npm - @trustchex/react-native-sdk - Versions diffs - 1.381.0 → 1.464.0 - Mend

@trustchex/react-native-sdk 1.381.0 → 1.464.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (204) hide show

package/src/Shared/Components/NavigationManager.tsx CHANGED Viewed

@@ -18,9 +18,10 @@ import i18n from '../../Translation';
 import StyledButton from './StyledButton';
 import { analyticsService } from '../Services/AnalyticsService';
-// Simple global navigation lock
-let isNavigating = false;
-let lastNavigationTime = 0;
+// Navigation lock - use a ref-like pattern so unmounting resets state.
+// The module-level object is shared across all instances but the
+// cleanup effect in the component resets it on unmount.
+const navigationLock = { isNavigating: false, lastNavigationTime: 0 };
 export type NavigationManagerRef = {
   navigateToNextStep: () => void;
@@ -45,20 +46,22 @@ const NavigationManager = forwardRef(
         IDENTITY_DOCUMENT_SCAN: 'IdentityDocumentScanningScreen',
         IDENTITY_DOCUMENT_EID_SCAN: 'IdentityDocumentEIDScanningScreen',
         LIVENESS_CHECK: 'LivenessDetectionScreen',
+        VERBAL_CONSENT: 'VerbalConsentScreen',
+        VIDEO_CALL: 'VideoCallScreen',
       },
       RESULT: 'ResultScreen',
     };
     React.useEffect(() => {
       const handleFocus = () => {
-        isNavigating = false;
+        navigationLock.isNavigating = false;
       };
       navigation.addListener('focus', handleFocus);
       return () => {
         navigation.removeListener('focus', handleFocus);
-        isNavigating = false;
+        navigationLock.isNavigating = false;
       };
     }, [navigation]);
@@ -109,16 +112,26 @@ const NavigationManager = forwardRef(
           return routes.DYNAMIC_ROUTES.LIVENESS_CHECK;
         }
+        if (nextStep.type === 'VIDEO_CALL') {
+          return routes.DYNAMIC_ROUTES.VIDEO_CALL;
+        }
+        if (nextStep.type === 'VERBAL_CONSENT') {
+          return routes.DYNAMIC_ROUTES.VERBAL_CONSENT;
+        }
         return routes.VERIFICATION_SESSION_CHECK;
       },
       [
         appContext,
         routes.VERIFICATION_SESSION_CHECK,
+        routes.RESULT,
         routes.DYNAMIC_ROUTES.CONTRACT_ACCEPTANCE,
-        routes.DYNAMIC_ROUTES.IDENTITY_DOCUMENT_EID_SCAN,
         routes.DYNAMIC_ROUTES.IDENTITY_DOCUMENT_SCAN,
+        routes.DYNAMIC_ROUTES.IDENTITY_DOCUMENT_EID_SCAN,
         routes.DYNAMIC_ROUTES.LIVENESS_CHECK,
-        routes.RESULT,
+        routes.DYNAMIC_ROUTES.VIDEO_CALL,
+        routes.DYNAMIC_ROUTES.VERBAL_CONSENT,
       ]
     );
@@ -127,14 +140,15 @@ const NavigationManager = forwardRef(
       const minTimeBetweenNavigation = 1000;
       if (
-        isNavigating ||
-        currentTime - lastNavigationTime < minTimeBetweenNavigation
+        navigationLock.isNavigating ||
+        currentTime - navigationLock.lastNavigationTime <
+          minTimeBetweenNavigation
       ) {
         return;
       }
-      isNavigating = true;
-      lastNavigationTime = currentTime;
+      navigationLock.isNavigating = true;
+      navigationLock.lastNavigationTime = currentTime;
       try {
         const nextRoute = getNextRoute(
@@ -151,12 +165,12 @@ const NavigationManager = forwardRef(
           })
         );
       } catch (error) {
-        isNavigating = false;
+        navigationLock.isNavigating = false;
         throw error;
       }
       setTimeout(() => {
-        isNavigating = false;
+        navigationLock.isNavigating = false;
       }, 1000);
     }, [
       getNextRoute,
@@ -166,7 +180,7 @@ const NavigationManager = forwardRef(
     ]);
     const goToNextRouteWithAlert = useCallback(() => {
-      if (isNavigating) {
+      if (navigationLock.isNavigating) {
         return;
       }
@@ -187,11 +201,11 @@ const NavigationManager = forwardRef(
     }, [goToNextRoute, t]);
     const reset = useCallback(() => {
-      if (isNavigating) {
+      if (navigationLock.isNavigating) {
         return;
       }
-      isNavigating = true;
+      navigationLock.isNavigating = true;
       try {
         // Preserve demo session state when resetting
@@ -207,7 +221,14 @@ const NavigationManager = forwardRef(
             deviceInfo: '',
           },
           locale: appContext.locale || i18n.language,
+          // Explicitly reset collected data fields
+          scannedDocument: undefined,
+          livenessDetection: undefined,
+          authToken: undefined,
+          videoSessionId: undefined,
         };
+        // Reset branding to defaults while preserving any custom values
         appContext.branding = {
           logoUrl: appContext.branding?.logoUrl || '',
           primaryColor: appContext.branding?.primaryColor || '#000000',
@@ -220,6 +241,7 @@ const NavigationManager = forwardRef(
           appContext.setIsDemoSession?.(false);
           analyticsService.setDemoSession(false);
         }
+        appContext.isTestVideoSession = false;
         navigation.dispatch(
           CommonActions.reset({
@@ -228,17 +250,17 @@ const NavigationManager = forwardRef(
           })
         );
       } catch (error) {
-        isNavigating = false;
+        navigationLock.isNavigating = false;
         throw error;
       }
       setTimeout(() => {
-        isNavigating = false;
+        navigationLock.isNavigating = false;
       }, 1000);
     }, [appContext, navigation, routes.VERIFICATION_SESSION_CHECK]);
     usePreventRemove(true, ({ data }) => {
-      if (data.action.type === 'RESET') {
+      if (data?.action?.type === 'RESET') {
         navigation.dispatch(data.action);
       }
     });

package/src/Shared/Contexts/AppContext.ts CHANGED Viewed

@@ -18,6 +18,7 @@ export type AppContextType = {
   workflowSteps?: WorkflowStep[];
   currentWorkflowStep?: WorkflowStep;
   isDebugNavigated?: boolean;
+  isTestVideoSession?: boolean;
   onCompleted?: () => void;
   onError?: (error: string) => void;
   setSessionId?: (id: string) => void;
@@ -47,6 +48,7 @@ export default createContext<AppContextType>({
   workflowSteps: [],
   currentWorkflowStep: undefined,
   isDebugNavigated: false,
+  isTestVideoSession: false,
   onCompleted: undefined,
   onError: undefined,
   setSessionId: undefined,

package/src/Shared/EIDReader/aesSecureMessagingWrapper.ts ADDED Viewed

@@ -0,0 +1,69 @@
+import { SecureMessagingWrapper } from './secureMessagingWrapper';
+import { Buffer } from 'buffer';
+import {
+  aesEncryptCBC,
+  aesDecryptCBC,
+  aesEncryptECB,
+  aesCMAC,
+} from './utils/aesCrypto.utils';
+/**
+ * AES-based secure messaging wrapper for PACE.
+ *
+ * Uses AES-CBC for encryption and AES-CMAC for MAC computation,
+ * as specified in ICAO Doc 9303 Part 11.
+ */
+export class AESSecureMessagingWrapper extends SecureMessagingWrapper {
+  constructor(
+    ksEnc: string,
+    ksMac: string,
+    maxTransceiveLength: number,
+    shouldCheckMAC: boolean,
+    ssc: bigint
+  ) {
+    super(ksEnc, ksMac, maxTransceiveLength, shouldCheckMAC, ssc);
+  }
+  public getType(): string {
+    return 'AES';
+  }
+  protected getPadLength(): number {
+    return 16;
+  }
+  protected getIV(): number[] {
+    // AES IV is E(ksEnc, SSC)
+    const sscHex = Buffer.from(this.getEncodedSendSequenceCounter()).toString(
+      'hex'
+    );
+    const ivHex = aesEncryptECB(sscHex, this.getEncryptionKey());
+    return Array.from(Buffer.from(ivHex, 'hex'));
+  }
+  protected encrypt(dataHex: string, keyHex: string): string {
+    const ivHex = Buffer.from(this.getIV()).toString('hex');
+    return aesEncryptCBC(dataHex, keyHex, ivHex);
+  }
+  protected decrypt(dataHex: string, keyHex: string): string {
+    const ivHex = Buffer.from(this.getIV()).toString('hex');
+    return aesDecryptCBC(dataHex, keyHex, ivHex);
+  }
+  protected computeMAC(dataHex: string, keyHex: string): string {
+    return aesCMAC(dataHex, keyHex);
+  }
+  public getEncodedSendSequenceCounter(): Uint8Array {
+    // AES uses 16-byte SSC (128-bit counter)
+    const ssc = this.getSendSequenceCounter();
+    const bytes = new Uint8Array(16);
+    let remaining = ssc;
+    for (let i = 15; i >= 0; i--) {
+      bytes[i] = Number(remaining & 0xffn);
+      remaining >>= 8n;
+    }
+    return bytes;
+  }
+}

package/src/Shared/EIDReader/apduLevelPACECapable.ts ADDED Viewed

@@ -0,0 +1,34 @@
+import type { APDUWrapper } from './smartcards/apduWrapper';
+export interface APDULevelPACECapable {
+  /**
+   * Sends MSE:Set AT for mutual authentication (PACE).
+   *
+   * @param wrapper the existing secure messaging wrapper (or null)
+   * @param oid the PACE protocol OID
+   * @param refPublicKeyOrSecretKey the key reference (0x01 = MRZ, 0x02 = CAN, etc.)
+   * @param refPrivateKeyOrForComputingSessionKey optional parameter ID
+   */
+  sendMSESetATMutualAuth(
+    wrapper: APDUWrapper | null,
+    oid: string,
+    refPublicKeyOrSecretKey: number,
+    refPrivateKeyOrForComputingSessionKey: number[] | null
+  ): Promise<void>;
+  /**
+   * Sends a General Authenticate command for PACE.
+   *
+   * @param wrapper the existing secure messaging wrapper (or null)
+   * @param data the data to send (without 0x7C wrapper)
+   * @param le expected response length
+   * @param isLast whether this is the last command in the chain
+   * @returns the response data (without 0x7C wrapper)
+   */
+  sendGeneralAuthenticate(
+    wrapper: APDUWrapper | null,
+    data: number[],
+    le: number,
+    isLast: boolean
+  ): Promise<number[]>;
+}

package/src/Shared/EIDReader/bacKey.ts CHANGED Viewed

@@ -79,19 +79,35 @@ export class BACKey implements BACKeySpec {
    */
   public getKey() {
     try {
-      const mrz =
-        this.documentNumber +
-        MRZInfo.checkDigit(this.documentNumber, false) +
-        this.dateOfBirth +
-        MRZInfo.checkDigit(this.dateOfBirth, false) +
-        this.dateOfExpiry +
-        MRZInfo.checkDigit(this.dateOfExpiry, false);
-      return cryptoUtils.computeKeySeed(mrz, 'SHA-1', true);
+      return cryptoUtils.computeKeySeed(this.getMRZString(), 'SHA-1', true);
     } catch (gse) {
       throw new Error('Unexpected exception');
     }
   }
+  /**
+   * Returns the key seed for PACE, which is the full (non-truncated) SHA-1 hash
+   * of the MRZ info. PACE uses the full 20-byte hash unlike BAC which truncates to 16.
+   */
+  public getKeySeedForPACE(): string {
+    try {
+      return cryptoUtils.computeKeySeed(this.getMRZString(), 'SHA-1', false);
+    } catch (gse) {
+      throw new Error('Unexpected exception');
+    }
+  }
+  private getMRZString(): string {
+    return (
+      this.documentNumber +
+      MRZInfo.checkDigit(this.documentNumber, false) +
+      this.dateOfBirth +
+      MRZInfo.checkDigit(this.dateOfBirth, false) +
+      this.dateOfExpiry +
+      MRZInfo.checkDigit(this.dateOfExpiry, false)
+    );
+  }
   /**
    * Sets the document number.
    *