@trustchex/react-native-sdk 1.409.0 → 1.472.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (171) hide show
  1. package/android/src/main/java/com/trustchex/reactnativesdk/TrustchexSDKModule.kt +2 -8
  2. package/android/src/main/java/com/trustchex/reactnativesdk/camera/TrustchexCameraView.kt +102 -4
  3. package/ios/Camera/TrustchexCameraView.swift +151 -18
  4. package/ios/Permission/PermissionModule.m +22 -0
  5. package/ios/Permission/PermissionModule.swift +67 -0
  6. package/lib/module/Screens/Debug/NFCScanTestScreen.js +635 -0
  7. package/lib/module/Screens/Dynamic/ContractAcceptanceScreen.js +1 -4
  8. package/lib/module/Screens/Dynamic/IdentityDocumentEIDScanningScreen.js +17 -4
  9. package/lib/module/Screens/Dynamic/LivenessDetectionScreen.js +125 -25
  10. package/lib/module/Screens/Dynamic/VerbalConsentScreen.js +1079 -0
  11. package/lib/module/Screens/Dynamic/VideoCallScreen.js +10 -13
  12. package/lib/module/Screens/Static/ResultScreen.js +131 -22
  13. package/lib/module/Screens/Static/VerificationSessionCheckScreen.js +8 -0
  14. package/lib/module/Shared/Animations/recording.json +1 -0
  15. package/lib/module/Shared/Components/DebugNavigationPanel.js +69 -71
  16. package/lib/module/Shared/Components/EIDScanner.js +222 -115
  17. package/lib/module/Shared/Components/FaceCamera.js +14 -8
  18. package/lib/module/Shared/Components/IdentityDocumentCamera.flows.js +5 -3
  19. package/lib/module/Shared/Components/IdentityDocumentCamera.js +60 -42
  20. package/lib/module/Shared/Components/IdentityDocumentCamera.utils.js +13 -4
  21. package/lib/module/Shared/Components/NavigationManager.js +24 -16
  22. package/lib/module/Shared/EIDReader/aesSecureMessagingWrapper.js +51 -0
  23. package/lib/module/Shared/EIDReader/apduLevelPACECapable.js +3 -0
  24. package/lib/module/Shared/EIDReader/bacKey.js +16 -2
  25. package/lib/module/Shared/EIDReader/eidReader.js +354 -13
  26. package/lib/module/Shared/EIDReader/eidService.js +25 -1
  27. package/lib/module/Shared/EIDReader/nfcManagerCardService.js +4 -7
  28. package/lib/module/Shared/EIDReader/paceInfo.js +85 -0
  29. package/lib/module/Shared/EIDReader/paceKeySpec.js +51 -0
  30. package/lib/module/Shared/EIDReader/protocol/paceAPDUSender.js +100 -0
  31. package/lib/module/Shared/EIDReader/protocol/paceProtocol.js +655 -0
  32. package/lib/module/Shared/EIDReader/protocol/paceResult.js +37 -0
  33. package/lib/module/Shared/EIDReader/secureMessagingWrapper.js +27 -4
  34. package/lib/module/Shared/EIDReader/smartcards/commandAPDU.js +2 -1
  35. package/lib/module/Shared/EIDReader/tlv/tlv.helpers.js +1 -1
  36. package/lib/module/Shared/EIDReader/tlv/tlv.utils.js +6 -3
  37. package/lib/module/Shared/EIDReader/utils/aesCrypto.utils.js +189 -0
  38. package/lib/module/Shared/Libs/PERMISSIONS_MANAGER.md +268 -0
  39. package/lib/module/Shared/Libs/analytics.utils.js +4 -0
  40. package/lib/module/Shared/Libs/contains.js +1 -40
  41. package/lib/module/Shared/Libs/country-display.utils.js +34 -0
  42. package/lib/module/Shared/Libs/demo.utils.js +8 -0
  43. package/lib/module/Shared/Libs/index.js +20 -0
  44. package/lib/module/Shared/Libs/mrz.utils.js +3 -2
  45. package/lib/module/Shared/Libs/permissions.utils.js +199 -0
  46. package/lib/module/Shared/Libs/status-bar.utils.js +4 -2
  47. package/lib/module/Shared/Types/analytics.types.js +2 -0
  48. package/lib/module/Translation/Resources/en.js +42 -2
  49. package/lib/module/Translation/Resources/tr.js +42 -2
  50. package/lib/module/Trustchex.js +54 -20
  51. package/lib/module/version.js +1 -1
  52. package/lib/typescript/src/Screens/Debug/NFCScanTestScreen.d.ts +3 -0
  53. package/lib/typescript/src/Screens/Debug/NFCScanTestScreen.d.ts.map +1 -0
  54. package/lib/typescript/src/Screens/Dynamic/ContractAcceptanceScreen.d.ts.map +1 -1
  55. package/lib/typescript/src/Screens/Dynamic/IdentityDocumentEIDScanningScreen.d.ts.map +1 -1
  56. package/lib/typescript/src/Screens/Dynamic/LivenessDetectionScreen.d.ts.map +1 -1
  57. package/lib/typescript/src/Screens/Dynamic/VerbalConsentScreen.d.ts +3 -0
  58. package/lib/typescript/src/Screens/Dynamic/VerbalConsentScreen.d.ts.map +1 -0
  59. package/lib/typescript/src/Screens/Dynamic/VideoCallScreen.d.ts.map +1 -1
  60. package/lib/typescript/src/Screens/Static/ResultScreen.d.ts.map +1 -1
  61. package/lib/typescript/src/Screens/Static/VerificationSessionCheckScreen.d.ts.map +1 -1
  62. package/lib/typescript/src/Shared/Components/DebugNavigationPanel.d.ts.map +1 -1
  63. package/lib/typescript/src/Shared/Components/EIDScanner.d.ts.map +1 -1
  64. package/lib/typescript/src/Shared/Components/FaceCamera.d.ts.map +1 -1
  65. package/lib/typescript/src/Shared/Components/IdentityDocumentCamera.d.ts.map +1 -1
  66. package/lib/typescript/src/Shared/Components/IdentityDocumentCamera.flows.d.ts +1 -1
  67. package/lib/typescript/src/Shared/Components/IdentityDocumentCamera.flows.d.ts.map +1 -1
  68. package/lib/typescript/src/Shared/Components/IdentityDocumentCamera.utils.d.ts +5 -0
  69. package/lib/typescript/src/Shared/Components/IdentityDocumentCamera.utils.d.ts.map +1 -1
  70. package/lib/typescript/src/Shared/Components/NavigationManager.d.ts.map +1 -1
  71. package/lib/typescript/src/Shared/EIDReader/aesSecureMessagingWrapper.d.ts +18 -0
  72. package/lib/typescript/src/Shared/EIDReader/aesSecureMessagingWrapper.d.ts.map +1 -0
  73. package/lib/typescript/src/Shared/EIDReader/apduLevelPACECapable.d.ts +23 -0
  74. package/lib/typescript/src/Shared/EIDReader/apduLevelPACECapable.d.ts.map +1 -0
  75. package/lib/typescript/src/Shared/EIDReader/bacKey.d.ts +6 -0
  76. package/lib/typescript/src/Shared/EIDReader/bacKey.d.ts.map +1 -1
  77. package/lib/typescript/src/Shared/EIDReader/eidReader.d.ts.map +1 -1
  78. package/lib/typescript/src/Shared/EIDReader/eidService.d.ts +9 -0
  79. package/lib/typescript/src/Shared/EIDReader/eidService.d.ts.map +1 -1
  80. package/lib/typescript/src/Shared/EIDReader/nfcManagerCardService.d.ts.map +1 -1
  81. package/lib/typescript/src/Shared/EIDReader/paceInfo.d.ts +50 -0
  82. package/lib/typescript/src/Shared/EIDReader/paceInfo.d.ts.map +1 -0
  83. package/lib/typescript/src/Shared/EIDReader/paceKeySpec.d.ts +30 -0
  84. package/lib/typescript/src/Shared/EIDReader/paceKeySpec.d.ts.map +1 -0
  85. package/lib/typescript/src/Shared/EIDReader/protocol/paceAPDUSender.d.ts +17 -0
  86. package/lib/typescript/src/Shared/EIDReader/protocol/paceAPDUSender.d.ts.map +1 -0
  87. package/lib/typescript/src/Shared/EIDReader/protocol/paceProtocol.d.ts +105 -0
  88. package/lib/typescript/src/Shared/EIDReader/protocol/paceProtocol.d.ts.map +1 -0
  89. package/lib/typescript/src/Shared/EIDReader/protocol/paceResult.d.ts +24 -0
  90. package/lib/typescript/src/Shared/EIDReader/protocol/paceResult.d.ts.map +1 -0
  91. package/lib/typescript/src/Shared/EIDReader/secureMessagingWrapper.d.ts +15 -0
  92. package/lib/typescript/src/Shared/EIDReader/secureMessagingWrapper.d.ts.map +1 -1
  93. package/lib/typescript/src/Shared/EIDReader/smartcards/commandAPDU.d.ts.map +1 -1
  94. package/lib/typescript/src/Shared/EIDReader/tlv/tlv.utils.d.ts.map +1 -1
  95. package/lib/typescript/src/Shared/EIDReader/utils/aesCrypto.utils.d.ts +39 -0
  96. package/lib/typescript/src/Shared/EIDReader/utils/aesCrypto.utils.d.ts.map +1 -0
  97. package/lib/typescript/src/Shared/Libs/analytics.utils.d.ts.map +1 -1
  98. package/lib/typescript/src/Shared/Libs/contains.d.ts +0 -7
  99. package/lib/typescript/src/Shared/Libs/contains.d.ts.map +1 -1
  100. package/lib/typescript/src/Shared/Libs/country-display.utils.d.ts +2 -0
  101. package/lib/typescript/src/Shared/Libs/country-display.utils.d.ts.map +1 -0
  102. package/lib/typescript/src/Shared/Libs/demo.utils.d.ts.map +1 -1
  103. package/lib/typescript/src/Shared/Libs/http-client.d.ts +1 -1
  104. package/lib/typescript/src/Shared/Libs/http-client.d.ts.map +1 -1
  105. package/lib/typescript/src/Shared/Libs/index.d.ts +20 -0
  106. package/lib/typescript/src/Shared/Libs/index.d.ts.map +1 -0
  107. package/lib/typescript/src/Shared/Libs/mrz.utils.d.ts.map +1 -1
  108. package/lib/typescript/src/Shared/Libs/permissions.utils.d.ts +58 -0
  109. package/lib/typescript/src/Shared/Libs/permissions.utils.d.ts.map +1 -0
  110. package/lib/typescript/src/Shared/Libs/status-bar.utils.d.ts.map +1 -1
  111. package/lib/typescript/src/Shared/Types/analytics.types.d.ts +2 -0
  112. package/lib/typescript/src/Shared/Types/analytics.types.d.ts.map +1 -1
  113. package/lib/typescript/src/Shared/Types/identificationInfo.d.ts +10 -1
  114. package/lib/typescript/src/Shared/Types/identificationInfo.d.ts.map +1 -1
  115. package/lib/typescript/src/Translation/Resources/en.d.ts +41 -1
  116. package/lib/typescript/src/Translation/Resources/en.d.ts.map +1 -1
  117. package/lib/typescript/src/Translation/Resources/tr.d.ts +41 -1
  118. package/lib/typescript/src/Translation/Resources/tr.d.ts.map +1 -1
  119. package/lib/typescript/src/Trustchex.d.ts.map +1 -1
  120. package/lib/typescript/src/version.d.ts +1 -1
  121. package/package.json +7 -4
  122. package/src/Screens/Debug/NFCScanTestScreen.tsx +692 -0
  123. package/src/Screens/Dynamic/ContractAcceptanceScreen.tsx +1 -4
  124. package/src/Screens/Dynamic/IdentityDocumentEIDScanningScreen.tsx +21 -4
  125. package/src/Screens/Dynamic/LivenessDetectionScreen.tsx +165 -24
  126. package/src/Screens/Dynamic/VerbalConsentScreen.tsx +1401 -0
  127. package/src/Screens/Dynamic/VideoCallScreen.tsx +11 -20
  128. package/src/Screens/Static/ResultScreen.tsx +187 -31
  129. package/src/Screens/Static/VerificationSessionCheckScreen.tsx +9 -0
  130. package/src/Shared/Animations/recording.json +1 -0
  131. package/src/Shared/Components/DebugNavigationPanel.tsx +73 -48
  132. package/src/Shared/Components/EIDScanner.tsx +280 -119
  133. package/src/Shared/Components/FaceCamera.tsx +19 -16
  134. package/src/Shared/Components/IdentityDocumentCamera.flows.ts +7 -4
  135. package/src/Shared/Components/IdentityDocumentCamera.tsx +206 -191
  136. package/src/Shared/Components/IdentityDocumentCamera.utils.ts +13 -4
  137. package/src/Shared/Components/NavigationManager.tsx +27 -18
  138. package/src/Shared/EIDReader/aesSecureMessagingWrapper.ts +69 -0
  139. package/src/Shared/EIDReader/apduLevelPACECapable.ts +34 -0
  140. package/src/Shared/EIDReader/bacKey.ts +24 -8
  141. package/src/Shared/EIDReader/eidReader.ts +398 -12
  142. package/src/Shared/EIDReader/eidService.ts +49 -1
  143. package/src/Shared/EIDReader/nfcManagerCardService.ts +4 -6
  144. package/src/Shared/EIDReader/paceInfo.ts +159 -0
  145. package/src/Shared/EIDReader/paceKeySpec.ts +56 -0
  146. package/src/Shared/EIDReader/protocol/paceAPDUSender.ts +163 -0
  147. package/src/Shared/EIDReader/protocol/paceProtocol.ts +946 -0
  148. package/src/Shared/EIDReader/protocol/paceResult.ts +62 -0
  149. package/src/Shared/EIDReader/secureMessagingWrapper.ts +28 -10
  150. package/src/Shared/EIDReader/smartcards/commandAPDU.ts +2 -1
  151. package/src/Shared/EIDReader/tlv/tlv.helpers.ts +1 -1
  152. package/src/Shared/EIDReader/tlv/tlv.utils.ts +8 -5
  153. package/src/Shared/EIDReader/utils/aesCrypto.utils.ts +217 -0
  154. package/src/Shared/Libs/PERMISSIONS_MANAGER.md +268 -0
  155. package/src/Shared/Libs/analytics.utils.ts +4 -0
  156. package/src/Shared/Libs/contains.ts +0 -53
  157. package/src/Shared/Libs/country-display.utils.ts +55 -0
  158. package/src/Shared/Libs/crypto.utils.ts +2 -2
  159. package/src/Shared/Libs/demo.utils.ts +10 -0
  160. package/src/Shared/Libs/http-client.ts +12 -4
  161. package/src/Shared/Libs/index.ts +63 -0
  162. package/src/Shared/Libs/mrz.utils.ts +3 -2
  163. package/src/Shared/Libs/permissions.utils.ts +251 -0
  164. package/src/Shared/Libs/status-bar.utils.ts +4 -2
  165. package/src/Shared/Services/VideoSessionService.ts +1 -1
  166. package/src/Shared/Types/analytics.types.ts +2 -0
  167. package/src/Shared/Types/identificationInfo.ts +11 -0
  168. package/src/Translation/Resources/en.ts +64 -3
  169. package/src/Translation/Resources/tr.ts +63 -3
  170. package/src/Trustchex.tsx +53 -17
  171. package/src/version.ts +1 -1
@@ -0,0 +1,62 @@
1
+ import type { AccessKeySpec } from '../accessKeySpec';
2
+ import type { SecureMessagingWrapper } from '../secureMessagingWrapper';
3
+ import type { MappingType } from '../paceInfo';
4
+
5
+ /**
6
+ * Result of PACE protocol execution.
7
+ */
8
+ export class PACEResult {
9
+ private paceKey: AccessKeySpec;
10
+ private mappingType: MappingType;
11
+ private agreementAlg: string;
12
+ private cipherAlg: string;
13
+ private digestAlg: string;
14
+ private keyLength: number;
15
+ private wrapper: SecureMessagingWrapper;
16
+
17
+ constructor(
18
+ paceKey: AccessKeySpec,
19
+ mappingType: MappingType,
20
+ agreementAlg: string,
21
+ cipherAlg: string,
22
+ digestAlg: string,
23
+ keyLength: number,
24
+ wrapper: SecureMessagingWrapper
25
+ ) {
26
+ this.paceKey = paceKey;
27
+ this.mappingType = mappingType;
28
+ this.agreementAlg = agreementAlg;
29
+ this.cipherAlg = cipherAlg;
30
+ this.digestAlg = digestAlg;
31
+ this.keyLength = keyLength;
32
+ this.wrapper = wrapper;
33
+ }
34
+
35
+ public getPACEKey(): AccessKeySpec {
36
+ return this.paceKey;
37
+ }
38
+
39
+ public getMappingType(): MappingType {
40
+ return this.mappingType;
41
+ }
42
+
43
+ public getAgreementAlg(): string {
44
+ return this.agreementAlg;
45
+ }
46
+
47
+ public getCipherAlg(): string {
48
+ return this.cipherAlg;
49
+ }
50
+
51
+ public getDigestAlg(): string {
52
+ return this.digestAlg;
53
+ }
54
+
55
+ public getKeyLength(): number {
56
+ return this.keyLength;
57
+ }
58
+
59
+ public getWrapper(): SecureMessagingWrapper {
60
+ return this.wrapper;
61
+ }
62
+ }
@@ -87,7 +87,7 @@ export abstract class SecureMessagingWrapper implements APDUWrapper {
87
87
  dataOutputStream.push(...paddedData);
88
88
  let cc2 = Uint8Array.from(
89
89
  Buffer.from(
90
- cryptoUtils.computeMac(
90
+ this.computeMAC(
91
91
  Buffer.from(dataOutputStream).toString('hex'),
92
92
  this.ksMac
93
93
  ),
@@ -116,6 +116,30 @@ export abstract class SecureMessagingWrapper implements APDUWrapper {
116
116
 
117
117
  protected abstract getEncodedSendSequenceCounter(): Uint8Array;
118
118
 
119
+ /**
120
+ * Encrypt data using the session encryption key.
121
+ * Subclasses override for AES vs 3DES.
122
+ */
123
+ protected encrypt(dataHex: string, keyHex: string): string {
124
+ return cryptoUtils.encryptWith3DES(dataHex, keyHex);
125
+ }
126
+
127
+ /**
128
+ * Decrypt data using the session encryption key.
129
+ * Subclasses override for AES vs 3DES.
130
+ */
131
+ protected decrypt(dataHex: string, keyHex: string): string {
132
+ return cryptoUtils.decryptWith3DES(dataHex, keyHex);
133
+ }
134
+
135
+ /**
136
+ * Compute MAC over data using the session MAC key.
137
+ * Subclasses override for AES-CMAC vs 3DES MAC.
138
+ */
139
+ protected computeMAC(dataHex: string, keyHex: string): string {
140
+ return cryptoUtils.computeMac(dataHex, keyHex);
141
+ }
142
+
119
143
  private wrapCommandAPDU(commandAPDU: CommandAPDU): CommandAPDU {
120
144
  const cla = commandAPDU.getCLA();
121
145
  const ins = commandAPDU.getINS();
@@ -149,10 +173,7 @@ export abstract class SecureMessagingWrapper implements APDUWrapper {
149
173
  this.getPadLength()
150
174
  );
151
175
  const ciphertext = Buffer.from(
152
- cryptoUtils.encryptWith3DES(
153
- Buffer.from(data).toString('hex'),
154
- this.ksEnc
155
- ),
176
+ this.encrypt(Buffer.from(data).toString('hex'), this.ksEnc),
156
177
  'hex'
157
178
  );
158
179
  output.push(hasDO85 ? 0x85 : 0x87);
@@ -180,7 +201,7 @@ export abstract class SecureMessagingWrapper implements APDUWrapper {
180
201
  );
181
202
 
182
203
  const cc = Buffer.from(
183
- cryptoUtils.computeMac(Buffer.from(n).toString('hex'), this.ksMac),
204
+ this.computeMAC(Buffer.from(n).toString('hex'), this.ksMac),
184
205
  'hex'
185
206
  );
186
207
  let ccLength = cc.length;
@@ -329,10 +350,7 @@ export abstract class SecureMessagingWrapper implements APDUWrapper {
329
350
  inputStream.readFully(ciphertext);
330
351
  const paddedData = Array.from(
331
352
  Buffer.from(
332
- cryptoUtils.decryptWith3DES(
333
- Buffer.from(ciphertext).toString('hex'),
334
- this.ksEnc
335
- ),
353
+ this.decrypt(Buffer.from(ciphertext).toString('hex'), this.ksEnc),
336
354
  'hex'
337
355
  )
338
356
  );
@@ -18,7 +18,8 @@ export class CommandAPDU {
18
18
  ne?: number
19
19
  ) {
20
20
  this.nc = dataLength || 0;
21
- this.ne = ne || 0;
21
+ // Java JMRTD uses -1 to mean "no Le field" (ne=0). Guard against negatives.
22
+ this.ne = ne == null || ne < 0 ? 0 : ne;
22
23
  this.apdu = this.buildAPDU(
23
24
  cla,
24
25
  ins,
@@ -88,7 +88,7 @@ export class TLVHelpers extends ASN1Constants {
88
88
  private static log(n: number, base: number): number {
89
89
  let result = 0;
90
90
  while (n > 0) {
91
- n = n / base;
91
+ n = Math.floor(n / base);
92
92
  result++;
93
93
  }
94
94
  return result;
@@ -6,7 +6,6 @@ import { Buffer } from 'buffer';
6
6
  import { TLVHelpers } from './tlv.helpers';
7
7
 
8
8
  class TLVUtil extends TLVHelpers {
9
-
10
9
  public static wrapDO(tag: number, data: number[]): Uint8Array {
11
10
  if (data == null) {
12
11
  throw new Error('Data to wrap is null');
@@ -49,7 +48,7 @@ class TLVUtil extends TLVHelpers {
49
48
  const actualTag = await tlvInputStream.readTag();
50
49
  if (actualTag !== expectedTag) {
51
50
  throw new Error(
52
- `Expected tag ${expectedTag.toString(16)}, found tag ${actualTag.toString(16)}`
51
+ `Expected TLV tag 0x${expectedTag.toString(16)}, found 0x${actualTag.toString(16)} in data: ${Buffer.from(wrappedData.slice(0, 16)).toString('hex')}`
53
52
  );
54
53
  }
55
54
 
@@ -61,8 +60,13 @@ class TLVUtil extends TLVHelpers {
61
60
  }
62
61
  return result;
63
62
  } catch (ioe) {
64
- // Never happens.
65
- throw new Error('Error reading from stream');
63
+ // Re-throw original error with context rather than masking it
64
+ if (ioe instanceof Error && ioe.message.includes('Expected TLV tag')) {
65
+ throw ioe;
66
+ }
67
+ throw new Error(
68
+ `TLV unwrap error (expected tag 0x${expectedTag.toString(16)}): ${ioe instanceof Error ? ioe.message : String(ioe)}`
69
+ );
66
70
  } finally {
67
71
  try {
68
72
  tlvInputStream.close();
@@ -72,7 +76,6 @@ class TLVUtil extends TLVHelpers {
72
76
  }
73
77
  }
74
78
  }
75
-
76
79
  }
77
80
 
78
81
  export default TLVUtil;
@@ -0,0 +1,217 @@
1
+ import CryptoJS from 'crypto-js';
2
+ import { Buffer } from 'buffer';
3
+ import 'react-native-get-random-values';
4
+
5
+ /**
6
+ * AES cryptographic utilities for PACE protocol.
7
+ */
8
+
9
+ /**
10
+ * Encrypt data using AES in CBC mode with zero IV.
11
+ */
12
+ export const aesEncryptCBC = (
13
+ dataHex: string,
14
+ keyHex: string,
15
+ ivHex: string = '00000000000000000000000000000000'
16
+ ): string => {
17
+ const data = CryptoJS.enc.Hex.parse(dataHex);
18
+ const key = CryptoJS.enc.Hex.parse(keyHex);
19
+ const iv = CryptoJS.enc.Hex.parse(ivHex);
20
+
21
+ const encrypted = CryptoJS.AES.encrypt(data, key, {
22
+ mode: CryptoJS.mode.CBC,
23
+ padding: CryptoJS.pad.NoPadding,
24
+ iv,
25
+ });
26
+
27
+ return encrypted.ciphertext.toString(CryptoJS.enc.Hex);
28
+ };
29
+
30
+ /**
31
+ * Decrypt data using AES in CBC mode with zero IV.
32
+ */
33
+ export const aesDecryptCBC = (
34
+ dataHex: string,
35
+ keyHex: string,
36
+ ivHex: string = '00000000000000000000000000000000'
37
+ ): string => {
38
+ const data = CryptoJS.enc.Hex.parse(dataHex);
39
+ const key = CryptoJS.enc.Hex.parse(keyHex);
40
+ const iv = CryptoJS.enc.Hex.parse(ivHex);
41
+
42
+ const cipherParams = CryptoJS.lib.CipherParams.create({
43
+ ciphertext: data,
44
+ });
45
+
46
+ const decrypted = CryptoJS.AES.decrypt(cipherParams, key, {
47
+ mode: CryptoJS.mode.CBC,
48
+ padding: CryptoJS.pad.NoPadding,
49
+ iv,
50
+ });
51
+
52
+ return decrypted.toString(CryptoJS.enc.Hex);
53
+ };
54
+
55
+ /**
56
+ * Encrypt a single block with AES in ECB mode (for SSC encryption).
57
+ */
58
+ export const aesEncryptECB = (dataHex: string, keyHex: string): string => {
59
+ const data = CryptoJS.enc.Hex.parse(dataHex);
60
+ const key = CryptoJS.enc.Hex.parse(keyHex);
61
+
62
+ const encrypted = CryptoJS.AES.encrypt(data, key, {
63
+ mode: CryptoJS.mode.ECB,
64
+ padding: CryptoJS.pad.NoPadding,
65
+ });
66
+
67
+ return encrypted.ciphertext.toString(CryptoJS.enc.Hex);
68
+ };
69
+
70
+ /**
71
+ * Compute AES CMAC (OMAC1) as defined in RFC 4493.
72
+ */
73
+ export const aesCMAC = (dataHex: string, keyHex: string): string => {
74
+ const key = Buffer.from(keyHex, 'hex');
75
+ const data = Buffer.from(dataHex, 'hex');
76
+ const blockSize = 16;
77
+
78
+ // Step 1: Generate subkeys
79
+ const zeroBlock = '00000000000000000000000000000000';
80
+ const L = Buffer.from(aesEncryptECB(zeroBlock, keyHex), 'hex');
81
+ const K1 = generateSubkey(L);
82
+ const K2 = generateSubkey(K1);
83
+
84
+ // Step 2: Determine if we need to pad
85
+ const n = data.length === 0 ? 1 : Math.ceil(data.length / blockSize);
86
+ const lastBlockComplete = data.length > 0 && data.length % blockSize === 0;
87
+
88
+ // Step 3: Process last block
89
+ const lastBlock = Buffer.alloc(blockSize);
90
+ if (lastBlockComplete) {
91
+ const start = (n - 1) * blockSize;
92
+ for (let i = 0; i < blockSize; i++) {
93
+ lastBlock[i] = data[start + i] ^ K1[i];
94
+ }
95
+ } else {
96
+ // Pad with 10*
97
+ const start = (n - 1) * blockSize;
98
+ const remaining = data.length - start;
99
+ const padded = Buffer.alloc(blockSize);
100
+ for (let i = 0; i < remaining; i++) {
101
+ padded[i] = data[start + i];
102
+ }
103
+ padded[remaining] = 0x80;
104
+ for (let i = 0; i < blockSize; i++) {
105
+ lastBlock[i] = padded[i] ^ K2[i];
106
+ }
107
+ }
108
+
109
+ // Step 4: CBC-MAC
110
+ let X = Buffer.alloc(blockSize);
111
+ for (let i = 0; i < n - 1; i++) {
112
+ const block = data.subarray(i * blockSize, (i + 1) * blockSize);
113
+ const Y = Buffer.alloc(blockSize);
114
+ for (let j = 0; j < blockSize; j++) {
115
+ Y[j] = X[j] ^ block[j];
116
+ }
117
+ X = Buffer.from(aesEncryptECB(Y.toString('hex'), keyHex), 'hex');
118
+ }
119
+
120
+ // Process last block
121
+ const Y = Buffer.alloc(blockSize);
122
+ for (let j = 0; j < blockSize; j++) {
123
+ Y[j] = X[j] ^ lastBlock[j];
124
+ }
125
+ const T = aesEncryptECB(Y.toString('hex'), keyHex);
126
+
127
+ return T;
128
+ };
129
+
130
+ function generateSubkey(input: Buffer): Buffer {
131
+ const blockSize = 16;
132
+ const Rb = Buffer.alloc(blockSize);
133
+ Rb[blockSize - 1] = 0x87;
134
+
135
+ // Left shift by 1
136
+ const output = Buffer.alloc(blockSize);
137
+ const msb = (input[0] & 0x80) !== 0;
138
+ for (let i = 0; i < blockSize - 1; i++) {
139
+ output[i] = ((input[i] << 1) | (input[i + 1] >> 7)) & 0xff;
140
+ }
141
+ output[blockSize - 1] = (input[blockSize - 1] << 1) & 0xff;
142
+
143
+ if (msb) {
144
+ for (let i = 0; i < blockSize; i++) {
145
+ output[i] ^= Rb[i];
146
+ }
147
+ }
148
+
149
+ return output;
150
+ }
151
+
152
+ /**
153
+ * Derive AES key from shared secret using KDF as per TR-SAC.
154
+ *
155
+ * @param sharedSecretHex the shared secret bytes as hex
156
+ * @param cipherAlg 'AES' or 'DESede'
157
+ * @param keyLength 128, 192, or 256
158
+ * @param mode 1 = ENC, 2 = MAC, 3 = PACE
159
+ */
160
+ export const deriveKey = (
161
+ sharedSecretHex: string,
162
+ cipherAlg: string,
163
+ keyLength: number,
164
+ mode: number
165
+ ): string => {
166
+ const input = sharedSecretHex + '000000' + mode.toString(16).padStart(2, '0');
167
+
168
+ let hash: string;
169
+ if (cipherAlg === 'AES' && keyLength > 128) {
170
+ // Use SHA-256 for AES-192 and AES-256
171
+ hash = CryptoJS.SHA256(CryptoJS.enc.Hex.parse(input)).toString(
172
+ CryptoJS.enc.Hex
173
+ );
174
+ } else {
175
+ // Use SHA-1 for DESede and AES-128
176
+ hash = CryptoJS.SHA1(CryptoJS.enc.Hex.parse(input)).toString(
177
+ CryptoJS.enc.Hex
178
+ );
179
+ }
180
+
181
+ if (cipherAlg === 'DESede') {
182
+ // 3DES: 24-byte key (K1 || K2 || K1)
183
+ const ka = hash.substring(0, 16);
184
+ const kb = hash.substring(16, 32);
185
+ return ka + kb + ka;
186
+ } else {
187
+ // AES: return first keyLength/8 bytes
188
+ const keyBytes = keyLength / 4; // hex chars = keyLength / 8 * 2
189
+ return hash.substring(0, keyBytes);
190
+ }
191
+ };
192
+
193
+ /**
194
+ * Pad data using ISO 9797-1 method 2 with given block size.
195
+ */
196
+ export const padISO9797 = (data: Buffer, blockSize: number = 16): Buffer => {
197
+ const n = data.length;
198
+ const padLength = blockSize - (n % blockSize);
199
+ const out = Buffer.alloc(n + padLength);
200
+ data.copy(out);
201
+ out[n] = 0x80;
202
+ return out;
203
+ };
204
+
205
+ /**
206
+ * Unpad ISO 9797-1 method 2.
207
+ */
208
+ export const unpadISO9797 = (data: Buffer): Buffer => {
209
+ let i = data.length - 1;
210
+ while (i >= 0 && data[i] === 0x00) {
211
+ i--;
212
+ }
213
+ if (i >= 0 && data[i] === 0x80) {
214
+ return data.subarray(0, i);
215
+ }
216
+ return data;
217
+ };
@@ -0,0 +1,268 @@
1
+ # PermissionManager Documentation
2
+
3
+ ## Overview
4
+
5
+ `PermissionManager` is a centralized utility for handling all platform-specific permission requests (camera, microphone, NFC, etc.) in the React Native SDK. It abstracts away platform differences (iOS vs Android) and provides a clean, consistent API.
6
+
7
+ ## Location
8
+
9
+ - **File**: `src/Shared/Libs/permissions.utils.ts`
10
+ - **Export**: Can be imported from `src/Shared/Libs/index.ts`
11
+
12
+ ## Supported Permissions
13
+
14
+ ```typescript
15
+ type PermissionType = 'camera' | 'microphone' | 'nfc';
16
+ ```
17
+
18
+ | Permission | iOS | Android | Notes |
19
+ | ------------ | --- | ------- | ---------------------------------------- |
20
+ | `camera` | ✅ | ✅ | Camera access for video recording |
21
+ | `microphone` | ✅ | ✅ | Microphone access for audio recording |
22
+ | `nfc` | ✅ | ✅ | NFC chip reading (document verification) |
23
+
24
+ ## API Reference
25
+
26
+ ### Request Methods
27
+
28
+ #### `requestPermission(permission: PermissionType): Promise<boolean>`
29
+
30
+ Request a single permission. Returns `true` if granted, `false` if denied.
31
+
32
+ ```typescript
33
+ import PermissionManager from '../../Shared/Libs/permissions.utils';
34
+
35
+ const hasCamera = await PermissionManager.requestPermission('camera');
36
+ if (!hasCamera) {
37
+ console.log('Camera permission denied');
38
+ }
39
+ ```
40
+
41
+ #### `requestPermissions(permissions: PermissionType[]): Promise<Map<PermissionType, boolean>>`
42
+
43
+ Request multiple permissions at once. Returns a Map with permission status for each.
44
+
45
+ ```typescript
46
+ const results = await PermissionManager.requestPermissions([
47
+ 'camera',
48
+ 'microphone',
49
+ ]);
50
+ const hasCamera = results.get('camera') ?? false;
51
+ const hasMicrophone = results.get('microphone') ?? false;
52
+ ```
53
+
54
+ #### `requestCameraAndMicrophone(): Promise<boolean>`
55
+
56
+ **⭐ Convenience method** — Request camera and microphone together (common for video recording). Returns `true` only if BOTH are granted.
57
+
58
+ ```typescript
59
+ const hasBothPermissions = await PermissionManager.requestCameraAndMicrophone();
60
+ if (!hasBothPermissions) {
61
+ showError('Camera and microphone access required for video call');
62
+ }
63
+ ```
64
+
65
+ #### `requestCamera(): Promise<boolean>`
66
+
67
+ Request camera permission only.
68
+
69
+ ```typescript
70
+ const hasCamera = await PermissionManager.requestCamera();
71
+ ```
72
+
73
+ #### `requestMicrophone(): Promise<boolean>`
74
+
75
+ Request microphone permission only.
76
+
77
+ ```typescript
78
+ const hasMicrophone = await PermissionManager.requestMicrophone();
79
+ ```
80
+
81
+ #### `requestNFC(): Promise<boolean>`
82
+
83
+ Request NFC permission for document verification.
84
+
85
+ ```typescript
86
+ const hasNFC = await PermissionManager.requestNFC();
87
+ ```
88
+
89
+ #### `requestWithFallback(permission: PermissionType, onDenied?: () => void): Promise<boolean>`
90
+
91
+ Request permission with custom callback when denied.
92
+
93
+ ```typescript
94
+ const granted = await PermissionManager.requestWithFallback('camera', () => {
95
+ showAlert('Camera access is required for verification');
96
+ });
97
+ ```
98
+
99
+ ### Check Methods (Non-requesting)
100
+
101
+ Check if a permission is already granted without requesting.
102
+
103
+ #### `checkPermission(permission: PermissionType): Promise<boolean>`
104
+
105
+ Check a single permission status.
106
+
107
+ ```typescript
108
+ const hasCamera = await PermissionManager.checkPermission('camera');
109
+ ```
110
+
111
+ #### `hasCameraAndMicrophone(): Promise<boolean>`
112
+
113
+ Check if both camera and microphone are granted.
114
+
115
+ ```typescript
116
+ const ready = await PermissionManager.hasCameraAndMicrophone();
117
+ ```
118
+
119
+ #### `hasCamera(): Promise<boolean>`
120
+
121
+ Check if camera is granted.
122
+
123
+ ```typescript
124
+ const hasCamera = await PermissionManager.hasCamera();
125
+ ```
126
+
127
+ #### `hasMicrophone(): Promise<boolean>`
128
+
129
+ Check if microphone is granted.
130
+
131
+ ```typescript
132
+ const hasMicrophone = await PermissionManager.hasMicrophone();
133
+ ```
134
+
135
+ #### `hasNFC(): Promise<boolean>`
136
+
137
+ Check if NFC is granted.
138
+
139
+ ```typescript
140
+ const hasNFC = await PermissionManager.hasNFC();
141
+ ```
142
+
143
+ ## Common Patterns
144
+
145
+ ### Pattern 1: Video Call Setup (Camera + Microphone)
146
+
147
+ ```typescript
148
+ import PermissionManager from '../../Shared/Libs/permissions.utils';
149
+
150
+ async function initializeVideoCall() {
151
+ const hasBothPermissions =
152
+ await PermissionManager.requestCameraAndMicrophone();
153
+
154
+ if (!hasBothPermissions) {
155
+ setConnectionState('permissions_denied');
156
+ return;
157
+ }
158
+
159
+ // Proceed with video call initialization
160
+ const stream = await service.initialize();
161
+ setLocalStream(stream);
162
+ }
163
+ ```
164
+
165
+ ### Pattern 2: Document Verification (NFC)
166
+
167
+ ```typescript
168
+ const hasNFC = await PermissionManager.requestNFC();
169
+
170
+ if (!hasNFC) {
171
+ showError('NFC access required to read document');
172
+ return;
173
+ }
174
+
175
+ const result = await readNFCChip();
176
+ ```
177
+
178
+ ### Pattern 3: Check Before Requesting
179
+
180
+ ```typescript
181
+ // First check if permission is already granted
182
+ const alreadyHasCamera = await PermissionManager.checkPermission('camera');
183
+
184
+ if (alreadyHasCamera) {
185
+ // Skip request dialog
186
+ startCamera();
187
+ } else {
188
+ // Request permission (shows OS dialog)
189
+ const granted = await PermissionManager.requestCamera();
190
+ if (granted) {
191
+ startCamera();
192
+ } else {
193
+ showErrorMessage('Camera access required');
194
+ }
195
+ }
196
+ ```
197
+
198
+ ## Platform Implementation Details
199
+
200
+ ### iOS
201
+
202
+ Uses the `react-native-permissions` library with `RNPermissions` module.
203
+
204
+ **Permissions layout location**: `ios/App.xcodeproj/Info.plist`
205
+
206
+ Required Info.plist keys:
207
+
208
+ - `NSCameraUsageDescription` — Camera access explanation
209
+ - `NSMicrophoneUsageDescription` — Microphone access explanation
210
+ - `NFCReaderUsageDescription` — NFC access explanation
211
+
212
+ ### Android
213
+
214
+ Uses built-in `PermissionsAndroid` from React Native core.
215
+
216
+ **Permissions manifest location**: `android/app/src/main/AndroidManifest.xml`
217
+
218
+ Required manifest permissions:
219
+
220
+ - `android.permission.CAMERA` — Camera access
221
+ - `android.permission.RECORD_AUDIO` — Microphone access
222
+ - `android.permission.NFC` — NFC chip reading
223
+
224
+ ## Error Handling
225
+
226
+ The PermissionManager handles errors internally and logs them using the debug utility. All methods return clear boolean or Map results so you can check status directly:
227
+
228
+ ```typescript
229
+ const granted = await PermissionManager.requestCamera();
230
+
231
+ // Simple check
232
+ if (!granted) {
233
+ // Handle permission denied
234
+ }
235
+ ```
236
+
237
+ ## Best Practices
238
+
239
+ 1. ✅ **Use convenience methods** — `requestCameraAndMicrophone()` instead of manually requesting both
240
+ 2. ✅ **Request at the right time** — Request permissions when the feature is about to be used
241
+ 3. ✅ **Check before requesting** — Use `checkPermission()` if you want to skip the OS dialog
242
+ 4. ✅ **Handle denial gracefully** — Always provide clear error messages when permissions are denied
243
+ 5. ✅ **Use the centralized manager** — Never import React Native permissions directly; always use PermissionManager
244
+
245
+ ## Troubleshooting
246
+
247
+ ### Permission request dialog not appearing
248
+
249
+ - Check that you're using `request*` methods, not `check*` methods
250
+ - Verify the permission is in the app's manifest (Android) or Info.plist (iOS)
251
+ - Test on a device where the permission hasn't been granted yet
252
+
253
+ ### Camera/Microphone not working after permission granted
254
+
255
+ - Check that you're handling successful permission grant and initializing the feature
256
+ - Verify other features aren't holding exclusive access to the device
257
+
258
+ ### NFC not working on iOS
259
+
260
+ - Ensure `NFCReaderUsageDescription` is set in Info.plist
261
+ - The app must be signed with proper entitlements for NFC
262
+ - NFC requires iPhone XS or later
263
+
264
+ ## Related Files
265
+
266
+ - `src/Screens/Dynamic/VideoCallScreen.tsx` — Example usage with video calls
267
+ - `src/Shared/Libs/index.ts` — Exported for easy importing
268
+ - `src/Shared/Libs/debug.utils.ts` — Used internally for debug logging
@@ -289,6 +289,10 @@ const STEP_EVENT_MAP: Record<
289
289
  started: AnalyticsEventName.LIVENESS_CHECK_STARTED,
290
290
  completed: AnalyticsEventName.LIVENESS_CHECK_COMPLETED,
291
291
  },
292
+ verbal_consent: {
293
+ started: AnalyticsEventName.VERBAL_CONSENT_VIDEO_STARTED,
294
+ completed: AnalyticsEventName.VERBAL_CONSENT_VIDEO_COMPLETED,
295
+ },
292
296
  video_call: {
293
297
  started: AnalyticsEventName.VIDEO_CALL_STARTED,
294
298
  completed: AnalyticsEventName.VIDEO_CALL_COMPLETED,