rarimo · Arvolear · Oct 30, 2024 · Oct 7, 2024 · Oct 7, 2024 · Oct 9, 2024
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,5 +1,57 @@
 # Changelog
 
+## [0.1.1]
+
+* A handful of new algorithms are now supported. New constants have been added:
+    1. **Certificate dispatchers**
+
+    ```solidity
+    C_RSA_SHA1_4096 = keccak256("C_RSA_SHA1_4096");
+    C_RSA_SHA1_2048 = keccak256("C_RSA_SHA1_2048");
+    C_RSAPSS_SHA2_2048 = keccak256("C_RSAPSS_SHA2_2048");
+    C_RSAPSS_SHA2_4096 = keccak256("C_RSAPSS_SHA2_4096");
+    C_RSAPSS_SHA512_2048 = keccak256("C_RSAPSS_SHA512_2048");
+    C_RSAPSS_SHA512_4096 = keccak256("C_RSAPSS_SHA512_4096");
+    C_ECDSA_SECP384R1_SHA2_512 = keccak256("C_ECDSA_SECP384R1_SHA2_512");
+    ```
+
+    2. **Passport dispatchers**
+
+    ```solidity
+    P_RSA_SHA2_2688 = keccak256("P_RSA_SHA2_2688");
+    P_RSA_SHA2_2688_3 = keccak256("P_RSA_SHA2_2688_3");
+    ```
+
+    3. **Passport verifiers**
+
+    ```solidity
+    // Per Passport
+    Z_PER_PASSPORT_1_256_3_5_576_248_NA = keccak256("Z_PER_PASSPORT_1_256_3_5_576_248_NA");
+    Z_PER_PASSPORT_1_256_3_6_576_248_1_2432_5_296 = keccak256("Z_PER_PASSPORT_1_256_3_6_576_248_1_2432_5_296");
+    Z_PER_PASSPORT_2_256_3_6_336_264_21_2448_6_2008 = keccak256("Z_PER_PASSPORT_2_256_3_6_336_264_21_2448_6_2008");
+    Z_PER_PASSPORT_21_256_3_7_336_264_21_3072_6_2008 = keccak256("Z_PER_PASSPORT_21_256_3_7_336_264_21_3072_6_2008");
+    Z_PER_PASSPORT_1_256_3_6_576_264_1_2448_3_256 = keccak256("Z_PER_PASSPORT_1_256_3_6_576_264_1_2448_3_256");
+    Z_PER_PASSPORT_2_256_3_6_336_248_1_2432_3_256 = keccak256("Z_PER_PASSPORT_2_256_3_6_336_248_1_2432_3_256");
+    Z_PER_PASSPORT_2_256_3_6_576_248_1_2432_3_256 = keccak256("Z_PER_PASSPORT_2_256_3_6_576_248_1_2432_3_256");
+    Z_PER_PASSPORT_11_256_3_3_576_248_1_1184_5_264 = keccak256("Z_PER_PASSPORT_11_256_3_3_576_248_1_1184_5_264");
+    Z_PER_PASSPORT_12_256_3_3_336_232_NA = keccak256("Z_PER_PASSPORT_12_256_3_3_336_232_NA");
+    Z_PER_PASSPORT_1_256_3_4_336_232_1_1480_5_296 = keccak256("Z_PER_PASSPORT_1_256_3_4_336_232_1_1480_5_296");
+    Z_PER_PASSPORT_1_256_3_4_600_248_1_1496_3_256 = keccak256("Z_PER_PASSPORT_1_256_3_4_600_248_1_1496_3_256");
+
+    // Universal
+    Z_UNIVERSAL_2048_V2 = keccak256("Z_UNIVERSAL_2048_V2");
+    Z_UNIVERSAL_PSS_2048_S32_E2 = keccak256("Z_UNIVERSAL_PSS_2048_S32_E2");
+    Z_UNIVERSAL_PSS_2048_S32_E17 = keccak256("Z_UNIVERSAL_PSS_2048_S32_E17");
+    Z_UNIVERSAL_PSS_2048_S64_E17 = keccak256("Z_UNIVERSAL_PSS_2048_S64_E17");
+
+    // Georgia
+    Z_INTERNAL_OPT = keccak256("Z_INTERNAL_OPT");
+
+    // Montenegro
+    Z_MNE_OPT = keccak256("Z_MNE_OPT");
+    Z_MNE_OPT_2 = keccak256("Z_MNE_OPT_2");
+    ```
+
 ## [0.1.0]
 
 * Changed `StateKeeper` interface to always accept passport public keys together with passport hashes. Previously if a passport didn't have AA, a passport public key would be treated as a passport hash. Now these are separate variables where a passport public key may be zero.

diff --git a/contracts/certificate/dispatchers/CECDSADispatcher.sol b/contracts/certificate/dispatchers/CECDSADispatcher.sol
@@ -0,0 +1,24 @@
+// SPDX-License-Identifier: MIT
+pragma solidity 0.8.16;
+
+import {AbstractCDispatcher} from "./abstract/AbstractCDispatcher.sol";
+
+import {Bytes2Poseidon} from "../../utils/Bytes2Poseidon.sol";
+
+contract CECDSADispatcher is AbstractCDispatcher {
+    using Bytes2Poseidon for bytes;
+
+    function __CECDSADispatcher_init(
+        address signer_,
+        uint256 keyByteLength_,
+        bytes calldata keyCheckPrefix_
+    ) external initializer {
+        __AbstractCDispatcher_init(signer_, keyByteLength_, keyCheckPrefix_);
+    }
+
+    function getCertificateKey(
+        bytes memory certificatePublicKey_
+    ) external pure override returns (uint256 keyHash_) {
+        return certificatePublicKey_.hash512();
+    }
+}
diff --git a/contracts/certificate/dispatchers/CRSADispatcher.sol b/contracts/certificate/dispatchers/CRSADispatcher.sol
@@ -1,78 +1,21 @@
 // SPDX-License-Identifier: MIT
 pragma solidity 0.8.16;
 
-import {PoseidonUnit5L} from "@iden3/contracts/lib/Poseidon.sol";
-
-import {Initializable} from "@openzeppelin/contracts-upgradeable/proxy/utils/Initializable.sol";
-
-import {ICertificateDispatcher} from "../../interfaces/dispatchers/ICertificateDispatcher.sol";
-import {ICertificateRSASigner} from "../../interfaces/signers/ICertificateRSASigner.sol";
+import {AbstractCDispatcher} from "./abstract/AbstractCDispatcher.sol";
 
 import {Bytes2Poseidon} from "../../utils/Bytes2Poseidon.sol";
-import {RSA} from "../../utils/RSA.sol";
-import {X509} from "../../utils/X509.sol";
 
-contract CRSADispatcher is ICertificateDispatcher, Initializable {
+contract CRSADispatcher is AbstractCDispatcher {
     using Bytes2Poseidon for bytes;
-    using X509 for bytes;
-    using RSA for bytes;
-
-    uint256 public keyByteLength;
-    bytes public keyCheckPrefix;
-
-    address public signer;
 
     function __CRSADispatcher_init(
         address signer_,
         uint256 keyByteLength_,
         bytes calldata keyCheckPrefix_
     ) external initializer {
-        signer = signer_;
-        keyByteLength = keyByteLength_;
-        keyCheckPrefix = keyCheckPrefix_;
-    }
-
-    /**
-     * @notice Verifies the ICAO master signature over certificate's signed attributes
-     */
-    function verifyICAOSignature(
-        bytes memory x509SignedAttributes_,
-        bytes memory icaoMemberSignature_,
-        bytes memory icaoMemberKey_
-    ) external view override returns (bool) {
-        return
-            ICertificateRSASigner(signer).verifyICAOSignature(
-                x509SignedAttributes_,
-                icaoMemberSignature_,
-                icaoMemberKey_
-            );
-    }
-
-    /**
-     * @notice Extracts the certificate's expiration timestamp from its signed attributes
-     */
-    function getCertificateExpirationTimestamp(
-        bytes memory x509SignedAttributes_,
-        uint256 byteOffset_
-    ) external pure override returns (uint256) {
-        return x509SignedAttributes_.extractExpirationTimestamp(byteOffset_);
-    }
-
-    /**
-     * @notice Extracts the certificate's public key from its signed attributes
-     */
-    function getCertificatePublicKey(
-        bytes memory x509SignedAttributes_,
-        uint256 byteOffset_
-    ) external view override returns (bytes memory) {
-        return x509SignedAttributes_.extractPublicKey(keyCheckPrefix, byteOffset_, keyByteLength);
+        __AbstractCDispatcher_init(signer_, keyByteLength_, keyCheckPrefix_);
     }
 
-    /**
-     * @notice Poseidon5 hash of the `x509KeyByteLength` long RSA X509 key.
-     *
-     * See X509 library for more information
-     */
     function getCertificateKey(
         bytes memory certificatePublicKey_
     ) external pure override returns (uint256 keyHash_) {

diff --git a/contracts/certificate/dispatchers/abstract/AbstractCDispatcher.sol b/contracts/certificate/dispatchers/abstract/AbstractCDispatcher.sol
@@ -0,0 +1,73 @@
+// SPDX-License-Identifier: MIT
+pragma solidity 0.8.16;
+
+import {Initializable} from "@openzeppelin/contracts-upgradeable/proxy/utils/Initializable.sol";
+
+import {ICertificateDispatcher} from "../../../interfaces/dispatchers/ICertificateDispatcher.sol";
+import {ICertificateSigner} from "../../../interfaces/signers/ICertificateSigner.sol";
+
+import {X509} from "../../../utils/X509.sol";
+
+abstract contract AbstractCDispatcher is ICertificateDispatcher, Initializable {
+    using X509 for bytes;
+
+    uint256 public keyByteLength;
+    bytes public keyCheckPrefix;
+
+    address public signer;
+
+    function __AbstractCDispatcher_init(
+        address signer_,
+        uint256 keyByteLength_,
+        bytes calldata keyCheckPrefix_
+    ) internal onlyInitializing {
+        signer = signer_;
+        keyByteLength = keyByteLength_;
+        keyCheckPrefix = keyCheckPrefix_;
+    }
+
+    /**
+     * @notice Verifies the ICAO master signature over certificate's signed attributes
+     */
+    function verifyICAOSignature(
+        bytes memory x509SignedAttributes_,
+        bytes memory icaoMemberSignature_,
+        bytes memory icaoMemberKey_
+    ) external view override returns (bool) {
+        return
+            ICertificateSigner(signer).verifyICAOSignature(
+                x509SignedAttributes_,
+                icaoMemberSignature_,
+                icaoMemberKey_
+            );
+    }
+
+    /**
+     * @notice Extracts the certificate's expiration timestamp from its signed attributes
+     */
+    function getCertificateExpirationTimestamp(
+        bytes memory x509SignedAttributes_,
+        uint256 byteOffset_
+    ) external pure override returns (uint256) {
+        return x509SignedAttributes_.extractExpirationTimestamp(byteOffset_);
+    }
+
+    /**
+     * @notice Extracts the certificate's public key from its signed attributes
+     */
+    function getCertificatePublicKey(
+        bytes memory x509SignedAttributes_,
+        uint256 byteOffset_
+    ) external view override returns (bytes memory) {
+        return x509SignedAttributes_.extractPublicKey(keyCheckPrefix, byteOffset_, keyByteLength);
+    }
+
+    /**
+     * @notice Poseidon5 hash of the `x509KeyByteLength` long RSA X509 key.
+     *
+     * See X509 library for more information
+     */
+    function getCertificateKey(
+        bytes memory certificatePublicKey_
+    ) external pure virtual override returns (uint256 keyHash_);
+}