From a9d5f42363c29399a1ab09beac247be8a130ada8 Mon Sep 17 00:00:00 2001
From: ubuntu <hjkja0511@gmail.com>
Date: Fri, 18 Oct 2024 13:29:42 +0000
Subject: [PATCH] fix: suci profile encryptSharedKey front zero truncated

---
 pkg/suci/suci.go      | 17 ++++++++++++++---
 pkg/suci/suci_test.go |  5 +++++
 2 files changed, 19 insertions(+), 3 deletions(-)

diff --git a/pkg/suci/suci.go b/pkg/suci/suci.go
index 60d8ef4..e16cbe0 100644
--- a/pkg/suci/suci.go
+++ b/pkg/suci/suci.go
@@ -290,15 +290,16 @@ func profileB(input, supiType, privateKey string) (string, error) {
 	}
 
 	// x-coordinate is the shared key
-	decryptSharedKey, _ := elliptic.P256().ScalarMult(xUncompressed, yUncompressed, bHNPriv)
-	// fmt.Printf("deShared: %x\n", decryptSharedKey.Bytes())
+	decryptSharedKeyTmp, _ := elliptic.P256().ScalarMult(xUncompressed, yUncompressed, bHNPriv)
+	decryptSharedKey := FillFrontZero(decryptSharedKeyTmp, len(xUncompressed.Bytes()))
+	// fmt.Printf("deShared: %x\n", decryptSharedKey)
 
 	decryptPublicKeyForKDF := decryptPublicKey
 	if uncompressed {
 		decryptPublicKeyForKDF = CompressKey(decryptPublicKey, yUncompressed)
 	}
 
-	kdfKey := AnsiX963KDF(decryptSharedKey.Bytes(), decryptPublicKeyForKDF, ProfileBEncKeyLen, ProfileBMacKeyLen,
+	kdfKey := AnsiX963KDF(decryptSharedKey, decryptPublicKeyForKDF, ProfileBEncKeyLen, ProfileBMacKeyLen,
 		ProfileBHashLen)
 	// fmt.Printf("kdfKey: %x\n", kdfKey)
 	decryptEncKey := kdfKey[:ProfileBEncKeyLen]
@@ -320,6 +321,16 @@ func profileB(input, supiType, privateKey string) (string, error) {
 	return calcSchemeResult(decryptPlainText, supiType), nil
 }
 
+func FillFrontZero(input *big.Int, length int) []byte {
+	if len(input.Bytes()) >= length {
+		return input.Bytes()
+	}
+	result := make([]byte, length)
+	inputBytes := input.Bytes()
+	copy(result[length-len(inputBytes):], input.Bytes())
+	return result
+}
+
 // suci-0(SUPI type: IMSI)-mcc-mnc-routingIndicator-protectionScheme-homeNetworkPublicKeyID-schemeOutput.
 // TODO:
 // suci-1(SUPI type: NAI)-homeNetworkID-routingIndicator-protectionScheme-homeNetworkPublicKeyID-schemeOutput.
diff --git a/pkg/suci/suci_test.go b/pkg/suci/suci_test.go
index 4e72ed4..29bd94d 100644
--- a/pkg/suci/suci_test.go
+++ b/pkg/suci/suci_test.go
@@ -47,6 +47,11 @@ func TestToSupi(t *testing.T) {
 			expectedSupi: "",
 			expectedErr:  fmt.Errorf("crypto/elliptic: attempted operation on invalid point"),
 		},
+		{
+			suci:         "suci-0-001-01-0-2-2-03a7b1db2a9db9d44112b59d03d8243dc6089fd91d2ecb78f5d16298634682e94373888b22bdc9293d1681922e17",
+			expectedSupi: "imsi-001010123456789",
+			expectedErr:  nil,
+		},
 	}
 	for i, tc := range testCases {
 		supi, err := ToSupi(tc.suci, suciProfiles)