input signature[CHUNK_NUMBER]; + signal input modulus[CHUNK_NUMBER]; + + signal input message[CHUNK_NUMBER]; + + // 1. Add padding to the hashed message + component padder = Pkcs1v1_5Padding(CHUNK_SIZE, CHUNK_NUMBER, HASH_SIZE); + for (var i = 0; i < CHUNK_NUMBER; i++) { + padder.modulus[i] <== modulus[i]; + padder.message[i] <== message[i]; + } + + // 2. Check that the signature is in proper form and reduced mod modulus. + component signatureRangeCheck[CHUNK_NUMBER]; + component bigLessThan = BigLessThan(CHUNK_SIZE, CHUNK_NUMBER); + for (var i = 0; i < CHUNK_NUMBER; i++) { + signatureRangeCheck[i] = Num2Bits(CHUNK_SIZE); + signatureRangeCheck[i].in <== signature[i]; + bigLessThan.a[i] <== signature[i]; + bigLessThan.b[i] <== modulus[i]; + } + bigLessThan.out === 1; + + // 3. Compute the signature^exponent mod modulus + component bigPow = FpPow107903Mod(CHUNK_SIZE, CHUNK_NUMBER); + for (var i = 0; i < CHUNK_NUMBER; i++) { + bigPow.base[i] <== signature[i]; + bigPow.modulus[i] <== modulus[i]; + } + + // 4. Check that the computed value is equal to the padded message + for (var i = 0; i < CHUNK_NUMBER; i++) { + bigPow.out[i] === padder.out[i]; + } +} diff --git a/circuits/circuits/utils/crypto/signature/rsa/verifyRsa122125Pkcs1v1_5.circom b/circuits/circuits/utils/crypto/signature/rsa/verifyRsa122125Pkcs1v1_5.circom new file mode 100644 index 000000000..4c22720b5 --- /dev/null +++ b/circuits/circuits/utils/crypto/signature/rsa/verifyRsa122125Pkcs1v1_5.circom @@ -0,0 +1,51 @@ +pragma circom 2.1.9; + +include "@openpassport/zk-email-circuits/lib/bigint.circom"; +include "./pkcs1v1_5Padding.circom"; +include "../FpPowMod.circom"; + +/// @title VerifyRsa122125Pkcs1v1_5 +/// @notice Verifies RSA signatures with exponent 122125 using PKCS#1 v1.5 padding +/// @dev Supports RSA key sizes of 2048, 3072, and 4096 bits +/// @param CHUNK_SIZE Number of bits per chunk (typically 64) +/// @param CHUNK_NUMBER Number of chunks (32 for 2048-bit RSA, 48 for 3072-bit, 64 for 4096-bit) +/// @param HASH_SIZE Size of the hash in bits (160 for SHA1, 256 for SHA256, 384 for SHA384 and 512 for SHA512) +/// @input signature The RSA signature split into chunks +/// @input modulus The RSA modulus split into chunks +/// @input message The message hash to verify +template VerifyRsa122125Pkcs1v1_5(CHUNK_SIZE, CHUNK_NUMBER, HASH_SIZE) { + signal input signature[CHUNK_NUMBER]; + signal input modulus[CHUNK_NUMBER]; + + signal input message[CHUNK_NUMBER]; + + // 1. Add padding to the hashed message + component padder = Pkcs1v1_5Padding(CHUNK_SIZE, CHUNK_NUMBER, HASH_SIZE); + for (var i = 0; i < CHUNK_NUMBER; i++) { + padder.modulus[i] <== modulus[i]; + padder.message[i] <== message[i]; + } + + // 2. Check that the signature is in proper form and reduced mod modulus. + component signatureRangeCheck[CHUNK_NUMBER]; + component bigLessThan = BigLessThan(CHUNK_SIZE, CHUNK_NUMBER); + for (var i = 0; i < CHUNK_NUMBER; i++) { + signatureRangeCheck[i] = Num2Bits(CHUNK_SIZE); + signatureRangeCheck[i].in <== signature[i]; + bigLessThan.a[i] <== signature[i]; + bigLessThan.b[i] <== modulus[i]; + } + bigLessThan.out === 1; + + // 3. Compute the signature^exponent mod modulus + component bigPow = FpPow122125Mod(CHUNK_SIZE, CHUNK_NUMBER); + for (var i = 0; i < CHUNK_NUMBER; i++) { + bigPow.base[i] <== signature[i]; + bigPow.modulus[i] <== modulus[i]; + } + + // 4. Check that the computed value is equal to the padded message + for (var i = 0; i < CHUNK_NUMBER; i++) { + bigPow.out[i] === padder.out[i]; + } +} diff --git a/circuits/circuits/utils/crypto/signature/rsa/verifyRsa130689Pkcs1v1_5.circom b/circuits/circuits/utils/crypto/signature/rsa/verifyRsa130689Pkcs1v1_5.circom new file mode 100644 index 000000000..e4d676daf --- /dev/null +++ b/circuits/circuits/utils/crypto/signature/rsa/verifyRsa130689Pkcs1v1_5.circom @@ -0,0 +1,51 @@ +pragma circom 2.1.9; + +include "@openpassport/zk-email-circuits/lib/bigint.circom"; +include "./pkcs1v1_5Padding.circom"; +include "../FpPowMod.circom"; + +/// @title VerifyRsa130689Pkcs1v1_5 +/// @notice Verifies RSA signatures with exponent 130689 using PKCS#1 v1.5 padding +/// @dev Supports RSA key sizes of 2048, 3072, and 4096 bits +/// @param CHUNK_SIZE Number of bits per chunk (typically 64) +/// @param CHUNK_NUMBER Number of chunks (32 for 2048-bit RSA, 48 for 3072-bit, 64 for 4096-bit) +/// @param HASH_SIZE Size of the hash in bits (160 for SHA1, 256 for SHA256, 384 for SHA384 and 512 for SHA512) +/// @input signature The RSA signature split into chunks +/// @input modulus The RSA modulus split into chunks +/// @input message The message hash to verify +template VerifyRsa130689Pkcs1v1_5(CHUNK_SIZE, CHUNK_NUMBER, HASH_SIZE) { + signal input signature[CHUNK_NUMBER]; + signal input modulus[CHUNK_NUMBER]; + + signal input message[CHUNK_NUMBER]; + + // 1. Add padding to the hashed message + component padder = Pkcs1v1_5Padding(CHUNK_SIZE, CHUNK_NUMBER, HASH_SIZE); + for (var i = 0; i < CHUNK_NUMBER; i++) { + padder.modulus[i] <== modulus[i]; + padder.message[i] <== message[i]; + } + + // 2. Check that the signature is in proper form and reduced mod modulus. + component signatureRangeCheck[CHUNK_NUMBER]; + component bigLessThan = BigLessThan(CHUNK_SIZE, CHUNK_NUMBER); + for (var i = 0; i < CHUNK_NUMBER; i++) { + signatureRangeCheck[i] = Num2Bits(CHUNK_SIZE); + signatureRangeCheck[i].in <== signature[i]; + bigLessThan.a[i] <== signature[i]; + bigLessThan.b[i] <== modulus[i]; + } + bigLessThan.out === 1; + + // 3. Compute the signature^exponent mod modulus + component bigPow = FpPow130689Mod(CHUNK_SIZE, CHUNK_NUMBER); + for (var i = 0; i < CHUNK_NUMBER; i++) { + bigPow.base[i] <== signature[i]; + bigPow.modulus[i] <== modulus[i]; + } + + // 4. Check that the computed value is equal to the padded message + for (var i = 0; i < CHUNK_NUMBER; i++) { + bigPow.out[i] === padder.out[i]; + } +} diff --git a/circuits/circuits/utils/crypto/signature/rsa/verifyRsa56611Pkcs1v1_5.circom b/circuits/circuits/utils/crypto/signature/rsa/verifyRsa56611Pkcs1v1_5.circom new file mode 100644 index 000000000..0bce9f19d --- /dev/null +++ b/circuits/circuits/utils/crypto/signature/rsa/verifyRsa56611Pkcs1v1_5.circom @@ -0,0 +1,51 @@ +pragma circom 2.1.9; + +include "@openpassport/zk-email-circuits/lib/bigint.circom"; +include "./pkcs1v1_5Padding.circom"; +include "../FpPowMod.circom"; + +/// @title VerifyRsa56611Pkcs1v1_5 +/// @notice Verifies RSA signatures with exponent 56611 using PKCS#1 v1.5 padding +/// @dev Supports RSA key sizes of 2048, 3072, and 4096 bits +/// @param CHUNK_SIZE Number of bits per chunk (typically 64) +/// @param CHUNK_NUMBER Number of chunks (32 for 2048-bit RSA, 48 for 3072-bit, 64 for 4096-bit) +/// @param HASH_SIZE Size of the hash in bits (160 for SHA1, 256 for SHA256, 384 for SHA384 and 512 for SHA512) +/// @input signature The RSA signature split into chunks +/// @input modulus The RSA modulus split into chunks +/// @input message The message hash to verify +template VerifyRsa56611Pkcs1v1_5(CHUNK_SIZE, CHUNK_NUMBER, HASH_SIZE) { + signal input signature[CHUNK_NUMBER]; + signal input modulus[CHUNK_NUMBER]; + + signal input message[CHUNK_NUMBER]; + + // 1. Add padding to the hashed message + component padder = Pkcs1v1_5Padding(CHUNK_SIZE, CHUNK_NUMBER, HASH_SIZE); + for (var i = 0; i < CHUNK_NUMBER; i++) { + padder.modulus[i] <== modulus[i]; + padder.message[i] <== message[i]; + } + + // 2. Check that the signature is in proper form and reduced mod modulus. + component signatureRangeCheck[CHUNK_NUMBER]; + component bigLessThan = BigLessThan(CHUNK_SIZE, CHUNK_NUMBER); + for (var i = 0; i < CHUNK_NUMBER; i++) { + signatureRangeCheck[i] = Num2Bits(CHUNK_SIZE); + signatureRangeCheck[i].in <== signature[i]; + bigLessThan.a[i] <== signature[i]; + bigLessThan.b[i] <== modulus[i]; + } + bigLessThan.out === 1; + + // 3. Compute the signature^exponent mod modulus + component bigPow = FpPow56611Mod(CHUNK_SIZE, CHUNK_NUMBER); + for (var i = 0; i < CHUNK_NUMBER; i++) { + bigPow.base[i] <== signature[i]; + bigPow.modulus[i] <== modulus[i]; + } + + // 4. Check that the computed value is equal to the padded message + for (var i = 0; i < CHUNK_NUMBER; i++) { + bigPow.out[i] === padder.out[i]; + } +} diff --git a/circuits/circuits/utils/crypto/signature/rsa/verifyRsa64321Pkcs1v1_5.circom b/circuits/circuits/utils/crypto/signature/rsa/verifyRsa64321Pkcs1v1_5.circom new file mode 100644 index 000000000..2c5e65337 --- /dev/null +++ b/circuits/circuits/utils/crypto/signature/rsa/verifyRsa64321Pkcs1v1_5.circom @@ -0,0 +1,51 @@ +pragma circom 2.1.9; + +include "@openpassport/zk-email-circuits/lib/bigint.circom"; +include "./pkcs1v1_5Padding.circom"; +include "../FpPowMod.circom"; + +/// @title VerifyRsa64321Pkcs1v1_5 +/// @notice Verifies RSA signatures with exponent 64321 using PKCS#1 v1.5 padding +/// @dev Supports RSA key sizes of 2048, 3072, and 4096 bits +/// @param CHUNK_SIZE Number of bits per chunk (typically 64) +/// @param CHUNK_NUMBER Number of chunks (32 for 2048-bit RSA, 48 for 3072-bit, 64 for 4096-bit) +/// @param HASH_SIZE Size of the hash in bits (160 for SHA1, 256 for SHA256, 384 for SHA384 and 512 for SHA512) +/// @input signature The RSA signature split into chunks +/// @input modulus The RSA modulus split into chunks +/// @input message The message hash to verify +template VerifyRsa64321Pkcs1v1_5(CHUNK_SIZE, CHUNK_NUMBER, HASH_SIZE) { + signal input signature[CHUNK_NUMBER]; + signal input modulus[CHUNK_NUMBER]; + + signal input message[CHUNK_NUMBER]; + + // 1. Add padding to the hashed message + component padder = Pkcs1v1_5Padding(CHUNK_SIZE, CHUNK_NUMBER, HASH_SIZE); + for (var i = 0; i < CHUNK_NUMBER; i++) { + padder.modulus[i] <== modulus[i]; + padder.message[i] <== message[i]; + } + + // 2. Check that the signature is in proper form and reduced mod modulus. + component signatureRangeCheck[CHUNK_NUMBER]; + component bigLessThan = BigLessThan(CHUNK_SIZE, CHUNK_NUMBER); + for (var i = 0; i < CHUNK_NUMBER; i++) { + signatureRangeCheck[i] = Num2Bits(CHUNK_SIZE); + signatureRangeCheck[i].in <== signature[i]; + bigLessThan.a[i] <== signature[i]; + bigLessThan.b[i] <== modulus[i]; + } + bigLessThan.out === 1; + + // 3. Compute the signature^exponent mod modulus + component bigPow = FpPow64321Mod(CHUNK_SIZE, CHUNK_NUMBER); + for (var i = 0; i < CHUNK_NUMBER; i++) { + bigPow.base[i] <== signature[i]; + bigPow.modulus[i] <== modulus[i]; + } + + // 4. Check that the computed value is equal to the padded message + for (var i = 0; i < CHUNK_NUMBER; i++) { + bigPow.out[i] === padder.out[i]; + } +} diff --git a/circuits/circuits/utils/passport/signatureAlgorithm.circom b/circuits/circuits/utils/passport/signatureAlgorithm.circom index 2682e29fb..c83aca10b 100644 --- a/circuits/circuits/utils/passport/signatureAlgorithm.circom +++ b/circuits/circuits/utils/passport/signatureAlgorithm.circom @@ -45,6 +45,11 @@ ID to Signature Algorithm 44: ecdsa_sha224_secp224r1_224 45: rsapss_sha384_65537_2048 46: rsapss_sha256_65537_2048 salt 64 + 47: rsa_sha1_64321_4096 + 48: rsa_sha256_130689_4096 + 49: rsa_sha256_122125_4096 + 50: rsa_sha256_107903_4096 + 51: rsa_sha256_56611_4096 */ @@ -85,25 +90,25 @@ function getHashLength(signatureAlgorithm) { return 384; } else if (signatureAlgorithm == 19) { return 256; - } else if (signatureAlgorithm == 21) { + } else if (signatureAlgorithm == 21) { return 256; } else if (signatureAlgorithm == 22) { return 384; - } else if (signatureAlgorithm == 23) { + } else if (signatureAlgorithm == 23) { return 256; } else if (signatureAlgorithm == 24) { return 384; } else if (signatureAlgorithm == 25) { - return 512; - } else if (signatureAlgorithm == 26) { return 512; - } else if (signatureAlgorithm == 27) { + } else if (signatureAlgorithm == 26) { + return 512; + } else if (signatureAlgorithm == 27) { return 160; - } else if (signatureAlgorithm == 28) { + } else if (signatureAlgorithm == 28) { return 256; - } else if (signatureAlgorithm == 29) { + } else if (signatureAlgorithm == 29) { return 512; - } else if (signatureAlgorithm == 30) { + } else if (signatureAlgorithm == 30) { return 224; } else if (signatureAlgorithm == 31) { return 512; @@ -137,6 +142,16 @@ function getHashLength(signatureAlgorithm) { return 384; } else if (signatureAlgorithm == 46) { return 256; + } else if (signatureAlgorithm == 47) { + return 160; + } else if (signatureAlgorithm == 48) { + return 256; + } else if (signatureAlgorithm == 49) { + return 256; + } else if (signatureAlgorithm == 50) { + return 256; + } else if (signatureAlgorithm == 51) { + return 256; } else { assert(1==0); return 0; @@ -234,6 +249,16 @@ function getMinKeyLength(signatureAlgorithm) { return 2048; } else if (signatureAlgorithm == 46) { return 2048; + } else if (signatureAlgorithm == 47) { + return 4096; + } else if (signatureAlgorithm == 48) { + return 4096; + } else if (signatureAlgorithm == 49) { + return 4096; + } else if (signatureAlgorithm == 50) { + return 4096; + } else if (signatureAlgorithm == 51) { + return 4096; } else { assert(1==0); return 0; @@ -330,6 +355,16 @@ function getKLengthFactor(signatureAlgorithm) { return 1; } else if (signatureAlgorithm == 46) { return 1; + } else if (signatureAlgorithm == 47) { + return 1; + } else if (signatureAlgorithm == 48) { + return 1; + } else if (signatureAlgorithm == 49) { + return 1; + } else if (signatureAlgorithm == 50) { + return 1; + } else if (signatureAlgorithm == 51) { + return 1; } else { assert(1==0); return 0; @@ -387,6 +422,16 @@ function getExponentBits(signatureAlgorithm) { return 17; } else if (signatureAlgorithm == 46) { return 17; + } else if (signatureAlgorithm == 47) { + return 16; + } else if (signatureAlgorithm == 48) { + return 17; + } else if (signatureAlgorithm == 49) { + return 17; + } else if (signatureAlgorithm == 50) { + return 17; + } else if (signatureAlgorithm == 51) { + return 16; } else { assert(1==0); return 0; @@ -400,7 +445,9 @@ function getSuffixLength(signatureAlgorithm) { return 5; } else if (exponentBits == 2) { return 3; - } else { + } else if (exponentBits == 16) { + return 5; + } else { assert(1==0); return 0; } @@ -408,10 +455,24 @@ function getSuffixLength(signatureAlgorithm) { function getSuffix(signatureAlgorithm) { var exponentBits = getExponentBits(signatureAlgorithm); + if (signatureAlgorithm == 48) { + return [0x02, 0x03, 0x01, 0xFE, 0x81]; // 3 bytes, 01, FE, 81 means 130689 + } + if (signatureAlgorithm == 49) { + return [0x02, 0x03, 0x01, 0xdd, 0x0d]; // 3 bytes, 01, dd, 0d means 122125 + } + if (signatureAlgorithm == 50) { + return [0x02, 0x03, 0x01, 0xa5, 0x7f]; // 3 bytes, 01, a5, 7f means 107903 + } + if (signatureAlgorithm == 51) { + return [0x02, 0x03, 0x00, 0xdd, 0x23]; // 3 bytes, 00, dd, 23 means 56611 + } if (exponentBits == 17) { return [0x02, 0x03, 0x01, 0x00, 0x01]; // 3 bytes, 01, 00, 01 means 65537 } else if (exponentBits == 2) { return [0x02, 0x01, 0x03]; // 1 byte, 03 means 3 + } else if (exponentBits == 16) { + return [0x02, 0x03, 0x00, 0xFB, 0x41]; //3 bytes, 00, fb, 41 means 64321 } else { assert(1==0); return [0x00, 0x00, 0x00]; @@ -454,31 +515,31 @@ function prefixIndexToRSAKeyLength() { function getValidECDSAPrefixes() { var prefixes[13][33]; - // 224-bit key + // 224-bit key prefixes[0] = [0x34, 0xaa, 0x26, 0x43, 0x66, 0x86, 0x2a, 0x18, 0x30, 0x25, 0x75, 0xd0, 0xfb, 0x98, 0xd1, 0x16, 0xbc, 0x4b, 0x6d, 0xde, 0xbc, 0xa3, 0xa5, 0xa7, 0x93, 0x9f, 0x02, 0x01, 0x01, 0x03, 0x3a, 0x00, 0x04]; - // 224-bit key + // 224-bit key prefixes[1] = [0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0x16, 0xa2, 0xe0, 0xb8, 0xf0, 0x3e, 0x13, 0xdd, 0x29, 0x45, 0x5c, 0x5c, 0x2a, 0x3d, 0x02, 0x01, 0x01, 0x03, 0x3a, 0x00, 0x04]; - // 256-bit key + // 256-bit key prefixes[2] = [0xa9, 0xbc, 0x3e, 0x66, 0x0a, 0x90, 0x9d, 0x83, 0x8d, 0x71, 0x8c, 0x39, 0x7a, 0xa3, 0xb5, 0x61, 0xa6, 0xf7, 0x90, 0x1e, 0x0e, 0x82, 0x97, 0x48, 0x56, 0xa7, 0x02, 0x01, 0x01, 0x03, 0x42, 0x00, 0x04]; - // 256-bit key + // 256-bit key prefixes[3] = [0x00, 0x00, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xbc, 0xe6, 0xfa, 0xad, 0xa7, 0x17, 0x9e, 0x84, 0xf3, 0xb9, 0xca, 0xc2, 0xfc, 0x63, 0x25, 0x51, 0x02, 0x01, 0x01, 0x03, 0x42, 0x00, 0x04]; - // 256-bit key + // 256-bit key prefixes[4] = [0xdb, 0xa1, 0xee, 0xa9, 0xbc, 0x3e, 0x66, 0x0a, 0x90, 0x9d, 0x83, 0x8d, 0x71, 0x8c, 0x39, 0x7a, 0xa3, 0xb5, 0x61, 0xa6, 0xf7, 0x90, 0x1e, 0x0e, 0x82, 0x97, 0x48, 0x56, 0xa7, 0x03, 0x42, 0x00, 0x04]; - // 256-bit key + // 256-bit key prefixes[5] = [0x06, 0x13, 0x02, 0x4e, 0x4c, 0x30, 0x5a, 0x30, 0x14, 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x02, 0x01, 0x06, 0x09, 0x2b, 0x24, 0x03, 0x03, 0x02, 0x08, 0x01, 0x01, 0x07, 0x03, 0x42, 0x00, 0x04]; - // 384-bit key + // 384-bit key prefixes[6] = [0x56, 0xb3, 0x1f, 0x16, 0x6e, 0x6c, 0xac, 0x04, 0x25, 0xa7, 0xcf, 0x3a, 0xb6, 0xaf, 0x6b, 0x7f, 0xc3, 0x10, 0x3b, 0x88, 0x32, 0x02, 0xe9, 0x04, 0x65, 0x65, 0x02, 0x01, 0x01, 0x03, 0x62, 0x00, 0x04]; - // 384-bit key + // 384-bit key prefixes[7] = [0xff, 0xff, 0xc7, 0x63, 0x4d, 0x81, 0xf4, 0x37, 0x2d, 0xdf, 0x58, 0x1a, 0x0d, 0xb2, 0x48, 0xb0, 0xa7, 0x7a, 0xec, 0xec, 0x19, 0x6a, 0xcc, 0xc5, 0x29, 0x73, 0x02, 0x01, 0x01, 0x03, 0x62, 0x00, 0x04]; - // 384-bit key + // 384-bit key prefixes[8] = [0x41, 0x2d, 0x41, 0x4c, 0x47, 0x45, 0x52, 0x49, 0x41, 0x30, 0x76, 0x30, 0x10, 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x02, 0x01, 0x06, 0x05, 0x2b, 0x81, 0x04, 0x00, 0x22, 0x03, 0x62, 0x00, 0x04]; - // 384-bit key + // 384-bit key prefixes[9] = [0x55, 0x04, 0x0b, 0x0c, 0x04, 0x50, 0x49, 0x42, 0x41, 0x30, 0x76, 0x30, 0x10, 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x02, 0x01, 0x06, 0x05, 0x2b, 0x81, 0x04, 0x00, 0x22, 0x03, 0x62, 0x00, 0x04]; - // 512-bit key + // 512-bit key prefixes[10] = [0x19, 0x41, 0x86, 0x61, 0x19, 0x7f, 0xac, 0x10, 0x47, 0x1d, 0xb1, 0xd3, 0x81, 0x08, 0x5d, 0xda, 0xdd, 0xb5, 0x87, 0x96, 0x82, 0x9c, 0xa9, 0x00, 0x69, 0x02, 0x01, 0x01, 0x03, 0x81, 0x82, 0x00, 0x04]; - // 521-bit key + // 521-bit key prefixes[11] = [0x6b, 0x7f, 0xcc, 0x01, 0x48, 0xf7, 0x09, 0xa5, 0xd0, 0x3b, 0xb5, 0xc9, 0xb8, 0x89, 0x9c, 0x47, 0xae, 0xbb, 0x6f, 0xb7, 0x1e, 0x91, 0x38, 0x64, 0x09, 0x02, 0x01, 0x01, 0x03, 0x81, 0x86, 0x00, 0x04]; - // 521-bit key + // 521-bit key prefixes[12] = [0x20, 0x54, 0x75, 0x72, 0x6b, 0x65, 0x79, 0x30, 0x81, 0x9b, 0x30, 0x10, 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x02, 0x01, 0x06, 0x05, 0x2b, 0x81, 0x04, 0x00, 0x23, 0x03, 0x81, 0x86, 0x00, 0x04]; return prefixes; @@ -487,4 +548,4 @@ function getValidECDSAPrefixes() { function prefixIndexToECDSAKeyLength() { var keyLengths[13] = [224, 224, 256, 256, 256, 256, 384, 384, 384, 384, 512, 528, 528]; return keyLengths; -} \ No newline at end of file +} diff --git a/circuits/circuits/utils/passport/signatureVerifier.circom b/circuits/circuits/utils/passport/signatureVerifier.circom index edf936621..2a9d332b8 100644 --- a/circuits/circuits/utils/passport/signatureVerifier.circom +++ b/circuits/circuits/utils/passport/signatureVerifier.circom @@ -5,6 +5,11 @@ include "../crypto/signature/rsapss/rsapss65537.circom"; include "../crypto/signature/ecdsa/ecdsaVerifier.circom"; include "../crypto/signature/rsa/verifyRsa3Pkcs1v1_5.circom"; include "../crypto/signature/rsa/verifyRsa65537Pkcs1v1_5.circom"; +include "../crypto/signature/rsa/VerifyRsa64321Pkcs1v1_5.circom"; +include "../crypto/signature/rsa/verifyRsa130689Pkcs1v1_5.circom"; +include "../crypto/signature/rsa/verifyRsa122125Pkcs1v1_5.circom"; +include "../crypto/signature/rsa/verifyRsa107903Pkcs1v1_5.circom"; +include "../crypto/signature/rsa/verifyRsa56611Pkcs1v1_5.circom"; include "@openpassport/zk-email-circuits/utils/bytes.circom"; /// @title SignatureVerifier @@ -28,7 +33,7 @@ template SignatureVerifier(signatureAlgorithm, n, k) { var msg_len = (HASH_LEN_BITS + n - 1) \ n; signal hashParsed[msg_len] <== HashParser(signatureAlgorithm, n, k)(hash); - + if ( signatureAlgorithm == 1 || signatureAlgorithm == 3 @@ -38,7 +43,7 @@ template SignatureVerifier(signatureAlgorithm, n, k) { || signatureAlgorithm == 15 || signatureAlgorithm == 31 || signatureAlgorithm == 34 - ) { + ) { component rsa65537 = VerifyRsa65537Pkcs1v1_5(n, k, HASH_LEN_BITS); for (var i = 0; i < msg_len; i++) { rsa65537.message[i] <== hashParsed[i]; @@ -48,7 +53,56 @@ template SignatureVerifier(signatureAlgorithm, n, k) { } rsa65537.modulus <== pubKey; rsa65537.signature <== signature; - + } else if (signatureAlgorithm == 47) { + component rsa64321 = VerifyRsa64321Pkcs1v1_5(n, k, HASH_LEN_BITS); + for (var i = 0; i < msg_len; i++) { + rsa64321.message[i] <== hashParsed[i]; + } + for (var i = msg_len; i < k; i++) { + rsa64321.message[i] <== 0; + } + rsa64321.modulus <== pubKey; + rsa64321.signature <== signature; + } else if (signatureAlgorithm == 48) { + component rsa130689 = VerifyRsa130689Pkcs1v1_5(n, k, HASH_LEN_BITS); + for (var i = 0; i < msg_len; i++) { + rsa130689.message[i] <== hashParsed[i]; + } + for (var i = msg_len; i < k; i++) { + rsa130689.message[i] <== 0; + } + rsa130689.modulus <== pubKey; + rsa130689.signature <== signature; + } else if(signatureAlgorithm == 49) { + component rsa122125 = VerifyRsa122125Pkcs1v1_5(n, k, HASH_LEN_BITS); + for (var i = 0; i < msg_len; i++) { + rsa122125.message[i] <== hashParsed[i]; + } + for (var i = msg_len; i < k; i++) { + rsa122125.message[i] <== 0; + } + rsa122125.modulus <== pubKey; + rsa122125.signature <== signature; + } else if (signatureAlgorithm == 50) { + component rsa107903 = VerifyRsa107903Pkcs1v1_5(n, k, HASH_LEN_BITS); + for (var i = 0; i < msg_len; i++) { + rsa107903.message[i] <== hashParsed[i]; + } + for (var i = msg_len; i < k; i++) { + rsa107903.message[i] <== 0; + } + rsa107903.modulus <== pubKey; + rsa107903.signature <== signature; + } else if (signatureAlgorithm == 51) { + component rsa56611 = VerifyRsa56611Pkcs1v1_5(n, k, HASH_LEN_BITS); + for (var i = 0; i < msg_len; i++) { + rsa56611.message[i] <== hashParsed[i]; + } + for (var i = msg_len; i < k; i++) { + rsa56611.message[i] <== 0; + } + rsa56611.modulus <== pubKey; + rsa56611.signature <== signature; } else if ( signatureAlgorithm == 13 || signatureAlgorithm == 32 @@ -64,7 +118,7 @@ template SignatureVerifier(signatureAlgorithm, n, k) { rsa3.modulus <== pubKey; rsa3.signature <== signature; } else if ( - signatureAlgorithm == 4 + signatureAlgorithm == 4 || signatureAlgorithm == 12 || signatureAlgorithm == 18 || signatureAlgorithm == 19 @@ -98,11 +152,11 @@ template SignatureVerifier(signatureAlgorithm, n, k) { rsaPss3ShaVerification.hashed <== hash; // send the raw hash } else if ( - signatureAlgorithm == 9 - || signatureAlgorithm == 7 - || signatureAlgorithm == 8 - || signatureAlgorithm == 9 - || signatureAlgorithm == 21 + signatureAlgorithm == 9 + || signatureAlgorithm == 7 + || signatureAlgorithm == 8 + || signatureAlgorithm == 9 + || signatureAlgorithm == 21 || signatureAlgorithm == 22 || signatureAlgorithm == 23 || signatureAlgorithm == 24 @@ -146,4 +200,4 @@ template HashParser(signatureAlgorithm, n, k) { for (var i = 0; i < msg_len ; i++ ){ hashParsed[i] <== hashParser[i].out; } -} \ No newline at end of file +} diff --git a/circuits/tests/dsc/test_cases.ts b/circuits/tests/dsc/test_cases.ts index 3fea4a53c..6d7f97485 100644 --- a/circuits/tests/dsc/test_cases.ts +++ b/circuits/tests/dsc/test_cases.ts @@ -1,5 +1,10 @@ export const sigAlgs = [ - { sigAlg: 'rsa', hashFunction: 'sha1', domainParameter: '65537', keyLength: '2048' }, // sha1_rsa_65537_4096 + // { sigAlg: 'rsa', hashFunction: 'sha1', domainParameter: '65537', keyLength: '2048' }, // sha1_rsa_65537_4096 + // { sigAlg: 'rsa', hashFunction: 'sha1', domainParameter: '64321', keyLength: '2048' }, // sha256_rsa_65537_4096 + // { sigAlg: 'rsa', hashFunction: 'sha256', domainParameter: '130689', keyLength: '4096' }, // sha256_rsa_130689_4096 + // { sigAlg: 'rsa', hashFunction: 'sha256', domainParameter: '122125', keyLength: '4096' }, // sha256_rsa_122125_4096 + // { sigAlg: 'rsa', hashFunction: 'sha256', domainParameter: '107903', keyLength: '4096' }, // sha256_rsa_107903_4096 + { sigAlg: 'rsa', hashFunction: 'sha256', domainParameter: '56611', keyLength: '4096' }, // sha256_rsa_56611_4096 ]; export const fullSigAlgs = [ diff --git a/circuits/tests/register/test_cases.ts b/circuits/tests/register/test_cases.ts index 0f758814e..41da54d73 100644 --- a/circuits/tests/register/test_cases.ts +++ b/circuits/tests/register/test_cases.ts @@ -11,13 +11,12 @@ export interface TestCase { export const sigAlgs: TestCase[] = [ { - dgHashAlgo: 'sha256', - eContentHashAlgo: 'sha256', - hashFunction: 'sha256', - sigAlg: 'rsapss', - domainParameter: '65537', - keyLength: '2048', - saltLength: '64', // Denmark + dgHashAlgo: 'sha1', + eContentHashAlgo: 'sha1', + hashFunction: 'sha1', + sigAlg: 'rsa', + domainParameter: '64321', + keyLength: '4096', }, ]; diff --git a/circuits/tests/register_id/test_cases.ts b/circuits/tests/register_id/test_cases.ts index a61bd6095..93d6ddf1a 100644 --- a/circuits/tests/register_id/test_cases.ts +++ b/circuits/tests/register_id/test_cases.ts @@ -11,12 +11,13 @@ export interface TestCase { export const sigAlgs: TestCase[] = [ { - dgHashAlgo: 'sha256', - eContentHashAlgo: 'sha256', + dgHashAlgo: 'sha512', + eContentHashAlgo: 'sha512', hashFunction: 'sha256', - sigAlg: 'rsa', + sigAlg: 'rsapss', domainParameter: '65537', keyLength: '2048', + saltLength: '32', }, ]; diff --git a/circuits/tests/utils/generateMockInputsInCircuits.ts b/circuits/tests/utils/generateMockInputsInCircuits.ts index e20afcde9..89985ae92 100644 --- a/circuits/tests/utils/generateMockInputsInCircuits.ts +++ b/circuits/tests/utils/generateMockInputsInCircuits.ts @@ -36,6 +36,31 @@ export const generateMockRsaPkcs1v1_5Inputs = (signatureAlgorithm: SignatureAlgo signAlgorithm = 'sha224'; publicExponent = 65537; break; + case 'rsa_sha1_64321_4096': + modulusLength = 4096; + signAlgorithm = 'sha1'; + publicExponent = 64321; + break; + case 'rsa_sha256_130689_4096': + modulusLength = 4096; + signAlgorithm = 'sha256'; + publicExponent = 130689; + break; + case 'rsa_sha256_122125_4096': + modulusLength = 4096; + signAlgorithm = 'sha256'; + publicExponent = 122125; + break; + case 'rsa_sha256_107903_4096': + modulusLength = 4096; + signAlgorithm = 'sha256'; + publicExponent = 107903; + break; + case 'rsa_sha256_56611_4096': + modulusLength = 4096; + signAlgorithm = 'sha256'; + publicExponent = 56611; + break; default: throw new Error(`Unsupported signature algorithm: ${signatureAlgorithm}`); } diff --git a/circuits/tests/utils/rsaPkcs1v1_5.test.ts b/circuits/tests/utils/rsaPkcs1v1_5.test.ts index 6b2acea29..eb885d898 100644 --- a/circuits/tests/utils/rsaPkcs1v1_5.test.ts +++ b/circuits/tests/utils/rsaPkcs1v1_5.test.ts @@ -11,7 +11,7 @@ const __dirname = path.dirname(fileURLToPath(import.meta.url)); describe('VerifyRsaPkcs1v1_5 Circuit Test', function () { this.timeout(0); /** Some tests are disabled to avoid overloading the CI/CD pipeline - the commented rsa verifications will however be tested in prove.test.ts and dsc.test.ts **/ - const rsaAlgorithms: SignatureAlgorithm[] = ['rsa_sha1_65537_2048']; + const rsaAlgorithms: SignatureAlgorithm[] = ['rsa_sha256_56611_4096']; const fullRsaAlgorithms: SignatureAlgorithm[] = [ 'rsa_sha1_65537_2048', 'rsa_sha256_65537_2048', @@ -20,6 +20,12 @@ describe('VerifyRsaPkcs1v1_5 Circuit Test', function () { 'rsa_sha256_65537_4096', 'rsa_sha512_65537_4096', 'rsa_sha224_65537_2048', + 'rsa_sha1_65537_4096', + 'rsa_sha1_64321_4096', + 'rsa_sha256_130689_4096', + 'rsa_sha256_122125_4096', + 'rsa_sha256_107903_4096', + 'rsa_sha256_56611_4096', ]; rsaAlgorithms.forEach((algorithm) => { diff --git a/common/src/constants/constants.ts b/common/src/constants/constants.ts index eea8228ac..198d1c978 100644 --- a/common/src/constants/constants.ts +++ b/common/src/constants/constants.ts @@ -101,6 +101,7 @@ export const MAX_BYTES_IN_FIELD = 31; export const MAX_CERT_BYTES: Partial> = { rsa_sha256_65537_4096: 512, rsa_sha1_65537_4096: 640, + rsa_sha1_64321_4096: 640, rsapss_sha256_65537_2048: 640, rsapss_sha256_65537_3072: 640, rsapss_sha256_65537_4096: 768, @@ -130,7 +131,7 @@ export const MAX_PADDED_ECONTENT_LEN: Partial = { sha1: 128, sha224: 128, - sha256: 128, + sha256: 256, sha384: 256, sha512: 256, }; @@ -242,6 +243,7 @@ export enum SignatureAlgorithmIndex { rsapss_sha384_65537_4096 = 35, ecdsa_sha1_brainpoolP256r1_256 = 36, ecdsa_sha512_secp521r1_521 = 41, + rsa_sha1_64321_4096 = 47, } export const TREE_TRACKER_URL = 'https://tree.self.xyz'; diff --git a/common/src/constants/mockCertificates.ts b/common/src/constants/mockCertificates.ts index 3c3aaf5bf..5e3854169 100644 --- a/common/src/constants/mockCertificates.ts +++ b/common/src/constants/mockCertificates.ts @@ -175,6 +175,93 @@ Lzqitzrk1U9965eGXBOjPPl45920WDA= -----END PRIVATE KEY----- `; +export const mock_dsc_sha1_rsa_64321_4096 = `-----BEGIN CERTIFICATE----- +MIIFjjCCA3agAwIBAgIUAcwdRMe4a90JuBHLJaGSPXWKj9AwDQYJKoZIhvcNAQEF +BQAwYDELMAkGA1UEBhMCRlIxDDAKBgNVBAgMA0lERjEOMAwGA1UEBwwFUGFyaXMx +EjAQBgNVBAoMCU1vY2sgQ1NDQTEMMAoGA1UECwwDUEtJMREwDwYDVQQDDAhNb2Nr +Q1NDQTAeFw0yNTA4MjgxMjEzMTRaFw0zNTA4MjYxMjEzMTRaMF4xCzAJBgNVBAYT +AkZSMQwwCgYDVQQIDANJREYxDjAMBgNVBAcMBVBhcmlzMREwDwYDVQQKDAhNb2Nr +IERTQzEMMAoGA1UECwwDUEtJMRAwDgYDVQQDDAdNb2NrRFNDMIICIjANBgkqhkiG +9w0BAQEFAAOCAg8AMIICCgKCAgEAzj5EJ+AiG1h0LBJJ8Za62qZvemz8IOhHpyFm +x4jJDkRhsIMuGWSjgf+bQ19bxuELklGHcP2RSwggorotvaPqYZwIyDQoTK72w4nN +eU0GuA0hLvU9nUTDKEEbtfPHSnMTPWtB7UDHLwwyUvvkZ/5kWfbtQNlLP9vFYx8N +EQpMHLg/Xq14kkC+BVLGvgKzFVbyF1Nfv07ZklXjL2f8vbYpPjQKdJ2XCmqXoqPq +px+LpKMjOV1fDFNGmk04G37izrWDncblK5irPbwhTwmeKSlJRz5cIpk1tgeEWFIq +OOGQiavLRNEIVPnSuVgwp51w64JDPjkjtvajuFHuO/6ErVclzEeA1SmgdEngwEdt +FGnatGlKUkX0rmceAE+TH4Ywvd/7fdw1AVqjS8asaeGlzrQ7TQrCsq8bePThdAoQ +x80lYExvzCLW6osrCm27BJFhF/OTNe/ZhmVAk5h4LVIPQcK/OHzqdeyiP+Qs6KeW +I2qQjjBl3sMJHzo/EQDr0an/3k9W2XlDBKVlpKuz6JUMygjioZ8BCRhvAOL1xRkn +y8n0NltIRqK3ZKzdX/lyw1oAHa3x67G97VaYFhGc7PzFSRJ5hFwbsKGtcGoUy0H9 +r7Q/eZnEr4BP5VQlUkBZqLfMaLCfLQK3xSI5Nm0RxjxnpOB5xVTiANCKlxxJR8Wt +y4GALU8CAwD7QaNCMEAwHQYDVR0OBBYEFGxs8eT80kuCzOcjS69MkOgFj50cMB8G +A1UdIwQYMBaAFHAtfA9Z4wPjBmGgNMt+dxRJhDjlMA0GCSqGSIb3DQEBBQUAA4IC +AQA1UaQI99IUorB2HQni5O+vNpm9/JGZyFfsFZDjeY/xMzKP590ql/6HinBZGsvW +BR70XUuqB9BWeRyPlEjMsk3tPvAOQWozTtzvRzaAl2TV1cpN6o6K2Lvj9iASRju0 +I+Ozry0RYa85eNnn3GvMuDGyqY6hhwvEZMoCs7CxoWY2blmt2OZNuar/iusIAk4O +76eu1+Dw3ck2u9+OjjmpCskdTTAOe/UCqSAg6RrawAzjWANXrazcQj9+qRZNifw5 +Fc/viVbVIQjYvxH5Jl8ghQI/XQ2Zm8C2iXzGfIcZOQgFTa7ds/2C7NRefyQNt/ta +C0duKRzIAxETZmWNH5Ma8HDj9tQtWLUm0x/wWBXqxIawIZinGy/9CvsqLB4uvmzv +xR02Cwc/MayzqOmu346HJ++s6DZs3ETRIQoaQdYl1vuut8DBNdqrkrzjdkpEsmlr +XpwzfvkV2FX1g7JgFaaziBIhgpSA0CTK5D877Sdo1BHlnAfVJTHtwlG7P6mJJY3J +lOBl26rEK8R4LOCF0mcr9S+rXgMYJ/1mhXh7HMb82+VU8PJ7UyCs2GLkyf7a7ZC6 +NrXPuMJI8T8U96YyPzkUfAMjNiywOfJIxFEQiSaN/mjGklO2rGgd8UvliJmYm9xu +LjCao2Lj50K7cZ/eGyBBzCetGVKOisG0aCt6wyNNw6sdpA== +-----END CERTIFICATE----- +`; +export const mock_dsc_sha1_rsa_64321_4096_key = `-----BEGIN PRIVATE KEY----- +MIIJQgIBADANBgkqhkiG9w0BAQEFAASCCSwwggkoAgEAAoICAQDOPkQn4CIbWHQs +Eknxlrrapm96bPwg6EenIWbHiMkORGGwgy4ZZKOB/5tDX1vG4QuSUYdw/ZFLCCCi +ui29o+phnAjINChMrvbDic15TQa4DSEu9T2dRMMoQRu188dKcxM9a0HtQMcvDDJS +++Rn/mRZ9u1A2Us/28VjHw0RCkwcuD9erXiSQL4FUsa+ArMVVvIXU1+/TtmSVeMv +Z/y9tik+NAp0nZcKapeio+qnH4ukoyM5XV8MU0aaTTgbfuLOtYOdxuUrmKs9vCFP +CZ4pKUlHPlwimTW2B4RYUio44ZCJq8tE0QhU+dK5WDCnnXDrgkM+OSO29qO4Ue47 +/oStVyXMR4DVKaB0SeDAR20Uadq0aUpSRfSuZx4AT5MfhjC93/t93DUBWqNLxqxp +4aXOtDtNCsKyrxt49OF0ChDHzSVgTG/MItbqiysKbbsEkWEX85M179mGZUCTmHgt +Ug9Bwr84fOp17KI/5Czop5YjapCOMGXewwkfOj8RAOvRqf/eT1bZeUMEpWWkq7Po +lQzKCOKhnwEJGG8A4vXFGSfLyfQ2W0hGordkrN1f+XLDWgAdrfHrsb3tVpgWEZzs +/MVJEnmEXBuwoa1wahTLQf2vtD95mcSvgE/lVCVSQFmot8xosJ8tArfFIjk2bRHG +PGek4HnFVOIA0IqXHElHxa3LgYAtTwIDAPtBAoICAFQkE8IBKQnay0be2lve0e2d +O4Z3TZl0cT4oiStPmtjq8nZNsTRgesLTARxagzMsw3bSJnC15v1owEHAPW4ptvdf +aPNMYdtMKPKY06NS90E2e2orQ3XiIaYUdPB3FnKgZOYKew7LlTpdk1CXrdF9A4AG +VgeyywwK5h4eQ3ysZr9ygpFXol+rjYqkrXks7vjt1hBAGWHwppKCTj21MQ3Ce0CI +W45DwSkEY/eqt1PsFgV6+ODODd+m3QsmcLUmKW1EEfl+4bosZNuRJvpEc75t/QQm +cZdTsM686yTlWsO3bM4V7JzVTwkq3k4dRcFd7iDqzdWV0REl2ipfohc//M7FbPjp +lts4IZMvZWFjn/D0AtTbDv7iifOFTHtNS9+5wGz44JtxuJIUGRnvr5oZX1jXMvQD +ZASnc3wlOW6CFaGv5fpiiz/77byoP3d8A0nILrSnU0zDEE6xBgxNdw28jeJDnv6j +e2UmFwXY9fCj8cmZmvZ6T7dOxgGxFgCYW8JEbZCEx8xCRjoq15zYUAEVyp97Vo37 +rso8AEgK2j/795DiDrtuUOWsIIMtlJ6AKijO/ppA9oR0ROcXSK9giTEVY9cX/sqq +Q2I0wxD3XNUbiAcMs4ksGkoU0c65oL5cZ7Rc1GQn24c4XDuPKjE6h9TIqd7MCJRt +qWuUInnAV2KWKiYaQzZhAoIBAQDwd90wOJ1L022lWR2sy3eWD9X+yZAmbSz+So/u +l7ZTyMwgE0x/nPOhkYCq5zx4Tsw91qg8r1LCqDlmNJY3PhfpBYkjcE5zpkZWl9tE +4Ytz7gyFYxjvTnXaazqSZZ0LXl5LXyN1iBArWLC+IYfwcvBG9VVUnIcFztT0dOkq +pl11OwfhfYwj16TJAwlEqCHx4UBV+Po6Hd5zGo8sXukgghbECJBu4V7XcvGmqb0G +t80KeDs7rNFk/MN/b+KLpPhMD0PpmyintA0IsSYAgJuPSJtZWGKkUjn4ozCUX0EI +7kC+YknA+DDjD/JpLiI2BlBI9Z8dIxpsn7Ff2vgnVyI9xtR/AoIBAQDbkH4qzpQ3 +S13yH2OgtkVkcHT4/PxCNFleugYQ/+qRA2nsXZOUrdUhKdwkIZa538okKxAuBwzZ +ws4SjlfBMqqWbCJIw2cmHRvahKEKYKwPIX6V+lT1cc2UL1STWi8uiMC9zCddOkvu ++xdZTtKoTMajGUWuFDVUexJO+QDGgAYOzZtpPVm1nkbW+wCdI7lr8l04C0VfNt/9 +yPxJByg0ztE8OYn9HshBaybJGphYkXlrO06Eb64yWo9gbmeQ2UWfdhneiLjbHEXo +8l3kROQdVTcMLm+n5TZQLzuQarYU+RmhLwqOjsXjicT/KsTB8tnZWwCi/adaZtU5 +eYqUXR5vuf8xAoIBABqYnTrYTdynX8R6Xzykn3oUe0XKiYJt3VG5YuABaqnw2AnJ +zRARgqVWix/ZZqSOPMoyEsZBUAzB4v9sdRYO0+QZBptN5ZjJ8Q2yWWmkh4yX2dro +qhIV8HdN4m9WqAWQVGj4tjg02eeGZXsnDifOyHJq5vNeUmlJF5Coye3bFe4xNfgk +4eR3WPh9SPz2fh/k/VQngFOf5evlNOSwZrHHHxk8W3OzYzl8+E26UCEqFmg9rdom +rgbSujJomZ6UN9DZ2iebrZSYkYz/vIncQkFPsOWSY+1uMwMS/gehVbslY0VQkLRU +TRhsxWMwn8kMfbvJvAsYWg+/SpojSGidwBAVCy0CggEBAKrxBaG2GuCUMR0kt2Xx +Oojf4JxryuUXxgK9zYcfq/BaRTV6CwgeHuiqenbBXibf9inViC1KjfR8SVB4uyQr +v6XGZxGgHlhPrj194neAKZ6TaJQ3GsUdvo5ZiWY4NQL62TvJqk92uQ/tapMpQJbw +D77IwWEhI0qNY3d2E7Qxd+kY/xxAW2cqlSD6jpG4LkmgQDWaXF1xr9c9SEho5uO0 +ooaOYSR60VIZY8JwauY/6gvzqaAXF8gOWNgLm7DFTbPyzoSGmXqyPYlfdjqVg53o +V+pK0JtvRQoN3yy+NOCamQbF08xGsdGgZMqLXIaJdD7hDGVgUCXik9c2PovZqVVx +uTECggEAO8ubx37o3TsypWQz2Rs15YXT4Bju48uXARGe0HPdSshNnl7P5OG7gwy6 +KKa4iB6UcI4yVN5YmrDqFnyiuvBI1tZJzKICZLzdh/j+2+TKdDmCqFVO+kqEBpAe +C9HgyiXZXqvHdp0ZH0WFjZsldonLm7ic2auuXA4FixKJIF5ij61k1hoaT8dxKVB2 ++U1V54ehJmLiI+7ZI68h6ehs8zwp2ldxCkgiemdPC1+rad6a78EiOWH1QIJ/75Q8 +p6L6k0I5MjSTHSfSgE1GqR6QFNGASGZJC8IPyuvXWF3JZd0EGKhTTdK1xt2+q+hm +91KAFLOUS5NQFq5dRGxMNTKAISO+VQ== +-----END PRIVATE KEY----- +`; + export const mock_dsc_sha1_rsa_65537_2048 = `-----BEGIN CERTIFICATE----- MIIEjjCCAnagAwIBAgIUOYe5pgmXtexLqLT2D0DTsHTiYNMwDQYJKoZIhvcNAQEF BQAwYDELMAkGA1UEBhMCRlIxDDAKBgNVBAgMA0lERjEOMAwGA1UEBwwFUGFyaXMx @@ -582,6 +669,267 @@ eeqMFlF5SIcZma/YO3A0TENNswvZnSNSw71Qn/PBunY4RH2h6+fymRb8VJmoD7e1 WUQ= -----END EC PRIVATE KEY-----`; +export const mock_dsc_sha256_rsa_107903_4096 = `-----BEGIN CERTIFICATE----- +MIIFjjCCA3agAwIBAgIUURYg4e/Lq5rCfISipyFJ1WnK5j8wDQYJKoZIhvcNAQEL +BQAwYDELMAkGA1UEBhMCRlIxDDAKBgNVBAgMA0lERjEOMAwGA1UEBwwFUGFyaXMx +EjAQBgNVBAoMCU1vY2sgQ1NDQTEMMAoGA1UECwwDUEtJMREwDwYDVQQDDAhNb2Nr +Q1NDQTAeFw0yNTA4MjkwOTU0MjRaFw0zNTA4MjcwOTU0MjRaMF4xCzAJBgNVBAYT +AkZSMQwwCgYDVQQIDANJREYxDjAMBgNVBAcMBVBhcmlzMREwDwYDVQQKDAhNb2Nr +IERTQzEMMAoGA1UECwwDUEtJMRAwDgYDVQQDDAdNb2NrRFNDMIICIjANBgkqhkiG +9w0BAQEFAAOCAg8AMIICCgKCAgEA6J3qjSwZKW/I2IVA81rGpOYjMKHswK9DD3p+ +IVQtNdqVn1AiBRp6Y4CoueXXZPXa7zhAbbGl0zgQs9jBcYV8CeFZ1WEC7geZ96EB +i5QZzwNiPCuHg0bZMIbMgbHGApN4sbnr6GaYNgXMcs7/+YA8NCJBpRsEGYvuf0j+ +n9v5X3KeUGWP1q9GOAmsYQQ2B/TiLQhXc8qTDWA/FAFKllL7bY+WmfoleHac4KNU +xcL5aePET8zrj0NU25EJ3Aq6MoWal4StYZwNHCnapNlAFYVa4NRx4Kvh5NiUj6sJ +zmlchHRDI4G7fDiaqzTFJ6pX41I1HdGhUgdm1xaglsX/0WJ0Hv6UlHMq3HEgNDRx ++pmU2LmdoenhvX/ywO85Qmiv7A9MZ2xYMpvn1Ho/6FaTfVHC2eRNawUih2KbMYxO +FD43YS98ZN4kak5ISrextRmITWgYZ76xWOKwlldeDPaYkUXN5qmI1KuRi+jxBL3x +MUppY1zfNockFPBdtTj6iszyLXg8QvDsXM2+TkL9rQPWSUb+qNnpULVe/CegOXiG +xy74utezucmRrLPVpz7kiPOs7824D/2vbwPcaKA6EAU67ZEIgpv9XrMzyGg1Cntw +jeri+6nISdCbmJfu075JxF8VuPAouws0Xjyv69hnD6BeGQJfHzZR90xJ01YbewXe +i/0uPVcCAwGlf6NCMEAwHQYDVR0OBBYEFBleW+0w6e5CqdFUgiBhJM9XyptyMB8G +A1UdIwQYMBaAFHJpEDPr/Opcc3Qn1wA8+6eYj5ImMA0GCSqGSIb3DQEBCwUAA4IC +AQA1P+WZCicIwtqrTLstgM+cEQjOQChgk+4fAlkChays52wN/ZcoukU7RmakaWGu +PNq3NrbBcescxwx6Auwt8wuPfH18bcOXoUWOWIlue3Et4Chz8ItCKC1M8J4oPixM +KMxcCRUxhTrgU0Y+9oqrNPivfKYhKtkMU1zihJ72VG6bvUrcxHZ5IlASdcuq+0ds +sYahj9qVlc179m5FiWIcHI+bTub2SRRnHr3CjkradGAnUxYgnvkdRZb3GHmT8WVL +Ge2/aoBoIkSmXnVIHlTChjTlZGtaYUFEKEW34+heclZH4JhGKn9pM20A1Eo2nG2z +xrW+WstsDl9puVR7KJoYDF9duButTvhW+1lWT1SW7Ylb6Amm5giBN9zUrG8R1bb/ +FmfE0Gmew9llv3OMq3TccS5OWcyJK9kmNQyMt5w4X21+1d84Q/t0tkT0DEpoPyew +jTYqaLx7wqro/MmUNas9ZAfELUuEAdEZXrI0PcRLj8LLaXeEQ1h1lm1S3B7csRh/ +1aWqSXD/JdsDeysAZtIoIsDX70OyP6y4KM3gx4g9Slz+a3PnrHlCKzmfUQ5c6IY+ +IW8oL4vYAThCI0Cl1jqNr10MFBQjdILdBXnpxkTZAGX0uwEBgIRtDGwJj/HZrn2I +fz4dTL9z0XtF8nGHHP7BzbArktAhIkuMmwCIYGqGtCAzkw== +-----END CERTIFICATE----- +`; +export const mock_dsc_sha256_rsa_107903_4096_key = `-----BEGIN PRIVATE KEY----- +MIIJQgIBADANBgkqhkiG9w0BAQEFAASCCSwwggkoAgEAAoICAQDoneqNLBkpb8jY +hUDzWsak5iMwoezAr0MPen4hVC012pWfUCIFGnpjgKi55ddk9drvOEBtsaXTOBCz +2MFxhXwJ4VnVYQLuB5n3oQGLlBnPA2I8K4eDRtkwhsyBscYCk3ixuevoZpg2Bcxy +zv/5gDw0IkGlGwQZi+5/SP6f2/lfcp5QZY/Wr0Y4CaxhBDYH9OItCFdzypMNYD8U +AUqWUvttj5aZ+iV4dpzgo1TFwvlp48RPzOuPQ1TbkQncCroyhZqXhK1hnA0cKdqk +2UAVhVrg1HHgq+Hk2JSPqwnOaVyEdEMjgbt8OJqrNMUnqlfjUjUd0aFSB2bXFqCW +xf/RYnQe/pSUcyrccSA0NHH6mZTYuZ2h6eG9f/LA7zlCaK/sD0xnbFgym+fUej/o +VpN9UcLZ5E1rBSKHYpsxjE4UPjdhL3xk3iRqTkhKt7G1GYhNaBhnvrFY4rCWV14M +9piRRc3mqYjUq5GL6PEEvfExSmljXN82hyQU8F21OPqKzPIteDxC8Oxczb5OQv2t +A9ZJRv6o2elQtV78J6A5eIbHLvi617O5yZGss9WnPuSI86zvzbgP/a9vA9xooDoQ +BTrtkQiCm/1eszPIaDUKe3CN6uL7qchJ0JuYl+7TvknEXxW48Ci7CzRePK/r2GcP +oF4ZAl8fNlH3TEnTVht7Bd6L/S49VwIDAaV/AoICABZqNjAGo7xWXOvP/Yk/IODJ +Nax2rIk5rbjZ+Fwuxu4WTMw4Yf0HwM0Ks9BbKY3KTK7XZb3nsqEVdowzqe1sfWAs +IjnYntD/9/FaxOAhpCgA8HkIYI/MUBAbA/F76H4bZ15mf6IiGYfbXD0W6EaugHH+ +GbTceT3xUPWi4J44sMDZ+HjSogf//+Ho13yKYAG8rxAES4CSTsLhpmK+8w9hymIl +fSBQIvaX58Em28rN2UTWs90L1IeGV0gv/6wnAggsVL3eaISaiy53+1+CufZKunrZ +bnHwObAb1J23j6A/hGtHaPMaJ+kr1syGdC9XlVVwYawDzzmfpHBfihqpVP+oXD2M +86qkjo8ZgAWHyd5rNoijclwiuU1yHdnbU7tJ/nurTBc/nlZQsKw0VMVVK/K3uy+u +K0G1NTfB9GPf7V1WATlBiGt/JfotebhTMw8PNvhEhtB4uiVjSiTTrnpbnr0h8jkM +nNIEQHdxeXIsEsUwMKq5pMwa/X+iPgI6Okr5JBzscvWO2nDOCbymWdbzdN0NkjSi +hJUaIyJ3ESGK1n7Naz8v/+RgtIbP1Lv3TJ3wJKAfYM15AUHjXTQFirCxWH5RHMWU +vaIlEDFXw7Aa/qZROtSNL/hWdDclU8+8rIFzJtHhZFQSS7mIDrJeeSej/7SiHC5N +K6Yz3flS/RpgK5NatEQ/AoIBAQD/bI9J+BYid1fTFadhcS8+zPoS0swMjyAaul7J +DLZpfSiQ+5DgpfKp0dpuanjT3Va80u2XMrg02P9lkswZ3ltvaFVgn13OrZaHlNAE +vdRR4BxD1VyplthaAwwgrZfJb9CD0gS9642LUqrZCqgPb3zEV5eg+KkcorrL3Wh2 +ZR96H+7WrBlGcEXO9SS3rLfdb+EyFXqStnOEULQAqisqAYj4MVFcwavh1RhDEltF +uXlLmo0qq0t6Bm85kQe+3BVyjIS8WmHPp9Lq6WfhvC07XBlDkccfciIhgnUFVcok +6kbydSr3BOnSaapZxsNKL+mQKp/HWnjLBxR72Sj2oRvPWyRBAoIBAQDpJDD66IpB ++Z266YSUx7g8/9+ASzinQuFB5nhPKFV4KKuquUHUwDruZbGNo6tpDhgDPCLVOaiU +7lea68FJASR5L1E7IKlG8emF/5GKlJzQ2Cr7Ewrp7RU5yiyEVcl+wFNtvW5WXBUr +FTwi508vD5gtWbqOwddYV3X0ZtUtUq2SHOX3I3jgJSwWtkI/7S8mMIoka24vd7gl +ozewvw2UY+H1KRf3ftt3PKfHX4X6Hs8Ozqm9buW2RoxLLL83RwHstgTmWsrl4qVp +z6/T93l9QulZ/XuUXfvd+/f4L4mLreprS6kAKmQCmjL4weYmMlLrmy2IntukJHIN +/aDtj6y3WRuXAoIBABdeXyycdX1vM6/KVOsDqZHNLWHeJX3lw15Q0auQo9wbzU4h +hp2G5rrTmr/XGjeVQURfOi0ixgC/40j1f75+g0ZxOn16E3ZyelegdfSRCVR+ubNJ +gbSRdKHebFeEZdmKocrZgN+58/7wSpUsL3FHKoVPPRekBAR9SQkuz9sKTX63YPPo +d1L9B+XlGCKgZXj6nh4zTvEj3VRphQbnzZv60Qk7zZ8HUMR9+7lLuQrhNA75Vdua +vs6w+/F65lCHClR84q86CEBNuPJ56j+vUTuQbMoLzfTAR62suhwlj+NNFyXzzlc9 +qF3I+onyXCjT98TuzkYC8GkV9vSvcAHgNJ0UNn8CggEATqb48sS/PdtOtq/7Ct9v +fsnY+DQU2CwZnpxKUJfttNp8hNYq1wZjw1jQvr7T1w0qSUbseEGnV+DN6Dhx3czV +8YhD6+niWq1WOAsGMCzBQDahHaJLjySYlK210R43DPu9sPzH7yLZWYM2+dFK9Ums +B585K1US6enxEtspt7AXJfuTZXlf7pPJhBjuWha3KHRVXsHKd25SkxSgQBn2QFVq +suNg/+eGyCREqdU8UEG/soDk/CB92M2jUYeiq6pGNgZSK8L5pZNxoiEZ8qYu/hzk +vbq2rwIACyEzQN0ilbMRu5fvEB2F15xSmdGu09uua9g58pQKlzlQPFc/jhd5JBTh +MwKCAQEAmbuPtfKH2RbdQ+yD6BQDOM3ecrxlonfWjqbL3mSs184JboDdH172QSry +qqY7X4I27N1s08NClKPZoekbnmfawSJLiRVl0RC5ohJIl0ey7hCiGw0d7C5lY+Y9 +V655U7xj+IdlR5nU2YaEH0YBLoN1H1+6ftBZ2fspJNhpK9rDF9CNx58lfnIQJxDf +y4JMZ9vI4PuAaik54GyDb5pF8iifZwuwIQWEYu96RMO26T+AcvBgViRdp8m97uO7 +HyEgnGubH6Oh2tdITrhyAt8AlP2BtJukv1SCEBqJk0JmCOH5s4u5fLieLz2OpZBL +uAuHaSAsoXJyG1F8lZ4XAR1om3Qwyw== +-----END PRIVATE KEY----- +`; + +export const mock_dsc_sha256_rsa_122125_4096 = `-----BEGIN CERTIFICATE----- +MIIFjjCCA3agAwIBAgIULyu1wDuwUZlWkrt7+Dhh9yqpPuYwDQYJKoZIhvcNAQEL +BQAwYDELMAkGA1UEBhMCRlIxDDAKBgNVBAgMA0lERjEOMAwGA1UEBwwFUGFyaXMx +EjAQBgNVBAoMCU1vY2sgQ1NDQTEMMAoGA1UECwwDUEtJMREwDwYDVQQDDAhNb2Nr +Q1NDQTAeFw0yNTA4MjkwOTM0MzBaFw0zNTA4MjcwOTM0MzBaMF4xCzAJBgNVBAYT +AkZSMQwwCgYDVQQIDANJREYxDjAMBgNVBAcMBVBhcmlzMREwDwYDVQQKDAhNb2Nr +IERTQzEMMAoGA1UECwwDUEtJMRAwDgYDVQQDDAdNb2NrRFNDMIICIjANBgkqhkiG +9w0BAQEFAAOCAg8AMIICCgKCAgEAqWS7hlLio8SIXXHKGm2VE6z6tShzspw8MAXk ++AxQDa2izmUK3ltoMcbRaaNMGZwybmxklubezBUO/IlfP0EvgxbKV6BNSlNB4JrM +BxZMKQTAXYT45SpzMuQW2eeUxC6+/6ASzqc5H2Wti0rp+aGHiXssTSLG360ZS8oZ +wz9JVygICtlr6UI/UoxRFr1ii7kMOg8E5QHDQYNBJeWAhtVmtP4gDgVBAs8uF0kB +G9+mQyyN594J3+2I9ogq/Z1k8RGwptpjUuRp0NZtLyaOzbQDvZ7xN3wWijVbh+Bd +euwA2zlTuQiMJBPXVo8Ov2hlGedGBj7EBDhMoL3+SO4vCyMExSanPld5VluKuGkI +8Q9XnjrxLH4O3rNLG6vKQwiLXP8DwTPmq4lI8Om5awYrf/Sq+sE1cZynmPkFW747 +U7vXledmM91RFenyEBNv846SMTbcRxL2adSpSlKeUOjWhcWCGZAW64z8vYDMPYFi +tVvSdwnkjwPwIC2ajzegPmW26xyLz9LiRGLkmvfumRMJ8ROpNaFVBOy0pNGiZ3Ir +lShRVhYGvUjtWVbleBauwAhPMtx9SKmG/Ep8hOeg+RSJ643C3D0UJY1990Jf0vTp +IyWC1yUgwhNnzHO0CKwOPTuQ1gGjT/ieGUjdgV6IDF/xbWm3Evc/7Pmd4jVu0vHl +Lrns9oMCAwHdDaNCMEAwHQYDVR0OBBYEFHhRtL3KyumKtia+LSfbUSUT+xngMB8G +A1UdIwQYMBaAFA7QUf2Syq6N7bXxqveimhoHeouTMA0GCSqGSIb3DQEBCwUAA4IC +AQBlVEzZoPaMG59zUQK+GWUhdiskskAsjesFX6R7HrNd9PRb1Vw3mBewfRFXRIcn +nKKv8mSzvqWXOwvoLAqw0R+awDUvVUL5+TWED1rQZpmr1IzdDPR2MFrZgL7N6ZeN +REFbLxebWa6xV+uX1ENrXUDBliPbRZW2YFVUzwn16VdF0hwfm6W0DVgfBr/ErDiV +PouPdCq4g/y5PU0uUPXUVuKDAKnSPuvRQsSgnHFD2GpdgmoqEnysd+Xz4qHkBQLG +yH0x3kNarMPj6t+s3iI24P8Lhn+sfmADFFlwq8WP14jhF/+p34J6Ub1zkR2pio7M +UT0u6Y0dyY44mmXplDXwH3IhIWtnHPQzJa7JrBy/Ozqe/oMwk23clrCSfUCnvxBS +ltxDQZspWdPya7L8rsAwu5cpIUm38a1n0vB15mZGzeSk0MJMhINgl838zj/N9WTT +m4HGUlFnBsNVMeearcMJ7Mdr2hDk2WgkL6ZuNoGY2UizwXf2FjFsY8MgJqqYsDhf +pBzRVabUu6qznfiQAm3pZ/hMqrCXn6/XmL0K8/0ps3QDMXS0RJZpwK8H6xJMfLaV +6v+rZ0JlbzQ13URQVmemV0qGKRkLA3uSkHNcWJdfsevkdrEvHNXZjT38Jk39UNHH +WUXBmeeMala7w4vim/DiDcPb/E/DHew+cYc6EIhyLXliXA== +-----END CERTIFICATE----- +`; +export const mock_dsc_sha256_rsa_122125_4096_key = `-----BEGIN PRIVATE KEY----- +MIIJQgIBADANBgkqhkiG9w0BAQEFAASCCSwwggkoAgEAAoICAQCpZLuGUuKjxIhd +ccoabZUTrPq1KHOynDwwBeT4DFANraLOZQreW2gxxtFpo0wZnDJubGSW5t7MFQ78 +iV8/QS+DFspXoE1KU0HgmswHFkwpBMBdhPjlKnMy5BbZ55TELr7/oBLOpzkfZa2L +Sun5oYeJeyxNIsbfrRlLyhnDP0lXKAgK2WvpQj9SjFEWvWKLuQw6DwTlAcNBg0El +5YCG1Wa0/iAOBUECzy4XSQEb36ZDLI3n3gnf7Yj2iCr9nWTxEbCm2mNS5GnQ1m0v +Jo7NtAO9nvE3fBaKNVuH4F167ADbOVO5CIwkE9dWjw6/aGUZ50YGPsQEOEygvf5I +7i8LIwTFJqc+V3lWW4q4aQjxD1eeOvEsfg7es0sbq8pDCItc/wPBM+ariUjw6blr +Bit/9Kr6wTVxnKeY+QVbvjtTu9eV52Yz3VEV6fIQE2/zjpIxNtxHEvZp1KlKUp5Q +6NaFxYIZkBbrjPy9gMw9gWK1W9J3CeSPA/AgLZqPN6A+ZbbrHIvP0uJEYuSa9+6Z +EwnxE6k1oVUE7LSk0aJnciuVKFFWFga9SO1ZVuV4Fq7ACE8y3H1IqYb8SnyE56D5 +FInrjcLcPRQljX33Ql/S9OkjJYLXJSDCE2fMc7QIrA49O5DWAaNP+J4ZSN2BXogM +X/FtabcS9z/s+Z3iNW7S8eUuuez2gwIDAd0NAoICAE97mjqEdLbAA76GOsd3/VLL +KFoOk+ijOcdp9dJLDqUQTrWVfQM3n1WXNXTG+RpqagCs/viU8FxfxXUJSZmD4fq/ +C2aNQLjmWPf/XfTPrNlksrFHrSOcOCoaxlVSjqx69YazrIyoPj81SdOMwd30xQYX +MbJtksGjSG4YBUlBnn/Kdxpj7KcvRLXJyYexfstCRpr8Sh0qTtnbdmQBvTeRNplp +J/xVGZ38aZXavvXP3BCHhgfZvFqZIDHdca+ttodZ4LcVrgZt+o/5+YQxaRtnWrmL +Faisq6Ucrf1be4VdRIW+5KA6RJhffDUPLmyRM4/cSg+hnf0iNVmHY5dcaRPW3+o+ +BlWMo7d9HHgkNlP8iU6L0e2oxtYnUQZ8kX7YemmBIuBp4/39sa6dSAPQAe9cNxKW +KyWjj71fi8DOqxfmaUSRE0yvyXSRM3fLnElvuiCi7uZyBAogcNsC9GaPv8JbhwMU +4w3QmGSvBzpRnCMbKy1UR0MfGJhZFNzkq/9BM70G7urtBctWLOMEH8t9Hez8OQym +D8VAO9/zAqpewr2rtJ6E8htT6mcH+iycPVRkriLvUXkVPXRQ7AceW1ujIfIX27PS +bFVjgDyrat6EPpCcsFfPQzCqOBSPSrLgrH1NEJdS9S89fc7LbA+NqEuwnzLU9P2P +wW8/9FmO96rBOBHnS/XVAoIBAQDQt4rVgF3MRp7cRHCRKfYXANmgLNZXVEP+qn5f +r08nVddjl6BhN9GcxAdRM34KLqLGvWqSW74OLnEuojYmf75KB3rcK5E7MZ2R5K8R +3okzENVvY3r2LGNzeA6rk8bzSPQDC4Smp8Ww/WvXPc/mIoEnDqCHB3nDF3DVv8QJ +79/nHUZfooKZ0IBv6EzBa8sPcY3DqpRbaiNCH++BBqHKbSPRSm7EyfDZD0YkANrw +K1PdgyGpZ7Zm6oVUACSKnq+kcB2cJCfurgJ6CIbZwsGu6vL5QXn8leSAH3W1syxo +sTiYMczMZ8jJTSBpM/w2GJ2elakvGWGk7Ra+xX/W7dwhV/hzAoIBAQDPxKQJlLLE +b4rFuZSE3z/ggGju9jIlp1fuGeNTM+cYs+giokgcHUx/gAvoNstyYJJ3nXzfZ2BJ +pOmwusZGFtV0o44rwywgfUVqkn18QU+cq8GbAipS/zDuG8cwGD/YgpxvmMpweVKR +Fe3qFPIvhlNTWH1Pea9dBV5WPkU1FF+pQJgnitThy2o350uLztNJQ3IJk7rvpg0s +jxWOiTbeBMZmpODkm6+E2tXX36rST7ptSiSbbq9GaSGd3mBef1gMaZHwC/X8l8aP +b3xvpnfm4Uw4zV52tV8vYbdgH43M8r2q+wHHIbWuZBIghLMnYol/IQr5mYP9Shbb +y1fWdXdz9FWxAoIBAHDX0LgubMGPEs6gJ423HA25Tby2uTBQqvG4+YzSvuTfniXt +mY/YRZorZxedRJinqwvxgJd4FwhV/LiOX4ziLPsEJH4ZdlbM3/lqtpzp6P8hLaNi +p9melgWvn2fpxT0aAnnJ40gz7A4LXHsbCsbAkKpbLQ5KdKHr0b9V4JehIbMrLLjN +T1tiJTiLCUB92ZSWEr/tRxjf6KGCLbI3TjJSj0UUCe84eXNMEPHehlJBXKhWGrl8 +FgOQOVKMG784RMVn1lZur9mKU9RGM1QmLk5hYpCDD4RvbSAdSMEVZOHO65no3Nc0 +io70tNDezvLBOwvAQTBzhmsBD8odDPepVKgduYMCggEAEzX2UZ6R8f6WVrCiidYW +STnpiLBOrMrsvTFQLjRru1TbHI9rQzto1ZQu+XfCwK6Y4utn+XB0ihL9+zCqJieH +Vzkf5FW6im6WSBC7KivVYy3zgqhargrJrEu1oXOC0q2U2tMbyuayCzsSZzdCEmjX +lO0Wort9ApZBB/a7ZhC0O0Aw0L/peWsQrHr10tDX7RMWi4Zcj0LOGyyXZPzN36QX +O6jOr7VQfyo6yppwsbOeqrrII7gyYg9zpuBXvrMBmD++Mr/9xB+IYv04vWg6Pitf +0fhnoC/G/QVvl9W5JCMMAVqUNiYCrKhBN2sYndjxuGnYWjl7M15dgzxImeleNCwG +BQKCAQEAycl+cQLogIQJEP2QZYB7UPgGtBSELxuUBy49HAp+91IVOKwKozDA8lgq +bxN0HDP5U0AQSizmBAiAg2AIyFqZHJoOQsProURCXkDXV6t0YspNBMuNbjayhc+w +QLK4d12s8H6gS1KAHgOvMpLl7Ii8Q54BrZWBh/eGC+uFpPmwhCy9rZk/Ip+up6Nb +wFWkwpq3LXohhrlySdbj+l+7tC/NC1A5zUEUipGbpKzB2GV4OFKM4E1zfKkv6xtx +Ik6YQMNtF5x8rgm4EWLX9P1JH6Rm/CcCMjznTUnAiDAdSZxSUpsQUVczHJi2oizq +MERigb61weNfHj8GZA6PwnUvmwvseA== +-----END PRIVATE KEY----- +`; + +export const mock_dsc_sha256_rsa_130689_4096 = `-----BEGIN CERTIFICATE----- +MIIFjjCCA3agAwIBAgIUMIdYHXa5ebgLEe3kgGC1aYrgjncwDQYJKoZIhvcNAQEL +BQAwYDELMAkGA1UEBhMCRlIxDDAKBgNVBAgMA0lERjEOMAwGA1UEBwwFUGFyaXMx +EjAQBgNVBAoMCU1vY2sgQ1NDQTEMMAoGA1UECwwDUEtJMREwDwYDVQQDDAhNb2Nr +Q1NDQTAeFw0yNTA4MjkwNjM1MzhaFw0zNTA4MjcwNjM1MzhaMF4xCzAJBgNVBAYT +AkZSMQwwCgYDVQQIDANJREYxDjAMBgNVBAcMBVBhcmlzMREwDwYDVQQKDAhNb2Nr +IERTQzEMMAoGA1UECwwDUEtJMRAwDgYDVQQDDAdNb2NrRFNDMIICIjANBgkqhkiG +9w0BAQEFAAOCAg8AMIICCgKCAgEA95TP3THahtLOxSOr3xPPNf7wWt1VhU/MqcU5 +0Lr5WGCkUn77cH/6QGsrNQdiPAo5hRYI3L6CJ5ss6+EFIRoaRUdqKwQ0IAbJMoeE +gnY7ItQxLT4lr2nIHgots9B9lGGXlqcgoRSDoR9yDWmTCwLpGLgwTYTmJs54CW7e +quA5gt8f92Y6Z5bTI+K+HqjmfrxjiEjUn3MzVRfXaIYXM1b7i3ZV1i5kDx8VeteA +9rmrnZW7PGpRhrDfxB8b11TRmQIGbh69FeqQZljN6gQFXOx55aeTnDn4ztCPMZQ6 +GCf2ENdtpbox4HvaDJtmX1HrG/Rxjk5/DaW9h2Op91xwxBA2Y11kuYv/dpoBNrS6 +1wjXdgd5CCN/Vs8hrgrEvtuHULWpSWSZlW/jXnM5PqmFiXc/hsJjoLDRlrCWLJN+ +WFYctOy/xKChvvFs7kZFlexG42s6ZBjgKKa8rrJrPw5cKjLJZl2MoCdvbcnz4ftF +LTa1wGg7jMf8kqbpqYXXKDgRehsZ54g4rvR/PVr5PxofARdmHo8c9sfV371+AvPp +Bc2iMoTUYjKaGuAj01oP7H60us+YeRNe5h3Zu2cRTh4ucYfsgkZFtlziFtfNyloe +JgQ15iuZj+GSIfIFF9Wpxkm1jhuPrgpbn9o1NBlDoOIRmqUgpRWVkezZHOYyl9hL +SxwLSjcCAwH+gaNCMEAwHQYDVR0OBBYEFOyWBnUTIcCTd5Exvs8qI3xET14TMB8G +A1UdIwQYMBaAFHfWN47BJz4L4XjKEjWNdEki76ssMA0GCSqGSIb3DQEBCwUAA4IC +AQA78SgRq5tTri3MIWwmcnzazL4fcU5K65vWQboKD4z/grhPs27fkoIXllth91l1 +nSXbYc4mncVoxjOR14VwVeKtmiNYhuQdv6/EPO7JjDKuFncBb/ZblReVpiAqC2+V +kYjDnPjt+du33PKTURZpgEmDMVDCkLAwSucyd+TPc7bcrbdpzVb2RTwbtTVyqfmC +1hjebfnnbO9S4yW7dkEZaxY6Abv/gA5D4K/uKeVOdfvuEZVSUbbseDgD108q+mZN +Ga6PmyBie6udkpyjC9Lh2HdSo3FQiwCxmP8nNAQNi6f2FgCaH+P0xKMNgPhNSuDS +hjOoxWqElFcT/ruhxg9f0YHwsyhX03SKwnWjIacpUBBMKsuukznzOH42A4aQWUkE +5LeG4WrcQSuVao1vVJr3mmoFwQLfhoR88hKUqLFjlWq3mbVtxFbHud07RgpSRo9r +wRSM61XdzKgNizVInn4ynAu9Wm00KDvzebVbBNFbkW+PubGF0pfaxwX0aZiMg9yU +KYpd4PHk8kAAPV7YSKsqPu/lKOKqGIkZV8ZBL11uwKGphURlzY0iap5FuY+Wv888 +gc7DZ+c8gtF5frm4ACIO0+SC7CbGNmM3/3M7cAWTsPHmc7Zp7af0EZMwOzFeEGvJ +hhlw2WFTDi2EvmmJSlgCILlXVvNpKxGCy7+ONxKdbD52Ug== +-----END CERTIFICATE----- +`; +export const mock_dsc_sha256_rsa_130689_4096_key = `-----BEGIN PRIVATE KEY----- +MIIJQgIBADANBgkqhkiG9w0BAQEFAASCCSwwggkoAgEAAoICAQD3lM/dMdqG0s7F +I6vfE881/vBa3VWFT8ypxTnQuvlYYKRSfvtwf/pAays1B2I8CjmFFgjcvoInmyzr +4QUhGhpFR2orBDQgBskyh4SCdjsi1DEtPiWvacgeCi2z0H2UYZeWpyChFIOhH3IN +aZMLAukYuDBNhOYmzngJbt6q4DmC3x/3ZjpnltMj4r4eqOZ+vGOISNSfczNVF9do +hhczVvuLdlXWLmQPHxV614D2uaudlbs8alGGsN/EHxvXVNGZAgZuHr0V6pBmWM3q +BAVc7Hnlp5OcOfjO0I8xlDoYJ/YQ122lujHge9oMm2ZfUesb9HGOTn8Npb2HY6n3 +XHDEEDZjXWS5i/92mgE2tLrXCNd2B3kII39WzyGuCsS+24dQtalJZJmVb+Neczk+ +qYWJdz+GwmOgsNGWsJYsk35YVhy07L/EoKG+8WzuRkWV7EbjazpkGOAopryusms/ +DlwqMslmXYygJ29tyfPh+0UtNrXAaDuMx/ySpumphdcoOBF6GxnniDiu9H89Wvk/ +Gh8BF2Yejxz2x9XfvX4C8+kFzaIyhNRiMpoa4CPTWg/sfrS6z5h5E17mHdm7ZxFO +Hi5xh+yCRkW2XOIW183KWh4mBDXmK5mP4ZIh8gUX1anGSbWOG4+uCluf2jU0GUOg +4hGapSClFZWR7Nkc5jKX2EtLHAtKNwIDAf6BAoICAA8whjeVhhDzCRVYs3jJR8kn +jnkShXseR9LIzs0YK59qwclF9mVlnalrCdl/o5xBnzVdkY8rfGvQ49TnqiUaItJz +WKZsIrhCX+uI/TOHGRNWZBX79DVV5U/nszhFg/7VzT3uEtUQ7GovpBRRPRTolI91 +bMNKDBxE3NkADMaQeng/a5yY9FNkmrI1SK8tLUz5yQyWJtvGafsm8f5Zn+x0XjW0 +LG1y/ABzI+i9UnHD26NTesN6VvrG36SB2k3MUZ1iW8pcX3iG3zNJokWIvMEutbHX +9lNc49XNLw8jPR38N/hL+nn2jMViGmxzjgbo5RIz5Nf9HRryYNR8KqKXVtdkgZKI +YW62X+o+Bzlc+N+G0aAhoB+HJ4jQLN8YOKk6AIHdT4NMy4LwqNooSPWwkXjY94ZU +omtYXFkeTUSbvNg88BNy3lrbl51YSKIsgbkU6moAaS0Gv9wQBviwk/1VdU9xaCZq +noL8zx7UCI9TcUDHypL/riBQvc5g+WLl8xPY3U5tNbc/mgMRvhJBnJdrrd/4jSEP +qwdpqtGWFjqBo5aMlwxkmXcez/PIFI+wm8BVSIpPxUF2ksGHP78YWqVDuaSShzle +KkebRQbAsqNmORazW9YkVKKf47W4cYdiZAh8W7HeRD8AAYmX/5+CecXPOrQI9gtq +vzku5n1EV8Qd3jbfLlghAoIBAQD86dU5DcSn/fjgvEKhvpmqUzx0O3O21EbiAgxh +NgKTr/4dF/Wx/5RKorRZBD9sKuC5lzy9B5lKraCbhHvsozqfeYnUYFg4tU8d/rAN +PuQHXMQANNEua4Dl0IhLRrTZwpChiVFunhUD+MzjhcPtHNbFq5eA6uclCMJWyHvI +32+detxLQFVhltjYfS0BnSQlKLIfoKsUi4whOM+RwoSbx58P2TkBohiLdJtgBseP +mC9qxZQQ+qFopueEQXp0Pxrd+dogfn3Fb639HXCTVT3C9NevkVho67kn6Vp2EfE3 +E1/DlayJMnnfEUcXLB6OfBg6J3PDVhycqnYTsrB7q1vkHl1ZAoIBAQD6mlH2MYUZ +S6g9n7ru1o6xYEWte0RkBs7XJkJiNEiRDeYwnBRUeVnUTxPwWCn7rVFyeUJcJW3/ +/LzS+yv3I+tOnrNyQnWYRbZTKTO22TaeTXq0RG8688pnZf3/LhhHSU8RqOymXOE0 +Q5By2W3EpAakzk9XtaC1rQeXxw7NyxzAONZtcPORGcfffZ36kd19BNDKLHoVjDTw +mGnMDIkliYRFI6AUJNJsq14XVjroCi7IVqsFa9HMsWWMWuBtwGQkg0caEiA3o2lr +a3blPI0jxhKocmPFt8kl7h3y2aBTqQ9T7Eewu0mDMPc/SYbP1if6oNsqeT1Fddxr +vuZ9Q3YTDiIPAoIBAQCfhWZ5NBoZaBLhfTJSmwfd5y0gHnZUC6h4YnVt7lIvWYaY +fQXy70Q+6Rgm2GG745fp+urOSlr/b/uY4pPo+4Nf1wGKrgBEhQ+VtozH9BM+IkqO +IoovvyUhTal/GcA5iY2YckQnO1V73JxpSwBNFN8SWF22lk/kJogCj6mIKhfPak8W +oJeTbUUGcDG+DHx1VDdcm7JvOuMiQLi8DG7wcMuhq/0ord3dEqm4vpYLxPQOh7Xd +pNtaRZYA+2XQSotpyOX8n+Y3Y+Y3N9TzA9Hd266Fn637SU/dnuJVNZAzECq+mvLV +QrzfGOHBK6gz0D8HoMpt0oun4q2o1RizEDvD0C7RAoIBAAyP1x0bzOZDZvKi+iZq +pwawA/Z8EH/lgUm4d4PGlwRzyfRVOseXJDx3NPe9AfAezyOPSC8RNkkMexgR/i6s +jimUii5eIMEeRhvG0OZyatE9/jcnw9wyAbCBglxingzeuxgjAxC1mTuYSua9F28B +Cfn4Ktw+fShkPmNRxxpaUt9bjDb4aYdbzoncK/W10timK2rtSJPZTHwTNnzsvXyG +b5RaGrmvpAWPk4lAw8Ei5+YM55BsZiFEanRvbh1rRN9WPrQl1Tg3cNA5sKdnSgO9 +BLjCeRUnnCd8WbVL3cNB/Xi6GOTk/Z7OYGSdhRl4znr8RNm2zn7uMLMypXDZp3oI +mMMCggEABacZRzOZ1sxVMiXy+cg4nBcJneWN3KYxhGVHFAScaugGiWl3+3tFs/5p +T2GzT6kcZ5KHBBtDwB8AGgDf5FPzL5DqE2vNSlXCqMel6oBXWL8zCbyMy9uxGfnH +HDIVvZFei7DJIUm3wLz15FsvlTxXDSby9rwuy9qZA1mzCb2SlIAGxnca6ppSer5c +FQMKEvfFh/5AkmpI1JJWGcKX+KXMA1EQMBZI9FI3u4ipGEJlE9VcmbVAgbadme/N +ipc81r52TRf31fVVPFHX323GXkXgOwRoo9OJxTUL7ygBacNcH/qfkW5NgRIE4dup +uswo9dEYJgsU10poavF4Xx3IcrtCeg== +-----END PRIVATE KEY----- +`; + export const mock_dsc_sha256_rsa_3_2048 = `-----BEGIN CERTIFICATE----- MIIEjDCCAnSgAwIBAgIUczwRTMJny+z2YbeQZNVSSFFhIgcwDQYJKoZIhvcNAQEL BQAwYDELMAkGA1UEBhMCRlIxDDAKBgNVBAgMA0lERjEOMAwGA1UEBwwFUGFyaXMx @@ -727,6 +1075,93 @@ ZKazzcaFGmL7inloJkPj23uv2eN9pPA= -----END PRIVATE KEY----- `; +export const mock_dsc_sha256_rsa_56611_4096 = `-----BEGIN CERTIFICATE----- +MIIFjjCCA3agAwIBAgIUFCNDwzzlWISNsquziFp5pZvNXLwwDQYJKoZIhvcNAQEL +BQAwYDELMAkGA1UEBhMCRlIxDDAKBgNVBAgMA0lERjEOMAwGA1UEBwwFUGFyaXMx +EjAQBgNVBAoMCU1vY2sgQ1NDQTEMMAoGA1UECwwDUEtJMREwDwYDVQQDDAhNb2Nr +Q1NDQTAeFw0yNTA4MjkxMDEzMDlaFw0zNTA4MjcxMDEzMDlaMF4xCzAJBgNVBAYT +AkZSMQwwCgYDVQQIDANJREYxDjAMBgNVBAcMBVBhcmlzMREwDwYDVQQKDAhNb2Nr +IERTQzEMMAoGA1UECwwDUEtJMRAwDgYDVQQDDAdNb2NrRFNDMIICIjANBgkqhkiG +9w0BAQEFAAOCAg8AMIICCgKCAgEAwKd+rE37Gsd5ObAgJzmMFxmJVtlViFbCgDXz +zAuZyLH2g/jsCybee5v3ymAu/G3WNdoFEbnJJdqwXg3rhJiSeSD+Ckghob+B0cS7 +3hxye1/cs5pRt+OgcVoXYMVrpBr1gCRl/J7tf24LtWW9ZTmO244gWu8+XPxeWZL3 +BXcvP86dscB9Gb4SzE1wZRbTq/GPFQJ2IZHYMOHQbhFpIkRLPCC2tj1ACnF/LhPx +xKH22BZ9XEUOq/oVZ6PC/eX0a5Yk2JFYbMGFCqIr4vqvX9eHUcyb6WVmZ1LAprgg +v9iUg/lTjKj1svE/LyUSGHlouHVzbkNwNXNbBJb9wZovCsmeoX1fbKhmslRQq6zd +ENn47lgPOzEHMHkU/lxAGhE0IODkZAeGgV2q93N8i5HMQU3CfK7Fxrr2kbf4tSM8 +VKeq0tg6RiYTv+6ZMYJUPpLFWJ7OHnBm0c6zMNTnACeoqBmqxktMOa4uB2yGeXLY +mx1g2RHuAXaA3SPeeCQYR/FK3La01ttjbL8Qn/MSjhlwq6Cbte5VriA3nWPDOpS/ +N8I6yiiJemXoSX2ToCki4mxpJEW/cf+T0N4UExzxQdmAaPtwNCBRu06KtUJQOAsd +RB4oqLvIUOLPua1SbemFXvbqQQpnTrmNaV6wqBAn3iousxZXylEGgxzDiUDMNVD0 +NoyAD90CAwDdI6NCMEAwHQYDVR0OBBYEFA9S95imR3Cgqxp+oWG4CkXmyF+zMB8G +A1UdIwQYMBaAFAcL6G4OwT2yx09WccWVsbrftqgvMA0GCSqGSIb3DQEBCwUAA4IC +AQDRRmR5zDJMb6wsYnAVcfcbPltJUA5olH/6cFEapIOYDxsh6XP4LFvtG17ImcVO +//C3ZqY8DrT3RjmuOEk7KahMv8T3sdscPK5h/1vgogiHkwIyvd1683be36OYej4A +cTQwPUuMerYO922n+CLxDjlr0rE/nEeuyJRSZWQey05W9nPyyB045kBffANL6HTq +y3OkkSLKhBtP72mOt/djF5wP8c+vcHy9EJ+M9d51dY9x8cYkqvx9XHcLuxo2l7Tf +oCq9xb0zcWBf8pEwR4AQMlxv2JkpFloOWb3uwiDqDmy6XdReVzzbDGcKPkYjnFVN +jjXYIxqKFg3FR1NerNYW3oopF75zRmnoblwCu4BsfmILCx7XptAvxX82CvqfT721 +4ZVHGxhXXKkarULdXszj7v4i8yG5k86f36E0Is+v2EGNosfmcYcRqx09AzysyXYL +PnUE7+PN4AvHzVsaoQYe67CVDbH2DDI0R+jmoW3+hCCT6epKq+TKr6NKxekNSrCI +Hm82DoRt6nl1G3Jz8/Rs1VpWCHXJgFtzdYqeCsYM3Czy0ul9//c+0deZkujrR7Zf +I8lu5HgK1w/tQaq4mbtifyjcx2v0BvKgVGgbUv/4Ihc+uLpawUQNX1nAA2zArzkK +BJfRIQ5OH8p5UFe8dzoQSvBvVJVG7ULpIwp3KucZs7uN+A== +-----END CERTIFICATE----- +`; +export const mock_dsc_sha256_rsa_56611_4096_key = `-----BEGIN PRIVATE KEY----- +MIIJQgIBADANBgkqhkiG9w0BAQEFAASCCSwwggkoAgEAAoICAQDAp36sTfsax3k5 +sCAnOYwXGYlW2VWIVsKANfPMC5nIsfaD+OwLJt57m/fKYC78bdY12gURuckl2rBe +DeuEmJJ5IP4KSCGhv4HRxLveHHJ7X9yzmlG346BxWhdgxWukGvWAJGX8nu1/bgu1 +Zb1lOY7bjiBa7z5c/F5ZkvcFdy8/zp2xwH0ZvhLMTXBlFtOr8Y8VAnYhkdgw4dBu +EWkiREs8ILa2PUAKcX8uE/HEofbYFn1cRQ6r+hVno8L95fRrliTYkVhswYUKoivi ++q9f14dRzJvpZWZnUsCmuCC/2JSD+VOMqPWy8T8vJRIYeWi4dXNuQ3A1c1sElv3B +mi8KyZ6hfV9sqGayVFCrrN0Q2fjuWA87MQcweRT+XEAaETQg4ORkB4aBXar3c3yL +kcxBTcJ8rsXGuvaRt/i1IzxUp6rS2DpGJhO/7pkxglQ+ksVYns4ecGbRzrMw1OcA +J6ioGarGS0w5ri4HbIZ5ctibHWDZEe4BdoDdI954JBhH8UrctrTW22NsvxCf8xKO +GXCroJu17lWuIDedY8M6lL83wjrKKIl6ZehJfZOgKSLibGkkRb9x/5PQ3hQTHPFB +2YBo+3A0IFG7Toq1QlA4Cx1EHiiou8hQ4s+5rVJt6YVe9upBCmdOuY1pXrCoECfe +Ki6zFlfKUQaDHMOJQMw1UPQ2jIAP3QIDAN0jAoICACBD2IYWATAdLvbwnqEkrg1I +nVRpUvFfXyDat0ojlAFdWn6wakcZ0af9l1A+msYNhS51DltA3hmwkNdyhRCCRAY0 +VWWjNDk/LQMo+r+fiGGL/v2EAWBy4nGYTCIOOWax9Ihcz7tN5IEwVIHTNV76FWgN +8Kvf4tOKzH11RU/s4Ey0Q6kala1bIq5GIzBc8uV0hFWwgu2WVFqBt2dIIF8+nTUa +KIV4e99c8I2aOpCx2v7OM8yjnb7nx3fYh+sc+rpW4rjf9wukuMYGpc3Rv7ECr82p +gTg8b1KbkVuBscfnWI6ylMOudtjoQd1Is4XxDUKjvCaKQansrZWU48Sl4oIFfpE3 +MqG1JQN26M6AImMN3NI4jMq8mflerv6h3RXE9IMtZ2RCV4XZqOppAGdxlCKX03Xc +3kTm+avweSwwUZpq0nsONjpa36+3lxmk73SvrUZ1osGdqrUtFt//snUDsu3KXA87 +AsyyjlaNbVpNhgjOFto2OPmz3r1Tp0pV+lebKsGNZdG8hSytWQAg6yc6/+m62HPR +sJAQl1FxX9E+9LLIQDGXWPuXQc5jvAR4/IKyNlFQJJx+MWIiZDFlCS3DgAqTCVlB +6g0yWA6bDFPjxxjfmRchVFduPkHSNvZBljZZ4y1loqSv6GK7RpEAn768ykwBY0vk +P5VhSmQYQos6hF6kgRdfAoIBAQDluKv2iYpzUulCKK3VNEoSn3puuMkhdkDVvtJO +plyLkQP6EzL98xcxnUo/QWDB7rTlw34yUCdL6Ttxp2Y2R688HCPFMQBHryxoWRwb +RWCCNTqL0kY3swmVReTKv/m1pvCxxR0VfBaxW5IEz3JFkqei80hOgVo1SSqCUbqf +ksWirue2axG1HWTmMXROAyF+F3GoIecJtpK1jzWxzyYw6VDGPOz4FB5Vvosuw9/c +bG+1XnIuj9ZaQU8/6rAr7FFXlr35hgZ2HHxR4kuWpJ235qngEST+z2RC1gFVaKqB +cL3d6qeVgF+RlLYqJDHG/YhD7mIxZRWR1WLvI16tYd3hlWBLAoIBAQDWsVK7ZyiM +7fzu0RxJy+MPskbw/9/2QLOS+t3xBdnSp03M2KDbjtJVNop9rfnMRXA5vM/zWzqE +1axT8Ija2KYa3mPDpHnd2OgT89TgFj6wMqb9NSEay/I1QqUXfTkCngT1ncpR3Nc3 +hBeQ4t+jnUexOX3uU5HOlypG1qYU0+BVCUhmSx7wvlPTaCJYl18BueA2BqUJ5a0K +HCgtrnzju2J5nU3Jl960x+q/D9Ugdux5w3hzFLTt9duSPSwZHikEx5rKIBM8LSGx +89j778nQTKnw0hdyfhHtP6Qqp4ibndl4uwrECwpBcabn55r/P3GTm+WWbxtW4nFC +AVBmdc+w4sd3AoIBAQDCx2NCmsuSsEU0sxJYNPtgdbX0q0/NJSRh+OVc9JOC9Voz +WT4kfb95PGIG3cPR+cZ69W1SIiUy+8bLXi29ZXvpgofwLdEEjF7LQWvkdRY202Qs +1+VBZGt8GlLK7CZZi53Fp8lllyml4ulS92wnlNpFgocU4uhPFANbf9Olk4g0Kat0 +m8ZH3qRxp5ijpGVrtmEVR7pk7fRS6OVXUEFyiPMvbjSy9eKUESk7NbYAEdo13sP3 +F9MZxCAfL6PuWAi8L7MbiJIGa7Y+nlQ7cggF50CkOgoIZ/Zojv9V44YcWERWhdWn +t7W5qlJmoZE5Nksn8IVA0nIhQSZKCZhc2lXnpeuLAoIBAFW/IbdhyRu6roMwAVKI +CiXsdAabgogn9+DnLBFHpZhgUm9HqiXrbLpD2rMoCpCMyQ9pv7cVLIfl18Du2R6O +77ocgU9hth1rQ95Ptk3y/QzNJb09984djMt1LBu2xJk7UVRx8rD1gepKUWBogOEF +dCiMJbKDqP5lMMnQX2ZNDUJYc5FwBROo8uNnlW4S8+YlDDdGsp1cNvTdwgp51n0P +XGfsGU58AEl8nlcib+2cI/LlV6Sr+pKHLzMjxMOZrp+/e+fQmCwRGku4udlsMRoa +EdmDnMxfENnD4MRdI8envmq3dZwZxYvmZ2qd6LC9SGGQQQY15hK6n8wDISo16t6p +Uk8CggEAPOjUq9x7fkelTLXGKnaPx6Y1xfDofCKqlfeo2Cc8F26QVIhPQzix8AJn +CA9Lci0PX2D7yu67Ro40l8UYYPlagbldqTdkqGdcFRot0Cf8lMzcyY9COyEmyecL +GkR9wcUIKt8W7YI2Ls0oF6WOGA7UW9/NhO0Zfmn69VkxG/kNqWxs/EoFjKMB494X +VjYQJnUTGdFjB3pAgbhPoCz+ZpWcaWaYKvBPLyJKaGrpgflEf7U705h0JayEJCHT +tY6oXZRtHlFI9Ualm9n8va75/Jx3tS3B52iMg8j7sf/efwGZQuq1PH1nfg1jiugX +yp1H7+KVPOJtiPBAklqRRNV2J0olmg== +-----END PRIVATE KEY----- +`; + export const mock_dsc_sha256_rsa_65537_2048 = `-----BEGIN CERTIFICATE----- MIIEjjCCAnagAwIBAgIUTdFK1DQVxqu5Bm0IQrh313iQFrswDQYJKoZIhvcNAQEL BQAwYDELMAkGA1UEBhMCRlIxDDAKBgNVBAgMA0lERjEOMAwGA1UEBwwFUGFyaXMx @@ -2249,3 +2684,4 @@ gQ3gMoLxoKlET6D3b0y+DJloVXhE4zNb7U/UheRKJeD/dXJO36+skDrZrRLU7z73 C0Zx8BA/peVhEJPXtRKsW60ZzCuQ5g== -----END PRIVATE KEY----- `; + diff --git a/common/src/constants/skiPem.ts b/common/src/constants/skiPem.ts index 326bbd98f..11acf251f 100644 --- a/common/src/constants/skiPem.ts +++ b/common/src/constants/skiPem.ts @@ -555,4 +555,9 @@ export const SKI_PEM_DEV: Record = { "67a33b5fd8b5890c74a329358b70d388e8a1dc19": `MIIEYDCCA8GgAwIBAgIUQfQ+Sll+wc1P/5ihvAkJPl1cvtwwCgYIKoZIzj0EAwQwYDELMAkGA1UEBhMCRlIxDDAKBgNVBAgMA0lERjEOMAwGA1UEBwwFUGFyaXMxEjAQBgNVBAoMCU1vY2sgQ1NDQTEMMAoGA1UECwwDUEtJMREwDwYDVQQDDAhNb2NrQ1NDQTAeFw0yNTAyMTkwNDMyMjJaFw0zNTAyMTcwNDMyMjJaMGAxCzAJBgNVBAYTAkZSMQwwCgYDVQQIDANJREYxDjAMBgNVBAcMBVBhcmlzMRIwEAYDVQQKDAlNb2NrIENTQ0ExDDAKBgNVBAsMA1BLSTERMA8GA1UEAwwITW9ja0NTQ0EwggJdMIIB0AYHKoZIzj0CATCCAcMCAQEwTQYHKoZIzj0BAQJCAf//////////////////////////////////////////////////////////////////////////////////////MIGfBEIB//////////////////////////////////////////////////////////////////////////////////////wEQgBRlT65YY4cmh+SmiGgtoVA7qLacluZsxXzuLSJkY7xCeFWGTlR7H6TexZSwL07sb8HNXPfiD0sNPHvRR/Ua1A/AAMVANCeiAApHLhTlsxnFzkyhKqg2mS6BIGFBADGhY4GtwQE6c2ePstmI5W0QpxkgTkFP7Uh+CivYGtNPbqhS1537+dZKP4dwSei/6jeM0izwYVqQpv5fn4xwuW9ZgEYOSlqeJo7wARcil+0LH0b2Zj1RElXm0RoF6+9Fyc+ZiyX7nKZXvQmQMVQuQE/rQdhNTxwhqJywkCIvpR2n9FmUAJCAf//////////////////////////////////////////+lGGh4O/L5Zrf8wBSPcJpdA7tcm4iZxHrrtvtx6ROGQJAgEBA4GGAAQANQlv+5Ljm/IpddVFl1sLFpNCOwnhsbUWN/RvIEkwEWFYVO3h8TwTtndCmZfLuEMAcDK6dUi6SgX9eXaPzxUmeWEAxQJo5xEPkYlG+QtcrHdyti2n8ICuNP9EXxXWnnxoYCTX5CeBdbWtlOclrGePq5pqBnTExULSXESiJL3DLLbbA/ajUzBRMB0GA1UdDgQWBBRnoztf2LWJDHSjKTWLcNOI6KHcGTAfBgNVHSMEGDAWgBRnoztf2LWJDHSjKTWLcNOI6KHcGTAPBgNVHRMBAf8EBTADAQH/MAoGCCqGSM49BAMEA4GMADCBiAJCAfeFVVU8D4jgLTUby1buf/snUKiLFpSX4meMd0C0VwiX/g1pEBxQPJyGBmycc9XtuOmZ7ImxQrabSLZiw1kbsk7tAkIBn1hexepCxFWf6x/RURw641BvqcNEwhXYR98ADV8bGXg2QJiNxVIDpR//EK+stm5Wmu48Sto1l8iDeUx6zSf1ysY=`, "06d58217f423c33ea205d3d6a32605329f80f709": `MIIFoTCCA4mgAwIBAgIUGOGICdTgsKDByD97fgzm9RxLxl0wDQYJKoZIhvcNAQENBQAwYDELMAkGA1UEBhMCRlIxDDAKBgNVBAgMA0lERjEOMAwGA1UEBwwFUGFyaXMxEjAQBgNVBAoMCU1vY2sgQ1NDQTEMMAoGA1UECwwDUEtJMREwDwYDVQQDDAhNb2NrQ1NDQTAeFw0yNTAyMTkwNDMyMDhaFw0zNTAyMTcwNDMyMDhaMGAxCzAJBgNVBAYTAkZSMQwwCgYDVQQIDANJREYxDjAMBgNVBAcMBVBhcmlzMRIwEAYDVQQKDAlNb2NrIENTQ0ExDDAKBgNVBAsMA1BLSTERMA8GA1UEAwwITW9ja0NTQ0EwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCmMvQV8weRzGKZ9QBxF2MgOSDuLCriDy+o63/cwDz/MqJfYH9zbHifDwoZ0qy2ANwAmvma4IVpkqizSFZTiL8qjru7UrK9ggknEbEGr2SvYJRaO7aMzweCRonNEmU+iHTjWf7JhnXanaWsxXpHqKBXHXFUQyXf3Ud76jquPiMmUSf+H6BdgAEKUQ7JmT+bWuetJsxqbRaZbAtL+4HTXXBMvG/IgjWk9dlKOyaCrJpqenDpF5mykh9tj218ydu1UUB9hMB1OGwO+qj+xz/u64TaJfGQ8jJZJn924fCiEeGccUshoCrvCLRZIluQoAczWk55KZAps40Mwueu9x8NMz1aWC7v7/HLuLoXi27UzT091EiZGPOWgSjp7mdb8Rw/1mYqMr9cxcBUgD4tUB7QYCrtsFSsK4yA6yoAoYxftbgvA8LofM9pa5fpr8cdMMFox3/6KAWRgq5Au0lof0QBC3F8jk2f6En6ekR6C7rr/DUc42+qzM5EHDkw7pFjKxFx7l8kPRVB8ZijqwctE5x6siZ1x6UeqB6kMPxFVpkN56fsXM1cU+RwuGRwmw1pCsR4MWO7EHU9a6NYRX0nv5rCN8akRNof6mrjuPi4x/yq0hIjfzpm4AsL7LMVtfGCo7DJH02XH8iHDPIkSFuCKQWIWu6NqgkuXeoTgJ7JhlIBDQQ35QIDAQABo1MwUTAdBgNVHQ4EFgQUBtWCF/Qjwz6iBdPWoyYFMp+A9wkwHwYDVR0jBBgwFoAUBtWCF/Qjwz6iBdPWoyYFMp+A9wkwDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG9w0BAQ0FAAOCAgEAmnLtsJlRa6UA+EdqlOlv36Cm7nqy9wr4UxzWS3LoARjQhaspjwaLiNnaorbg1Carp9vB9BV1FRiweyelbb58YVOxsMbJVdWCwNKmFcvusYnm44mTiZD0SBTL2UbOieh8+bAMiDDf4LnfSvHzf5UpNIkuNTPYDWsHILr7VVOti+W2XdZpU0rg+mp29wIOt4QrMqSgGjNmZOQiiYX5bC+ZG8wQMzxmggB5fC4IROOdB1s3G6rffxjJhgj3Cb69QbOhCZU6nr9SMrSOvUjEiyMTKmtJG0U3xnHlquwoWKf0CCZ65ocRQbrfIduVXFxNdd4xhKJEcHh+o9ZBQDw59ZzMKp0Pi9tHNoQ4FHs1YuRoy2bNUQjDAUlJo+eqyMsR54WEFC6pjY0gKrr2xnIIhMJF9uNbAABD2Nb0fW7+PZOVIeWa9UOkrIQR82GgwBy6gc/S2msTBvOUpfMi8m29gxRtoXH2KAf96LKVkk/dSjeR74HJ2WrAL7y98Qf/ZXYUNtVFfAkrUmJzbTEw7RJpPPw+QxD9+NDPzFqhaQi98nkjzdE/8bAbpBJeQW2D0qKPRz/D0SLbLhsPQ44FrL2bQND0d92iXZPU0pk/VqLZVnR1Lj2Kz/VZAPrG3Nhuu0QsjYIgn0CYjhirx/lQbhTSXb3GXDC+WFPrOWvnbmrOoPCdlLU=`, "c0d766cdfb31707279101020afe03912c875c32b": `MIIGCTCCA72gAwIBAgIUCM7l8h8OUTim9+Zf8Cq5inDh1VwwQQYJKoZIhvcNAQEKMDSgDzANBglghkgBZQMEAgMFAKEcMBoGCSqGSIb3DQEBCDANBglghkgBZQMEAgMFAKIDAgFAMGAxCzAJBgNVBAYTAkZSMQwwCgYDVQQIDANJREYxDjAMBgNVBAcMBVBhcmlzMRIwEAYDVQQKDAlNb2NrIENTQ0ExDDAKBgNVBAsMA1BLSTERMA8GA1UEAwwITW9ja0NTQ0EwHhcNMjUwMjE5MDQzMjIxWhcNMzUwMjE3MDQzMjIyWjBgMQswCQYDVQQGEwJGUjEMMAoGA1UECAwDSURGMQ4wDAYDVQQHDAVQYXJpczESMBAGA1UECgwJTW9jayBDU0NBMQwwCgYDVQQLDANQS0kxETAPBgNVBAMMCE1vY2tDU0NBMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAw7qI0o3R+oV3B4piTHyjZtj6ODpUuyHWhe2dMs0S+u+jAAFapQOEaA1CFIaEbvq+wW2xo/uFwFLshFf1iqS7UHcmNlzbA/hSu7Spqc++i/URANIcv5OXgN2d3DYXooTrHsQd/o8Ghd5PMo+X4J87R6gWaR1gaJP6OM7mOWVh3/hP+ORY4HrUeG4wh/XR+ZYv8kuhtw9+zI6szT61/p7NWL+hoMSDrepv8SUPFMRdpifRG1aGvibT0255KKqFfQi5NyXhXFMq2SuFYe75eSi8dOlba8TNLuOFTSOFHaNXIZevxMe+GHOvKps5OGcn6gd4uisgyhiqqGZUqfxe/4lGQSdIQKrZRMAfMgRqhAVItLdUJx6Db1P6G926RZLDVpi41ZRpp9QQVENpCEc9jPq55JlLfuwoYGSBQozZyty7dMTVwXoHYie7zpj0VKRctMyDWQ+s1mfX03SzvHtBzOlMzgf1vKuyqaW9BNCABS0GevFOybW1a65CpkYSkeD+JTH2rrOIUPtk+uYPBxfVERBaY6/YTU3iydb6HWfu+OFvV9llasm2C1w+bSBYbUWPnCsxhP0Yfx2N39lHAqs7iijS4XCwJYGDkfDVtEGK5hwi7lhL59816duupGkYj+apNqmHfvydDf6u31U2QaJU17UwWkuFUxTqfkBBFL/gnf8Tpi8CAwEAAaNTMFEwHQYDVR0OBBYEFMDXZs37MXByeRAQIK/gORLIdcMrMB8GA1UdIwQYMBaAFMDXZs37MXByeRAQIK/gORLIdcMrMA8GA1UdEwEB/wQFMAMBAf8wQQYJKoZIhvcNAQEKMDSgDzANBglghkgBZQMEAgMFAKEcMBoGCSqGSIb3DQEBCDANBglghkgBZQMEAgMFAKIDAgFAA4ICAQAtOYV13cR8KgyJT/t+/hn0DmL+Nq+YBbHMozArBkWWv99pbW2cfQG7wdr0CMe/RPMimVQQgVOUNzsOJsVsuHkrviVgxfXkRED8WFGdvWH0CmVIpiKCIgXyvraVj5UoXnW5r2U04C85ONR9yxFjDsKJfWw4iDxLTv/mRGpXM/OZLwt0qnNuowurOHGGtgL68T7aL1pSP0B5sKtUO+IuOcPzEm7nVLut14iTUSZymLPyRQo/YWdnCHZEWWzCPSZsk/B+wtAQkrwo3jb7SluQlVWGYjrG/31Oiq8zi3/4q70oWcjjmcRQOChtVyr2xQ21tUMGOkUHut35ddaudp4TbtSikmlNl0TD0fmpROkCpBJaXtotcXUsn+VWNyidrpH+WFqtYZhoZfBQFJTjF8WMJ22uvdO2RZcF4MVgCSzPre3dtGA1XWRNLfvU3XqDua8zp9PT048J2thXlfDH840MzNbJzBgUy4xwhn760nuls8kNhwhqFhHVE5LxrOI2Lc70nVi7K56Nf2CyZlyA5XHLrR29z4nJt5klKCPDjYkjEyeLzGy1LqZ8RjjTU0mb5pcaWObs7klCCHtgj7lpydWLhPl5g8h4TNugH95qiFEL+ZjsHn7VPxOf8qhj+vQzzhvEfjduONTi6wgH+vgr+Z8QN2oVNtUBpQXPdMtRbJb64/0iMw==`, + "702d7c0f59e303e30661a034cb7e7714498438e5": `MIIFoTCCA4mgAwIBAgIUGelB+y6+31Z/lVlQs1xiTu8xbPwwDQYJKoZIhvcNAQEFBQAwYDELMAkGA1UEBhMCRlIxDDAKBgNVBAgMA0lERjEOMAwGA1UEBwwFUGFyaXMxEjAQBgNVBAoMCU1vY2sgQ1NDQTEMMAoGA1UECwwDUEtJMREwDwYDVQQDDAhNb2NrQ1NDQTAeFw0yNTA4MjgxMjEzMTRaFw0zNTA4MjYxMjEzMTRaMGAxCzAJBgNVBAYTAkZSMQwwCgYDVQQIDANJREYxDjAMBgNVBAcMBVBhcmlzMRIwEAYDVQQKDAlNb2NrIENTQ0ExDDAKBgNVBAsMA1BLSTERMA8GA1UEAwwITW9ja0NTQ0EwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDcprMzRbKLGEgq5j7VcjLpCX+P6Ye5t5M8rftaCp1S3F2hNhuenXNw9aKNHXXIimSF0OJLS+k5bSGakQPRvKQSFicnZkDPDkVY/IWt5Pk5umo4QSR9UusYdQ03kEQgIaD+EqyXPQjy+mfxwbTJ8fz6Xp2UfHgCPoi9doMHmPXugC5T7w/C7ezIdAyg1/nLYWy8qIySx2efIzsb8MldxmOv9cemFF778V6s0LcJc4aPtmhRrXk0k9XkkJgtA5MKy5ukFAn3q8+zEXbkCgnTVLpZTr9AUyydYwI5DsQmUbIoXQshlCnKTqb7MazwmXK8Yf/uSamXRlHPRHLaYm+3KqE0SXoxzH12AXAKQHWF8FOsPaSwzjcmv8morQSmP5HzUrTwmXYeHNFBAyhcDqhsAC2vNw/wx2LPV2DKsoAqpQYmqPe78/fgB0W6GNU1jHzjVXbbyAotIcqzmsgtHJjkBuTbG6Ol59tg4G20Yc3DHdJnqm2XkeS19WZMCzs+D5NMAk26kUw+9OR4xQQHDiQCawcCAumz7J6m5bYwnRNfw5lhcQhe4KTN2vXki85L6WODPvgY3rQQy87Gqp0yUE1QfHBOWhfMkQivn6CVO0f1uya+3eQAShnGFVWbSYNaS8IzxBWxbz4ypPwEfHt1s0pzAEqgp/r/FAwr6Ulmzx3zo4yc1QIDAPtBo1MwUTAdBgNVHQ4EFgQUcC18D1njA+MGYaA0y353FEmEOOUwHwYDVR0jBBgwFoAUcC18D1njA+MGYaA0y353FEmEOOUwDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG9w0BAQUFAAOCAgEAcWtrGUGlZQ6qMDGIRtEAO0RNuBeW1xuiWrbyzW8sZgZt0s+ZPzPqgFOUHJsFJLg1dXUIpocxhOCks5jH3lAE1uzS0iw0AhlUGb0urrQh12eMHP+/066Cx64iMVWUJwkCFE4T6eIdkIC5A3cX5u78Lt6TSQphNoFA6pH81lu3HQSOKxvy0X/c96CU4LfYdNXfxIg6UIZZs6fqHsEzR3P58GkmkkbOdSeeZGqjavVBFj3d1uKat4FQcBVpo1wV4dY/MYpa71wItMgy/2stzUDy/kGXliChtrNy3MnZvWR2+5NkP7WisRuXXQSTB9LTxh46wsHkYDm9pjvhQDJz3Oym2gAwsLLTRKGRTiOUgHZ0WyxoXl+T9lz6rXDJ8jTL05yi3TGjOCnq6Yeb94YxKyUAQu4wv63LcpC4M6mc5b8gm5TlkeuJdPo9xDD6a6RylPDnp/pq97sbequE4fySXkdiI94Avj47AVayuWapCvkOiKB90fuR08Ob611Bfmo2Ai/79/kzN/UW9ykVs2PVDSqkEiVVw2UBdVm1+xEK2g+p0jwx+ImQx/sHHZBUC6sPnfFfEnz28mI9BVP0kVl0Dz2z6F9SWDTKy/4NtcAg6n3zdwfZ7nw+JfjTzNQcXL6yw9niLh+jKmEf80PfnLGguvsubIb4m8e+NzAGwwhJfe98WtU=`, + "77d6378ec1273e0be178ca12358d744922efab2c": `MIIFoTCCA4mgAwIBAgIURnoz4ltMtR9KcFHub6QczgBFtO4wDQYJKoZIhvcNAQELBQAwYDELMAkGA1UEBhMCRlIxDDAKBgNVBAgMA0lERjEOMAwGA1UEBwwFUGFyaXMxEjAQBgNVBAoMCU1vY2sgQ1NDQTEMMAoGA1UECwwDUEtJMREwDwYDVQQDDAhNb2NrQ1NDQTAeFw0yNTA4MjkwNjM1MzhaFw0zNTA4MjcwNjM1MzhaMGAxCzAJBgNVBAYTAkZSMQwwCgYDVQQIDANJREYxDjAMBgNVBAcMBVBhcmlzMRIwEAYDVQQKDAlNb2NrIENTQ0ExDDAKBgNVBAsMA1BLSTERMA8GA1UEAwwITW9ja0NTQ0EwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQC4wuSolzpbXFuRaXXpZ8m1JXI1q9W3oflSIaiWul1MQ9ublZeS1IKFcTVYXblBa4c/yA0lfGhEjjTXGWNZJk9GjNJd/G0bLO8ijY6ZUZ61ATfq9tZmu2xP7STKt3SNve8Vacb60RE2Ws23p4dhI6lH3WbCvTvErKlPheQyvOQMxxw8h6No2YbzJz3utKJkf5Pp1EokMV0L+54/3fBx52SvfmWHDxAT5XXWlT/lHmZahLbqKogQ2dkvxgkrRVlUs79WKFpnAQ7I7PXEFylrlWh71si09eYrj6iDuUlAxRmtgr53jgFWSNiG591N0ea6eu+fo2+HM+bcEDCiA8dt4o5irSbHp9YF+dRhEeIfZFCqt6iH41B0xfqSGZaB1/n92EZzVVu8TULFd7f7LkkMrA+nnsCT+dzGlzPQ2SaB1QbaakjUjuoXgQo8FUoaj01UeF4zkhcFFoCtNdAfGkhP92xd/FDECCcwdhOIWItE36W62EF/aHA3R0D2QOMLPHP6K62KrcjMH6S5T9if7o6OCpqebL7C4b0/rYHjtVPKjDTyn0HTvqIWsKnkLcexbWcAkYYjeiLfKqTXi4hXcltIxRpXyktKGfiAwwczwiYUTnuU9V8e7E7LdkRrP4v9sD4MthA0zMxvsL+ak2AUzZEM3ufukydtYAr0wrZs5kUfCvLbLQIDAf6Bo1MwUTAdBgNVHQ4EFgQUd9Y3jsEnPgvheMoSNY10SSLvqywwHwYDVR0jBBgwFoAUd9Y3jsEnPgvheMoSNY10SSLvqywwDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAgEAFs3Tr+XJY13xxUfI06+HOJo2fyZ1PqV2hQ+LDTJu41fKCfnXwHvTPr69gBjdeYlOYksvWaVksMJVXQxwP0aqz1FqCh9Xg9dFYa20DrneY4j2qK9Q5VsW9A4UwIhChXXWDayrPVvStY7qciyO23VqlYasRwzqfvxkTHcAHHA+g5Tiw6Lx6Dqz/41M37RhgT/G8mZcJdqtzNjJUPtl5vd/ZoXasByJtiPbK3yE2kkbHWOd0aORKN/84ER5oZP+1f1pu9kpuXUEWFo6dPNsvtpI0jgTQ/yC4KlsioTSTzb4SHo9x601dSfRTp4YL8DQaVYlwbH4d76oCB/SFyjNzHz3F6A9B2cB0U0D2C/nlF7G58VXj3N9XbwU68MOs933ALfCrl9IIOYiD1cv2DomIYDwh3bWf3Wf3u/dTrEDR+q8qTPR2rPsvXrBZmWNBVs9ZIQa/wyyc5HYKgDVoEQxSikL9KgEH30PCvcz3HerY+91GRnQfl5g7H4QijWPzGnFQec53aVRf2J+Oq9X82GQhHCCdUMRllCNRbHn5WpFNyfyStkEvkc2rFKnj+IHqHncpZjA02smPtiG5KSQIQOl7bS1bvN0VpbqKRVfC8ICsR/uPfIg+xt1iDtNIdYURhqxO+ExP+EFrPbPSG9DUZBZnKzx0QzcCmR+j454cyC1V5faMt4=`, + "0ed051fd92caae8dedb5f1aaf7a29a1a077a8b93": `MIIFoTCCA4mgAwIBAgIUD1XNGZwYIKrPOuOb1D41XiWpJPAwDQYJKoZIhvcNAQELBQAwYDELMAkGA1UEBhMCRlIxDDAKBgNVBAgMA0lERjEOMAwGA1UEBwwFUGFyaXMxEjAQBgNVBAoMCU1vY2sgQ1NDQTEMMAoGA1UECwwDUEtJMREwDwYDVQQDDAhNb2NrQ1NDQTAeFw0yNTA4MjkwOTM0MjlaFw0zNTA4MjcwOTM0MjlaMGAxCzAJBgNVBAYTAkZSMQwwCgYDVQQIDANJREYxDjAMBgNVBAcMBVBhcmlzMRIwEAYDVQQKDAlNb2NrIENTQ0ExDDAKBgNVBAsMA1BLSTERMA8GA1UEAwwITW9ja0NTQ0EwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDYtoKzOIrIHOE1lmmrQqECISVml3537PdwfI4/wa2/YyRD+z/a0XnHWALoDtHHLW/Y3mlD7cZ0evTmkrTjea/vQA4iTNiBbM0APhs0pAbLIe4WfiFFAh1KZrN+r13szVcnSQXcA6XsSJ9+Zky7VM+7/x5/SYReXLwjkCflF0Xkq9Pt8befgge5GfEDKcaY/mBOzEbjBC0zbSEdaxWr2YyLiamvxB8nWBUVuZwwEB01Rw8kBKrLVu2V74JJCZGmvflzfirHQOBhj9CyhnTXwAYoqx7EB+RcgUKeVf5DR+qi+pZWc9sOSe39mkmUluJaIeOiMO1DYRKdRUp+clMJLXt5jxtHDSf/jJ8vKDF9QRUMSlkoTkgJg76sour02vdgrHzfLoo5K6JPFzrrwYMX1atyADJZdrQvZM2pCMdsJYjpu162tD9j/SB3+vL8vVQRugU2fCHHcoe0PuadGOHZ/EQYqJyqsN8MNkUIBXmsUmwN0BqohKVxaYxa3VxgG2EIPXwyd1fdUaRFPn9jNbJZ1qeoKenemBNHKXWXgaX4ycQAhUTWWtSEIva6hVvP3pSDn4AFoqWgQPDXUxzbmUDME1jAq0Zba4IFndEN9cNlBtlwO0O1z+elXktuDJRNIc0ykC0NRczYUJ3zYv2B2w76HuJ/VkL7qloC87AVVUkqF8HcSwIDAd0No1MwUTAdBgNVHQ4EFgQUDtBR/ZLKro3ttfGq96KaGgd6i5MwHwYDVR0jBBgwFoAUDtBR/ZLKro3ttfGq96KaGgd6i5MwDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAgEAkO0nxyY8SNYJO/6fm8BYaGoajMzdbXp3h2cb2wNhmmVkSYvmuO9HQE1CjRbod+/HrnONXR2FxCj56ktCefQ8/XNN4WRFmeCmW1mx2+1Z//ccJCdVKMeGingR7oMG45Z3D8fsW+bkfMSp5JP8M2F56tn15i3RSC59pkKL81ZRt1PdiWmf+r1bDa+VdcVeh5D+y2mUAFZ2quAFNQg0kU+VbLGXgR5EMzIEYG8GhHpWHDnGQPN8eKNe0suyV9O4lH+Eg0LNHYsfwn6ojaMqSajrZZGp1NYhK9whs+UTatdSKRDklpx+TTBXrEBsGwGN+CRZW1MBpqs7vITM17NUD4KrbG+j2BVQP57IkGoF3rPMcnMGBJ0yZ95D7eTcFHYBVV1YKvPdluvbn0gRbm/KG+CclGbqC/D958h4hkO5nzjPsz9rM9k5BLP+eeiLWk0FdnrgGi/vX7qsxkjJM89nh2pgHywNVBm4cyFiMFt2FN3/71d/cNBSorhufW4rjfZ5s+KkCv+3kFbWjv4/ekO5HfyDxxpVN6TMcxvpdmu4zw2M0wzGMSQve7ytyiCT02c7SElexudOtyXqg3BV8XNrEJAH0j0fIgGIyk2FB9MXAGh2nAl8tocQuHffiY4q60r+1d6oqy72mv8Rjg6PS7HQcOOc7nbYt8m/eWY9Xb8N1IV6hcw=`, + "72691033ebfcea5c737427d7003cfba7988f9226": `MIIFoTCCA4mgAwIBAgIUV8bQnrh2CN1dCarBhVLc1Am7+kgwDQYJKoZIhvcNAQELBQAwYDELMAkGA1UEBhMCRlIxDDAKBgNVBAgMA0lERjEOMAwGA1UEBwwFUGFyaXMxEjAQBgNVBAoMCU1vY2sgQ1NDQTEMMAoGA1UECwwDUEtJMREwDwYDVQQDDAhNb2NrQ1NDQTAeFw0yNTA4MjkwOTU0MjNaFw0zNTA4MjcwOTU0MjNaMGAxCzAJBgNVBAYTAkZSMQwwCgYDVQQIDANJREYxDjAMBgNVBAcMBVBhcmlzMRIwEAYDVQQKDAlNb2NrIENTQ0ExDDAKBgNVBAsMA1BLSTERMA8GA1UEAwwITW9ja0NTQ0EwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDLwpxOC8mbmFaP4j/5d2GcbHcDZ15Q2j8yNOJ5HEfstRB29qq1QLlLPj6FB4jPRMs15e1uK8qfzyhxYVt0XTp3p66Pa9ipbHCUDgUTyosph6sRSd8cx8v+flJf2u3Gjo8HkEgwTuX0gO6u/SS70/fVC/XtGnANmaSFoq1DaY3goVPRQEdmuUHMzby9XITQ2luxmjH9WJYfGOJuFqXL4OBRrBCTkGCVl99L86gGZGPz8/OMUhltaqWRY8O73fFmu6ny4MJfegZt5r8170PnslzUqnbMnjytSwUWD65+a/rhja8+fFE5PTLHWtBNQwbjT9YEulm3Z1pUXrEaoiR7IPDHugoXC64lpifL6e50/QCP0g5g1+zLYvFUMDe6lOwPuKPJfVFs8ytguq6QrIJkEKygorTF+wzbMtil+OHLLhzHn/F6N+aHgGURm7Zh2W5DrVmHY6kLfrn3RoLP2vFwb99HodzVr27N8eg1OZaphzC58H+DFjgFAG3da0ULJw4rXYBwlBVaQgx8ReIriekMHwaX5LlbymbdLjqTphcMSVzLrDKEQWPRFjUaE4OZqPm5gTVs8zBmLnF6+bPsGhIHiFH9rVmimWpby65RtGoVqMY4H/G5salRWjb3AlcaCbOFyxaB7dy1oX70BH4mA7K0QB0c4UCmGVehKZFpaj+SDlXQlwIDAaV/o1MwUTAdBgNVHQ4EFgQUcmkQM+v86lxzdCfXADz7p5iPkiYwHwYDVR0jBBgwFoAUcmkQM+v86lxzdCfXADz7p5iPkiYwDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAgEASwhFL43M3aeGZBQSVCNkSVfwsCvAWLwk/7YBu0VyHsXWer60mxq21Qwc2BhbwUh4BO8ANw3GwlQxVUFW6Rop5YCcz9UW55bfwg/DIM87BXbLz7jRDZVWmR/aVSOHB3XC4tcX/rw6ovtATqm5wMuab6LKTphhVBFzEVDMEuu2BcGtlHwXY7L/IZOA0Fs9U1VETysL3owlMG3E/WB7Ri3feaj0nYSOTypQsoV3W02qKN3/42UEqMTgvG5mGRUkkpPEFUYKPXxEGosttJIoMvoI0QvcinMV0iSePTrlF3R43EGuLm0BFsXSOTgjqsfWGwtnMgvC8Hc9frRoiktEzxOET4PZ32dBVLrFN+zvUQHw4UlpkBVvucVYFDlwjYbInwPh9M9TKIb2rpeFDbujoQyVJFsnlWO2vp9oVzil4w7Bqu3fT7/ButXWUmDQxFL3F/md50KILz8qZ1DXdFLq55nb6H14BSXW4/R9zOvj0E4G4xs7HFcQguwxmCp37n9NmLpa5DY8idztw9ewx5lyqI3MP8d+n+k9oh614F5o69u+h9i/IKJxAHEw2cp/ZL73c27JdODAL7a6QEsblW7bf72UuhL5yGuvOtQxg5q0JJkcPkJCY1eZ268c/yqJgC6SvOULnwqGzTAW5GcsedZNmdlcknP3mRhG+ch3IPgs115OXPg=`, + "070be86e0ec13db2c74f5671c595b1badfb6a82f": `MIIFoTCCA4mgAwIBAgIUMxK12nx2zCGyjeCJgvDr/UMopVEwDQYJKoZIhvcNAQELBQAwYDELMAkGA1UEBhMCRlIxDDAKBgNVBAgMA0lERjEOMAwGA1UEBwwFUGFyaXMxEjAQBgNVBAoMCU1vY2sgQ1NDQTEMMAoGA1UECwwDUEtJMREwDwYDVQQDDAhNb2NrQ1NDQTAeFw0yNTA4MjkxMDEzMDlaFw0zNTA4MjcxMDEzMDlaMGAxCzAJBgNVBAYTAkZSMQwwCgYDVQQIDANJREYxDjAMBgNVBAcMBVBhcmlzMRIwEAYDVQQKDAlNb2NrIENTQ0ExDDAKBgNVBAsMA1BLSTERMA8GA1UEAwwITW9ja0NTQ0EwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDRdOOrWzMx+rTevSYqN2eNSKOcpyjjKd/Rzdn+Lnh3nA9PuDpBF6LHpp8i6snH646OZL+AQRYJF/EInHkRMXjREVl75bGMQGGmCqpHm6dj56ZD3BaBmKbbKNYMG62ROQwzYYfIF3ozEWaKMvHULh4WVoKZvyoYUddkqXiUoWxd/BP0FoJAuH6y4d+ZYZDkHNTaxXpeqUol7zI6Slv5/71vlO/p2OrS9ine+N92iU8sNT/LTawqsm9VEYI4WMQZwPj8sWvECdGzRbhHDqHnG+Nbt8APdVxWlPdCHwDT4eVvxmNmmIaLsHRIQiiWiFInapyAiuaPP4orYmpkl5r3qCJULMZq7pf+LQ6jY7w0Mrr1sn5gWirLF5gjMpEe33TZCuWa1CjPCdtl0TKznlowhX6REf6m/OvIXGHcRKA8MJKbq+6tpRnMqXWCyBlVk1u3rF4wRgwEFo+oxurOAH88dG0cJYUiF+kB1GZBqFQk6e/dKWN24fC4xfe/wExwUFUNUokdVfQeN7L7Cjn03LVixKTuAuSO0Y7XAwoJdaDn3SgPGcYDhQmC24/KCxmMTa2ardXbrmNtpNUwvLX0XoFEfvVJYSZ8hjHcnnEySxv6WRwLPgLflcco43eeTvjuKcYYcI45R2kfYSrg7uLLD+S6L1jqNOGITCkb3WxUQvT0v+rHbwIDAN0jo1MwUTAdBgNVHQ4EFgQUBwvobg7BPbLHT1ZxxZWxut+2qC8wHwYDVR0jBBgwFoAUBwvobg7BPbLHT1ZxxZWxut+2qC8wDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAgEAJlehyGI73cXLPjqQu50yyf16FCEeMmQBNXnb4x6YuL2K15iAFtpHmA2v5mW36GdYeMxQBPDcs6gtMdvia9cYmMLzm5VixaWoGXuK/CiOdrjFW1t2QcqLmnIzVuezHUSRs4NaT5sqNGPQmf/bwfrbNhgAxkZcO/tE33Lby1l6RnD29A6onmICQm/q7DxEIgpbVMgmT4z41cVBKDwm/onBR0vRnGBKcGvw48rNjH4wU3mmrdOGb8bS5bpnOdd45DTIKv1ZmBqs/rVZU4R8mlxlJVHOpp15OLLPWw9FIkc35hzSNVwj/sVa65LdnlERMVDo+r4B52h/CXQjPlXkuWkJhBDLJPHrP4O9lp04JqrzAbvjR9GTncZgpFgXqJmMX48dOXKjKz4IbbGzKB3ZbxHHmH1KeUXzIbwWxobhX1j6IrkMDFgH/EOmpajKkxfBeVig6qHWXBQMAu4/kWn8YigjbZXcRd0d6+S2j3p9u5uesyXeQ93ZuK3sXQiYezt1mavPcjwiiScmjWpB+HAl34p/cijY1FDBQfefHM4Ee7t926poZPHFkcYqw99F6fWapfB1ZSd2i54SWoCDOJ1v8VMKMEx+BkDUFrLAqATuFqRmD1o1JBHYDpXhKq9u8itvFPSCIg+mPzG9IJFkYrMWJ5PnFwAPQSCRv5Tkf5+9jwxBSRU=` }; diff --git a/common/src/mock_certificates/sha1_rsa_64321_4096/mock_csca.key b/common/src/mock_certificates/sha1_rsa_64321_4096/mock_csca.key new file mode 100644 index 000000000..db75a808c --- /dev/null +++ b/common/src/mock_certificates/sha1_rsa_64321_4096/mock_csca.key @@ -0,0 +1,52 @@ +-----BEGIN PRIVATE KEY----- +MIIJQgIBADANBgkqhkiG9w0BAQEFAASCCSwwggkoAgEAAoICAQDcprMzRbKLGEgq +5j7VcjLpCX+P6Ye5t5M8rftaCp1S3F2hNhuenXNw9aKNHXXIimSF0OJLS+k5bSGa +kQPRvKQSFicnZkDPDkVY/IWt5Pk5umo4QSR9UusYdQ03kEQgIaD+EqyXPQjy+mfx +wbTJ8fz6Xp2UfHgCPoi9doMHmPXugC5T7w/C7ezIdAyg1/nLYWy8qIySx2efIzsb +8MldxmOv9cemFF778V6s0LcJc4aPtmhRrXk0k9XkkJgtA5MKy5ukFAn3q8+zEXbk +CgnTVLpZTr9AUyydYwI5DsQmUbIoXQshlCnKTqb7MazwmXK8Yf/uSamXRlHPRHLa +Ym+3KqE0SXoxzH12AXAKQHWF8FOsPaSwzjcmv8morQSmP5HzUrTwmXYeHNFBAyhc +DqhsAC2vNw/wx2LPV2DKsoAqpQYmqPe78/fgB0W6GNU1jHzjVXbbyAotIcqzmsgt +HJjkBuTbG6Ol59tg4G20Yc3DHdJnqm2XkeS19WZMCzs+D5NMAk26kUw+9OR4xQQH +DiQCawcCAumz7J6m5bYwnRNfw5lhcQhe4KTN2vXki85L6WODPvgY3rQQy87Gqp0y +UE1QfHBOWhfMkQivn6CVO0f1uya+3eQAShnGFVWbSYNaS8IzxBWxbz4ypPwEfHt1 +s0pzAEqgp/r/FAwr6Ulmzx3zo4yc1QIDAPtBAoICAEVcUzpUWApIlUhWiZu+PmUM ++cNRP/EieHOFySBxfwFGb+P2e0qPW/H8E78XRTcWPNwt1kzn9WLKbPg40QCX7wng +W3iFzAPn5bpq8eQWy6BgkHDQbjgSQpgEIGCNr6lKN0KHjkF1joEleAQu6KPrtxEs +0oLZiQvILAKskB7LNFUsIkGUYWw5QSh7BYCAYzS5UzkUOxsSJjh711BeMXzhFCHn +Uav5Pts2+m8QJgzu2Nv0aJ2vUx9ddKsTF8Cmj9MQWacYBbJFRYIYVdh7FP6qsPfT +xIz2brxB99fZ5GDmW68eDDotLWss/ICoCez6X7UhOLzROOJZA1YzMAwv9CUTi61V +R8kw6Hxgjna452jm/tV9DsGxyrhKzGocvl7+IzalGXF84ZIxP/fKVGZMESvr/ux/ +efX/9cazTJAz1bOAeGOJzsW+TK5ijv4rg0iDSOBO9zjGE9dBfeaZcf/Pb/+0sUtq +VMnXlKdIjnMR330mDam+opzW7FAFgE2pceKfv0s079tIWKTUG4oYKZ3PxYOag/Dp +QINSd/MJOMC0wZN3GK0DW5WYf0ujVqxRZtcLdti9VTevdQpjI1bgsaK8zZny8N47 +DoycHZZLmM9NOSadiFd4EaBRCb8lvy035eVF3yPTL899rI+Rxz10xGmF4pbI0bVp +LfoVkNPUBC3gnwdF/eHhAoIBAQD/W4ZYE1hfNKJQt/RgU3vSJfyzosYLpqVfEypX +lQrD/kj3oIyhfe2i2mCHdt9wWKOY5xieyKGWw9+ViMGA7otrXkalNY8aLiLz0D2S +dOBPtg6ulkv3wyaRRdSH46qYCnfddXyjBlkgqwYJQAF3wII/2TkbKJoe/lfV7tOP +pgezSAenaXFIR5mzZd/DwxnCNHObPdyaQZbruN3+zkjprUhdYDR+/oY7zWxIxINx +M4RqmWPcof48FICyzEGYweASRdiY6sbuDU0/jOgNtn3tW9CL/Aug+/gDUXumeuvl +gRycxRCfb/oLEUC0mwHBwNnnerOA2kbOGtUgGt1WR6g8wsztAoIBAQDdNNIo+To1 +DPgxyMDm3Sel2Sxa5okECZB24MpTsoqtOqPk0H76dJJtENGmY6UKxpQU3EdyVGyp +3ZuEsTaAXCCsenvUtbmcgy4durrLmtPULaU1T5QLp2zToDRdeRS9QYCWOcqkiH7S +RS6IZINAoFmytp391zx4MMEB7DastWNq643vSe2/cSjPyssukapXY8XqAFDhgYSH +CYlWsvsE1roTaHrWiFEgPCIlEzqgVMSd6w4kVBCTXRvtfpHdfy5bV2HCFY2vlaBm +VNGJeAoNSyKTAEUSJAXpqf0rQvZshxXPOTw+afYMW8T1BjrtuXQI6iJKSod7Gg1U +N5Bi+LOftHqJAoIBAFQxXS9NrDH3+RlsYCFV2j0VkjnFMALtDP4AgQ0afFLfYBep +s0vKrc+qUawVkstWz9zo5VDkivFwP93KBaahiaviJRxhmxCFK/06T1tBjBnZ9Adw +EXH1cy2RpfvLFbT/EcTwUCRBA3Ck1eQuPKuJXVfbLPQC6k1ix49s4RgBw0WsUMVm +QCGqazBGam7Foxv4qDtCcfiZb6YmwU192uwcXE/N/0trIC+mK995sbcame7vrFJl +Pfz2nOP5lBPPagElJ1/DH/oWHublXDwI5tlrptXNBG9hiPdpHvQUnqijenuPNYMA +hJfXeeKsI7wjattNipCrwSk+cCN/CWMTpEp+/fUCggEAOiCuh9PdYLiilk5KAUZ6 +6Qfc15ziUFvz4ojlJeDDsKyxPgqRyXcYuec0xUPTzN7ILOZg+2/Ji+YWTbWdKUWk +Gxg2t25rK1Yq7Hcf6VMRfa47lmyx6NmQkDjAm3U5i2PhvBorzxbppBBtll3DMyy8 +M2UyTOBNMMHKp9eJl9ZyrCQ8FjICYDRBLd/grh8KqBmWz7t7q/33jdXJR95E0cD7 +7QdaAmF4uChJas259k2W7J9VXdr4f8frNz1e16d+4dR6sqoQK1RWIOp86TDqkO+P +p4GDf2VYXMGHxHOoBC0xRs6rwKgl9yPmT95p73LUQGIkHVxNwfUkhFZihHkrN36n +8QKCAQEAlHAATSXj2sOaduocste7xrmdE2yt9T6iKYw8HyNkx6PQaKd7Pn2/4zAu +RvsFRT7ubiGkVLoCAJOB7L+EIR7o5JvMTLoB4kcZ9LgJCNVjliDYxoYuNBZUWPHr +TqWjK2QvUprI9vm9BgRr6LgUXixg7puf3Cj9N15uAVqUqOR9bmq7tkavabKw1TC/ +OylOA02lgz5Un1gmBWYWNhcVTEftvm7ZvOw3w4jFPp6MjcMTq4kIlfEbhg++jNo8 +cEagMZUFFDSq14aG7raUjdhx17YUp1TJb8XtpUBxCsjjX/vkMSt3l4Kj0opmH+SA +kQm09rw3BEIX8O0xMvkOoZISeTsfOQ== +-----END PRIVATE KEY----- diff --git a/common/src/mock_certificates/sha1_rsa_64321_4096/mock_csca.pem b/common/src/mock_certificates/sha1_rsa_64321_4096/mock_csca.pem new file mode 100644 index 000000000..6d2fd1c94 --- /dev/null +++ b/common/src/mock_certificates/sha1_rsa_64321_4096/mock_csca.pem @@ -0,0 +1,33 @@ +-----BEGIN CERTIFICATE----- +MIIFoTCCA4mgAwIBAgIUGelB+y6+31Z/lVlQs1xiTu8xbPwwDQYJKoZIhvcNAQEF +BQAwYDELMAkGA1UEBhMCRlIxDDAKBgNVBAgMA0lERjEOMAwGA1UEBwwFUGFyaXMx +EjAQBgNVBAoMCU1vY2sgQ1NDQTEMMAoGA1UECwwDUEtJMREwDwYDVQQDDAhNb2Nr +Q1NDQTAeFw0yNTA4MjgxMjEzMTRaFw0zNTA4MjYxMjEzMTRaMGAxCzAJBgNVBAYT +AkZSMQwwCgYDVQQIDANJREYxDjAMBgNVBAcMBVBhcmlzMRIwEAYDVQQKDAlNb2Nr +IENTQ0ExDDAKBgNVBAsMA1BLSTERMA8GA1UEAwwITW9ja0NTQ0EwggIiMA0GCSqG +SIb3DQEBAQUAA4ICDwAwggIKAoICAQDcprMzRbKLGEgq5j7VcjLpCX+P6Ye5t5M8 +rftaCp1S3F2hNhuenXNw9aKNHXXIimSF0OJLS+k5bSGakQPRvKQSFicnZkDPDkVY +/IWt5Pk5umo4QSR9UusYdQ03kEQgIaD+EqyXPQjy+mfxwbTJ8fz6Xp2UfHgCPoi9 +doMHmPXugC5T7w/C7ezIdAyg1/nLYWy8qIySx2efIzsb8MldxmOv9cemFF778V6s +0LcJc4aPtmhRrXk0k9XkkJgtA5MKy5ukFAn3q8+zEXbkCgnTVLpZTr9AUyydYwI5 +DsQmUbIoXQshlCnKTqb7MazwmXK8Yf/uSamXRlHPRHLaYm+3KqE0SXoxzH12AXAK +QHWF8FOsPaSwzjcmv8morQSmP5HzUrTwmXYeHNFBAyhcDqhsAC2vNw/wx2LPV2DK +soAqpQYmqPe78/fgB0W6GNU1jHzjVXbbyAotIcqzmsgtHJjkBuTbG6Ol59tg4G20 +Yc3DHdJnqm2XkeS19WZMCzs+D5NMAk26kUw+9OR4xQQHDiQCawcCAumz7J6m5bYw +nRNfw5lhcQhe4KTN2vXki85L6WODPvgY3rQQy87Gqp0yUE1QfHBOWhfMkQivn6CV +O0f1uya+3eQAShnGFVWbSYNaS8IzxBWxbz4ypPwEfHt1s0pzAEqgp/r/FAwr6Ulm +zx3zo4yc1QIDAPtBo1MwUTAdBgNVHQ4EFgQUcC18D1njA+MGYaA0y353FEmEOOUw +HwYDVR0jBBgwFoAUcC18D1njA+MGYaA0y353FEmEOOUwDwYDVR0TAQH/BAUwAwEB +/zANBgkqhkiG9w0BAQUFAAOCAgEAcWtrGUGlZQ6qMDGIRtEAO0RNuBeW1xuiWrby +zW8sZgZt0s+ZPzPqgFOUHJsFJLg1dXUIpocxhOCks5jH3lAE1uzS0iw0AhlUGb0u +rrQh12eMHP+/066Cx64iMVWUJwkCFE4T6eIdkIC5A3cX5u78Lt6TSQphNoFA6pH8 +1lu3HQSOKxvy0X/c96CU4LfYdNXfxIg6UIZZs6fqHsEzR3P58GkmkkbOdSeeZGqj +avVBFj3d1uKat4FQcBVpo1wV4dY/MYpa71wItMgy/2stzUDy/kGXliChtrNy3MnZ +vWR2+5NkP7WisRuXXQSTB9LTxh46wsHkYDm9pjvhQDJz3Oym2gAwsLLTRKGRTiOU +gHZ0WyxoXl+T9lz6rXDJ8jTL05yi3TGjOCnq6Yeb94YxKyUAQu4wv63LcpC4M6mc +5b8gm5TlkeuJdPo9xDD6a6RylPDnp/pq97sbequE4fySXkdiI94Avj47AVayuWap +CvkOiKB90fuR08Ob611Bfmo2Ai/79/kzN/UW9ykVs2PVDSqkEiVVw2UBdVm1+xEK +2g+p0jwx+ImQx/sHHZBUC6sPnfFfEnz28mI9BVP0kVl0Dz2z6F9SWDTKy/4NtcAg +6n3zdwfZ7nw+JfjTzNQcXL6yw9niLh+jKmEf80PfnLGguvsubIb4m8e+NzAGwwhJ +fe98WtU= +-----END CERTIFICATE----- diff --git a/common/src/mock_certificates/sha1_rsa_64321_4096/mock_dsc.key b/common/src/mock_certificates/sha1_rsa_64321_4096/mock_dsc.key new file mode 100644 index 000000000..7474437eb --- /dev/null +++ b/common/src/mock_certificates/sha1_rsa_64321_4096/mock_dsc.key @@ -0,0 +1,52 @@ +-----BEGIN PRIVATE KEY----- +MIIJQgIBADANBgkqhkiG9w0BAQEFAASCCSwwggkoAgEAAoICAQDOPkQn4CIbWHQs +Eknxlrrapm96bPwg6EenIWbHiMkORGGwgy4ZZKOB/5tDX1vG4QuSUYdw/ZFLCCCi +ui29o+phnAjINChMrvbDic15TQa4DSEu9T2dRMMoQRu188dKcxM9a0HtQMcvDDJS +++Rn/mRZ9u1A2Us/28VjHw0RCkwcuD9erXiSQL4FUsa+ArMVVvIXU1+/TtmSVeMv +Z/y9tik+NAp0nZcKapeio+qnH4ukoyM5XV8MU0aaTTgbfuLOtYOdxuUrmKs9vCFP +CZ4pKUlHPlwimTW2B4RYUio44ZCJq8tE0QhU+dK5WDCnnXDrgkM+OSO29qO4Ue47 +/oStVyXMR4DVKaB0SeDAR20Uadq0aUpSRfSuZx4AT5MfhjC93/t93DUBWqNLxqxp +4aXOtDtNCsKyrxt49OF0ChDHzSVgTG/MItbqiysKbbsEkWEX85M179mGZUCTmHgt +Ug9Bwr84fOp17KI/5Czop5YjapCOMGXewwkfOj8RAOvRqf/eT1bZeUMEpWWkq7Po +lQzKCOKhnwEJGG8A4vXFGSfLyfQ2W0hGordkrN1f+XLDWgAdrfHrsb3tVpgWEZzs +/MVJEnmEXBuwoa1wahTLQf2vtD95mcSvgE/lVCVSQFmot8xosJ8tArfFIjk2bRHG +PGek4HnFVOIA0IqXHElHxa3LgYAtTwIDAPtBAoICAFQkE8IBKQnay0be2lve0e2d +O4Z3TZl0cT4oiStPmtjq8nZNsTRgesLTARxagzMsw3bSJnC15v1owEHAPW4ptvdf +aPNMYdtMKPKY06NS90E2e2orQ3XiIaYUdPB3FnKgZOYKew7LlTpdk1CXrdF9A4AG +VgeyywwK5h4eQ3ysZr9ygpFXol+rjYqkrXks7vjt1hBAGWHwppKCTj21MQ3Ce0CI +W45DwSkEY/eqt1PsFgV6+ODODd+m3QsmcLUmKW1EEfl+4bosZNuRJvpEc75t/QQm +cZdTsM686yTlWsO3bM4V7JzVTwkq3k4dRcFd7iDqzdWV0REl2ipfohc//M7FbPjp +lts4IZMvZWFjn/D0AtTbDv7iifOFTHtNS9+5wGz44JtxuJIUGRnvr5oZX1jXMvQD +ZASnc3wlOW6CFaGv5fpiiz/77byoP3d8A0nILrSnU0zDEE6xBgxNdw28jeJDnv6j +e2UmFwXY9fCj8cmZmvZ6T7dOxgGxFgCYW8JEbZCEx8xCRjoq15zYUAEVyp97Vo37 +rso8AEgK2j/795DiDrtuUOWsIIMtlJ6AKijO/ppA9oR0ROcXSK9giTEVY9cX/sqq +Q2I0wxD3XNUbiAcMs4ksGkoU0c65oL5cZ7Rc1GQn24c4XDuPKjE6h9TIqd7MCJRt +qWuUInnAV2KWKiYaQzZhAoIBAQDwd90wOJ1L022lWR2sy3eWD9X+yZAmbSz+So/u +l7ZTyMwgE0x/nPOhkYCq5zx4Tsw91qg8r1LCqDlmNJY3PhfpBYkjcE5zpkZWl9tE +4Ytz7gyFYxjvTnXaazqSZZ0LXl5LXyN1iBArWLC+IYfwcvBG9VVUnIcFztT0dOkq +pl11OwfhfYwj16TJAwlEqCHx4UBV+Po6Hd5zGo8sXukgghbECJBu4V7XcvGmqb0G +t80KeDs7rNFk/MN/b+KLpPhMD0PpmyintA0IsSYAgJuPSJtZWGKkUjn4ozCUX0EI +7kC+YknA+DDjD/JpLiI2BlBI9Z8dIxpsn7Ff2vgnVyI9xtR/AoIBAQDbkH4qzpQ3 +S13yH2OgtkVkcHT4/PxCNFleugYQ/+qRA2nsXZOUrdUhKdwkIZa538okKxAuBwzZ +ws4SjlfBMqqWbCJIw2cmHRvahKEKYKwPIX6V+lT1cc2UL1STWi8uiMC9zCddOkvu ++xdZTtKoTMajGUWuFDVUexJO+QDGgAYOzZtpPVm1nkbW+wCdI7lr8l04C0VfNt/9 +yPxJByg0ztE8OYn9HshBaybJGphYkXlrO06Eb64yWo9gbmeQ2UWfdhneiLjbHEXo +8l3kROQdVTcMLm+n5TZQLzuQarYU+RmhLwqOjsXjicT/KsTB8tnZWwCi/adaZtU5 +eYqUXR5vuf8xAoIBABqYnTrYTdynX8R6Xzykn3oUe0XKiYJt3VG5YuABaqnw2AnJ +zRARgqVWix/ZZqSOPMoyEsZBUAzB4v9sdRYO0+QZBptN5ZjJ8Q2yWWmkh4yX2dro +qhIV8HdN4m9WqAWQVGj4tjg02eeGZXsnDifOyHJq5vNeUmlJF5Coye3bFe4xNfgk +4eR3WPh9SPz2fh/k/VQngFOf5evlNOSwZrHHHxk8W3OzYzl8+E26UCEqFmg9rdom +rgbSujJomZ6UN9DZ2iebrZSYkYz/vIncQkFPsOWSY+1uMwMS/gehVbslY0VQkLRU +TRhsxWMwn8kMfbvJvAsYWg+/SpojSGidwBAVCy0CggEBAKrxBaG2GuCUMR0kt2Xx +Oojf4JxryuUXxgK9zYcfq/BaRTV6CwgeHuiqenbBXibf9inViC1KjfR8SVB4uyQr +v6XGZxGgHlhPrj194neAKZ6TaJQ3GsUdvo5ZiWY4NQL62TvJqk92uQ/tapMpQJbw +D77IwWEhI0qNY3d2E7Qxd+kY/xxAW2cqlSD6jpG4LkmgQDWaXF1xr9c9SEho5uO0 +ooaOYSR60VIZY8JwauY/6gvzqaAXF8gOWNgLm7DFTbPyzoSGmXqyPYlfdjqVg53o +V+pK0JtvRQoN3yy+NOCamQbF08xGsdGgZMqLXIaJdD7hDGVgUCXik9c2PovZqVVx +uTECggEAO8ubx37o3TsypWQz2Rs15YXT4Bju48uXARGe0HPdSshNnl7P5OG7gwy6 +KKa4iB6UcI4yVN5YmrDqFnyiuvBI1tZJzKICZLzdh/j+2+TKdDmCqFVO+kqEBpAe +C9HgyiXZXqvHdp0ZH0WFjZsldonLm7ic2auuXA4FixKJIF5ij61k1hoaT8dxKVB2 ++U1V54ehJmLiI+7ZI68h6ehs8zwp2ldxCkgiemdPC1+rad6a78EiOWH1QIJ/75Q8 +p6L6k0I5MjSTHSfSgE1GqR6QFNGASGZJC8IPyuvXWF3JZd0EGKhTTdK1xt2+q+hm +91KAFLOUS5NQFq5dRGxMNTKAISO+VQ== +-----END PRIVATE KEY----- diff --git a/common/src/mock_certificates/sha1_rsa_64321_4096/mock_dsc.pem b/common/src/mock_certificates/sha1_rsa_64321_4096/mock_dsc.pem new file mode 100644 index 000000000..6d338668e --- /dev/null +++ b/common/src/mock_certificates/sha1_rsa_64321_4096/mock_dsc.pem @@ -0,0 +1,32 @@ +-----BEGIN CERTIFICATE----- +MIIFjjCCA3agAwIBAgIUAcwdRMe4a90JuBHLJaGSPXWKj9AwDQYJKoZIhvcNAQEF +BQAwYDELMAkGA1UEBhMCRlIxDDAKBgNVBAgMA0lERjEOMAwGA1UEBwwFUGFyaXMx +EjAQBgNVBAoMCU1vY2sgQ1NDQTEMMAoGA1UECwwDUEtJMREwDwYDVQQDDAhNb2Nr +Q1NDQTAeFw0yNTA4MjgxMjEzMTRaFw0zNTA4MjYxMjEzMTRaMF4xCzAJBgNVBAYT +AkZSMQwwCgYDVQQIDANJREYxDjAMBgNVBAcMBVBhcmlzMREwDwYDVQQKDAhNb2Nr +IERTQzEMMAoGA1UECwwDUEtJMRAwDgYDVQQDDAdNb2NrRFNDMIICIjANBgkqhkiG +9w0BAQEFAAOCAg8AMIICCgKCAgEAzj5EJ+AiG1h0LBJJ8Za62qZvemz8IOhHpyFm +x4jJDkRhsIMuGWSjgf+bQ19bxuELklGHcP2RSwggorotvaPqYZwIyDQoTK72w4nN +eU0GuA0hLvU9nUTDKEEbtfPHSnMTPWtB7UDHLwwyUvvkZ/5kWfbtQNlLP9vFYx8N +EQpMHLg/Xq14kkC+BVLGvgKzFVbyF1Nfv07ZklXjL2f8vbYpPjQKdJ2XCmqXoqPq +px+LpKMjOV1fDFNGmk04G37izrWDncblK5irPbwhTwmeKSlJRz5cIpk1tgeEWFIq +OOGQiavLRNEIVPnSuVgwp51w64JDPjkjtvajuFHuO/6ErVclzEeA1SmgdEngwEdt +FGnatGlKUkX0rmceAE+TH4Ywvd/7fdw1AVqjS8asaeGlzrQ7TQrCsq8bePThdAoQ +x80lYExvzCLW6osrCm27BJFhF/OTNe/ZhmVAk5h4LVIPQcK/OHzqdeyiP+Qs6KeW +I2qQjjBl3sMJHzo/EQDr0an/3k9W2XlDBKVlpKuz6JUMygjioZ8BCRhvAOL1xRkn +y8n0NltIRqK3ZKzdX/lyw1oAHa3x67G97VaYFhGc7PzFSRJ5hFwbsKGtcGoUy0H9 +r7Q/eZnEr4BP5VQlUkBZqLfMaLCfLQK3xSI5Nm0RxjxnpOB5xVTiANCKlxxJR8Wt +y4GALU8CAwD7QaNCMEAwHQYDVR0OBBYEFGxs8eT80kuCzOcjS69MkOgFj50cMB8G +A1UdIwQYMBaAFHAtfA9Z4wPjBmGgNMt+dxRJhDjlMA0GCSqGSIb3DQEBBQUAA4IC +AQA1UaQI99IUorB2HQni5O+vNpm9/JGZyFfsFZDjeY/xMzKP590ql/6HinBZGsvW +BR70XUuqB9BWeRyPlEjMsk3tPvAOQWozTtzvRzaAl2TV1cpN6o6K2Lvj9iASRju0 +I+Ozry0RYa85eNnn3GvMuDGyqY6hhwvEZMoCs7CxoWY2blmt2OZNuar/iusIAk4O +76eu1+Dw3ck2u9+OjjmpCskdTTAOe/UCqSAg6RrawAzjWANXrazcQj9+qRZNifw5 +Fc/viVbVIQjYvxH5Jl8ghQI/XQ2Zm8C2iXzGfIcZOQgFTa7ds/2C7NRefyQNt/ta +C0duKRzIAxETZmWNH5Ma8HDj9tQtWLUm0x/wWBXqxIawIZinGy/9CvsqLB4uvmzv +xR02Cwc/MayzqOmu346HJ++s6DZs3ETRIQoaQdYl1vuut8DBNdqrkrzjdkpEsmlr +XpwzfvkV2FX1g7JgFaaziBIhgpSA0CTK5D877Sdo1BHlnAfVJTHtwlG7P6mJJY3J +lOBl26rEK8R4LOCF0mcr9S+rXgMYJ/1mhXh7HMb82+VU8PJ7UyCs2GLkyf7a7ZC6 +NrXPuMJI8T8U96YyPzkUfAMjNiywOfJIxFEQiSaN/mjGklO2rGgd8UvliJmYm9xu +LjCao2Lj50K7cZ/eGyBBzCetGVKOisG0aCt6wyNNw6sdpA== +-----END CERTIFICATE----- diff --git a/common/src/mock_certificates/sha256_rsa_107903_4096/mock_csca.key b/common/src/mock_certificates/sha256_rsa_107903_4096/mock_csca.key new file mode 100644 index 000000000..dbacf4e78 --- /dev/null +++ b/common/src/mock_certificates/sha256_rsa_107903_4096/mock_csca.key @@ -0,0 +1,52 @@ +-----BEGIN PRIVATE KEY----- +MIIJQwIBADANBgkqhkiG9w0BAQEFAASCCS0wggkpAgEAAoICAQDLwpxOC8mbmFaP +4j/5d2GcbHcDZ15Q2j8yNOJ5HEfstRB29qq1QLlLPj6FB4jPRMs15e1uK8qfzyhx +YVt0XTp3p66Pa9ipbHCUDgUTyosph6sRSd8cx8v+flJf2u3Gjo8HkEgwTuX0gO6u +/SS70/fVC/XtGnANmaSFoq1DaY3goVPRQEdmuUHMzby9XITQ2luxmjH9WJYfGOJu +FqXL4OBRrBCTkGCVl99L86gGZGPz8/OMUhltaqWRY8O73fFmu6ny4MJfegZt5r81 +70PnslzUqnbMnjytSwUWD65+a/rhja8+fFE5PTLHWtBNQwbjT9YEulm3Z1pUXrEa +oiR7IPDHugoXC64lpifL6e50/QCP0g5g1+zLYvFUMDe6lOwPuKPJfVFs8ytguq6Q +rIJkEKygorTF+wzbMtil+OHLLhzHn/F6N+aHgGURm7Zh2W5DrVmHY6kLfrn3RoLP +2vFwb99HodzVr27N8eg1OZaphzC58H+DFjgFAG3da0ULJw4rXYBwlBVaQgx8ReIr +iekMHwaX5LlbymbdLjqTphcMSVzLrDKEQWPRFjUaE4OZqPm5gTVs8zBmLnF6+bPs +GhIHiFH9rVmimWpby65RtGoVqMY4H/G5salRWjb3AlcaCbOFyxaB7dy1oX70BH4m +A7K0QB0c4UCmGVehKZFpaj+SDlXQlwIDAaV/AoICABIKSPW1xt1FIGZ+0u2Zn9Et ++J14vnkacVFZ77wDOAOc1OOCR2Ty8Uw8P8z8WSvk2bVrCODBq8C4T8t+KRUtXZTX +6fDgx0lzKriipBS4N2FWdOo4IV2JmQ1gXZUj8UI2OWaZDCuBa3x/bJb00/tUs3hL +pbCrLWhpCGc4aAcAuq/kfUYqvqdkjpU+sN/tA9sxXBttuFFQ2IQ44nRza5Fl1tw2 +qwle68Zwg5JVLq7PcixqDAR6KG5d5s1lx7+xWw9tHWxW5UfW2in5yHsWSdhUXPlg +K8CGNCwMzD64jAy1ScIBjm8akvvXUNpm1ZpGwkr9GF3M3KfBW8y61j24NpCCcj9/ +zNr3LjDgGJ3jzkGdwg2dZ7Yu+3Gtt6Q7sFfBrdNvzBeg+yrpKwgn7jXSYlRJFDPs +Crcn8fhHRPB0T4eWYzuSouDEjXEsrXa0a5iqxtP2XbQO7O4boUO/ZkgTbwR2Id3W +BuIe0Moz4NiMUGQEhR3VVWD+k8rMyaXTCQY0TUBtnuNlp6AejJ26RaSQPj3A2CBG +msmsQHts2rz3IDWYzPPtRR6gwFu3HEG3ILoFZvCI0jLS8ez3UJLqbkR3BKfQRjt6 +59Qi6T/m6Yfb55+s7OCgrpukzOP5x6kM1n+D0CRdVGe5ikLPs7Zmd3mLTjz2c2Bf +ciDydvwbUJBensWRCYQ/AoIBAQDwKQbxVutkLoF33rAc8xFZZ8YVyZf0/pYHs4B/ +W3eZmqqSu4kSL/ESE9z4LrA+KGGa1YHJ1eyQCNuPLt2jiB7FtDhuammawmtBjILR +RNKuR7YvJSVFLm9mNfUykSaNHL8O/LmfSIExW388LeQ1c2XTBjadh4DvrDvlpedS +fOceFssQzt/3jCmUFDvCR1o/0iJBZhw/rLq1gM2AlELUxmgLXzEHNgAKz8CW0VM0 +5w8sI2ovtgW5cSJ2wWdCljdmQe85bKJsdmxV09g5DUqplBQQ36z0IrFilH+iDw/j +1GnjY5iIRGqdTiqAi3WkIMGz1LEm8U32eso/kYqkg7sNHuvfAoIBAQDZMv0QmQPf +8SXp1priexWyXzmTT3N0RHEJnLc3OSX21CPu0lt4uKxuzCRLs2bTc1po9LnFcbcq +TeFIR2p9IAi2jnCbsdrTWSpbFJdsetFgag+1PNJjkKNJ1MvtUaV90RgvzYOZ9S/k +lkS9wzo7oL4Uez/iAE3ISG0t1Fu58MW3FmKjEl8i+VM5U7zjMvDAotG1fKV8lTfk +xPV3QxZf+b+AGKhtN0KVhponjbYO4TCu40NJkwLCOYzzc1d5SqIOvOoruE/343gx +dd8V+wiIkNEIWSKlIXXfdO/PoOCaW3H0LvFN3k0NNJ2xjpJOP1uD1TXWFqEjPShg +hW7/D2I37TJJAoIBAQDs7thqMxdzTinVnCGkCsnjjOifJubtxpe5fX4drZ4DHmUE +D0DdjaUK8x1EgaO3wCpB0pGvEio+PtOwNLcdmAv8cfY0yMeG2RtSDvc2/6LzN7MA +IHV+Ztf9tP6JQAXHbX/j6sYPcfSVsGwn/Vc6h00zY9HmRGh7bRV1CbQfhD4DOpu3 +APMQdMNAUsHEINi0BIZ12pb+EP7CGKTWb9ps85uaVd3/muXyT2X1JTexK5gmuz0+ +NqvYjdek6mza0gGWPa3zIZutwCp04OVfOaFyRs+42t3jLDBX0K8V646NlMaWUYdp +lYfzZNmiOOMhAC0a8guYfTiSxTY8dKaZemY5Rk/JAoIBAFjj4eH562cjxTM4+V9n +vh4GPsCJIjamAlFghOjBsikBlT0LOc7Y+aVIGCKuoKBoYHcaCUe3XQJZk63fsIPM +Ic9/uI+4RkDL+JzoAJIg/zfawp7AmCdJQXtL1yFBE0s5NIyNOnHcQzFfUreJbJSP +kxDuJyj1l8Kv3iSXraSTNjzI7QULyDctYVUI9njlwrtobl2q4gsiES+BnFaIEuTR +V/qhT1VGMPoyhHJJJaH3HZ7Mh9QIIaRK9daz0BtbWBmtCHuXpJRNWXVTvn74f623 +Rn6StdpU9/UXiV+fmVZPiVIJsDcPy8GPdqC1t+deMrv+ubYyYtzaY1bOpxVE519o +ln8CggEBAKztXY6wNae95K0b9q48SLrPvu5QKxn6g2O2B+E4QAjpskF2qQxKWzSP +7ZQhZFuJS5+x5f/TRM1Cyf7PfmRbAviQKeaJizrCWXC/Jw0CUlzwGOumGBkE7qTG ++BbXzmvFtlZB/WASaR1v1PHm8t6XizNWqtMopN0SvAQNAxFBZqif8z6wgpyAFjvH +nHqIfdPGEXIxt6g8dGYK5uuBJuai3nRT47ukJavMuH8Dkz9277S0mFWyENhhSvyS +uR6ezl8jRYbqJ3fcbv8kXpEkKvVFzYUg7FN6/gcB5PBhlPI9x0A/O1MjQhhVTPFB +uEEqC7kwx3sks69b/EDN+vfVcfwg96Q= +-----END PRIVATE KEY----- diff --git a/common/src/mock_certificates/sha256_rsa_107903_4096/mock_csca.pem b/common/src/mock_certificates/sha256_rsa_107903_4096/mock_csca.pem new file mode 100644 index 000000000..e8774eba1 --- /dev/null +++ b/common/src/mock_certificates/sha256_rsa_107903_4096/mock_csca.pem @@ -0,0 +1,33 @@ +-----BEGIN CERTIFICATE----- +MIIFoTCCA4mgAwIBAgIUV8bQnrh2CN1dCarBhVLc1Am7+kgwDQYJKoZIhvcNAQEL +BQAwYDELMAkGA1UEBhMCRlIxDDAKBgNVBAgMA0lERjEOMAwGA1UEBwwFUGFyaXMx +EjAQBgNVBAoMCU1vY2sgQ1NDQTEMMAoGA1UECwwDUEtJMREwDwYDVQQDDAhNb2Nr +Q1NDQTAeFw0yNTA4MjkwOTU0MjNaFw0zNTA4MjcwOTU0MjNaMGAxCzAJBgNVBAYT +AkZSMQwwCgYDVQQIDANJREYxDjAMBgNVBAcMBVBhcmlzMRIwEAYDVQQKDAlNb2Nr +IENTQ0ExDDAKBgNVBAsMA1BLSTERMA8GA1UEAwwITW9ja0NTQ0EwggIiMA0GCSqG +SIb3DQEBAQUAA4ICDwAwggIKAoICAQDLwpxOC8mbmFaP4j/5d2GcbHcDZ15Q2j8y +NOJ5HEfstRB29qq1QLlLPj6FB4jPRMs15e1uK8qfzyhxYVt0XTp3p66Pa9ipbHCU +DgUTyosph6sRSd8cx8v+flJf2u3Gjo8HkEgwTuX0gO6u/SS70/fVC/XtGnANmaSF +oq1DaY3goVPRQEdmuUHMzby9XITQ2luxmjH9WJYfGOJuFqXL4OBRrBCTkGCVl99L +86gGZGPz8/OMUhltaqWRY8O73fFmu6ny4MJfegZt5r8170PnslzUqnbMnjytSwUW +D65+a/rhja8+fFE5PTLHWtBNQwbjT9YEulm3Z1pUXrEaoiR7IPDHugoXC64lpifL +6e50/QCP0g5g1+zLYvFUMDe6lOwPuKPJfVFs8ytguq6QrIJkEKygorTF+wzbMtil ++OHLLhzHn/F6N+aHgGURm7Zh2W5DrVmHY6kLfrn3RoLP2vFwb99HodzVr27N8eg1 +OZaphzC58H+DFjgFAG3da0ULJw4rXYBwlBVaQgx8ReIriekMHwaX5LlbymbdLjqT +phcMSVzLrDKEQWPRFjUaE4OZqPm5gTVs8zBmLnF6+bPsGhIHiFH9rVmimWpby65R +tGoVqMY4H/G5salRWjb3AlcaCbOFyxaB7dy1oX70BH4mA7K0QB0c4UCmGVehKZFp +aj+SDlXQlwIDAaV/o1MwUTAdBgNVHQ4EFgQUcmkQM+v86lxzdCfXADz7p5iPkiYw +HwYDVR0jBBgwFoAUcmkQM+v86lxzdCfXADz7p5iPkiYwDwYDVR0TAQH/BAUwAwEB +/zANBgkqhkiG9w0BAQsFAAOCAgEASwhFL43M3aeGZBQSVCNkSVfwsCvAWLwk/7YB +u0VyHsXWer60mxq21Qwc2BhbwUh4BO8ANw3GwlQxVUFW6Rop5YCcz9UW55bfwg/D +IM87BXbLz7jRDZVWmR/aVSOHB3XC4tcX/rw6ovtATqm5wMuab6LKTphhVBFzEVDM +Euu2BcGtlHwXY7L/IZOA0Fs9U1VETysL3owlMG3E/WB7Ri3feaj0nYSOTypQsoV3 +W02qKN3/42UEqMTgvG5mGRUkkpPEFUYKPXxEGosttJIoMvoI0QvcinMV0iSePTrl +F3R43EGuLm0BFsXSOTgjqsfWGwtnMgvC8Hc9frRoiktEzxOET4PZ32dBVLrFN+zv +UQHw4UlpkBVvucVYFDlwjYbInwPh9M9TKIb2rpeFDbujoQyVJFsnlWO2vp9oVzil +4w7Bqu3fT7/ButXWUmDQxFL3F/md50KILz8qZ1DXdFLq55nb6H14BSXW4/R9zOvj +0E4G4xs7HFcQguwxmCp37n9NmLpa5DY8idztw9ewx5lyqI3MP8d+n+k9oh614F5o +69u+h9i/IKJxAHEw2cp/ZL73c27JdODAL7a6QEsblW7bf72UuhL5yGuvOtQxg5q0 +JJkcPkJCY1eZ268c/yqJgC6SvOULnwqGzTAW5GcsedZNmdlcknP3mRhG+ch3IPgs +115OXPg= +-----END CERTIFICATE----- diff --git a/common/src/mock_certificates/sha256_rsa_107903_4096/mock_dsc.key b/common/src/mock_certificates/sha256_rsa_107903_4096/mock_dsc.key new file mode 100644 index 000000000..c5a79244b --- /dev/null +++ b/common/src/mock_certificates/sha256_rsa_107903_4096/mock_dsc.key @@ -0,0 +1,52 @@ +-----BEGIN PRIVATE KEY----- +MIIJQgIBADANBgkqhkiG9w0BAQEFAASCCSwwggkoAgEAAoICAQDoneqNLBkpb8jY +hUDzWsak5iMwoezAr0MPen4hVC012pWfUCIFGnpjgKi55ddk9drvOEBtsaXTOBCz +2MFxhXwJ4VnVYQLuB5n3oQGLlBnPA2I8K4eDRtkwhsyBscYCk3ixuevoZpg2Bcxy +zv/5gDw0IkGlGwQZi+5/SP6f2/lfcp5QZY/Wr0Y4CaxhBDYH9OItCFdzypMNYD8U +AUqWUvttj5aZ+iV4dpzgo1TFwvlp48RPzOuPQ1TbkQncCroyhZqXhK1hnA0cKdqk +2UAVhVrg1HHgq+Hk2JSPqwnOaVyEdEMjgbt8OJqrNMUnqlfjUjUd0aFSB2bXFqCW +xf/RYnQe/pSUcyrccSA0NHH6mZTYuZ2h6eG9f/LA7zlCaK/sD0xnbFgym+fUej/o +VpN9UcLZ5E1rBSKHYpsxjE4UPjdhL3xk3iRqTkhKt7G1GYhNaBhnvrFY4rCWV14M +9piRRc3mqYjUq5GL6PEEvfExSmljXN82hyQU8F21OPqKzPIteDxC8Oxczb5OQv2t +A9ZJRv6o2elQtV78J6A5eIbHLvi617O5yZGss9WnPuSI86zvzbgP/a9vA9xooDoQ +BTrtkQiCm/1eszPIaDUKe3CN6uL7qchJ0JuYl+7TvknEXxW48Ci7CzRePK/r2GcP +oF4ZAl8fNlH3TEnTVht7Bd6L/S49VwIDAaV/AoICABZqNjAGo7xWXOvP/Yk/IODJ +Nax2rIk5rbjZ+Fwuxu4WTMw4Yf0HwM0Ks9BbKY3KTK7XZb3nsqEVdowzqe1sfWAs +IjnYntD/9/FaxOAhpCgA8HkIYI/MUBAbA/F76H4bZ15mf6IiGYfbXD0W6EaugHH+ +GbTceT3xUPWi4J44sMDZ+HjSogf//+Ho13yKYAG8rxAES4CSTsLhpmK+8w9hymIl +fSBQIvaX58Em28rN2UTWs90L1IeGV0gv/6wnAggsVL3eaISaiy53+1+CufZKunrZ +bnHwObAb1J23j6A/hGtHaPMaJ+kr1syGdC9XlVVwYawDzzmfpHBfihqpVP+oXD2M +86qkjo8ZgAWHyd5rNoijclwiuU1yHdnbU7tJ/nurTBc/nlZQsKw0VMVVK/K3uy+u +K0G1NTfB9GPf7V1WATlBiGt/JfotebhTMw8PNvhEhtB4uiVjSiTTrnpbnr0h8jkM +nNIEQHdxeXIsEsUwMKq5pMwa/X+iPgI6Okr5JBzscvWO2nDOCbymWdbzdN0NkjSi +hJUaIyJ3ESGK1n7Naz8v/+RgtIbP1Lv3TJ3wJKAfYM15AUHjXTQFirCxWH5RHMWU +vaIlEDFXw7Aa/qZROtSNL/hWdDclU8+8rIFzJtHhZFQSS7mIDrJeeSej/7SiHC5N +K6Yz3flS/RpgK5NatEQ/AoIBAQD/bI9J+BYid1fTFadhcS8+zPoS0swMjyAaul7J +DLZpfSiQ+5DgpfKp0dpuanjT3Va80u2XMrg02P9lkswZ3ltvaFVgn13OrZaHlNAE +vdRR4BxD1VyplthaAwwgrZfJb9CD0gS9642LUqrZCqgPb3zEV5eg+KkcorrL3Wh2 +ZR96H+7WrBlGcEXO9SS3rLfdb+EyFXqStnOEULQAqisqAYj4MVFcwavh1RhDEltF +uXlLmo0qq0t6Bm85kQe+3BVyjIS8WmHPp9Lq6WfhvC07XBlDkccfciIhgnUFVcok +6kbydSr3BOnSaapZxsNKL+mQKp/HWnjLBxR72Sj2oRvPWyRBAoIBAQDpJDD66IpB ++Z266YSUx7g8/9+ASzinQuFB5nhPKFV4KKuquUHUwDruZbGNo6tpDhgDPCLVOaiU +7lea68FJASR5L1E7IKlG8emF/5GKlJzQ2Cr7Ewrp7RU5yiyEVcl+wFNtvW5WXBUr +FTwi508vD5gtWbqOwddYV3X0ZtUtUq2SHOX3I3jgJSwWtkI/7S8mMIoka24vd7gl +ozewvw2UY+H1KRf3ftt3PKfHX4X6Hs8Ozqm9buW2RoxLLL83RwHstgTmWsrl4qVp +z6/T93l9QulZ/XuUXfvd+/f4L4mLreprS6kAKmQCmjL4weYmMlLrmy2IntukJHIN +/aDtj6y3WRuXAoIBABdeXyycdX1vM6/KVOsDqZHNLWHeJX3lw15Q0auQo9wbzU4h +hp2G5rrTmr/XGjeVQURfOi0ixgC/40j1f75+g0ZxOn16E3ZyelegdfSRCVR+ubNJ +gbSRdKHebFeEZdmKocrZgN+58/7wSpUsL3FHKoVPPRekBAR9SQkuz9sKTX63YPPo +d1L9B+XlGCKgZXj6nh4zTvEj3VRphQbnzZv60Qk7zZ8HUMR9+7lLuQrhNA75Vdua +vs6w+/F65lCHClR84q86CEBNuPJ56j+vUTuQbMoLzfTAR62suhwlj+NNFyXzzlc9 +qF3I+onyXCjT98TuzkYC8GkV9vSvcAHgNJ0UNn8CggEATqb48sS/PdtOtq/7Ct9v +fsnY+DQU2CwZnpxKUJfttNp8hNYq1wZjw1jQvr7T1w0qSUbseEGnV+DN6Dhx3czV +8YhD6+niWq1WOAsGMCzBQDahHaJLjySYlK210R43DPu9sPzH7yLZWYM2+dFK9Ums +B585K1US6enxEtspt7AXJfuTZXlf7pPJhBjuWha3KHRVXsHKd25SkxSgQBn2QFVq +suNg/+eGyCREqdU8UEG/soDk/CB92M2jUYeiq6pGNgZSK8L5pZNxoiEZ8qYu/hzk +vbq2rwIACyEzQN0ilbMRu5fvEB2F15xSmdGu09uua9g58pQKlzlQPFc/jhd5JBTh +MwKCAQEAmbuPtfKH2RbdQ+yD6BQDOM3ecrxlonfWjqbL3mSs184JboDdH172QSry +qqY7X4I27N1s08NClKPZoekbnmfawSJLiRVl0RC5ohJIl0ey7hCiGw0d7C5lY+Y9 +V655U7xj+IdlR5nU2YaEH0YBLoN1H1+6ftBZ2fspJNhpK9rDF9CNx58lfnIQJxDf +y4JMZ9vI4PuAaik54GyDb5pF8iifZwuwIQWEYu96RMO26T+AcvBgViRdp8m97uO7 +HyEgnGubH6Oh2tdITrhyAt8AlP2BtJukv1SCEBqJk0JmCOH5s4u5fLieLz2OpZBL +uAuHaSAsoXJyG1F8lZ4XAR1om3Qwyw== +-----END PRIVATE KEY----- diff --git a/common/src/mock_certificates/sha256_rsa_107903_4096/mock_dsc.pem b/common/src/mock_certificates/sha256_rsa_107903_4096/mock_dsc.pem new file mode 100644 index 000000000..67127a531 --- /dev/null +++ b/common/src/mock_certificates/sha256_rsa_107903_4096/mock_dsc.pem @@ -0,0 +1,32 @@ +-----BEGIN CERTIFICATE----- +MIIFjjCCA3agAwIBAgIUURYg4e/Lq5rCfISipyFJ1WnK5j8wDQYJKoZIhvcNAQEL +BQAwYDELMAkGA1UEBhMCRlIxDDAKBgNVBAgMA0lERjEOMAwGA1UEBwwFUGFyaXMx +EjAQBgNVBAoMCU1vY2sgQ1NDQTEMMAoGA1UECwwDUEtJMREwDwYDVQQDDAhNb2Nr +Q1NDQTAeFw0yNTA4MjkwOTU0MjRaFw0zNTA4MjcwOTU0MjRaMF4xCzAJBgNVBAYT +AkZSMQwwCgYDVQQIDANJREYxDjAMBgNVBAcMBVBhcmlzMREwDwYDVQQKDAhNb2Nr +IERTQzEMMAoGA1UECwwDUEtJMRAwDgYDVQQDDAdNb2NrRFNDMIICIjANBgkqhkiG +9w0BAQEFAAOCAg8AMIICCgKCAgEA6J3qjSwZKW/I2IVA81rGpOYjMKHswK9DD3p+ +IVQtNdqVn1AiBRp6Y4CoueXXZPXa7zhAbbGl0zgQs9jBcYV8CeFZ1WEC7geZ96EB +i5QZzwNiPCuHg0bZMIbMgbHGApN4sbnr6GaYNgXMcs7/+YA8NCJBpRsEGYvuf0j+ +n9v5X3KeUGWP1q9GOAmsYQQ2B/TiLQhXc8qTDWA/FAFKllL7bY+WmfoleHac4KNU +xcL5aePET8zrj0NU25EJ3Aq6MoWal4StYZwNHCnapNlAFYVa4NRx4Kvh5NiUj6sJ +zmlchHRDI4G7fDiaqzTFJ6pX41I1HdGhUgdm1xaglsX/0WJ0Hv6UlHMq3HEgNDRx ++pmU2LmdoenhvX/ywO85Qmiv7A9MZ2xYMpvn1Ho/6FaTfVHC2eRNawUih2KbMYxO +FD43YS98ZN4kak5ISrextRmITWgYZ76xWOKwlldeDPaYkUXN5qmI1KuRi+jxBL3x +MUppY1zfNockFPBdtTj6iszyLXg8QvDsXM2+TkL9rQPWSUb+qNnpULVe/CegOXiG +xy74utezucmRrLPVpz7kiPOs7824D/2vbwPcaKA6EAU67ZEIgpv9XrMzyGg1Cntw +jeri+6nISdCbmJfu075JxF8VuPAouws0Xjyv69hnD6BeGQJfHzZR90xJ01YbewXe +i/0uPVcCAwGlf6NCMEAwHQYDVR0OBBYEFBleW+0w6e5CqdFUgiBhJM9XyptyMB8G +A1UdIwQYMBaAFHJpEDPr/Opcc3Qn1wA8+6eYj5ImMA0GCSqGSIb3DQEBCwUAA4IC +AQA1P+WZCicIwtqrTLstgM+cEQjOQChgk+4fAlkChays52wN/ZcoukU7RmakaWGu +PNq3NrbBcescxwx6Auwt8wuPfH18bcOXoUWOWIlue3Et4Chz8ItCKC1M8J4oPixM +KMxcCRUxhTrgU0Y+9oqrNPivfKYhKtkMU1zihJ72VG6bvUrcxHZ5IlASdcuq+0ds +sYahj9qVlc179m5FiWIcHI+bTub2SRRnHr3CjkradGAnUxYgnvkdRZb3GHmT8WVL +Ge2/aoBoIkSmXnVIHlTChjTlZGtaYUFEKEW34+heclZH4JhGKn9pM20A1Eo2nG2z +xrW+WstsDl9puVR7KJoYDF9duButTvhW+1lWT1SW7Ylb6Amm5giBN9zUrG8R1bb/ +FmfE0Gmew9llv3OMq3TccS5OWcyJK9kmNQyMt5w4X21+1d84Q/t0tkT0DEpoPyew +jTYqaLx7wqro/MmUNas9ZAfELUuEAdEZXrI0PcRLj8LLaXeEQ1h1lm1S3B7csRh/ +1aWqSXD/JdsDeysAZtIoIsDX70OyP6y4KM3gx4g9Slz+a3PnrHlCKzmfUQ5c6IY+ +IW8oL4vYAThCI0Cl1jqNr10MFBQjdILdBXnpxkTZAGX0uwEBgIRtDGwJj/HZrn2I +fz4dTL9z0XtF8nGHHP7BzbArktAhIkuMmwCIYGqGtCAzkw== +-----END CERTIFICATE----- diff --git a/common/src/mock_certificates/sha256_rsa_122125_4096/mock_csca.key b/common/src/mock_certificates/sha256_rsa_122125_4096/mock_csca.key new file mode 100644 index 000000000..8dedcfd77 --- /dev/null +++ b/common/src/mock_certificates/sha256_rsa_122125_4096/mock_csca.key @@ -0,0 +1,52 @@ +-----BEGIN PRIVATE KEY----- +MIIJQgIBADANBgkqhkiG9w0BAQEFAASCCSwwggkoAgEAAoICAQDYtoKzOIrIHOE1 +lmmrQqECISVml3537PdwfI4/wa2/YyRD+z/a0XnHWALoDtHHLW/Y3mlD7cZ0evTm +krTjea/vQA4iTNiBbM0APhs0pAbLIe4WfiFFAh1KZrN+r13szVcnSQXcA6XsSJ9+ +Zky7VM+7/x5/SYReXLwjkCflF0Xkq9Pt8befgge5GfEDKcaY/mBOzEbjBC0zbSEd +axWr2YyLiamvxB8nWBUVuZwwEB01Rw8kBKrLVu2V74JJCZGmvflzfirHQOBhj9Cy +hnTXwAYoqx7EB+RcgUKeVf5DR+qi+pZWc9sOSe39mkmUluJaIeOiMO1DYRKdRUp+ +clMJLXt5jxtHDSf/jJ8vKDF9QRUMSlkoTkgJg76sour02vdgrHzfLoo5K6JPFzrr +wYMX1atyADJZdrQvZM2pCMdsJYjpu162tD9j/SB3+vL8vVQRugU2fCHHcoe0Puad +GOHZ/EQYqJyqsN8MNkUIBXmsUmwN0BqohKVxaYxa3VxgG2EIPXwyd1fdUaRFPn9j +NbJZ1qeoKenemBNHKXWXgaX4ycQAhUTWWtSEIva6hVvP3pSDn4AFoqWgQPDXUxzb +mUDME1jAq0Zba4IFndEN9cNlBtlwO0O1z+elXktuDJRNIc0ykC0NRczYUJ3zYv2B +2w76HuJ/VkL7qloC87AVVUkqF8HcSwIDAd0NAoICAAVaGQYxch0aWhxEo3TKL5tZ +u8+/HqLU2mgliasjqIB8pjP1aPXH5qITecWIQ/u0NTa9j6XDSKcaMHAMNYsz/di8 +MfZUCjw1hjiKdVntAUoMBOYXPiRjXuu+1CE4yvPKCImTgT1vDZmKbCzWEVxfKHDf +2pGMME3T2+vKVV2/LVZ5orUmJf6YB56lH0Fjy3W/UR9mXrFIM8+j3MV11WQUrMlF +E3/NJreUxQ2hrijrKDMFaas1eoJjRc/487HwIhnheJYfrccyGAi7R9DO+MitriK7 +f3T9nDq9XYHut4oLFDxDGr1ZCeB4L7N4kCRAywlWnsiViUxcz6hjce406yy4AVax +qCBLs94qtFGtK1ytCH4T36tCZA6lf/i5HfZiljEsbsLveOTeiDzsFAKoDj4/1U5+ +sK+SJ4fMk0ORo9YYU0f8uowT3yFo+x6AGdV/0M53PGFfPJxWXlMpNgSsWkynlneb +ab+Xj1QuXJD178NIQlTC00hRl/aQaPBCfNtpqLRcaOOkkUtiEpQWGmBzEjQ23kb7 +TQBz1coi3KeeyHwgoPArLMAKbFJa/MuyQOlJNp6Vp786t0qWFdOvkGgzEY/VuQDe +gN4s7g8ccHrGxUZQM2vQXbEkPICD78mY9XoOQaDMeyLG7nxBau15QFjLJFfXs7r9 +HJy8MW/OxsuNoQ81X0/FAoIBAQDzJVuDgb4HZbmb6OhVLNE0x/ZatpIcp7AV2nhz +C0sA61kmmM+led/LYHg/Zjz4PvIzWEnllLrJdFdkL7Sv3S9WeFiAX+WluH2rnJSN +dkPTrBAwoHP+0/LlZR8leBw2noQh5BJ+NAi/I6XVhZvafnhD8l69Nvm2u3cU5+mh +iaWJrYV00RzZWgevNsbATiuqi/EMu9RYEdJ/jtRl+cByEkkjNSNi6TYRvD2GbK0z +P4JVMEGT4ZaoikuFdrpm88yHC7bqhf1qIkWSUyMy9Cl6LbyCMDQLTf+j9Op9r+oF +RQjUtM+bRVLaY9LHHhx7/K5Jls5UpUDaRc6jQDYVsF/zhT0rAoIBAQDkK2tPFS/g +tnWQZIRx4cAOM8mDoIsrhCXs9cgv1ArH8xCMJsCW3d9tBLmDCkpjuy0Jp/jMXOfe +QNdY0oTE6hWtm0sB+7WSofyU4p6YeiDbhVSFacgsj3K/zwjeRv1rWDYVaUkUC++h +1vW+MYOwb644gFqGjsut/UhGPw8BVeObWcDwsczQg+Ktem6DE8e7IuI/Bu5WI8pf +zt2k9OxdrP2cEib8TVid0g2BvDWTRPC/Lb4w7geFXNLxo7Y1f9m7MRx1QdnYpNJ8 +CpvFYj5D2lgTYEELmMDb6LHMKZMBHWNEUADFJGlvInQMQAOsDi1/v9jj+owTgIaR +H6DXbHAmP41hAoIBAQCoLCAwFc+TGWR4T93uF/vmeZsct+NC1/mk5DZwpQBqnKu0 +P+B57DnXm5JK9DMzR1OHkBxWbcp0z3tB5nts7WbUAT3sPpRRNz15ZtjI7QKa3Ayu +kuLGU0sbGvQ2+j9Ye5ckZbxeDijZ2D9kfri7SSMXtFlqOb/OJV1JU9r83an1T9eq +VQeM2b3JuLPtc8KuYFvr2JSe3633zdkrL8AacS1xltok5+jqzPXYPRRugcy2o6f2 +Wlq5eUQBGZ6MCMROo5Hxr72y4O+2kxLJ1jFz8jrL8MzM3w221XaVM65QfN0C+yU9 +d6lP/HJs8Gi09R24LnmVV7uEdQNNmQ1iE4O37+XtAoIBAHwgxMP9yZoezX0mD+2c +JMlGGGDTIvIZUkAWPb+eO3+vi5GjyBWegfLuBnqNkSbkabIq6BhCaAiOfeS7OwqV +ZNR1GmtMV8pL3nIR7uoTC2D8tjBIq0+EP5QRW3vo21tMGcZkteZl5oO8pZnWlmiL +jo/lO6R9V7gvNl3+0Oeh/VHQwPuMqjRW5jb+3I1JxEFtcZAPZWu95RP63HZz/Y6O +HxT38jxN9NPJ/gt/l3l6L3g7KpdJ7XTkgyqFEu8doWHDMjnzJmJayQ0gvBogaIhI +LxWi2D4l0FF/8RJzYgPPOh4ernnTXv2/I0eQqP2JrQ+2BsRW3Ejq0hw5tZbDynuA +SwUCggEAXkqYPDWWzuEuHNNK5qc4e9pD813QTRSXgiBee9KfUp/leAEvOo+Ol4ms +I6CegBN7dENC68/PrwUk1FrYjpqNfuV6P/fg32+1uSGcJ0FroQlycvohyEfAw3z/ +3KO7qXPTygZ4IZHJaj12hrj1/Qzius1pb71DTnl3dBYg771Y2pYcd0x5Neo8zGhz +S674HHngcLJJzOM9Ui6neZweSrRkV+3hn1+Rj/0vpl+o0EwX7WzMGU1vOgF8/Tsx +p6cpMiX0qA5CEl84qv9R1RkZmN5LcwU7Nq7S5nO+h3f8RJiE55CQ3nA7CH0dFhQh +JmXE8Z5XEIC/HMyZ/TwA4uP3DZbhQA== +-----END PRIVATE KEY----- diff --git a/common/src/mock_certificates/sha256_rsa_122125_4096/mock_csca.pem b/common/src/mock_certificates/sha256_rsa_122125_4096/mock_csca.pem new file mode 100644 index 000000000..fb51183e0 --- /dev/null +++ b/common/src/mock_certificates/sha256_rsa_122125_4096/mock_csca.pem @@ -0,0 +1,33 @@ +-----BEGIN CERTIFICATE----- +MIIFoTCCA4mgAwIBAgIUD1XNGZwYIKrPOuOb1D41XiWpJPAwDQYJKoZIhvcNAQEL +BQAwYDELMAkGA1UEBhMCRlIxDDAKBgNVBAgMA0lERjEOMAwGA1UEBwwFUGFyaXMx +EjAQBgNVBAoMCU1vY2sgQ1NDQTEMMAoGA1UECwwDUEtJMREwDwYDVQQDDAhNb2Nr +Q1NDQTAeFw0yNTA4MjkwOTM0MjlaFw0zNTA4MjcwOTM0MjlaMGAxCzAJBgNVBAYT +AkZSMQwwCgYDVQQIDANJREYxDjAMBgNVBAcMBVBhcmlzMRIwEAYDVQQKDAlNb2Nr +IENTQ0ExDDAKBgNVBAsMA1BLSTERMA8GA1UEAwwITW9ja0NTQ0EwggIiMA0GCSqG +SIb3DQEBAQUAA4ICDwAwggIKAoICAQDYtoKzOIrIHOE1lmmrQqECISVml3537Pdw +fI4/wa2/YyRD+z/a0XnHWALoDtHHLW/Y3mlD7cZ0evTmkrTjea/vQA4iTNiBbM0A +Phs0pAbLIe4WfiFFAh1KZrN+r13szVcnSQXcA6XsSJ9+Zky7VM+7/x5/SYReXLwj +kCflF0Xkq9Pt8befgge5GfEDKcaY/mBOzEbjBC0zbSEdaxWr2YyLiamvxB8nWBUV +uZwwEB01Rw8kBKrLVu2V74JJCZGmvflzfirHQOBhj9CyhnTXwAYoqx7EB+RcgUKe +Vf5DR+qi+pZWc9sOSe39mkmUluJaIeOiMO1DYRKdRUp+clMJLXt5jxtHDSf/jJ8v +KDF9QRUMSlkoTkgJg76sour02vdgrHzfLoo5K6JPFzrrwYMX1atyADJZdrQvZM2p +CMdsJYjpu162tD9j/SB3+vL8vVQRugU2fCHHcoe0PuadGOHZ/EQYqJyqsN8MNkUI +BXmsUmwN0BqohKVxaYxa3VxgG2EIPXwyd1fdUaRFPn9jNbJZ1qeoKenemBNHKXWX +gaX4ycQAhUTWWtSEIva6hVvP3pSDn4AFoqWgQPDXUxzbmUDME1jAq0Zba4IFndEN +9cNlBtlwO0O1z+elXktuDJRNIc0ykC0NRczYUJ3zYv2B2w76HuJ/VkL7qloC87AV +VUkqF8HcSwIDAd0No1MwUTAdBgNVHQ4EFgQUDtBR/ZLKro3ttfGq96KaGgd6i5Mw +HwYDVR0jBBgwFoAUDtBR/ZLKro3ttfGq96KaGgd6i5MwDwYDVR0TAQH/BAUwAwEB +/zANBgkqhkiG9w0BAQsFAAOCAgEAkO0nxyY8SNYJO/6fm8BYaGoajMzdbXp3h2cb +2wNhmmVkSYvmuO9HQE1CjRbod+/HrnONXR2FxCj56ktCefQ8/XNN4WRFmeCmW1mx +2+1Z//ccJCdVKMeGingR7oMG45Z3D8fsW+bkfMSp5JP8M2F56tn15i3RSC59pkKL +81ZRt1PdiWmf+r1bDa+VdcVeh5D+y2mUAFZ2quAFNQg0kU+VbLGXgR5EMzIEYG8G +hHpWHDnGQPN8eKNe0suyV9O4lH+Eg0LNHYsfwn6ojaMqSajrZZGp1NYhK9whs+UT +atdSKRDklpx+TTBXrEBsGwGN+CRZW1MBpqs7vITM17NUD4KrbG+j2BVQP57IkGoF +3rPMcnMGBJ0yZ95D7eTcFHYBVV1YKvPdluvbn0gRbm/KG+CclGbqC/D958h4hkO5 +nzjPsz9rM9k5BLP+eeiLWk0FdnrgGi/vX7qsxkjJM89nh2pgHywNVBm4cyFiMFt2 +FN3/71d/cNBSorhufW4rjfZ5s+KkCv+3kFbWjv4/ekO5HfyDxxpVN6TMcxvpdmu4 +zw2M0wzGMSQve7ytyiCT02c7SElexudOtyXqg3BV8XNrEJAH0j0fIgGIyk2FB9MX +AGh2nAl8tocQuHffiY4q60r+1d6oqy72mv8Rjg6PS7HQcOOc7nbYt8m/eWY9Xb8N +1IV6hcw= +-----END CERTIFICATE----- diff --git a/common/src/mock_certificates/sha256_rsa_122125_4096/mock_dsc.key b/common/src/mock_certificates/sha256_rsa_122125_4096/mock_dsc.key new file mode 100644 index 000000000..0ec0f0914 --- /dev/null +++ b/common/src/mock_certificates/sha256_rsa_122125_4096/mock_dsc.key @@ -0,0 +1,52 @@ +-----BEGIN PRIVATE KEY----- +MIIJQgIBADANBgkqhkiG9w0BAQEFAASCCSwwggkoAgEAAoICAQCpZLuGUuKjxIhd +ccoabZUTrPq1KHOynDwwBeT4DFANraLOZQreW2gxxtFpo0wZnDJubGSW5t7MFQ78 +iV8/QS+DFspXoE1KU0HgmswHFkwpBMBdhPjlKnMy5BbZ55TELr7/oBLOpzkfZa2L +Sun5oYeJeyxNIsbfrRlLyhnDP0lXKAgK2WvpQj9SjFEWvWKLuQw6DwTlAcNBg0El +5YCG1Wa0/iAOBUECzy4XSQEb36ZDLI3n3gnf7Yj2iCr9nWTxEbCm2mNS5GnQ1m0v +Jo7NtAO9nvE3fBaKNVuH4F167ADbOVO5CIwkE9dWjw6/aGUZ50YGPsQEOEygvf5I +7i8LIwTFJqc+V3lWW4q4aQjxD1eeOvEsfg7es0sbq8pDCItc/wPBM+ariUjw6blr +Bit/9Kr6wTVxnKeY+QVbvjtTu9eV52Yz3VEV6fIQE2/zjpIxNtxHEvZp1KlKUp5Q +6NaFxYIZkBbrjPy9gMw9gWK1W9J3CeSPA/AgLZqPN6A+ZbbrHIvP0uJEYuSa9+6Z +EwnxE6k1oVUE7LSk0aJnciuVKFFWFga9SO1ZVuV4Fq7ACE8y3H1IqYb8SnyE56D5 +FInrjcLcPRQljX33Ql/S9OkjJYLXJSDCE2fMc7QIrA49O5DWAaNP+J4ZSN2BXogM +X/FtabcS9z/s+Z3iNW7S8eUuuez2gwIDAd0NAoICAE97mjqEdLbAA76GOsd3/VLL +KFoOk+ijOcdp9dJLDqUQTrWVfQM3n1WXNXTG+RpqagCs/viU8FxfxXUJSZmD4fq/ +C2aNQLjmWPf/XfTPrNlksrFHrSOcOCoaxlVSjqx69YazrIyoPj81SdOMwd30xQYX +MbJtksGjSG4YBUlBnn/Kdxpj7KcvRLXJyYexfstCRpr8Sh0qTtnbdmQBvTeRNplp +J/xVGZ38aZXavvXP3BCHhgfZvFqZIDHdca+ttodZ4LcVrgZt+o/5+YQxaRtnWrmL +Faisq6Ucrf1be4VdRIW+5KA6RJhffDUPLmyRM4/cSg+hnf0iNVmHY5dcaRPW3+o+ +BlWMo7d9HHgkNlP8iU6L0e2oxtYnUQZ8kX7YemmBIuBp4/39sa6dSAPQAe9cNxKW +KyWjj71fi8DOqxfmaUSRE0yvyXSRM3fLnElvuiCi7uZyBAogcNsC9GaPv8JbhwMU +4w3QmGSvBzpRnCMbKy1UR0MfGJhZFNzkq/9BM70G7urtBctWLOMEH8t9Hez8OQym +D8VAO9/zAqpewr2rtJ6E8htT6mcH+iycPVRkriLvUXkVPXRQ7AceW1ujIfIX27PS +bFVjgDyrat6EPpCcsFfPQzCqOBSPSrLgrH1NEJdS9S89fc7LbA+NqEuwnzLU9P2P +wW8/9FmO96rBOBHnS/XVAoIBAQDQt4rVgF3MRp7cRHCRKfYXANmgLNZXVEP+qn5f +r08nVddjl6BhN9GcxAdRM34KLqLGvWqSW74OLnEuojYmf75KB3rcK5E7MZ2R5K8R +3okzENVvY3r2LGNzeA6rk8bzSPQDC4Smp8Ww/WvXPc/mIoEnDqCHB3nDF3DVv8QJ +79/nHUZfooKZ0IBv6EzBa8sPcY3DqpRbaiNCH++BBqHKbSPRSm7EyfDZD0YkANrw +K1PdgyGpZ7Zm6oVUACSKnq+kcB2cJCfurgJ6CIbZwsGu6vL5QXn8leSAH3W1syxo +sTiYMczMZ8jJTSBpM/w2GJ2elakvGWGk7Ra+xX/W7dwhV/hzAoIBAQDPxKQJlLLE +b4rFuZSE3z/ggGju9jIlp1fuGeNTM+cYs+giokgcHUx/gAvoNstyYJJ3nXzfZ2BJ +pOmwusZGFtV0o44rwywgfUVqkn18QU+cq8GbAipS/zDuG8cwGD/YgpxvmMpweVKR +Fe3qFPIvhlNTWH1Pea9dBV5WPkU1FF+pQJgnitThy2o350uLztNJQ3IJk7rvpg0s +jxWOiTbeBMZmpODkm6+E2tXX36rST7ptSiSbbq9GaSGd3mBef1gMaZHwC/X8l8aP +b3xvpnfm4Uw4zV52tV8vYbdgH43M8r2q+wHHIbWuZBIghLMnYol/IQr5mYP9Shbb +y1fWdXdz9FWxAoIBAHDX0LgubMGPEs6gJ423HA25Tby2uTBQqvG4+YzSvuTfniXt +mY/YRZorZxedRJinqwvxgJd4FwhV/LiOX4ziLPsEJH4ZdlbM3/lqtpzp6P8hLaNi +p9melgWvn2fpxT0aAnnJ40gz7A4LXHsbCsbAkKpbLQ5KdKHr0b9V4JehIbMrLLjN +T1tiJTiLCUB92ZSWEr/tRxjf6KGCLbI3TjJSj0UUCe84eXNMEPHehlJBXKhWGrl8 +FgOQOVKMG784RMVn1lZur9mKU9RGM1QmLk5hYpCDD4RvbSAdSMEVZOHO65no3Nc0 +io70tNDezvLBOwvAQTBzhmsBD8odDPepVKgduYMCggEAEzX2UZ6R8f6WVrCiidYW +STnpiLBOrMrsvTFQLjRru1TbHI9rQzto1ZQu+XfCwK6Y4utn+XB0ihL9+zCqJieH +Vzkf5FW6im6WSBC7KivVYy3zgqhargrJrEu1oXOC0q2U2tMbyuayCzsSZzdCEmjX +lO0Wort9ApZBB/a7ZhC0O0Aw0L/peWsQrHr10tDX7RMWi4Zcj0LOGyyXZPzN36QX +O6jOr7VQfyo6yppwsbOeqrrII7gyYg9zpuBXvrMBmD++Mr/9xB+IYv04vWg6Pitf +0fhnoC/G/QVvl9W5JCMMAVqUNiYCrKhBN2sYndjxuGnYWjl7M15dgzxImeleNCwG +BQKCAQEAycl+cQLogIQJEP2QZYB7UPgGtBSELxuUBy49HAp+91IVOKwKozDA8lgq +bxN0HDP5U0AQSizmBAiAg2AIyFqZHJoOQsProURCXkDXV6t0YspNBMuNbjayhc+w +QLK4d12s8H6gS1KAHgOvMpLl7Ii8Q54BrZWBh/eGC+uFpPmwhCy9rZk/Ip+up6Nb +wFWkwpq3LXohhrlySdbj+l+7tC/NC1A5zUEUipGbpKzB2GV4OFKM4E1zfKkv6xtx +Ik6YQMNtF5x8rgm4EWLX9P1JH6Rm/CcCMjznTUnAiDAdSZxSUpsQUVczHJi2oizq +MERigb61weNfHj8GZA6PwnUvmwvseA== +-----END PRIVATE KEY----- diff --git a/common/src/mock_certificates/sha256_rsa_122125_4096/mock_dsc.pem b/common/src/mock_certificates/sha256_rsa_122125_4096/mock_dsc.pem new file mode 100644 index 000000000..a79cfa90e --- /dev/null +++ b/common/src/mock_certificates/sha256_rsa_122125_4096/mock_dsc.pem @@ -0,0 +1,32 @@ +-----BEGIN CERTIFICATE----- +MIIFjjCCA3agAwIBAgIULyu1wDuwUZlWkrt7+Dhh9yqpPuYwDQYJKoZIhvcNAQEL +BQAwYDELMAkGA1UEBhMCRlIxDDAKBgNVBAgMA0lERjEOMAwGA1UEBwwFUGFyaXMx +EjAQBgNVBAoMCU1vY2sgQ1NDQTEMMAoGA1UECwwDUEtJMREwDwYDVQQDDAhNb2Nr +Q1NDQTAeFw0yNTA4MjkwOTM0MzBaFw0zNTA4MjcwOTM0MzBaMF4xCzAJBgNVBAYT +AkZSMQwwCgYDVQQIDANJREYxDjAMBgNVBAcMBVBhcmlzMREwDwYDVQQKDAhNb2Nr +IERTQzEMMAoGA1UECwwDUEtJMRAwDgYDVQQDDAdNb2NrRFNDMIICIjANBgkqhkiG +9w0BAQEFAAOCAg8AMIICCgKCAgEAqWS7hlLio8SIXXHKGm2VE6z6tShzspw8MAXk ++AxQDa2izmUK3ltoMcbRaaNMGZwybmxklubezBUO/IlfP0EvgxbKV6BNSlNB4JrM +BxZMKQTAXYT45SpzMuQW2eeUxC6+/6ASzqc5H2Wti0rp+aGHiXssTSLG360ZS8oZ +wz9JVygICtlr6UI/UoxRFr1ii7kMOg8E5QHDQYNBJeWAhtVmtP4gDgVBAs8uF0kB +G9+mQyyN594J3+2I9ogq/Z1k8RGwptpjUuRp0NZtLyaOzbQDvZ7xN3wWijVbh+Bd +euwA2zlTuQiMJBPXVo8Ov2hlGedGBj7EBDhMoL3+SO4vCyMExSanPld5VluKuGkI +8Q9XnjrxLH4O3rNLG6vKQwiLXP8DwTPmq4lI8Om5awYrf/Sq+sE1cZynmPkFW747 +U7vXledmM91RFenyEBNv846SMTbcRxL2adSpSlKeUOjWhcWCGZAW64z8vYDMPYFi +tVvSdwnkjwPwIC2ajzegPmW26xyLz9LiRGLkmvfumRMJ8ROpNaFVBOy0pNGiZ3Ir +lShRVhYGvUjtWVbleBauwAhPMtx9SKmG/Ep8hOeg+RSJ643C3D0UJY1990Jf0vTp +IyWC1yUgwhNnzHO0CKwOPTuQ1gGjT/ieGUjdgV6IDF/xbWm3Evc/7Pmd4jVu0vHl +Lrns9oMCAwHdDaNCMEAwHQYDVR0OBBYEFHhRtL3KyumKtia+LSfbUSUT+xngMB8G +A1UdIwQYMBaAFA7QUf2Syq6N7bXxqveimhoHeouTMA0GCSqGSIb3DQEBCwUAA4IC +AQBlVEzZoPaMG59zUQK+GWUhdiskskAsjesFX6R7HrNd9PRb1Vw3mBewfRFXRIcn +nKKv8mSzvqWXOwvoLAqw0R+awDUvVUL5+TWED1rQZpmr1IzdDPR2MFrZgL7N6ZeN +REFbLxebWa6xV+uX1ENrXUDBliPbRZW2YFVUzwn16VdF0hwfm6W0DVgfBr/ErDiV +PouPdCq4g/y5PU0uUPXUVuKDAKnSPuvRQsSgnHFD2GpdgmoqEnysd+Xz4qHkBQLG +yH0x3kNarMPj6t+s3iI24P8Lhn+sfmADFFlwq8WP14jhF/+p34J6Ub1zkR2pio7M +UT0u6Y0dyY44mmXplDXwH3IhIWtnHPQzJa7JrBy/Ozqe/oMwk23clrCSfUCnvxBS +ltxDQZspWdPya7L8rsAwu5cpIUm38a1n0vB15mZGzeSk0MJMhINgl838zj/N9WTT +m4HGUlFnBsNVMeearcMJ7Mdr2hDk2WgkL6ZuNoGY2UizwXf2FjFsY8MgJqqYsDhf +pBzRVabUu6qznfiQAm3pZ/hMqrCXn6/XmL0K8/0ps3QDMXS0RJZpwK8H6xJMfLaV +6v+rZ0JlbzQ13URQVmemV0qGKRkLA3uSkHNcWJdfsevkdrEvHNXZjT38Jk39UNHH +WUXBmeeMala7w4vim/DiDcPb/E/DHew+cYc6EIhyLXliXA== +-----END CERTIFICATE----- diff --git a/common/src/mock_certificates/sha256_rsa_130689_4096/mock_csca.key b/common/src/mock_certificates/sha256_rsa_130689_4096/mock_csca.key new file mode 100644 index 000000000..8a9332e7f --- /dev/null +++ b/common/src/mock_certificates/sha256_rsa_130689_4096/mock_csca.key @@ -0,0 +1,52 @@ +-----BEGIN PRIVATE KEY----- +MIIJQwIBADANBgkqhkiG9w0BAQEFAASCCS0wggkpAgEAAoICAQC4wuSolzpbXFuR +aXXpZ8m1JXI1q9W3oflSIaiWul1MQ9ublZeS1IKFcTVYXblBa4c/yA0lfGhEjjTX +GWNZJk9GjNJd/G0bLO8ijY6ZUZ61ATfq9tZmu2xP7STKt3SNve8Vacb60RE2Ws23 +p4dhI6lH3WbCvTvErKlPheQyvOQMxxw8h6No2YbzJz3utKJkf5Pp1EokMV0L+54/ +3fBx52SvfmWHDxAT5XXWlT/lHmZahLbqKogQ2dkvxgkrRVlUs79WKFpnAQ7I7PXE +FylrlWh71si09eYrj6iDuUlAxRmtgr53jgFWSNiG591N0ea6eu+fo2+HM+bcEDCi +A8dt4o5irSbHp9YF+dRhEeIfZFCqt6iH41B0xfqSGZaB1/n92EZzVVu8TULFd7f7 +LkkMrA+nnsCT+dzGlzPQ2SaB1QbaakjUjuoXgQo8FUoaj01UeF4zkhcFFoCtNdAf +GkhP92xd/FDECCcwdhOIWItE36W62EF/aHA3R0D2QOMLPHP6K62KrcjMH6S5T9if +7o6OCpqebL7C4b0/rYHjtVPKjDTyn0HTvqIWsKnkLcexbWcAkYYjeiLfKqTXi4hX +cltIxRpXyktKGfiAwwczwiYUTnuU9V8e7E7LdkRrP4v9sD4MthA0zMxvsL+ak2AU +zZEM3ufukydtYAr0wrZs5kUfCvLbLQIDAf6BAoICAC320PF6u1u30CJOxNjULm4j +Y/JCHq566T2YFtqw5E5/Nqr38wXplPWXnFMCAoBQUE3VQEFe5wpik2pnf3Ogak5P +a2jDRuNSVM0fcjapdcu3h8kCFJvAzO6NT1LDhAFWLn1UYCZcbULZLkiHBgqOKfov +Ok0Xc7X+8Mnt7YaAfgcOLDP4DKbtQI5Li8SrKiiLRe9DIFUzPvA5PhI593ygreiL +5MRt3Y4NMBTgXgJPwbCkWaC4I8RAWZ2eLRGzluiQuM6Vdf9clc0Hfy9mbGcr6jcZ +DYFWVUtYxKW7f+TlxdisuSN9lLdmbZ2Q8i7zWX7wyt84+TzoYH5BUW6gRRvtA9nA +XUPl4iaHqLDGrjtZtCYicKdUIXnsFaHTXqZ31uppfnobR5Ya2edsHp2KkPWRa2Ma +3Hedgc+abFus5a0o4XwEtLTmdbY0zalCB/J+iJZBTYA8xVdfw63z7h1tr562bddV +fBtbdHudoRVHCk0rE/FfC4A0svR6chg3oXzP7Zu8jswd8NDEEmSUnukawW+emBu8 +S4Mg0xw8w0ZVsT6NO97H7CeyVaSfVelBPfKdDaWhhM66P6hFmA08bAKTAweWNGpX +m0P90vlphk4GfzkuccMkKZaCE0qhzEwqHoeTQYS9RMSyWmIDuClU6D7wCLtvN2E8 +m50IfrXilRr3l2DzFMT5AoIBAQD3EozFRfRI15X8WuGCTMsJRuXC9dPy7ysJdN0l +dvOTkHrHTr3RyiWNgjoVw+b4AXArsBRq2Vg/3M5dqiWWLlypX8ojQLUKdFxxMDh0 +ctRZLuUd/MpEnBqA31pwf6ZHR5DhnqO/I97U3PBFz/JiDU6PB6yKcSwIb2Exi13S +XH1tL/Isc4XkE/6INx2zBWDYa/lYWWAVCMFc1lncunnQGUPRYs6VjiIVQQezBJez +fL2AsljpXf4GmYN5Wgj9fCC9fyW+V89h5SoPXegzFsZ7lrb3xCz+xfeV0MwwgGGg +4m/HEh7XZnykNABzhuT5LV4egi4Bb+GQUcQ11knrYNXUY+N1AoIBAQC/b/Ui1Lty +0r22CIAUjap/dtO9IzgXwxV94clyr+9j75w82ATqkFIUrKcaNk6meikHWMcyB7Fc +vvErnenh8kJbfyp8LR0N4oemHbKHP1dHdav+oPwNXLj4K4VTCpGCAyAmAJN0KcEA +GgJXEDZBRQPSDBaTGUKuUuBrWocPtaA8KjW0ayv8gNc++wiuI3jN3E7CvJd5g4zB +dp6SMZKX7YKRZca+TqksbbvB2xMIRasCiU003muPPIjpLKB9bwg37YYCe6Jhd+K5 +n706qDXJsGV8E/8zml8gTKHLbu2NU1iAXk6x5ri56fvsTELtOx2WU3PDxvccga6+ +7LFZrgBn2jnZAoIBAQDhMIJQ/iGSk3gwxn9twS2AzxXTmTmkYssONCC6+M+H90DY +w/hewkuqC+1/Uk6mdKraslNjXqtg9EsUDhFAO1xCu+V7ZSrzyo7L+jzuf4bZD1nY +juoksiPjuFJMzqWLmrqrfHc/9w1eB0KUb3wVZ0SFAqPJMMrYw4YhYTQQjsoX98E0 +ZgogkXxjC9XKzneuFA+RbDkiuvi91Rh/x9iTnHFFMsNf1WOfQEJ16b/LaGO5Xr3l +2Qej7H+BF+CJ+xX/yjTqaJvJ61JaI2921vdb94mf6po2PzI+bnxFhZyrbCKiXC6V +7t4yW6F4Ri3yxNHEOeztsB7GMWBz55nai3KCdQEJAoIBAQCpW6F2ERdhNbupAkyy +gL1CIfkPFGiuxIBjI+LZq6Q+s7JsY2AsmMmxvQAHVIL4MUovyb6e6UikdjOG1Jbk +fWz7WyJV18IWfzVvsB5Ik9nGIDDbFkN8BJ9dnmuLws6zHV5DiOb5rtranXn9LN/s +9HFJdb08r51/tYLcFWxJDAnoe2PMXCesV9GOf+dFmzueLrgr6tSG2jnWqoZOzEvx +ck29B315Gdlvp5EG67sQKou7s6VMWQ3eKESjhgANrryl81dM3q6/Ua1Gem+w2ks9 +QDoP8VCPd+0+pfWcfFft/5021bSm7zPAtFtxxqDeN+/hGl/HxuIe+1Dy1s/gayvm +8nCBAoIBACUz9zv/wdHZjiqLk5E3Kj2IYx+LCjuOPMKYfYhGrDxZ50XXwSysCsD+ +SB4QkXumX3xova2LY5v6QCAs+CiBsu8OdZnpKCYCFt+E/MDDSCm/kT2hKtDGj8fe +n1ncKvQcREFgtvRg1MjZ6scdA/bSfvWQzwlLQwaynTvUZzepXa/dqkPw5mcTEw3k +lWmE3HXi1Pqp7r/JbRccL9P3mKN2tjJPkfI9AGv1b5iWqWjEncW0XqdjT5xKTkDw +b9cjfVP+Nz5LUjX8b9YxuRyFfZdkx77gZi0cOGhXqaRmGDIsLnv2Tahz9mWbyaiA +OgCjy8XT0G2iVU4eP2M8y9W2JYwo6J8= +-----END PRIVATE KEY----- diff --git a/common/src/mock_certificates/sha256_rsa_130689_4096/mock_csca.pem b/common/src/mock_certificates/sha256_rsa_130689_4096/mock_csca.pem new file mode 100644 index 000000000..79459a858 --- /dev/null +++ b/common/src/mock_certificates/sha256_rsa_130689_4096/mock_csca.pem @@ -0,0 +1,33 @@ +-----BEGIN CERTIFICATE----- +MIIFoTCCA4mgAwIBAgIURnoz4ltMtR9KcFHub6QczgBFtO4wDQYJKoZIhvcNAQEL +BQAwYDELMAkGA1UEBhMCRlIxDDAKBgNVBAgMA0lERjEOMAwGA1UEBwwFUGFyaXMx +EjAQBgNVBAoMCU1vY2sgQ1NDQTEMMAoGA1UECwwDUEtJMREwDwYDVQQDDAhNb2Nr +Q1NDQTAeFw0yNTA4MjkwNjM1MzhaFw0zNTA4MjcwNjM1MzhaMGAxCzAJBgNVBAYT +AkZSMQwwCgYDVQQIDANJREYxDjAMBgNVBAcMBVBhcmlzMRIwEAYDVQQKDAlNb2Nr +IENTQ0ExDDAKBgNVBAsMA1BLSTERMA8GA1UEAwwITW9ja0NTQ0EwggIiMA0GCSqG +SIb3DQEBAQUAA4ICDwAwggIKAoICAQC4wuSolzpbXFuRaXXpZ8m1JXI1q9W3oflS +IaiWul1MQ9ublZeS1IKFcTVYXblBa4c/yA0lfGhEjjTXGWNZJk9GjNJd/G0bLO8i +jY6ZUZ61ATfq9tZmu2xP7STKt3SNve8Vacb60RE2Ws23p4dhI6lH3WbCvTvErKlP +heQyvOQMxxw8h6No2YbzJz3utKJkf5Pp1EokMV0L+54/3fBx52SvfmWHDxAT5XXW +lT/lHmZahLbqKogQ2dkvxgkrRVlUs79WKFpnAQ7I7PXEFylrlWh71si09eYrj6iD +uUlAxRmtgr53jgFWSNiG591N0ea6eu+fo2+HM+bcEDCiA8dt4o5irSbHp9YF+dRh +EeIfZFCqt6iH41B0xfqSGZaB1/n92EZzVVu8TULFd7f7LkkMrA+nnsCT+dzGlzPQ +2SaB1QbaakjUjuoXgQo8FUoaj01UeF4zkhcFFoCtNdAfGkhP92xd/FDECCcwdhOI +WItE36W62EF/aHA3R0D2QOMLPHP6K62KrcjMH6S5T9if7o6OCpqebL7C4b0/rYHj +tVPKjDTyn0HTvqIWsKnkLcexbWcAkYYjeiLfKqTXi4hXcltIxRpXyktKGfiAwwcz +wiYUTnuU9V8e7E7LdkRrP4v9sD4MthA0zMxvsL+ak2AUzZEM3ufukydtYAr0wrZs +5kUfCvLbLQIDAf6Bo1MwUTAdBgNVHQ4EFgQUd9Y3jsEnPgvheMoSNY10SSLvqyww +HwYDVR0jBBgwFoAUd9Y3jsEnPgvheMoSNY10SSLvqywwDwYDVR0TAQH/BAUwAwEB +/zANBgkqhkiG9w0BAQsFAAOCAgEAFs3Tr+XJY13xxUfI06+HOJo2fyZ1PqV2hQ+L +DTJu41fKCfnXwHvTPr69gBjdeYlOYksvWaVksMJVXQxwP0aqz1FqCh9Xg9dFYa20 +DrneY4j2qK9Q5VsW9A4UwIhChXXWDayrPVvStY7qciyO23VqlYasRwzqfvxkTHcA +HHA+g5Tiw6Lx6Dqz/41M37RhgT/G8mZcJdqtzNjJUPtl5vd/ZoXasByJtiPbK3yE +2kkbHWOd0aORKN/84ER5oZP+1f1pu9kpuXUEWFo6dPNsvtpI0jgTQ/yC4KlsioTS +Tzb4SHo9x601dSfRTp4YL8DQaVYlwbH4d76oCB/SFyjNzHz3F6A9B2cB0U0D2C/n +lF7G58VXj3N9XbwU68MOs933ALfCrl9IIOYiD1cv2DomIYDwh3bWf3Wf3u/dTrED +R+q8qTPR2rPsvXrBZmWNBVs9ZIQa/wyyc5HYKgDVoEQxSikL9KgEH30PCvcz3Her +Y+91GRnQfl5g7H4QijWPzGnFQec53aVRf2J+Oq9X82GQhHCCdUMRllCNRbHn5WpF +NyfyStkEvkc2rFKnj+IHqHncpZjA02smPtiG5KSQIQOl7bS1bvN0VpbqKRVfC8IC +sR/uPfIg+xt1iDtNIdYURhqxO+ExP+EFrPbPSG9DUZBZnKzx0QzcCmR+j454cyC1 +V5faMt4= +-----END CERTIFICATE----- diff --git a/common/src/mock_certificates/sha256_rsa_130689_4096/mock_dsc.key b/common/src/mock_certificates/sha256_rsa_130689_4096/mock_dsc.key new file mode 100644 index 000000000..abbef55d8 --- /dev/null +++ b/common/src/mock_certificates/sha256_rsa_130689_4096/mock_dsc.key @@ -0,0 +1,52 @@ +-----BEGIN PRIVATE KEY----- +MIIJQgIBADANBgkqhkiG9w0BAQEFAASCCSwwggkoAgEAAoICAQD3lM/dMdqG0s7F +I6vfE881/vBa3VWFT8ypxTnQuvlYYKRSfvtwf/pAays1B2I8CjmFFgjcvoInmyzr +4QUhGhpFR2orBDQgBskyh4SCdjsi1DEtPiWvacgeCi2z0H2UYZeWpyChFIOhH3IN +aZMLAukYuDBNhOYmzngJbt6q4DmC3x/3ZjpnltMj4r4eqOZ+vGOISNSfczNVF9do +hhczVvuLdlXWLmQPHxV614D2uaudlbs8alGGsN/EHxvXVNGZAgZuHr0V6pBmWM3q +BAVc7Hnlp5OcOfjO0I8xlDoYJ/YQ122lujHge9oMm2ZfUesb9HGOTn8Npb2HY6n3 +XHDEEDZjXWS5i/92mgE2tLrXCNd2B3kII39WzyGuCsS+24dQtalJZJmVb+Neczk+ +qYWJdz+GwmOgsNGWsJYsk35YVhy07L/EoKG+8WzuRkWV7EbjazpkGOAopryusms/ +DlwqMslmXYygJ29tyfPh+0UtNrXAaDuMx/ySpumphdcoOBF6GxnniDiu9H89Wvk/ +Gh8BF2Yejxz2x9XfvX4C8+kFzaIyhNRiMpoa4CPTWg/sfrS6z5h5E17mHdm7ZxFO +Hi5xh+yCRkW2XOIW183KWh4mBDXmK5mP4ZIh8gUX1anGSbWOG4+uCluf2jU0GUOg +4hGapSClFZWR7Nkc5jKX2EtLHAtKNwIDAf6BAoICAA8whjeVhhDzCRVYs3jJR8kn +jnkShXseR9LIzs0YK59qwclF9mVlnalrCdl/o5xBnzVdkY8rfGvQ49TnqiUaItJz +WKZsIrhCX+uI/TOHGRNWZBX79DVV5U/nszhFg/7VzT3uEtUQ7GovpBRRPRTolI91 +bMNKDBxE3NkADMaQeng/a5yY9FNkmrI1SK8tLUz5yQyWJtvGafsm8f5Zn+x0XjW0 +LG1y/ABzI+i9UnHD26NTesN6VvrG36SB2k3MUZ1iW8pcX3iG3zNJokWIvMEutbHX +9lNc49XNLw8jPR38N/hL+nn2jMViGmxzjgbo5RIz5Nf9HRryYNR8KqKXVtdkgZKI +YW62X+o+Bzlc+N+G0aAhoB+HJ4jQLN8YOKk6AIHdT4NMy4LwqNooSPWwkXjY94ZU +omtYXFkeTUSbvNg88BNy3lrbl51YSKIsgbkU6moAaS0Gv9wQBviwk/1VdU9xaCZq +noL8zx7UCI9TcUDHypL/riBQvc5g+WLl8xPY3U5tNbc/mgMRvhJBnJdrrd/4jSEP +qwdpqtGWFjqBo5aMlwxkmXcez/PIFI+wm8BVSIpPxUF2ksGHP78YWqVDuaSShzle +KkebRQbAsqNmORazW9YkVKKf47W4cYdiZAh8W7HeRD8AAYmX/5+CecXPOrQI9gtq +vzku5n1EV8Qd3jbfLlghAoIBAQD86dU5DcSn/fjgvEKhvpmqUzx0O3O21EbiAgxh +NgKTr/4dF/Wx/5RKorRZBD9sKuC5lzy9B5lKraCbhHvsozqfeYnUYFg4tU8d/rAN +PuQHXMQANNEua4Dl0IhLRrTZwpChiVFunhUD+MzjhcPtHNbFq5eA6uclCMJWyHvI +32+detxLQFVhltjYfS0BnSQlKLIfoKsUi4whOM+RwoSbx58P2TkBohiLdJtgBseP +mC9qxZQQ+qFopueEQXp0Pxrd+dogfn3Fb639HXCTVT3C9NevkVho67kn6Vp2EfE3 +E1/DlayJMnnfEUcXLB6OfBg6J3PDVhycqnYTsrB7q1vkHl1ZAoIBAQD6mlH2MYUZ +S6g9n7ru1o6xYEWte0RkBs7XJkJiNEiRDeYwnBRUeVnUTxPwWCn7rVFyeUJcJW3/ +/LzS+yv3I+tOnrNyQnWYRbZTKTO22TaeTXq0RG8688pnZf3/LhhHSU8RqOymXOE0 +Q5By2W3EpAakzk9XtaC1rQeXxw7NyxzAONZtcPORGcfffZ36kd19BNDKLHoVjDTw +mGnMDIkliYRFI6AUJNJsq14XVjroCi7IVqsFa9HMsWWMWuBtwGQkg0caEiA3o2lr +a3blPI0jxhKocmPFt8kl7h3y2aBTqQ9T7Eewu0mDMPc/SYbP1if6oNsqeT1Fddxr +vuZ9Q3YTDiIPAoIBAQCfhWZ5NBoZaBLhfTJSmwfd5y0gHnZUC6h4YnVt7lIvWYaY +fQXy70Q+6Rgm2GG745fp+urOSlr/b/uY4pPo+4Nf1wGKrgBEhQ+VtozH9BM+IkqO +IoovvyUhTal/GcA5iY2YckQnO1V73JxpSwBNFN8SWF22lk/kJogCj6mIKhfPak8W +oJeTbUUGcDG+DHx1VDdcm7JvOuMiQLi8DG7wcMuhq/0ord3dEqm4vpYLxPQOh7Xd +pNtaRZYA+2XQSotpyOX8n+Y3Y+Y3N9TzA9Hd266Fn637SU/dnuJVNZAzECq+mvLV +QrzfGOHBK6gz0D8HoMpt0oun4q2o1RizEDvD0C7RAoIBAAyP1x0bzOZDZvKi+iZq +pwawA/Z8EH/lgUm4d4PGlwRzyfRVOseXJDx3NPe9AfAezyOPSC8RNkkMexgR/i6s +jimUii5eIMEeRhvG0OZyatE9/jcnw9wyAbCBglxingzeuxgjAxC1mTuYSua9F28B +Cfn4Ktw+fShkPmNRxxpaUt9bjDb4aYdbzoncK/W10timK2rtSJPZTHwTNnzsvXyG +b5RaGrmvpAWPk4lAw8Ei5+YM55BsZiFEanRvbh1rRN9WPrQl1Tg3cNA5sKdnSgO9 +BLjCeRUnnCd8WbVL3cNB/Xi6GOTk/Z7OYGSdhRl4znr8RNm2zn7uMLMypXDZp3oI +mMMCggEABacZRzOZ1sxVMiXy+cg4nBcJneWN3KYxhGVHFAScaugGiWl3+3tFs/5p +T2GzT6kcZ5KHBBtDwB8AGgDf5FPzL5DqE2vNSlXCqMel6oBXWL8zCbyMy9uxGfnH +HDIVvZFei7DJIUm3wLz15FsvlTxXDSby9rwuy9qZA1mzCb2SlIAGxnca6ppSer5c +FQMKEvfFh/5AkmpI1JJWGcKX+KXMA1EQMBZI9FI3u4ipGEJlE9VcmbVAgbadme/N +ipc81r52TRf31fVVPFHX323GXkXgOwRoo9OJxTUL7ygBacNcH/qfkW5NgRIE4dup +uswo9dEYJgsU10poavF4Xx3IcrtCeg== +-----END PRIVATE KEY----- diff --git a/common/src/mock_certificates/sha256_rsa_130689_4096/mock_dsc.pem b/common/src/mock_certificates/sha256_rsa_130689_4096/mock_dsc.pem new file mode 100644 index 000000000..7debe8ca5 --- /dev/null +++ b/common/src/mock_certificates/sha256_rsa_130689_4096/mock_dsc.pem @@ -0,0 +1,32 @@ +-----BEGIN CERTIFICATE----- +MIIFjjCCA3agAwIBAgIUMIdYHXa5ebgLEe3kgGC1aYrgjncwDQYJKoZIhvcNAQEL +BQAwYDELMAkGA1UEBhMCRlIxDDAKBgNVBAgMA0lERjEOMAwGA1UEBwwFUGFyaXMx +EjAQBgNVBAoMCU1vY2sgQ1NDQTEMMAoGA1UECwwDUEtJMREwDwYDVQQDDAhNb2Nr +Q1NDQTAeFw0yNTA4MjkwNjM1MzhaFw0zNTA4MjcwNjM1MzhaMF4xCzAJBgNVBAYT +AkZSMQwwCgYDVQQIDANJREYxDjAMBgNVBAcMBVBhcmlzMREwDwYDVQQKDAhNb2Nr +IERTQzEMMAoGA1UECwwDUEtJMRAwDgYDVQQDDAdNb2NrRFNDMIICIjANBgkqhkiG +9w0BAQEFAAOCAg8AMIICCgKCAgEA95TP3THahtLOxSOr3xPPNf7wWt1VhU/MqcU5 +0Lr5WGCkUn77cH/6QGsrNQdiPAo5hRYI3L6CJ5ss6+EFIRoaRUdqKwQ0IAbJMoeE +gnY7ItQxLT4lr2nIHgots9B9lGGXlqcgoRSDoR9yDWmTCwLpGLgwTYTmJs54CW7e +quA5gt8f92Y6Z5bTI+K+HqjmfrxjiEjUn3MzVRfXaIYXM1b7i3ZV1i5kDx8VeteA +9rmrnZW7PGpRhrDfxB8b11TRmQIGbh69FeqQZljN6gQFXOx55aeTnDn4ztCPMZQ6 +GCf2ENdtpbox4HvaDJtmX1HrG/Rxjk5/DaW9h2Op91xwxBA2Y11kuYv/dpoBNrS6 +1wjXdgd5CCN/Vs8hrgrEvtuHULWpSWSZlW/jXnM5PqmFiXc/hsJjoLDRlrCWLJN+ +WFYctOy/xKChvvFs7kZFlexG42s6ZBjgKKa8rrJrPw5cKjLJZl2MoCdvbcnz4ftF +LTa1wGg7jMf8kqbpqYXXKDgRehsZ54g4rvR/PVr5PxofARdmHo8c9sfV371+AvPp +Bc2iMoTUYjKaGuAj01oP7H60us+YeRNe5h3Zu2cRTh4ucYfsgkZFtlziFtfNyloe +JgQ15iuZj+GSIfIFF9Wpxkm1jhuPrgpbn9o1NBlDoOIRmqUgpRWVkezZHOYyl9hL +SxwLSjcCAwH+gaNCMEAwHQYDVR0OBBYEFOyWBnUTIcCTd5Exvs8qI3xET14TMB8G +A1UdIwQYMBaAFHfWN47BJz4L4XjKEjWNdEki76ssMA0GCSqGSIb3DQEBCwUAA4IC +AQA78SgRq5tTri3MIWwmcnzazL4fcU5K65vWQboKD4z/grhPs27fkoIXllth91l1 +nSXbYc4mncVoxjOR14VwVeKtmiNYhuQdv6/EPO7JjDKuFncBb/ZblReVpiAqC2+V +kYjDnPjt+du33PKTURZpgEmDMVDCkLAwSucyd+TPc7bcrbdpzVb2RTwbtTVyqfmC +1hjebfnnbO9S4yW7dkEZaxY6Abv/gA5D4K/uKeVOdfvuEZVSUbbseDgD108q+mZN +Ga6PmyBie6udkpyjC9Lh2HdSo3FQiwCxmP8nNAQNi6f2FgCaH+P0xKMNgPhNSuDS +hjOoxWqElFcT/ruhxg9f0YHwsyhX03SKwnWjIacpUBBMKsuukznzOH42A4aQWUkE +5LeG4WrcQSuVao1vVJr3mmoFwQLfhoR88hKUqLFjlWq3mbVtxFbHud07RgpSRo9r +wRSM61XdzKgNizVInn4ynAu9Wm00KDvzebVbBNFbkW+PubGF0pfaxwX0aZiMg9yU +KYpd4PHk8kAAPV7YSKsqPu/lKOKqGIkZV8ZBL11uwKGphURlzY0iap5FuY+Wv888 +gc7DZ+c8gtF5frm4ACIO0+SC7CbGNmM3/3M7cAWTsPHmc7Zp7af0EZMwOzFeEGvJ +hhlw2WFTDi2EvmmJSlgCILlXVvNpKxGCy7+ONxKdbD52Ug== +-----END CERTIFICATE----- diff --git a/common/src/mock_certificates/sha256_rsa_56611_4096/mock_csca.key b/common/src/mock_certificates/sha256_rsa_56611_4096/mock_csca.key new file mode 100644 index 000000000..4c4b7646c --- /dev/null +++ b/common/src/mock_certificates/sha256_rsa_56611_4096/mock_csca.key @@ -0,0 +1,52 @@ +-----BEGIN PRIVATE KEY----- +MIIJRAIBADANBgkqhkiG9w0BAQEFAASCCS4wggkqAgEAAoICAQDRdOOrWzMx+rTe +vSYqN2eNSKOcpyjjKd/Rzdn+Lnh3nA9PuDpBF6LHpp8i6snH646OZL+AQRYJF/EI +nHkRMXjREVl75bGMQGGmCqpHm6dj56ZD3BaBmKbbKNYMG62ROQwzYYfIF3ozEWaK +MvHULh4WVoKZvyoYUddkqXiUoWxd/BP0FoJAuH6y4d+ZYZDkHNTaxXpeqUol7zI6 +Slv5/71vlO/p2OrS9ine+N92iU8sNT/LTawqsm9VEYI4WMQZwPj8sWvECdGzRbhH +DqHnG+Nbt8APdVxWlPdCHwDT4eVvxmNmmIaLsHRIQiiWiFInapyAiuaPP4orYmpk +l5r3qCJULMZq7pf+LQ6jY7w0Mrr1sn5gWirLF5gjMpEe33TZCuWa1CjPCdtl0TKz +nlowhX6REf6m/OvIXGHcRKA8MJKbq+6tpRnMqXWCyBlVk1u3rF4wRgwEFo+oxurO +AH88dG0cJYUiF+kB1GZBqFQk6e/dKWN24fC4xfe/wExwUFUNUokdVfQeN7L7Cjn0 +3LVixKTuAuSO0Y7XAwoJdaDn3SgPGcYDhQmC24/KCxmMTa2ardXbrmNtpNUwvLX0 +XoFEfvVJYSZ8hjHcnnEySxv6WRwLPgLflcco43eeTvjuKcYYcI45R2kfYSrg7uLL +D+S6L1jqNOGITCkb3WxUQvT0v+rHbwIDAN0jAoICAQCkp3gW0WGLRtjAY0qFftGc +0olFWIol//8j6Fnr93RUIYfIhgzKpB5+D1xaWcZ92Ls2NhnBt9jOGi60ndLeZmXw +Le9tzxf0U81wEitxSHexUgfc+6aOCoLQKPAAWPAYy1zR7s7t92wqtpHQtTDtS2aa +USD+VaUdBEAqDvgD291hHIoyqYAwwr0SeTkpafowuxZu3XNBdIOzGVUP7TwZCbZp +NMDGV/ta7cfkm5d+fKAkGX1D3peQ23oUsV0eWkhCjSHqTJGSuLRSAOKu/0LjeY7e +/hkVghNfC6SFE7o93+7vZIReNTxnzfxvzyWLnDs1iXiSMjHgZfGUB5Ibu12km2MK +NGmF74CDC3eAU/E3haHabAeUOqdJvYu4Q7iqCTVqEHYTtQl7DFQmOz6xroOpg/F9 +bEg2cNHAU/6u2pvnzaqQkhwuYPe7OD0BJvnMg9lBVK3BxloSpTxKVwI5XQBKU1HL +L0MJONMzpFubWqsL/LEtVRmrOJJ4NvA+HxRY3bCLotA+EFauoSgKeXI629gcB17o +kO0et2zP3GbGvsu1T53n9EjXyKgtOv/rd/YSLrpLXOd2cuKtNx/3Qdn6hKDoTJrV +bUepvgksFRQ32eZUbABuVvRst5hhKBYsiGNqnMAObPBSL/cExuT2oLPy4Qrr1PtX +FqE7ENtXZAqdbiTiHsqbmwKCAQEA9Po5dvybxb+iS8rc17u7ZWmTXelbY4KROc7b +hFGjQv031FEFIz4d4Oo1OWeINCrNffGDO6f/dV8stLYNdb7btMJbGsfEKkaBm+Ye ++nt+hhwHGIWGWjz9l1BCKREK6v6B9bkQ6hycABGIR14yBpiFfmKHnhGeYjlBmnIP +RQiReQIUVT0FsGHXytbMrJ+WVSsjbfNcctUk+3ob7XJzqIwj54rMR9sreihXDOw7 +H7HvyLhHKdJwq+lR2XMkzp83P+SsdScuf5uVWtEtW5lq7a4w3KMFElAYsRLLv+xA +mZyyZiRw8Rku6GqTarsBQDaMaX0clRdkYVpPc8cXz5dghl/CZQKCAQEA2uGEhDIC +yp3OyZPPn9IOBGtC9ZGSc1SbC6P8uxaD1UmBkYy1ijWSM689gYAjtxY9IElCpC1R +JZuVi6e3EdIk6W8t344n8H1UUjaKOSZtQX/LIA24QVXhyCUnq++D8oZ+uH+zhorf +o9Vx/g6K3yaDQ0NqPeHO0y1jQLlqAmJJrBly5HDpRXm98ZDKHJAsjzf6VZGxeyGi +7NYxEUyxZHOsxB7AMoGpOiMf54qt1kLenP4qgfg+Udxc4FfpJp3qWhzSwFG8pspW +UTpZTFdN/0ZNbjV++Jyvx2vslZTq8v616LOCJA2ot9QozQVqTfzuRRZTl8BuB4s0 +GzpD8VXhcy1bQwKCAQBbxm6DdorN9IDd8HYv0Tm1hwa+jT5i/NClGNyc43B0zcxV +7LVzn6b721jQrv3AOB5sYjytOUwnEZSGt3Ol8wTZU3gwq1t2yrrU2fJvduuwo090 ++G7kUZ4nKuMYPlBXdM/PSnH4rWePC7f/o9ZqlBiPXDQXGCjieMOMQ/aLVs9Mo6on +nHBFcSL9/MisE/ki0rpsc7cruGVUcmQCQa1Vk5PFOJiuVt+I+oOsHinbTCt4Ffg1 +3snGtpRovgNu7/p4SKTH1BJ8nhRF5EjCN3Ug0872RlLj+0ty9BSQTqFWeZro57Bb +/G3E8U3Je0JqCpqzrTHa/z6LYnnX/sJaXilu/rKrAoIBAQCWnKJ6zuA8WyZ3uLh/ +HHO3JFdTO3lKC58aLNPKPd7/vsAv9WwZj5/PJU728sF+ZLvaXuqyxDrUrSSoeiki +velUR5LBrUuxOYBO5Ew6IwiOEZtpidFx+Aqy3utZrfDG7NPlyAYFOtyyJoW3VNoN +SJXQfuiXBU3BFjygWPJVWCFiHzH1LS0Blfgt8U+oOkEJyywRNFlW5InbhBPxoWgR ++d21QshvVu+gdYXzuDBnO++6dAqCjlO3d4d6sX7x5WNDoJxEzvkxtYXxCCD+OXXl +pMBFVPv//XodmJ3mkCVUPOlgQ+E8MZKyICzApRVbT1Xchbla51qqb+JwFIxEpeEJ ++G2nAoIBAQC0mjjGqEXX5Nj6foFBtmS5AJNaAezp5vReI+yaM0T4t4oHGwajsCby +DtHlmKLHnHtgrkpbG6gemAMtt87wJCh3kEJCxJmerkDjzVgEdSNc0Vw/IjkLKUjz +1xYA/PcbK4Cbsl3QJS7ejAPDvMiWewtMBY6VI4V8fFIzUT+FEPpH63JMjG24X8Lc +dlYMZVgZtE2xGX+WwH7YnFPZrq3QLxVlhO7EkCQwCioxl+N98p3cNUnzzUkJ7E7x +IssNWCJe+NoVWOmWUbyI1L79z7VQtomR+/gNHKKZYJzg/JYmqYwLrRWx8JtFDs9M +L9AOQ1Q3LmR/z0Op8nXzyaVbl3rIGf20 +-----END PRIVATE KEY----- diff --git a/common/src/mock_certificates/sha256_rsa_56611_4096/mock_csca.pem b/common/src/mock_certificates/sha256_rsa_56611_4096/mock_csca.pem new file mode 100644 index 000000000..9980a6e0f --- /dev/null +++ b/common/src/mock_certificates/sha256_rsa_56611_4096/mock_csca.pem @@ -0,0 +1,33 @@ +-----BEGIN CERTIFICATE----- +MIIFoTCCA4mgAwIBAgIUMxK12nx2zCGyjeCJgvDr/UMopVEwDQYJKoZIhvcNAQEL +BQAwYDELMAkGA1UEBhMCRlIxDDAKBgNVBAgMA0lERjEOMAwGA1UEBwwFUGFyaXMx +EjAQBgNVBAoMCU1vY2sgQ1NDQTEMMAoGA1UECwwDUEtJMREwDwYDVQQDDAhNb2Nr +Q1NDQTAeFw0yNTA4MjkxMDEzMDlaFw0zNTA4MjcxMDEzMDlaMGAxCzAJBgNVBAYT +AkZSMQwwCgYDVQQIDANJREYxDjAMBgNVBAcMBVBhcmlzMRIwEAYDVQQKDAlNb2Nr +IENTQ0ExDDAKBgNVBAsMA1BLSTERMA8GA1UEAwwITW9ja0NTQ0EwggIiMA0GCSqG +SIb3DQEBAQUAA4ICDwAwggIKAoICAQDRdOOrWzMx+rTevSYqN2eNSKOcpyjjKd/R +zdn+Lnh3nA9PuDpBF6LHpp8i6snH646OZL+AQRYJF/EInHkRMXjREVl75bGMQGGm +CqpHm6dj56ZD3BaBmKbbKNYMG62ROQwzYYfIF3ozEWaKMvHULh4WVoKZvyoYUddk +qXiUoWxd/BP0FoJAuH6y4d+ZYZDkHNTaxXpeqUol7zI6Slv5/71vlO/p2OrS9ine ++N92iU8sNT/LTawqsm9VEYI4WMQZwPj8sWvECdGzRbhHDqHnG+Nbt8APdVxWlPdC +HwDT4eVvxmNmmIaLsHRIQiiWiFInapyAiuaPP4orYmpkl5r3qCJULMZq7pf+LQ6j +Y7w0Mrr1sn5gWirLF5gjMpEe33TZCuWa1CjPCdtl0TKznlowhX6REf6m/OvIXGHc +RKA8MJKbq+6tpRnMqXWCyBlVk1u3rF4wRgwEFo+oxurOAH88dG0cJYUiF+kB1GZB +qFQk6e/dKWN24fC4xfe/wExwUFUNUokdVfQeN7L7Cjn03LVixKTuAuSO0Y7XAwoJ +daDn3SgPGcYDhQmC24/KCxmMTa2ardXbrmNtpNUwvLX0XoFEfvVJYSZ8hjHcnnEy +Sxv6WRwLPgLflcco43eeTvjuKcYYcI45R2kfYSrg7uLLD+S6L1jqNOGITCkb3WxU +QvT0v+rHbwIDAN0jo1MwUTAdBgNVHQ4EFgQUBwvobg7BPbLHT1ZxxZWxut+2qC8w +HwYDVR0jBBgwFoAUBwvobg7BPbLHT1ZxxZWxut+2qC8wDwYDVR0TAQH/BAUwAwEB +/zANBgkqhkiG9w0BAQsFAAOCAgEAJlehyGI73cXLPjqQu50yyf16FCEeMmQBNXnb +4x6YuL2K15iAFtpHmA2v5mW36GdYeMxQBPDcs6gtMdvia9cYmMLzm5VixaWoGXuK +/CiOdrjFW1t2QcqLmnIzVuezHUSRs4NaT5sqNGPQmf/bwfrbNhgAxkZcO/tE33Lb +y1l6RnD29A6onmICQm/q7DxEIgpbVMgmT4z41cVBKDwm/onBR0vRnGBKcGvw48rN +jH4wU3mmrdOGb8bS5bpnOdd45DTIKv1ZmBqs/rVZU4R8mlxlJVHOpp15OLLPWw9F +Ikc35hzSNVwj/sVa65LdnlERMVDo+r4B52h/CXQjPlXkuWkJhBDLJPHrP4O9lp04 +JqrzAbvjR9GTncZgpFgXqJmMX48dOXKjKz4IbbGzKB3ZbxHHmH1KeUXzIbwWxobh +X1j6IrkMDFgH/EOmpajKkxfBeVig6qHWXBQMAu4/kWn8YigjbZXcRd0d6+S2j3p9 +u5uesyXeQ93ZuK3sXQiYezt1mavPcjwiiScmjWpB+HAl34p/cijY1FDBQfefHM4E +e7t926poZPHFkcYqw99F6fWapfB1ZSd2i54SWoCDOJ1v8VMKMEx+BkDUFrLAqATu +FqRmD1o1JBHYDpXhKq9u8itvFPSCIg+mPzG9IJFkYrMWJ5PnFwAPQSCRv5Tkf5+9 +jwxBSRU= +-----END CERTIFICATE----- diff --git a/common/src/mock_certificates/sha256_rsa_56611_4096/mock_dsc.key b/common/src/mock_certificates/sha256_rsa_56611_4096/mock_dsc.key new file mode 100644 index 000000000..32b69008a --- /dev/null +++ b/common/src/mock_certificates/sha256_rsa_56611_4096/mock_dsc.key @@ -0,0 +1,52 @@ +-----BEGIN PRIVATE KEY----- +MIIJQgIBADANBgkqhkiG9w0BAQEFAASCCSwwggkoAgEAAoICAQDAp36sTfsax3k5 +sCAnOYwXGYlW2VWIVsKANfPMC5nIsfaD+OwLJt57m/fKYC78bdY12gURuckl2rBe +DeuEmJJ5IP4KSCGhv4HRxLveHHJ7X9yzmlG346BxWhdgxWukGvWAJGX8nu1/bgu1 +Zb1lOY7bjiBa7z5c/F5ZkvcFdy8/zp2xwH0ZvhLMTXBlFtOr8Y8VAnYhkdgw4dBu +EWkiREs8ILa2PUAKcX8uE/HEofbYFn1cRQ6r+hVno8L95fRrliTYkVhswYUKoivi ++q9f14dRzJvpZWZnUsCmuCC/2JSD+VOMqPWy8T8vJRIYeWi4dXNuQ3A1c1sElv3B +mi8KyZ6hfV9sqGayVFCrrN0Q2fjuWA87MQcweRT+XEAaETQg4ORkB4aBXar3c3yL +kcxBTcJ8rsXGuvaRt/i1IzxUp6rS2DpGJhO/7pkxglQ+ksVYns4ecGbRzrMw1OcA +J6ioGarGS0w5ri4HbIZ5ctibHWDZEe4BdoDdI954JBhH8UrctrTW22NsvxCf8xKO +GXCroJu17lWuIDedY8M6lL83wjrKKIl6ZehJfZOgKSLibGkkRb9x/5PQ3hQTHPFB +2YBo+3A0IFG7Toq1QlA4Cx1EHiiou8hQ4s+5rVJt6YVe9upBCmdOuY1pXrCoECfe +Ki6zFlfKUQaDHMOJQMw1UPQ2jIAP3QIDAN0jAoICACBD2IYWATAdLvbwnqEkrg1I +nVRpUvFfXyDat0ojlAFdWn6wakcZ0af9l1A+msYNhS51DltA3hmwkNdyhRCCRAY0 +VWWjNDk/LQMo+r+fiGGL/v2EAWBy4nGYTCIOOWax9Ihcz7tN5IEwVIHTNV76FWgN +8Kvf4tOKzH11RU/s4Ey0Q6kala1bIq5GIzBc8uV0hFWwgu2WVFqBt2dIIF8+nTUa +KIV4e99c8I2aOpCx2v7OM8yjnb7nx3fYh+sc+rpW4rjf9wukuMYGpc3Rv7ECr82p +gTg8b1KbkVuBscfnWI6ylMOudtjoQd1Is4XxDUKjvCaKQansrZWU48Sl4oIFfpE3 +MqG1JQN26M6AImMN3NI4jMq8mflerv6h3RXE9IMtZ2RCV4XZqOppAGdxlCKX03Xc +3kTm+avweSwwUZpq0nsONjpa36+3lxmk73SvrUZ1osGdqrUtFt//snUDsu3KXA87 +AsyyjlaNbVpNhgjOFto2OPmz3r1Tp0pV+lebKsGNZdG8hSytWQAg6yc6/+m62HPR +sJAQl1FxX9E+9LLIQDGXWPuXQc5jvAR4/IKyNlFQJJx+MWIiZDFlCS3DgAqTCVlB +6g0yWA6bDFPjxxjfmRchVFduPkHSNvZBljZZ4y1loqSv6GK7RpEAn768ykwBY0vk +P5VhSmQYQos6hF6kgRdfAoIBAQDluKv2iYpzUulCKK3VNEoSn3puuMkhdkDVvtJO +plyLkQP6EzL98xcxnUo/QWDB7rTlw34yUCdL6Ttxp2Y2R688HCPFMQBHryxoWRwb +RWCCNTqL0kY3swmVReTKv/m1pvCxxR0VfBaxW5IEz3JFkqei80hOgVo1SSqCUbqf +ksWirue2axG1HWTmMXROAyF+F3GoIecJtpK1jzWxzyYw6VDGPOz4FB5Vvosuw9/c +bG+1XnIuj9ZaQU8/6rAr7FFXlr35hgZ2HHxR4kuWpJ235qngEST+z2RC1gFVaKqB +cL3d6qeVgF+RlLYqJDHG/YhD7mIxZRWR1WLvI16tYd3hlWBLAoIBAQDWsVK7ZyiM +7fzu0RxJy+MPskbw/9/2QLOS+t3xBdnSp03M2KDbjtJVNop9rfnMRXA5vM/zWzqE +1axT8Ija2KYa3mPDpHnd2OgT89TgFj6wMqb9NSEay/I1QqUXfTkCngT1ncpR3Nc3 +hBeQ4t+jnUexOX3uU5HOlypG1qYU0+BVCUhmSx7wvlPTaCJYl18BueA2BqUJ5a0K +HCgtrnzju2J5nU3Jl960x+q/D9Ugdux5w3hzFLTt9duSPSwZHikEx5rKIBM8LSGx +89j778nQTKnw0hdyfhHtP6Qqp4ibndl4uwrECwpBcabn55r/P3GTm+WWbxtW4nFC +AVBmdc+w4sd3AoIBAQDCx2NCmsuSsEU0sxJYNPtgdbX0q0/NJSRh+OVc9JOC9Voz +WT4kfb95PGIG3cPR+cZ69W1SIiUy+8bLXi29ZXvpgofwLdEEjF7LQWvkdRY202Qs +1+VBZGt8GlLK7CZZi53Fp8lllyml4ulS92wnlNpFgocU4uhPFANbf9Olk4g0Kat0 +m8ZH3qRxp5ijpGVrtmEVR7pk7fRS6OVXUEFyiPMvbjSy9eKUESk7NbYAEdo13sP3 +F9MZxCAfL6PuWAi8L7MbiJIGa7Y+nlQ7cggF50CkOgoIZ/Zojv9V44YcWERWhdWn +t7W5qlJmoZE5Nksn8IVA0nIhQSZKCZhc2lXnpeuLAoIBAFW/IbdhyRu6roMwAVKI +CiXsdAabgogn9+DnLBFHpZhgUm9HqiXrbLpD2rMoCpCMyQ9pv7cVLIfl18Du2R6O +77ocgU9hth1rQ95Ptk3y/QzNJb09984djMt1LBu2xJk7UVRx8rD1gepKUWBogOEF +dCiMJbKDqP5lMMnQX2ZNDUJYc5FwBROo8uNnlW4S8+YlDDdGsp1cNvTdwgp51n0P +XGfsGU58AEl8nlcib+2cI/LlV6Sr+pKHLzMjxMOZrp+/e+fQmCwRGku4udlsMRoa +EdmDnMxfENnD4MRdI8envmq3dZwZxYvmZ2qd6LC9SGGQQQY15hK6n8wDISo16t6p +Uk8CggEAPOjUq9x7fkelTLXGKnaPx6Y1xfDofCKqlfeo2Cc8F26QVIhPQzix8AJn +CA9Lci0PX2D7yu67Ro40l8UYYPlagbldqTdkqGdcFRot0Cf8lMzcyY9COyEmyecL +GkR9wcUIKt8W7YI2Ls0oF6WOGA7UW9/NhO0Zfmn69VkxG/kNqWxs/EoFjKMB494X +VjYQJnUTGdFjB3pAgbhPoCz+ZpWcaWaYKvBPLyJKaGrpgflEf7U705h0JayEJCHT +tY6oXZRtHlFI9Ualm9n8va75/Jx3tS3B52iMg8j7sf/efwGZQuq1PH1nfg1jiugX +yp1H7+KVPOJtiPBAklqRRNV2J0olmg== +-----END PRIVATE KEY----- diff --git a/common/src/mock_certificates/sha256_rsa_56611_4096/mock_dsc.pem b/common/src/mock_certificates/sha256_rsa_56611_4096/mock_dsc.pem new file mode 100644 index 000000000..04f45d7c8 --- /dev/null +++ b/common/src/mock_certificates/sha256_rsa_56611_4096/mock_dsc.pem @@ -0,0 +1,32 @@ +-----BEGIN CERTIFICATE----- +MIIFjjCCA3agAwIBAgIUFCNDwzzlWISNsquziFp5pZvNXLwwDQYJKoZIhvcNAQEL +BQAwYDELMAkGA1UEBhMCRlIxDDAKBgNVBAgMA0lERjEOMAwGA1UEBwwFUGFyaXMx +EjAQBgNVBAoMCU1vY2sgQ1NDQTEMMAoGA1UECwwDUEtJMREwDwYDVQQDDAhNb2Nr +Q1NDQTAeFw0yNTA4MjkxMDEzMDlaFw0zNTA4MjcxMDEzMDlaMF4xCzAJBgNVBAYT +AkZSMQwwCgYDVQQIDANJREYxDjAMBgNVBAcMBVBhcmlzMREwDwYDVQQKDAhNb2Nr +IERTQzEMMAoGA1UECwwDUEtJMRAwDgYDVQQDDAdNb2NrRFNDMIICIjANBgkqhkiG +9w0BAQEFAAOCAg8AMIICCgKCAgEAwKd+rE37Gsd5ObAgJzmMFxmJVtlViFbCgDXz +zAuZyLH2g/jsCybee5v3ymAu/G3WNdoFEbnJJdqwXg3rhJiSeSD+Ckghob+B0cS7 +3hxye1/cs5pRt+OgcVoXYMVrpBr1gCRl/J7tf24LtWW9ZTmO244gWu8+XPxeWZL3 +BXcvP86dscB9Gb4SzE1wZRbTq/GPFQJ2IZHYMOHQbhFpIkRLPCC2tj1ACnF/LhPx +xKH22BZ9XEUOq/oVZ6PC/eX0a5Yk2JFYbMGFCqIr4vqvX9eHUcyb6WVmZ1LAprgg +v9iUg/lTjKj1svE/LyUSGHlouHVzbkNwNXNbBJb9wZovCsmeoX1fbKhmslRQq6zd +ENn47lgPOzEHMHkU/lxAGhE0IODkZAeGgV2q93N8i5HMQU3CfK7Fxrr2kbf4tSM8 +VKeq0tg6RiYTv+6ZMYJUPpLFWJ7OHnBm0c6zMNTnACeoqBmqxktMOa4uB2yGeXLY +mx1g2RHuAXaA3SPeeCQYR/FK3La01ttjbL8Qn/MSjhlwq6Cbte5VriA3nWPDOpS/ +N8I6yiiJemXoSX2ToCki4mxpJEW/cf+T0N4UExzxQdmAaPtwNCBRu06KtUJQOAsd +RB4oqLvIUOLPua1SbemFXvbqQQpnTrmNaV6wqBAn3iousxZXylEGgxzDiUDMNVD0 +NoyAD90CAwDdI6NCMEAwHQYDVR0OBBYEFA9S95imR3Cgqxp+oWG4CkXmyF+zMB8G +A1UdIwQYMBaAFAcL6G4OwT2yx09WccWVsbrftqgvMA0GCSqGSIb3DQEBCwUAA4IC +AQDRRmR5zDJMb6wsYnAVcfcbPltJUA5olH/6cFEapIOYDxsh6XP4LFvtG17ImcVO +//C3ZqY8DrT3RjmuOEk7KahMv8T3sdscPK5h/1vgogiHkwIyvd1683be36OYej4A +cTQwPUuMerYO922n+CLxDjlr0rE/nEeuyJRSZWQey05W9nPyyB045kBffANL6HTq +y3OkkSLKhBtP72mOt/djF5wP8c+vcHy9EJ+M9d51dY9x8cYkqvx9XHcLuxo2l7Tf +oCq9xb0zcWBf8pEwR4AQMlxv2JkpFloOWb3uwiDqDmy6XdReVzzbDGcKPkYjnFVN +jjXYIxqKFg3FR1NerNYW3oopF75zRmnoblwCu4BsfmILCx7XptAvxX82CvqfT721 +4ZVHGxhXXKkarULdXszj7v4i8yG5k86f36E0Is+v2EGNosfmcYcRqx09AzysyXYL +PnUE7+PN4AvHzVsaoQYe67CVDbH2DDI0R+jmoW3+hCCT6epKq+TKr6NKxekNSrCI +Hm82DoRt6nl1G3Jz8/Rs1VpWCHXJgFtzdYqeCsYM3Czy0ul9//c+0deZkujrR7Zf +I8lu5HgK1w/tQaq4mbtifyjcx2v0BvKgVGgbUv/4Ihc+uLpawUQNX1nAA2zArzkK +BJfRIQ5OH8p5UFe8dzoQSvBvVJVG7ULpIwp3KucZs7uN+A== +-----END CERTIFICATE----- diff --git a/common/src/scripts/generateCertificates.sh b/common/src/scripts/generateCertificates.sh index 8ea647bf0..82904a5c9 100755 --- a/common/src/scripts/generateCertificates.sh +++ b/common/src/scripts/generateCertificates.sh @@ -243,6 +243,16 @@ generate_certificate() { generate_certificate csca sha1 rsa 65537 4096 generate_certificate dsc sha1 rsa 65537 2048 --signer sha1_rsa_65537_4096 generate_certificate dsc sha1 rsa 65537 4096 --signer sha1_rsa_65537_4096 +generate_certificate csca sha1 rsa 64321 4096 --force +generate_certificate dsc sha1 rsa 64321 4096 --signer sha1_rsa_64321_4096 --force +generate_certificate csca sha256 rsa 130689 4096 --force +generate_certificate dsc sha256 rsa 130689 4096 --signer sha256_rsa_130689_4096 --force +generate_certificate csca sha256 rsa 122125 4096 --force +generate_certificate dsc sha256 rsa 122125 4096 --signer sha256_rsa_122125_4096 --force +generate_certificate csca sha256 rsa 107903 4096 --force +generate_certificate dsc sha256 rsa 107903 4096 --signer sha256_rsa_107903_4096 --force +generate_certificate csca sha256 rsa 56611 4096 --force +generate_certificate dsc sha256 rsa 56611 4096 --signer sha256_rsa_56611_4096 --force generate_certificate csca sha256 rsa 65537 4096 generate_certificate dsc sha256 rsa 65537 2048 --signer sha256_rsa_65537_4096 --force generate_certificate dsc sha256 rsa 65537 3072 --signer sha256_rsa_65537_4096 @@ -259,9 +269,10 @@ generate_certificate dsc sha256 rsa 3 2048 --signer sha256_rsa_3_4096 generate_certificate dsc sha256 rsa 3 4096 --signer sha256_rsa_3_4096 # RSA-PSS certificates -generate_certificate csca sha256 rsapss 32 65537 4096 +generate_certificate csca sha256 rsapss 32 65537 4096 --force generate_certificate csca sha256 rsapss 32 65537 2048 generate_certificate csca sha256 rsapss 32 65537 3072 +generate_certificate dsc sha256 rsapss 32 65537 4096 --signer sha256_rsapss_32_65537_4096 --force generate_certificate dsc sha256 rsapss 32 65537 4096 --signer sha256_rsapss_32_65537_4096 generate_certificate dsc sha256 rsapss 32 65537 2048 --signer sha256_rsapss_32_65537_2048 generate_certificate dsc sha256 rsapss 64 65537 2048 --signer sha256_rsapss_32_65537_2048 # DMK @@ -278,6 +289,7 @@ generate_certificate dsc sha384 rsapss 48 65537 3072 --signer sha384_rsapss_48_6 generate_certificate csca sha512 rsapss 64 65537 4096 generate_certificate dsc sha512 rsapss 64 65537 4096 --signer sha512_rsapss_64_65537_4096 generate_certificate dsc sha512 rsapss 64 65537 2048 --signer sha512_rsapss_64_65537_4096 + # ECDSA certificates generate_certificate csca sha224 ecdsa secp224r1 generate_certificate dsc sha224 ecdsa secp224r1 --signer sha224_ecdsa_secp224r1 @@ -293,6 +305,7 @@ generate_certificate csca sha256 ecdsa secp521r1 generate_certificate dsc sha256 ecdsa secp521r1 --signer sha256_ecdsa_secp521r1 generate_certificate csca sha512 ecdsa secp521r1 generate_certificate dsc sha512 ecdsa secp521r1 --signer sha512_ecdsa_secp521r1 + # Brainpool ECDSA certificates generate_certificate csca sha1 ecdsa brainpoolP224r1 generate_certificate dsc sha1 ecdsa brainpoolP224r1 --signer sha1_ecdsa_brainpoolP224r1 diff --git a/common/src/utils/passports/genMockPassportData.ts b/common/src/utils/passports/genMockPassportData.ts index b4b0f3ce7..7749d22c2 100644 --- a/common/src/utils/passports/genMockPassportData.ts +++ b/common/src/utils/passports/genMockPassportData.ts @@ -1,6 +1,6 @@ import * as asn1 from 'asn1js'; import elliptic from 'elliptic'; -import * as forge from 'node-forge'; +import forge from 'node-forge'; import type { countryCodes } from '../../constants/constants.js'; import { getCurveForElliptic } from '../certificate_parsing/curves.js'; diff --git a/common/src/utils/passports/getMockDSC.ts b/common/src/utils/passports/getMockDSC.ts index 61544a80b..bd106080d 100644 --- a/common/src/utils/passports/getMockDSC.ts +++ b/common/src/utils/passports/getMockDSC.ts @@ -161,6 +161,34 @@ function getMockDSC(signatureType: SignatureAlgorithm) { privateKeyPem = mockCertificates.mock_dsc_sha224_ecdsa_secp224r1_key; dsc = mockCertificates.mock_dsc_sha224_ecdsa_secp224r1; break; + case 'rsapss_sha256_65537_4096_32': + privateKeyPem = mockCertificates.mock_dsc_sha256_rsapss_32_65537_4096_key; + dsc = mockCertificates.mock_dsc_sha256_rsapss_32_65537_4096; + break; + case 'rsapss_sha256_65537_2048_32': + privateKeyPem = mockCertificates.mock_dsc_sha256_rsapss_32_65537_2048_key; + dsc = mockCertificates.mock_dsc_sha256_rsapss_32_65537_2048; + break; + case 'rsa_sha1_64321_4096': + privateKeyPem = mockCertificates.mock_dsc_sha1_rsa_64321_4096_key; + dsc = mockCertificates.mock_dsc_sha1_rsa_64321_4096; + break; + case 'rsa_sha256_130689_4096': + privateKeyPem = mockCertificates.mock_dsc_sha256_rsa_130689_4096_key; + dsc = mockCertificates.mock_dsc_sha256_rsa_130689_4096; + break; + case 'rsa_sha256_122125_4096': + privateKeyPem = mockCertificates.mock_dsc_sha256_rsa_122125_4096_key; + dsc = mockCertificates.mock_dsc_sha256_rsa_122125_4096; + break; + case 'rsa_sha256_107903_4096': + privateKeyPem = mockCertificates.mock_dsc_sha256_rsa_107903_4096_key; + dsc = mockCertificates.mock_dsc_sha256_rsa_107903_4096; + break; + case 'rsa_sha256_56611_4096': + privateKeyPem = mockCertificates.mock_dsc_sha256_rsa_56611_4096_key; + dsc = mockCertificates.mock_dsc_sha256_rsa_56611_4096; + break; default: throw new Error(`Unsupported signature type: ${signatureType}`); } diff --git a/common/src/utils/passports/passport_parsing/brutForceDscSignature.ts b/common/src/utils/passports/passport_parsing/brutForceDscSignature.ts index 466b1b774..dd467ab4b 100644 --- a/common/src/utils/passports/passport_parsing/brutForceDscSignature.ts +++ b/common/src/utils/passports/passport_parsing/brutForceDscSignature.ts @@ -1,5 +1,5 @@ import * as asn1js from 'asn1js'; -import * as forge from 'node-forge'; +import forge from 'node-forge'; import { Certificate } from 'pkijs'; import { hashAlgos, saltLengths } from '../../../constants/constants.js'; diff --git a/common/src/utils/types.ts b/common/src/utils/types.ts index 9f73ff6bd..0d241a642 100644 --- a/common/src/utils/types.ts +++ b/common/src/utils/types.ts @@ -98,7 +98,14 @@ export type SignatureAlgorithm = | 'ecdsa_sha224_brainpoolP224r1_224' | 'ecdsa_sha256_brainpoolP224r1_224' | 'ecdsa_sha384_brainpoolP512r1_512' - | 'ecdsa_sha512_brainpoolP512r1_512'; + | 'ecdsa_sha512_brainpoolP512r1_512' + | 'rsapss_sha256_65537_4096_32' + | 'rsapss_sha256_65537_2048_32' + | 'rsa_sha1_64321_4096' + | 'rsa_sha256_130689_4096' + | 'rsa_sha256_122125_4096' + | 'rsa_sha256_107903_4096' + | 'rsa_sha256_56611_4096'; export function castCSCAProof(proof: any): Proof { return { From 2a431a0b5290ba1b86767f582285b5626766eb1e Mon Sep 17 00:00:00 2001 From: Ayman Date: Fri, 29 Aug 2025 17:04:11 +0530 Subject: [PATCH 2/5] feat: modularise the rsa fp pow mod --- .../utils/rsa/test_rsa_sha1_64321_4096.circom | 4 +- .../rsa/test_rsa_sha256_107903_4096.circom | 4 +- .../rsa/test_rsa_sha256_122125_4096.circom | 4 +- .../rsa/test_rsa_sha256_130689_4096.circom | 4 +- .../rsa/test_rsa_sha256_56611_4096.circom | 4 +- .../utils/crypto/signature/FpPowMod.circom | 349 +++--------------- .../rsa/verifyRsa122125Pkcs1v1_5.circom | 51 --- .../rsa/verifyRsa130689Pkcs1v1_5.circom | 51 --- .../rsa/verifyRsa56611Pkcs1v1_5.circom | 51 --- .../rsa/verifyRsa64321Pkcs1v1_5.circom | 51 --- ...ircom => verifyRsaGenericPkcs1v1_5.circom} | 8 +- .../utils/passport/signatureVerifier.circom | 64 +--- circuits/tests/dsc/test_cases.ts | 7 +- common/src/scripts/generateCertificates.sh | 2 +- 14 files changed, 76 insertions(+), 578 deletions(-) delete mode 100644 circuits/circuits/utils/crypto/signature/rsa/verifyRsa122125Pkcs1v1_5.circom delete mode 100644 circuits/circuits/utils/crypto/signature/rsa/verifyRsa130689Pkcs1v1_5.circom delete mode 100644 circuits/circuits/utils/crypto/signature/rsa/verifyRsa56611Pkcs1v1_5.circom delete mode 100644 circuits/circuits/utils/crypto/signature/rsa/verifyRsa64321Pkcs1v1_5.circom rename circuits/circuits/utils/crypto/signature/rsa/{verifyRsa107903Pkcs1v1_5.circom => verifyRsaGenericPkcs1v1_5.circom} (85%) diff --git a/circuits/circuits/tests/utils/rsa/test_rsa_sha1_64321_4096.circom b/circuits/circuits/tests/utils/rsa/test_rsa_sha1_64321_4096.circom index 4d5a7221c..6d75fb37f 100644 --- a/circuits/circuits/tests/utils/rsa/test_rsa_sha1_64321_4096.circom +++ b/circuits/circuits/tests/utils/rsa/test_rsa_sha1_64321_4096.circom @@ -1,13 +1,13 @@ pragma circom 2.1.9; -include "../../../utils/crypto/signature/rsa/verifyRsa64321Pkcs1v1_5.circom"; +include "../../../utils/crypto/signature/rsa/verifyRsaGenericPkcs1v1_5.circom"; template VerifyRsaPkcs1v1_5Tester() { signal input signature[35]; signal input modulus[35]; signal input message[35]; - VerifyRsa64321Pkcs1v1_5(120, 35, 160)(signature, modulus, message); + VerifyRsaGenericPkcs1v1_5(120, 35, 160, 47)(signature, modulus, message); } component main = VerifyRsaPkcs1v1_5Tester(); diff --git a/circuits/circuits/tests/utils/rsa/test_rsa_sha256_107903_4096.circom b/circuits/circuits/tests/utils/rsa/test_rsa_sha256_107903_4096.circom index 2168d989b..7143f2199 100644 --- a/circuits/circuits/tests/utils/rsa/test_rsa_sha256_107903_4096.circom +++ b/circuits/circuits/tests/utils/rsa/test_rsa_sha256_107903_4096.circom @@ -1,13 +1,13 @@ pragma circom 2.1.9; -include "../../../utils/crypto/signature/rsa/verifyRsa107903Pkcs1v1_5.circom"; +include "../../../utils/crypto/signature/rsa/verifyRsaGenericPkcs1v1_5.circom"; template VerifyRsaPkcs1v1_5Tester() { signal input signature[35]; signal input modulus[35]; signal input message[35]; - VerifyRsa107903Pkcs1v1_5(120, 35, 256)(signature, modulus, message); + VerifyRsaGenericPkcs1v1_5(120, 35, 256, 50)(signature, modulus, message); } component main = VerifyRsaPkcs1v1_5Tester(); diff --git a/circuits/circuits/tests/utils/rsa/test_rsa_sha256_122125_4096.circom b/circuits/circuits/tests/utils/rsa/test_rsa_sha256_122125_4096.circom index 93fc1b2f2..45fbaaccf 100644 --- a/circuits/circuits/tests/utils/rsa/test_rsa_sha256_122125_4096.circom +++ b/circuits/circuits/tests/utils/rsa/test_rsa_sha256_122125_4096.circom @@ -1,13 +1,13 @@ pragma circom 2.1.9; -include "../../../utils/crypto/signature/rsa/verifyRsa122125Pkcs1v1_5.circom"; +include "../../../utils/crypto/signature/rsa/verifyRsaGenericPkcs1v1_5.circom"; template VerifyRsaPkcs1v1_5Tester() { signal input signature[35]; signal input modulus[35]; signal input message[35]; - VerifyRsa122125Pkcs1v1_5(120, 35, 256)(signature, modulus, message); + VerifyRsaGenericPkcs1v1_5(120, 35, 256, 49)(signature, modulus, message); } component main = VerifyRsaPkcs1v1_5Tester(); diff --git a/circuits/circuits/tests/utils/rsa/test_rsa_sha256_130689_4096.circom b/circuits/circuits/tests/utils/rsa/test_rsa_sha256_130689_4096.circom index 40376bb4e..31ad7275e 100644 --- a/circuits/circuits/tests/utils/rsa/test_rsa_sha256_130689_4096.circom +++ b/circuits/circuits/tests/utils/rsa/test_rsa_sha256_130689_4096.circom @@ -1,13 +1,13 @@ pragma circom 2.1.9; -include "../../../utils/crypto/signature/rsa/verifyRsa130689Pkcs1v1_5.circom"; +include "../../../utils/crypto/signature/rsa/verifyRsaGenericPkcs1v1_5.circom"; template VerifyRsaPkcs1v1_5Tester() { signal input signature[35]; signal input modulus[35]; signal input message[35]; - VerifyRsa130689Pkcs1v1_5(120, 35, 256)(signature, modulus, message); + VerifyRsaGenericPkcs1v1_5(120, 35, 256, 48)(signature, modulus, message); } component main = VerifyRsaPkcs1v1_5Tester(); diff --git a/circuits/circuits/tests/utils/rsa/test_rsa_sha256_56611_4096.circom b/circuits/circuits/tests/utils/rsa/test_rsa_sha256_56611_4096.circom index 9b9b1a757..fa816762e 100644 --- a/circuits/circuits/tests/utils/rsa/test_rsa_sha256_56611_4096.circom +++ b/circuits/circuits/tests/utils/rsa/test_rsa_sha256_56611_4096.circom @@ -1,13 +1,13 @@ pragma circom 2.1.9; -include "../../../utils/crypto/signature/rsa/verifyRsa56611Pkcs1v1_5.circom"; +include "../../../utils/crypto/signature/rsa/verifyRsaGenericPkcs1v1_5.circom"; template VerifyRsaPkcs1v1_5Tester() { signal input signature[35]; signal input modulus[35]; signal input message[35]; - VerifyRsa56611Pkcs1v1_5(120, 35, 256)(signature, modulus, message); + VerifyRsaGenericPkcs1v1_5(120, 35, 256, 51)(signature, modulus, message); } component main = VerifyRsaPkcs1v1_5Tester(); diff --git a/circuits/circuits/utils/crypto/signature/FpPowMod.circom b/circuits/circuits/utils/crypto/signature/FpPowMod.circom index c7c63c9e7..6d343f206 100644 --- a/circuits/circuits/utils/crypto/signature/FpPowMod.circom +++ b/circuits/circuits/utils/crypto/signature/FpPowMod.circom @@ -2,6 +2,7 @@ pragma circom 2.1.9; include "@openpassport/zk-email-circuits/lib/fp.circom"; include "circomlib/circuits/bitify.circom"; +include "../../passport/signatureAlgorithm.circom"; /// @title FpPow3Mod /// @notice Computes base^3 mod modulus @@ -82,328 +83,69 @@ template FpPow65537Mod(n, k) { } } -/// @title FpPow64321Mod -/// @notice Computes base^64321 mod modulus -/// @dev Does not necessarily reduce fully mod modulus (the answer could be too big by a multiple of modulus) -/// @param n Number of bits per chunk the modulus is split into. -/// @param k Number of chunks the modulus is split into. -/// @input base The base to exponentiate; assumes to consist of `k` chunks, each of which must fit in `n` bits -/// @input modulus The modulus; assumes to consist of `k` chunks, each of which must fit in `n` bits -/// @output out The result of the exponentiation. -template FpPow64321Mod(n, k) { - signal input base[k]; - signal input modulus[k]; - signal output out[k]; - - // We need powers up to 2^15 (since the largest term is 2^15) - component doublers[15]; - for (var i = 0; i < 15; i++) { - doublers[i] = FpMul(n, k); - } - - // Component for accumulating the result - component muls[8]; // one for each '1' bit except the first - for (var i = 0; i < 8; i++) { - muls[i] = FpMul(n, k); - } - - // Set modulus for all - for (var j = 0; j < k; j++) { - for (var i = 0; i < 15; i++) { - doublers[i].p[j] <== modulus[j]; - } - for (var i = 0; i < 8; i++) { - muls[i].p[j] <== modulus[j]; - } - } - - for (var j = 0; j < k; j++) { - doublers[0].a[j] <== base[j]; - doublers[0].b[j] <== base[j]; +function getPowerIndicesLength(signatureAlgorithm) { + if (signatureAlgorithm == 47) { + return 8; } - - for (var i = 0; i < 14; i++) { - for (var j = 0; j < k; j++) { - doublers[i+1].a[j] <== doublers[i].out[j]; - doublers[i+1].b[j] <== doublers[i].out[j]; - } + if (signatureAlgorithm == 48) { + return 9; } - - var indices[8] = [15, 14, 13, 12, 11, 9, 8, 6]; - - for (var i = 0; i < k; i++) { - muls[0].a[i] <== doublers[indices[0] - 1].out[i]; - muls[0].b[i] <== doublers[indices[1] - 1].out[i]; - } - - for (var i = 1; i < 7; i++) { - for (var j = 0; j < k; j++) { - muls[i].a[j] <== muls[i - 1].out[j]; - muls[i].b[j] <== doublers[indices[i + 1] - 1].out[j]; - } + if (signatureAlgorithm == 49) { + return 9; } - - for (var i = 0; i < k; i++) { - muls[7].a[i] <== muls[6].out[i]; - muls[7].b[i] <== base[i]; + if (signatureAlgorithm == 50) { + return 11; } - - // Output - for (var j = 0; j < k; j++) { - out[j] <== muls[7].out[j]; + if (signatureAlgorithm == 51) { + return 8; } + assert(1 == 0); + return 0; } -/// @title FpPow130689Mod -/// @notice Computes base^130689 mod modulus -/// @dev Does not necessarily reduce fully mod modulus (the answer could be too big by a multiple of modulus) -/// @param n Number of bits per chunk the modulus is split into. -/// @param k Number of chunks the modulus is split into. -/// @input base The base to exponentiate; assumes to consist of `k` chunks, each of which must fit in `n` bits -/// @input modulus The modulus; assumes to consist of `k` chunks, each of which must fit in `n` bits -/// @output out The result of the exponentiation. -template FpPow130689Mod(n, k) { - signal input base[k]; - signal input modulus[k]; - signal output out[k]; - - component doublers[16]; - for (var i = 0; i < 16; i++) { - doublers[i] = FpMul(n, k); +function getPowerIndices(signatureAlgorithm) { + if (signatureAlgorithm == 47) { + return [15, 14, 13, 12, 11, 9, 8, 6]; } - - // Component for accumulating the result - component muls[9]; // one for each '1' bit except the first - for (var i = 0; i < 9; i++) { - muls[i] = FpMul(n, k); + if (signatureAlgorithm == 48) { + return [16, 15, 14, 13, 12, 11, 10, 9, 7]; } - - // Set modulus for all - for (var j = 0; j < k; j++) { - for (var i = 0; i < 16; i++) { - doublers[i].p[j] <== modulus[j]; - } - for (var i = 0; i < 9; i++) { - muls[i].p[j] <== modulus[j]; - } + if (signatureAlgorithm == 49) { + return [16, 15, 14, 12, 11, 10, 8, 3, 2]; } - - for (var j = 0; j < k; j++) { - doublers[0].a[j] <== base[j]; - doublers[0].b[j] <== base[j]; + if (signatureAlgorithm == 50) { + return [16, 15, 13, 10, 8, 6, 5, 4, 3, 2, 1]; } - - for (var i = 0; i < 15; i++) { - for (var j = 0; j < k; j++) { - doublers[i+1].a[j] <== doublers[i].out[j]; - doublers[i+1].b[j] <== doublers[i].out[j]; - } - } - - var indices[9] = [16, 15, 14, 13, 12, 11, 10, 9, 7]; - - for (var i = 0; i < k; i++) { - muls[0].a[i] <== doublers[indices[0] - 1].out[i]; - muls[0].b[i] <== doublers[indices[1] - 1].out[i]; - } - - for (var i = 1; i < 8; i++) { - for (var j = 0; j < k; j++) { - muls[i].a[j] <== muls[i - 1].out[j]; - muls[i].b[j] <== doublers[indices[i + 1] - 1].out[j]; - } - } - - for (var i = 0; i < k; i++) { - muls[8].a[i] <== muls[7].out[i]; - muls[8].b[i] <== base[i]; - } - - // Output - for (var j = 0; j < k; j++) { - out[j] <== muls[8].out[j]; + if (signatureAlgorithm == 51) { + return [15, 14, 12, 11, 10, 8, 5, 1]; } + assert(1 == 0); + return [1]; } -//11101110100001101 = 122125 -//2^0 + 2^2 + 2^3 + 2^8 + 2^10 + 2^11 + 2^12 + 2^14 + 2^15 + 2^16 -/// @title FpPow122125Mod -/// @notice Computes base^122125 mod modulus -/// @dev Does not necessarily reduce fully mod modulus (the answer could be too big by a multiple of modulus) -/// @param n Number of bits per chunk the modulus is split into. -/// @param k Number of chunks the modulus is split into. -/// @input base The base to exponentiate; assumes to consist of `k` chunks, each of which must fit in `n` bits -/// @input modulus The modulus; assumes to consist of `k` chunks, each of which must fit in `n` bits -/// @output out The result of the exponentiation. -template FpPow122125Mod(n, k) { +template FpPowGenericMod(n, k, signatureAlgorithm) { signal input base[k]; signal input modulus[k]; signal output out[k]; - component doublers[16]; - for (var i = 0; i < 16; i++) { - doublers[i] = FpMul(n, k); - } + var exponent_bits = getExponentBits(signatureAlgorithm); - // Component for accumulating the result - component muls[9]; // one for each '1' bit except the first - for (var i = 0; i < 9; i++) { - muls[i] = FpMul(n, k); - } - - // Set modulus for all - for (var j = 0; j < k; j++) { - for (var i = 0; i < 16; i++) { - doublers[i].p[j] <== modulus[j]; - } - for (var i = 0; i < 9; i++) { - muls[i].p[j] <== modulus[j]; - } - } - - for (var j = 0; j < k; j++) { - doublers[0].a[j] <== base[j]; - doublers[0].b[j] <== base[j]; - } - - for (var i = 0; i < 15; i++) { - for (var j = 0; j < k; j++) { - doublers[i+1].a[j] <== doublers[i].out[j]; - doublers[i+1].b[j] <== doublers[i].out[j]; - } - } - - var indices[9] = [16, 15, 14, 12, 11, 10, 8, 3, 2]; - - for (var i = 0; i < k; i++) { - muls[0].a[i] <== doublers[indices[0] - 1].out[i]; - muls[0].b[i] <== doublers[indices[1] - 1].out[i]; - } - - for (var i = 1; i < 8; i++) { - for (var j = 0; j < k; j++) { - muls[i].a[j] <== muls[i - 1].out[j]; - muls[i].b[j] <== doublers[indices[i + 1] - 1].out[j]; - } - } - - for (var i = 0; i < k; i++) { - muls[8].a[i] <== muls[7].out[i]; - muls[8].b[i] <== base[i]; - } - - // Output - for (var j = 0; j < k; j++) { - out[j] <== muls[8].out[j]; - } -} - -//11010010101111111 = 107903 -//2^0 + 2^1 + 2^2 + 2^3 + 2^4 + 2^5 + 2^6 + 2^8 + 2^10 + 2^13 + 2^15 + 2^16 -/// @title FpPow107903Mod -/// @notice Computes base^107903 mod modulus -/// @dev Does not necessarily reduce fully mod modulus (the answer could be too big by a multiple of modulus) -/// @param n Number of bits per chunk the modulus is split into. -/// @param k Number of chunks the modulus is split into. -/// @input base The base to exponentiate; assumes to consist of `k` chunks, each of which must fit in `n` bits -/// @input modulus The modulus; assumes to consist of `k` chunks, each of which must fit in `n` bits -/// @output out The result of the exponentiation. -template FpPow107903Mod(n, k) { - signal input base[k]; - signal input modulus[k]; - signal output out[k]; - - component doublers[16]; - for (var i = 0; i < 16; i++) { - doublers[i] = FpMul(n, k); - } - - // Component for accumulating the result - component muls[11]; // one for each '1' bit except the first - for (var i = 0; i < 11; i++) { - muls[i] = FpMul(n, k); - } - - // Set modulus for all - for (var j = 0; j < k; j++) { - for (var i = 0; i < 16; i++) { - doublers[i].p[j] <== modulus[j]; - } - for (var i = 0; i < 11; i++) { - muls[i].p[j] <== modulus[j]; - } - } - - for (var j = 0; j < k; j++) { - doublers[0].a[j] <== base[j]; - doublers[0].b[j] <== base[j]; - } - - for (var i = 0; i < 15; i++) { - for (var j = 0; j < k; j++) { - doublers[i+1].a[j] <== doublers[i].out[j]; - doublers[i+1].b[j] <== doublers[i].out[j]; - } - } - - var indices[11] = [16, 15, 13, 10, 8, 6, 5, 4, 3, 2, 1]; - - for (var i = 0; i < k; i++) { - muls[0].a[i] <== doublers[indices[0] - 1].out[i]; - muls[0].b[i] <== doublers[indices[1] - 1].out[i]; - } - - for (var i = 1; i < 10; i++) { - for (var j = 0; j < k; j++) { - muls[i].a[j] <== muls[i - 1].out[j]; - muls[i].b[j] <== doublers[indices[i + 1] - 1].out[j]; - } - } - - for (var i = 0; i < k; i++) { - muls[10].a[i] <== muls[9].out[i]; - muls[10].b[i] <== base[i]; - } - - // Output - for (var j = 0; j < k; j++) { - out[j] <== muls[10].out[j]; - } -} - -///1101110100100011 = 56611 -///2^0 + 2^1 + 2^5 + 2^8 + 2^10 + 2^11 + 2^12 + 2^14 + 2^15 -/// @title FpPow56611Mod -/// @notice Computes base^56611 mod modulus -/// @dev Does not necessarily reduce fully mod modulus (the answer could be too big by a multiple of modulus) -/// @param n Number of bits per chunk the modulus is split into. -/// @param k Number of chunks the modulus is split into. -/// @input base The base to exponentiate; assumes to consist of `k` chunks, each of which must fit in `n` bits -/// @input modulus The modulus; assumes to consist of `k` chunks, each of which must fit in `n` bits -/// @output out The result of the exponentiation. -template FpPow56611Mod(n, k) { - signal input base[k]; - signal input modulus[k]; - signal output out[k]; - - // We need powers up to 2^15 (since the largest term is 2^15) - component doublers[15]; - for (var i = 0; i < 15; i++) { + component doublers[exponent_bits - 1]; + for (var i = 0; i < exponent_bits - 1; i++) { doublers[i] = FpMul(n, k); } - // Component for accumulating the result - component muls[8]; // one for each '1' bit except the first - for (var i = 0; i < 8; i++) { + var powerIndicesLength = getPowerIndicesLength(signatureAlgorithm); + component muls[powerIndicesLength]; + for (var i = 0; i < powerIndicesLength; i++) { muls[i] = FpMul(n, k); } - // Set modulus for all for (var j = 0; j < k; j++) { - for (var i = 0; i < 15; i++) { + for (var i = 0; i < exponent_bits - 1; i++) { doublers[i].p[j] <== modulus[j]; } - for (var i = 0; i < 8; i++) { + for (var i = 0; i < powerIndicesLength; i++) { muls[i].p[j] <== modulus[j]; } } @@ -413,34 +155,33 @@ template FpPow56611Mod(n, k) { doublers[0].b[j] <== base[j]; } - for (var i = 0; i < 14; i++) { + for (var i = 0; i < exponent_bits - 2; i++) { for (var j = 0; j < k; j++) { doublers[i+1].a[j] <== doublers[i].out[j]; doublers[i+1].b[j] <== doublers[i].out[j]; } } - var indices[8] = [15, 14, 12, 11, 10, 8, 5, 1]; - + var powerIndices[powerIndicesLength] = getPowerIndices(signatureAlgorithm); for (var i = 0; i < k; i++) { - muls[0].a[i] <== doublers[indices[0] - 1].out[i]; - muls[0].b[i] <== doublers[indices[1] - 1].out[i]; + muls[0].a[i] <== doublers[powerIndices[0] - 1].out[i]; + muls[0].b[i] <== doublers[powerIndices[1] - 1].out[i]; } - for (var i = 1; i < 7; i++) { + for (var i = 1; i < powerIndicesLength - 1; i++) { for (var j = 0; j < k; j++) { muls[i].a[j] <== muls[i - 1].out[j]; - muls[i].b[j] <== doublers[indices[i + 1] - 1].out[j]; + muls[i].b[j] <== doublers[powerIndices[i + 1] - 1].out[j]; } } for (var i = 0; i < k; i++) { - muls[7].a[i] <== muls[6].out[i]; - muls[7].b[i] <== base[i]; + muls[powerIndicesLength - 1].a[i] <== muls[powerIndicesLength - 2].out[i]; + muls[powerIndicesLength - 1].b[i] <== base[i]; } // Output for (var j = 0; j < k; j++) { - out[j] <== muls[7].out[j]; + out[j] <== muls[powerIndicesLength - 1].out[j]; } } diff --git a/circuits/circuits/utils/crypto/signature/rsa/verifyRsa122125Pkcs1v1_5.circom b/circuits/circuits/utils/crypto/signature/rsa/verifyRsa122125Pkcs1v1_5.circom deleted file mode 100644 index 4c22720b5..000000000 --- a/circuits/circuits/utils/crypto/signature/rsa/verifyRsa122125Pkcs1v1_5.circom +++ /dev/null @@ -1,51 +0,0 @@ -pragma circom 2.1.9; - -include "@openpassport/zk-email-circuits/lib/bigint.circom"; -include "./pkcs1v1_5Padding.circom"; -include "../FpPowMod.circom"; - -/// @title VerifyRsa122125Pkcs1v1_5 -/// @notice Verifies RSA signatures with exponent 122125 using PKCS#1 v1.5 padding -/// @dev Supports RSA key sizes of 2048, 3072, and 4096 bits -/// @param CHUNK_SIZE Number of bits per chunk (typically 64) -/// @param CHUNK_NUMBER Number of chunks (32 for 2048-bit RSA, 48 for 3072-bit, 64 for 4096-bit) -/// @param HASH_SIZE Size of the hash in bits (160 for SHA1, 256 for SHA256, 384 for SHA384 and 512 for SHA512) -/// @input signature The RSA signature split into chunks -/// @input modulus The RSA modulus split into chunks -/// @input message The message hash to verify -template VerifyRsa122125Pkcs1v1_5(CHUNK_SIZE, CHUNK_NUMBER, HASH_SIZE) { - signal input signature[CHUNK_NUMBER]; - signal input modulus[CHUNK_NUMBER]; - - signal input message[CHUNK_NUMBER]; - - // 1. Add padding to the hashed message - component padder = Pkcs1v1_5Padding(CHUNK_SIZE, CHUNK_NUMBER, HASH_SIZE); - for (var i = 0; i < CHUNK_NUMBER; i++) { - padder.modulus[i] <== modulus[i]; - padder.message[i] <== message[i]; - } - - // 2. Check that the signature is in proper form and reduced mod modulus. - component signatureRangeCheck[CHUNK_NUMBER]; - component bigLessThan = BigLessThan(CHUNK_SIZE, CHUNK_NUMBER); - for (var i = 0; i < CHUNK_NUMBER; i++) { - signatureRangeCheck[i] = Num2Bits(CHUNK_SIZE); - signatureRangeCheck[i].in <== signature[i]; - bigLessThan.a[i] <== signature[i]; - bigLessThan.b[i] <== modulus[i]; - } - bigLessThan.out === 1; - - // 3. Compute the signature^exponent mod modulus - component bigPow = FpPow122125Mod(CHUNK_SIZE, CHUNK_NUMBER); - for (var i = 0; i < CHUNK_NUMBER; i++) { - bigPow.base[i] <== signature[i]; - bigPow.modulus[i] <== modulus[i]; - } - - // 4. Check that the computed value is equal to the padded message - for (var i = 0; i < CHUNK_NUMBER; i++) { - bigPow.out[i] === padder.out[i]; - } -} diff --git a/circuits/circuits/utils/crypto/signature/rsa/verifyRsa130689Pkcs1v1_5.circom b/circuits/circuits/utils/crypto/signature/rsa/verifyRsa130689Pkcs1v1_5.circom deleted file mode 100644 index e4d676daf..000000000 --- a/circuits/circuits/utils/crypto/signature/rsa/verifyRsa130689Pkcs1v1_5.circom +++ /dev/null @@ -1,51 +0,0 @@ -pragma circom 2.1.9; - -include "@openpassport/zk-email-circuits/lib/bigint.circom"; -include "./pkcs1v1_5Padding.circom"; -include "../FpPowMod.circom"; - -/// @title VerifyRsa130689Pkcs1v1_5 -/// @notice Verifies RSA signatures with exponent 130689 using PKCS#1 v1.5 padding -/// @dev Supports RSA key sizes of 2048, 3072, and 4096 bits -/// @param CHUNK_SIZE Number of bits per chunk (typically 64) -/// @param CHUNK_NUMBER Number of chunks (32 for 2048-bit RSA, 48 for 3072-bit, 64 for 4096-bit) -/// @param HASH_SIZE Size of the hash in bits (160 for SHA1, 256 for SHA256, 384 for SHA384 and 512 for SHA512) -/// @input signature The RSA signature split into chunks -/// @input modulus The RSA modulus split into chunks -/// @input message The message hash to verify -template VerifyRsa130689Pkcs1v1_5(CHUNK_SIZE, CHUNK_NUMBER, HASH_SIZE) { - signal input signature[CHUNK_NUMBER]; - signal input modulus[CHUNK_NUMBER]; - - signal input message[CHUNK_NUMBER]; - - // 1. Add padding to the hashed message - component padder = Pkcs1v1_5Padding(CHUNK_SIZE, CHUNK_NUMBER, HASH_SIZE); - for (var i = 0; i < CHUNK_NUMBER; i++) { - padder.modulus[i] <== modulus[i]; - padder.message[i] <== message[i]; - } - - // 2. Check that the signature is in proper form and reduced mod modulus. - component signatureRangeCheck[CHUNK_NUMBER]; - component bigLessThan = BigLessThan(CHUNK_SIZE, CHUNK_NUMBER); - for (var i = 0; i < CHUNK_NUMBER; i++) { - signatureRangeCheck[i] = Num2Bits(CHUNK_SIZE); - signatureRangeCheck[i].in <== signature[i]; - bigLessThan.a[i] <== signature[i]; - bigLessThan.b[i] <== modulus[i]; - } - bigLessThan.out === 1; - - // 3. Compute the signature^exponent mod modulus - component bigPow = FpPow130689Mod(CHUNK_SIZE, CHUNK_NUMBER); - for (var i = 0; i < CHUNK_NUMBER; i++) { - bigPow.base[i] <== signature[i]; - bigPow.modulus[i] <== modulus[i]; - } - - // 4. Check that the computed value is equal to the padded message - for (var i = 0; i < CHUNK_NUMBER; i++) { - bigPow.out[i] === padder.out[i]; - } -} diff --git a/circuits/circuits/utils/crypto/signature/rsa/verifyRsa56611Pkcs1v1_5.circom b/circuits/circuits/utils/crypto/signature/rsa/verifyRsa56611Pkcs1v1_5.circom deleted file mode 100644 index 0bce9f19d..000000000 --- a/circuits/circuits/utils/crypto/signature/rsa/verifyRsa56611Pkcs1v1_5.circom +++ /dev/null @@ -1,51 +0,0 @@ -pragma circom 2.1.9; - -include "@openpassport/zk-email-circuits/lib/bigint.circom"; -include "./pkcs1v1_5Padding.circom"; -include "../FpPowMod.circom"; - -/// @title VerifyRsa56611Pkcs1v1_5 -/// @notice Verifies RSA signatures with exponent 56611 using PKCS#1 v1.5 padding -/// @dev Supports RSA key sizes of 2048, 3072, and 4096 bits -/// @param CHUNK_SIZE Number of bits per chunk (typically 64) -/// @param CHUNK_NUMBER Number of chunks (32 for 2048-bit RSA, 48 for 3072-bit, 64 for 4096-bit) -/// @param HASH_SIZE Size of the hash in bits (160 for SHA1, 256 for SHA256, 384 for SHA384 and 512 for SHA512) -/// @input signature The RSA signature split into chunks -/// @input modulus The RSA modulus split into chunks -/// @input message The message hash to verify -template VerifyRsa56611Pkcs1v1_5(CHUNK_SIZE, CHUNK_NUMBER, HASH_SIZE) { - signal input signature[CHUNK_NUMBER]; - signal input modulus[CHUNK_NUMBER]; - - signal input message[CHUNK_NUMBER]; - - // 1. Add padding to the hashed message - component padder = Pkcs1v1_5Padding(CHUNK_SIZE, CHUNK_NUMBER, HASH_SIZE); - for (var i = 0; i < CHUNK_NUMBER; i++) { - padder.modulus[i] <== modulus[i]; - padder.message[i] <== message[i]; - } - - // 2. Check that the signature is in proper form and reduced mod modulus. - component signatureRangeCheck[CHUNK_NUMBER]; - component bigLessThan = BigLessThan(CHUNK_SIZE, CHUNK_NUMBER); - for (var i = 0; i < CHUNK_NUMBER; i++) { - signatureRangeCheck[i] = Num2Bits(CHUNK_SIZE); - signatureRangeCheck[i].in <== signature[i]; - bigLessThan.a[i] <== signature[i]; - bigLessThan.b[i] <== modulus[i]; - } - bigLessThan.out === 1; - - // 3. Compute the signature^exponent mod modulus - component bigPow = FpPow56611Mod(CHUNK_SIZE, CHUNK_NUMBER); - for (var i = 0; i < CHUNK_NUMBER; i++) { - bigPow.base[i] <== signature[i]; - bigPow.modulus[i] <== modulus[i]; - } - - // 4. Check that the computed value is equal to the padded message - for (var i = 0; i < CHUNK_NUMBER; i++) { - bigPow.out[i] === padder.out[i]; - } -} diff --git a/circuits/circuits/utils/crypto/signature/rsa/verifyRsa64321Pkcs1v1_5.circom b/circuits/circuits/utils/crypto/signature/rsa/verifyRsa64321Pkcs1v1_5.circom deleted file mode 100644 index 2c5e65337..000000000 --- a/circuits/circuits/utils/crypto/signature/rsa/verifyRsa64321Pkcs1v1_5.circom +++ /dev/null @@ -1,51 +0,0 @@ -pragma circom 2.1.9; - -include "@openpassport/zk-email-circuits/lib/bigint.circom"; -include "./pkcs1v1_5Padding.circom"; -include "../FpPowMod.circom"; - -/// @title VerifyRsa64321Pkcs1v1_5 -/// @notice Verifies RSA signatures with exponent 64321 using PKCS#1 v1.5 padding -/// @dev Supports RSA key sizes of 2048, 3072, and 4096 bits -/// @param CHUNK_SIZE Number of bits per chunk (typically 64) -/// @param CHUNK_NUMBER Number of chunks (32 for 2048-bit RSA, 48 for 3072-bit, 64 for 4096-bit) -/// @param HASH_SIZE Size of the hash in bits (160 for SHA1, 256 for SHA256, 384 for SHA384 and 512 for SHA512) -/// @input signature The RSA signature split into chunks -/// @input modulus The RSA modulus split into chunks -/// @input message The message hash to verify -template VerifyRsa64321Pkcs1v1_5(CHUNK_SIZE, CHUNK_NUMBER, HASH_SIZE) { - signal input signature[CHUNK_NUMBER]; - signal input modulus[CHUNK_NUMBER]; - - signal input message[CHUNK_NUMBER]; - - // 1. Add padding to the hashed message - component padder = Pkcs1v1_5Padding(CHUNK_SIZE, CHUNK_NUMBER, HASH_SIZE); - for (var i = 0; i < CHUNK_NUMBER; i++) { - padder.modulus[i] <== modulus[i]; - padder.message[i] <== message[i]; - } - - // 2. Check that the signature is in proper form and reduced mod modulus. - component signatureRangeCheck[CHUNK_NUMBER]; - component bigLessThan = BigLessThan(CHUNK_SIZE, CHUNK_NUMBER); - for (var i = 0; i < CHUNK_NUMBER; i++) { - signatureRangeCheck[i] = Num2Bits(CHUNK_SIZE); - signatureRangeCheck[i].in <== signature[i]; - bigLessThan.a[i] <== signature[i]; - bigLessThan.b[i] <== modulus[i]; - } - bigLessThan.out === 1; - - // 3. Compute the signature^exponent mod modulus - component bigPow = FpPow64321Mod(CHUNK_SIZE, CHUNK_NUMBER); - for (var i = 0; i < CHUNK_NUMBER; i++) { - bigPow.base[i] <== signature[i]; - bigPow.modulus[i] <== modulus[i]; - } - - // 4. Check that the computed value is equal to the padded message - for (var i = 0; i < CHUNK_NUMBER; i++) { - bigPow.out[i] === padder.out[i]; - } -} diff --git a/circuits/circuits/utils/crypto/signature/rsa/verifyRsa107903Pkcs1v1_5.circom b/circuits/circuits/utils/crypto/signature/rsa/verifyRsaGenericPkcs1v1_5.circom similarity index 85% rename from circuits/circuits/utils/crypto/signature/rsa/verifyRsa107903Pkcs1v1_5.circom rename to circuits/circuits/utils/crypto/signature/rsa/verifyRsaGenericPkcs1v1_5.circom index 9c859a025..84f41f5e8 100644 --- a/circuits/circuits/utils/crypto/signature/rsa/verifyRsa107903Pkcs1v1_5.circom +++ b/circuits/circuits/utils/crypto/signature/rsa/verifyRsaGenericPkcs1v1_5.circom @@ -4,8 +4,8 @@ include "@openpassport/zk-email-circuits/lib/bigint.circom"; include "./pkcs1v1_5Padding.circom"; include "../FpPowMod.circom"; -/// @title VerifyRsa107903Pkcs1v1_5 -/// @notice Verifies RSA signatures with exponent 107903 using PKCS#1 v1.5 padding +/// @title VerifyRsaGenericPkcs1v1_5 +/// @notice Verifies RSA signatures with generic exponent using PKCS#1 v1.5 padding /// @dev Supports RSA key sizes of 2048, 3072, and 4096 bits /// @param CHUNK_SIZE Number of bits per chunk (typically 64) /// @param CHUNK_NUMBER Number of chunks (32 for 2048-bit RSA, 48 for 3072-bit, 64 for 4096-bit) @@ -13,7 +13,7 @@ include "../FpPowMod.circom"; /// @input signature The RSA signature split into chunks /// @input modulus The RSA modulus split into chunks /// @input message The message hash to verify -template VerifyRsa107903Pkcs1v1_5(CHUNK_SIZE, CHUNK_NUMBER, HASH_SIZE) { +template VerifyRsaGenericPkcs1v1_5(CHUNK_SIZE, CHUNK_NUMBER, HASH_SIZE, signatureAlgorithm) { signal input signature[CHUNK_NUMBER]; signal input modulus[CHUNK_NUMBER]; @@ -38,7 +38,7 @@ template VerifyRsa107903Pkcs1v1_5(CHUNK_SIZE, CHUNK_NUMBER, HASH_SIZE) { bigLessThan.out === 1; // 3. Compute the signature^exponent mod modulus - component bigPow = FpPow107903Mod(CHUNK_SIZE, CHUNK_NUMBER); + component bigPow = FpPowGenericMod(CHUNK_SIZE, CHUNK_NUMBER, signatureAlgorithm); for (var i = 0; i < CHUNK_NUMBER; i++) { bigPow.base[i] <== signature[i]; bigPow.modulus[i] <== modulus[i]; diff --git a/circuits/circuits/utils/passport/signatureVerifier.circom b/circuits/circuits/utils/passport/signatureVerifier.circom index 2a9d332b8..15a0b17e4 100644 --- a/circuits/circuits/utils/passport/signatureVerifier.circom +++ b/circuits/circuits/utils/passport/signatureVerifier.circom @@ -5,11 +5,7 @@ include "../crypto/signature/rsapss/rsapss65537.circom"; include "../crypto/signature/ecdsa/ecdsaVerifier.circom"; include "../crypto/signature/rsa/verifyRsa3Pkcs1v1_5.circom"; include "../crypto/signature/rsa/verifyRsa65537Pkcs1v1_5.circom"; -include "../crypto/signature/rsa/VerifyRsa64321Pkcs1v1_5.circom"; -include "../crypto/signature/rsa/verifyRsa130689Pkcs1v1_5.circom"; -include "../crypto/signature/rsa/verifyRsa122125Pkcs1v1_5.circom"; -include "../crypto/signature/rsa/verifyRsa107903Pkcs1v1_5.circom"; -include "../crypto/signature/rsa/verifyRsa56611Pkcs1v1_5.circom"; +include "../crypto/signature/rsa/verifyRsaGenericPkcs1v1_5.circom"; include "@openpassport/zk-email-circuits/utils/bytes.circom"; /// @title SignatureVerifier @@ -53,56 +49,22 @@ template SignatureVerifier(signatureAlgorithm, n, k) { } rsa65537.modulus <== pubKey; rsa65537.signature <== signature; - } else if (signatureAlgorithm == 47) { - component rsa64321 = VerifyRsa64321Pkcs1v1_5(n, k, HASH_LEN_BITS); - for (var i = 0; i < msg_len; i++) { - rsa64321.message[i] <== hashParsed[i]; - } - for (var i = msg_len; i < k; i++) { - rsa64321.message[i] <== 0; - } - rsa64321.modulus <== pubKey; - rsa64321.signature <== signature; - } else if (signatureAlgorithm == 48) { - component rsa130689 = VerifyRsa130689Pkcs1v1_5(n, k, HASH_LEN_BITS); - for (var i = 0; i < msg_len; i++) { - rsa130689.message[i] <== hashParsed[i]; - } - for (var i = msg_len; i < k; i++) { - rsa130689.message[i] <== 0; - } - rsa130689.modulus <== pubKey; - rsa130689.signature <== signature; - } else if(signatureAlgorithm == 49) { - component rsa122125 = VerifyRsa122125Pkcs1v1_5(n, k, HASH_LEN_BITS); - for (var i = 0; i < msg_len; i++) { - rsa122125.message[i] <== hashParsed[i]; - } - for (var i = msg_len; i < k; i++) { - rsa122125.message[i] <== 0; - } - rsa122125.modulus <== pubKey; - rsa122125.signature <== signature; - } else if (signatureAlgorithm == 50) { - component rsa107903 = VerifyRsa107903Pkcs1v1_5(n, k, HASH_LEN_BITS); - for (var i = 0; i < msg_len; i++) { - rsa107903.message[i] <== hashParsed[i]; - } - for (var i = msg_len; i < k; i++) { - rsa107903.message[i] <== 0; - } - rsa107903.modulus <== pubKey; - rsa107903.signature <== signature; - } else if (signatureAlgorithm == 51) { - component rsa56611 = VerifyRsa56611Pkcs1v1_5(n, k, HASH_LEN_BITS); + } else if ( + signatureAlgorithm == 47 + || signatureAlgorithm == 48 + || signatureAlgorithm == 49 + || signatureAlgorithm == 50 + || signatureAlgorithm == 51 + ) { + component rsaGeneric = VerifyRsaGenericPkcs1v1_5(n, k, HASH_LEN_BITS, signatureAlgorithm); for (var i = 0; i < msg_len; i++) { - rsa56611.message[i] <== hashParsed[i]; + rsaGeneric.message[i] <== hashParsed[i]; } for (var i = msg_len; i < k; i++) { - rsa56611.message[i] <== 0; + rsaGeneric.message[i] <== 0; } - rsa56611.modulus <== pubKey; - rsa56611.signature <== signature; + rsaGeneric.modulus <== pubKey; + rsaGeneric.signature <== signature; } else if ( signatureAlgorithm == 13 || signatureAlgorithm == 32 diff --git a/circuits/tests/dsc/test_cases.ts b/circuits/tests/dsc/test_cases.ts index 6d7f97485..4c88537b0 100644 --- a/circuits/tests/dsc/test_cases.ts +++ b/circuits/tests/dsc/test_cases.ts @@ -1,9 +1,8 @@ export const sigAlgs = [ // { sigAlg: 'rsa', hashFunction: 'sha1', domainParameter: '65537', keyLength: '2048' }, // sha1_rsa_65537_4096 - // { sigAlg: 'rsa', hashFunction: 'sha1', domainParameter: '64321', keyLength: '2048' }, // sha256_rsa_65537_4096 - // { sigAlg: 'rsa', hashFunction: 'sha256', domainParameter: '130689', keyLength: '4096' }, // sha256_rsa_130689_4096 - // { sigAlg: 'rsa', hashFunction: 'sha256', domainParameter: '122125', keyLength: '4096' }, // sha256_rsa_122125_4096 - // { sigAlg: 'rsa', hashFunction: 'sha256', domainParameter: '107903', keyLength: '4096' }, // sha256_rsa_107903_4096 + { sigAlg: 'rsa', hashFunction: 'sha256', domainParameter: '130689', keyLength: '4096' }, // sha256_rsa_130689_4096 + { sigAlg: 'rsa', hashFunction: 'sha256', domainParameter: '122125', keyLength: '4096' }, // sha256_rsa_122125_4096 + { sigAlg: 'rsa', hashFunction: 'sha256', domainParameter: '107903', keyLength: '4096' }, // sha256_rsa_107903_4096 { sigAlg: 'rsa', hashFunction: 'sha256', domainParameter: '56611', keyLength: '4096' }, // sha256_rsa_56611_4096 ]; diff --git a/common/src/scripts/generateCertificates.sh b/common/src/scripts/generateCertificates.sh index 82904a5c9..d080fc89b 100755 --- a/common/src/scripts/generateCertificates.sh +++ b/common/src/scripts/generateCertificates.sh @@ -269,7 +269,7 @@ generate_certificate dsc sha256 rsa 3 2048 --signer sha256_rsa_3_4096 generate_certificate dsc sha256 rsa 3 4096 --signer sha256_rsa_3_4096 # RSA-PSS certificates -generate_certificate csca sha256 rsapss 32 65537 4096 --force +generate_certificate csca sha256 rsapss 32 65537 4096 generate_certificate csca sha256 rsapss 32 65537 2048 generate_certificate csca sha256 rsapss 32 65537 3072 generate_certificate dsc sha256 rsapss 32 65537 4096 --signer sha256_rsapss_32_65537_4096 --force From 503b5c3b5fa7d8a97420197bd5d03963b6bb01e3 Mon Sep 17 00:00:00 2001 From: Ayman Date: Fri, 29 Aug 2025 20:11:30 +0530 Subject: [PATCH 3/5] chore: comment signature verifier for testing --- .../utils/passport/passportVerifier.circom | 2 +- circuits/tests/register/test_cases.ts | 114 ++++++++++++++++-- circuits/tests/register_id/test_cases.ts | 81 +++++++++++++ common/src/utils/passports/passport.ts | 2 +- 4 files changed, 190 insertions(+), 9 deletions(-) diff --git a/circuits/circuits/utils/passport/passportVerifier.circom b/circuits/circuits/utils/passport/passportVerifier.circom index 8fa63cf08..709332289 100644 --- a/circuits/circuits/utils/passport/passportVerifier.circom +++ b/circuits/circuits/utils/passport/passportVerifier.circom @@ -90,5 +90,5 @@ template PassportVerifier(DG1_LEN, DG_HASH_ALGO, ECONTENT_HASH_ALGO, signatureAl signal output signedAttrShaBytes[SIGNED_ATTR_HASH_ALGO_BYTES] <== BitsToBytesArray(SIGNED_ATTR_HASH_ALGO)(signedAttrShaBits); // verify passport signature - SignatureVerifier(signatureAlgorithm, n, k)(signedAttrShaBits, pubKey_dsc, signature_passport); + // SignatureVerifier(signatureAlgorithm, n, k)(signedAttrShaBits, pubKey_dsc, signature_passport); } diff --git a/circuits/tests/register/test_cases.ts b/circuits/tests/register/test_cases.ts index 41da54d73..3a417e62c 100644 --- a/circuits/tests/register/test_cases.ts +++ b/circuits/tests/register/test_cases.ts @@ -11,13 +11,113 @@ export interface TestCase { export const sigAlgs: TestCase[] = [ { - dgHashAlgo: 'sha1', - eContentHashAlgo: 'sha1', - hashFunction: 'sha1', - sigAlg: 'rsa', - domainParameter: '64321', - keyLength: '4096', - }, + dgHashAlgo: 'sha256', + eContentHashAlgo: 'sha256', + hashFunction: 'sha224', + sigAlg: 'ecdsa', + domainParameter: 'secp224r1', + keyLength: '224', + }, //doesn't work for some reason + // { + // dgHashAlgo: 'sha256', + // eContentHashAlgo: 'sha256', + // hashFunction: 'sha256', + // sigAlg: 'ecdsa', + // domainParameter: 'brainpoolP256r1', + // keyLength: '256', + // }, + // { + // dgHashAlgo: 'sha256', + // eContentHashAlgo: 'sha256', + // hashFunction: 'sha256', + // sigAlg: 'ecdsa', + // domainParameter: 'brainpoolP384r1', + // keyLength: '384', + // }, + // { + // dgHashAlgo: 'sha256', + // eContentHashAlgo: 'sha256', + // hashFunction: 'sha256', + // sigAlg: 'ecdsa', + // domainParameter: 'secp256r1', + // keyLength: '256', + // }, + // { + // dgHashAlgo: 'sha256', + // eContentHashAlgo: 'sha256', + // hashFunction: 'sha256', + // sigAlg: 'ecdsa', + // domainParameter: 'secp384r1', + // keyLength: '384', + // }, + // { + // dgHashAlgo: 'sha256', + // eContentHashAlgo: 'sha256', + // hashFunction: 'sha256', + // sigAlg: 'rsa', + // domainParameter: '3', + // keyLength: '4096', + // }, + // { + // dgHashAlgo: 'sha256', + // eContentHashAlgo: 'sha256', + // hashFunction: 'sha256', + // sigAlg: 'rsa', + // domainParameter: '65537', + // keyLength: '4096', + // }, + // { + // dgHashAlgo: 'sha256', + // eContentHashAlgo: 'sha256', + // hashFunction: 'sha256', + // sigAlg: 'rsapss', + // domainParameter: '3', + // keyLength: '2048', + // }, + // { + // dgHashAlgo: 'sha256', + // eContentHashAlgo: 'sha256', + // hashFunction: 'sha256', + // sigAlg: 'rsapss', + // domainParameter: '65537', + // keyLength: '2048', + // saltLength: '32', + // }, + // { + // dgHashAlgo: 'sha256', + // eContentHashAlgo: 'sha256', + // hashFunction: 'sha256', + // sigAlg: 'rsapss', + // domainParameter: '65537', + // keyLength: '3072', + // }, + // { + // dgHashAlgo: 'sha256', + // eContentHashAlgo: 'sha256', + // hashFunction: 'sha256', + // sigAlg: 'rsapss', + // domainParameter: '65537', + // keyLength: '4096', + // saltLength: '32', + // }, + // { + // dgHashAlgo: 'sha256', + // eContentHashAlgo: 'sha256', + // hashFunction: 'sha256', + // sigAlg: 'rsapss', + // domainParameter: '65537', + // keyLength: '2048', + // saltLength: '64', + // }, + // { + // dgHashAlgo: 'sha512', + // eContentHashAlgo: 'sha512', + // hashFunction: 'sha256', + // sigAlg: 'rsapss', + // domainParameter: '65537', + // keyLength: '2048', + // saltLength: '32', + // }, ]; export const fullSigAlgs: TestCase[] = [ diff --git a/circuits/tests/register_id/test_cases.ts b/circuits/tests/register_id/test_cases.ts index 93d6ddf1a..2c47b752d 100644 --- a/circuits/tests/register_id/test_cases.ts +++ b/circuits/tests/register_id/test_cases.ts @@ -10,6 +10,87 @@ export interface TestCase { } export const sigAlgs: TestCase[] = [ + { + dgHashAlgo: 'sha1', + eContentHashAlgo: 'sha256', + hashFunction: 'sha256', + sigAlg: 'rsa', + domainParameter: '65537', + keyLength: '4096', + }, + { + dgHashAlgo: 'sha256', + eContentHashAlgo: 'sha256', + hashFunction: 'sha224', + sigAlg: 'ecdsa', + domainParameter: 'secp224r1', + keyLength: '224', + }, + { + dgHashAlgo: 'sha256', + eContentHashAlgo: 'sha256', + hashFunction: 'sha256', + sigAlg: 'ecdsa', + domainParameter: 'brainpoolP256r1', + keyLength: '256', + }, + { + dgHashAlgo: 'sha256', + eContentHashAlgo: 'sha256', + hashFunction: 'sha256', + sigAlg: 'ecdsa', + domainParameter: 'secp256r1', + keyLength: '256', + }, + { + dgHashAlgo: 'sha256', + eContentHashAlgo: 'sha256', + hashFunction: 'sha256', + sigAlg: 'rsa', + domainParameter: '3', + keyLength: '4096', + }, + { + dgHashAlgo: 'sha256', + eContentHashAlgo: 'sha256', + hashFunction: 'sha256', + sigAlg: 'rsa', + domainParameter: '65537', + keyLength: '4096', + }, + { + dgHashAlgo: 'sha256', + eContentHashAlgo: 'sha256', + hashFunction: 'sha256', + sigAlg: 'rsapss', + domainParameter: '3', + keyLength: '2048', + }, + { + dgHashAlgo: 'sha256', + eContentHashAlgo: 'sha256', + hashFunction: 'sha256', + sigAlg: 'rsapss', + domainParameter: '65537', + keyLength: '2048', + }, + { + dgHashAlgo: 'sha256', + eContentHashAlgo: 'sha256', + hashFunction: 'sha256', + sigAlg: 'rsapss', + domainParameter: '65537', + keyLength: '3072', + }, + { + dgHashAlgo: 'sha256', + eContentHashAlgo: 'sha256', + hashFunction: 'sha256', + sigAlg: 'rsapss', + domainParameter: '65537', + keyLength: '2048', + saltLength: '64', + }, { dgHashAlgo: 'sha512', eContentHashAlgo: 'sha512', diff --git a/common/src/utils/passports/passport.ts b/common/src/utils/passports/passport.ts index 1ad628e0b..0c573cb57 100644 --- a/common/src/utils/passports/passport.ts +++ b/common/src/utils/passports/passport.ts @@ -1,4 +1,4 @@ -import * as forge from 'node-forge'; +import forge from 'node-forge'; import { poseidon5 } from 'poseidon-lite'; import type { hashAlgos } from '../../constants/constants.js'; From 7a2d88729d3a5baed2de251ed6a0df9fa9fad12d Mon Sep 17 00:00:00 2001 From: Ayman Date: Mon, 1 Sep 2025 13:03:22 +0530 Subject: [PATCH 4/5] fix: sha256_sha256_sha224_ecdsa_secp224r1 --- ...ha256_sha256_sha224_ecdsa_secp224r1.circom | 2 +- ...ha256_sha256_sha224_ecdsa_secp224r1.circom | 2 +- .../utils/passport/passportVerifier.circom | 2 +- circuits/tests/register/test_cases.ts | 110 +----------------- circuits/tests/register_id/test_cases.ts | 82 ------------- 5 files changed, 8 insertions(+), 190 deletions(-) diff --git a/circuits/circuits/register/instances/register_sha256_sha256_sha224_ecdsa_secp224r1.circom b/circuits/circuits/register/instances/register_sha256_sha256_sha224_ecdsa_secp224r1.circom index 90f280b3d..056b6f1ec 100644 --- a/circuits/circuits/register/instances/register_sha256_sha256_sha224_ecdsa_secp224r1.circom +++ b/circuits/circuits/register/instances/register_sha256_sha256_sha224_ecdsa_secp224r1.circom @@ -2,4 +2,4 @@ pragma circom 2.1.9; include "../register.circom"; -component main { public [ merkle_root ] } = REGISTER(256, 224, 44, 32, 7, 512, 256); +component main { public [ merkle_root ] } = REGISTER(256, 256, 44, 32, 7, 512, 256); diff --git a/circuits/circuits/register_id/instances/register_id_sha256_sha256_sha224_ecdsa_secp224r1.circom b/circuits/circuits/register_id/instances/register_id_sha256_sha256_sha224_ecdsa_secp224r1.circom index fca6950d8..05e3d3d05 100644 --- a/circuits/circuits/register_id/instances/register_id_sha256_sha256_sha224_ecdsa_secp224r1.circom +++ b/circuits/circuits/register_id/instances/register_id_sha256_sha256_sha224_ecdsa_secp224r1.circom @@ -2,4 +2,4 @@ pragma circom 2.1.9; include "../register_id.circom"; -component main { public [ merkle_root ] } = REGISTER_ID(256, 224, 44, 32, 7, 512, 256); +component main { public [ merkle_root ] } = REGISTER_ID(256, 256, 44, 32, 7, 512, 256); diff --git a/circuits/circuits/utils/passport/passportVerifier.circom b/circuits/circuits/utils/passport/passportVerifier.circom index 709332289..8fa63cf08 100644 --- a/circuits/circuits/utils/passport/passportVerifier.circom +++ b/circuits/circuits/utils/passport/passportVerifier.circom @@ -90,5 +90,5 @@ template PassportVerifier(DG1_LEN, DG_HASH_ALGO, ECONTENT_HASH_ALGO, signatureAl signal output signedAttrShaBytes[SIGNED_ATTR_HASH_ALGO_BYTES] <== BitsToBytesArray(SIGNED_ATTR_HASH_ALGO)(signedAttrShaBits); // verify passport signature - // SignatureVerifier(signatureAlgorithm, n, k)(signedAttrShaBits, pubKey_dsc, signature_passport); + SignatureVerifier(signatureAlgorithm, n, k)(signedAttrShaBits, pubKey_dsc, signature_passport); } diff --git a/circuits/tests/register/test_cases.ts b/circuits/tests/register/test_cases.ts index 3a417e62c..7b1a3e78f 100644 --- a/circuits/tests/register/test_cases.ts +++ b/circuits/tests/register/test_cases.ts @@ -13,111 +13,11 @@ export const sigAlgs: TestCase[] = [ { dgHashAlgo: 'sha256', eContentHashAlgo: 'sha256', - hashFunction: 'sha224', - sigAlg: 'ecdsa', - domainParameter: 'secp224r1', - keyLength: '224', - }, //doesn't work for some reason - // { - // dgHashAlgo: 'sha256', - // eContentHashAlgo: 'sha256', - // hashFunction: 'sha256', - // sigAlg: 'ecdsa', - // domainParameter: 'brainpoolP256r1', - // keyLength: '256', - // }, - // { - // dgHashAlgo: 'sha256', - // eContentHashAlgo: 'sha256', - // hashFunction: 'sha256', - // sigAlg: 'ecdsa', - // domainParameter: 'brainpoolP384r1', - // keyLength: '384', - // }, - // { - // dgHashAlgo: 'sha256', - // eContentHashAlgo: 'sha256', - // hashFunction: 'sha256', - // sigAlg: 'ecdsa', - // domainParameter: 'secp256r1', - // keyLength: '256', - // }, - // { - // dgHashAlgo: 'sha256', - // eContentHashAlgo: 'sha256', - // hashFunction: 'sha256', - // sigAlg: 'ecdsa', - // domainParameter: 'secp384r1', - // keyLength: '384', - // }, - // { - // dgHashAlgo: 'sha256', - // eContentHashAlgo: 'sha256', - // hashFunction: 'sha256', - // sigAlg: 'rsa', - // domainParameter: '3', - // keyLength: '4096', - // }, - // { - // dgHashAlgo: 'sha256', - // eContentHashAlgo: 'sha256', - // hashFunction: 'sha256', - // sigAlg: 'rsa', - // domainParameter: '65537', - // keyLength: '4096', - // }, - // { - // dgHashAlgo: 'sha256', - // eContentHashAlgo: 'sha256', - // hashFunction: 'sha256', - // sigAlg: 'rsapss', - // domainParameter: '3', - // keyLength: '2048', - // }, - // { - // dgHashAlgo: 'sha256', - // eContentHashAlgo: 'sha256', - // hashFunction: 'sha256', - // sigAlg: 'rsapss', - // domainParameter: '65537', - // keyLength: '2048', - // saltLength: '32', - // }, - // { - // dgHashAlgo: 'sha256', - // eContentHashAlgo: 'sha256', - // hashFunction: 'sha256', - // sigAlg: 'rsapss', - // domainParameter: '65537', - // keyLength: '3072', - // }, - // { - // dgHashAlgo: 'sha256', - // eContentHashAlgo: 'sha256', - // hashFunction: 'sha256', - // sigAlg: 'rsapss', - // domainParameter: '65537', - // keyLength: '4096', - // saltLength: '32', - // }, - // { - // dgHashAlgo: 'sha256', - // eContentHashAlgo: 'sha256', - // hashFunction: 'sha256', - // sigAlg: 'rsapss', - // domainParameter: '65537', - // keyLength: '2048', - // saltLength: '64', - // }, - // { - // dgHashAlgo: 'sha512', - // eContentHashAlgo: 'sha512', - // hashFunction: 'sha256', - // sigAlg: 'rsapss', - // domainParameter: '65537', - // keyLength: '2048', - // saltLength: '32', - // }, + hashFunction: 'sha256', + sigAlg: 'rsa', + domainParameter: '3', + keyLength: '4096', + }, ]; export const fullSigAlgs: TestCase[] = [ diff --git a/circuits/tests/register_id/test_cases.ts b/circuits/tests/register_id/test_cases.ts index 2c47b752d..fabe3432c 100644 --- a/circuits/tests/register_id/test_cases.ts +++ b/circuits/tests/register_id/test_cases.ts @@ -18,88 +18,6 @@ export const sigAlgs: TestCase[] = [ domainParameter: '65537', keyLength: '4096', }, - { - dgHashAlgo: 'sha256', - eContentHashAlgo: 'sha256', - hashFunction: 'sha224', - sigAlg: 'ecdsa', - domainParameter: 'secp224r1', - keyLength: '224', - }, - { - dgHashAlgo: 'sha256', - eContentHashAlgo: 'sha256', - hashFunction: 'sha256', - sigAlg: 'ecdsa', - domainParameter: 'brainpoolP256r1', - keyLength: '256', - }, - { - dgHashAlgo: 'sha256', - eContentHashAlgo: 'sha256', - hashFunction: 'sha256', - sigAlg: 'ecdsa', - domainParameter: 'secp256r1', - keyLength: '256', - }, - { - dgHashAlgo: 'sha256', - eContentHashAlgo: 'sha256', - hashFunction: 'sha256', - sigAlg: 'rsa', - domainParameter: '3', - keyLength: '4096', - }, - { - dgHashAlgo: 'sha256', - eContentHashAlgo: 'sha256', - hashFunction: 'sha256', - sigAlg: 'rsa', - domainParameter: '65537', - keyLength: '4096', - }, - { - dgHashAlgo: 'sha256', - eContentHashAlgo: 'sha256', - hashFunction: 'sha256', - sigAlg: 'rsapss', - domainParameter: '3', - keyLength: '2048', - }, - { - dgHashAlgo: 'sha256', - eContentHashAlgo: 'sha256', - hashFunction: 'sha256', - sigAlg: 'rsapss', - domainParameter: '65537', - keyLength: '2048', - }, - { - dgHashAlgo: 'sha256', - eContentHashAlgo: 'sha256', - hashFunction: 'sha256', - sigAlg: 'rsapss', - domainParameter: '65537', - keyLength: '3072', - }, - { - dgHashAlgo: 'sha256', - eContentHashAlgo: 'sha256', - hashFunction: 'sha256', - sigAlg: 'rsapss', - domainParameter: '65537', - keyLength: '2048', - saltLength: '64', - }, - { - dgHashAlgo: 'sha512', - eContentHashAlgo: 'sha512', - hashFunction: 'sha256', - sigAlg: 'rsapss', - domainParameter: '65537', - keyLength: '2048', - saltLength: '32', - }, ]; export const fullSigAlgs: TestCase[] = [ From ae7a86fa82772f1468e2db3b3211afbef84c00dd Mon Sep 17 00:00:00 2001 From: Ayman Date: Mon, 1 Sep 2025 13:05:53 +0530 Subject: [PATCH 5/5] lint --- common/src/constants/mockCertificates.ts | 1 - 1 file changed, 1 deletion(-) diff --git a/common/src/constants/mockCertificates.ts b/common/src/constants/mockCertificates.ts index 5e3854169..ac71d459e 100644 --- a/common/src/constants/mockCertificates.ts +++ b/common/src/constants/mockCertificates.ts @@ -2684,4 +2684,3 @@ gQ3gMoLxoKlET6D3b0y+DJloVXhE4zNb7U/UheRKJeD/dXJO36+skDrZrRLU7z73 C0Zx8BA/peVhEJPXtRKsW60ZzCuQ5g== -----END PRIVATE KEY----- `; -