aadhaar-react-scanner 1.0.0

package/README.md

@@ -0,0 +1,54 @@
+# Aadhaar React Scanner
+
+A pure Javascript, zero-backend, client-side library to decode Aadhaar Secure QR codes, extract biometric JP2 photos, cryptographically verify UIDAI signatures, and render a beautiful 3D virtual identity card.
+
+## Features
+- **Local Decoding**: Decodes the massive Aadhaar integer strings into raw demographic data completely offline.
+- **JP2 Photo Extraction**: The only JS library that natively decodes the embedded JPEG 2000 biometric photo into a web-friendly PNG entirely in the browser using HTML5 Canvas.
+- **UIDAI Cryptographic Verification**: Uses the Web Crypto API to automatically verify the 256-byte RSA signature against the historical database of official UIDAI public keys.
+- **Backward Compatible**: Supports parsing older XML-format Aadhaar QR codes out of the box.
+- **3D React UI**: Comes with a hyper-realistic, glare-enabled, interactive 3D Aadhaar Card component.
+
+## Installation
+
+```bash
+npm install aadhaar-react-scanner
+```
+
+## Usage
+
+### 1. Decoding the QR Data
+Pass the raw QR string (either the massive integer or the old XML string) directly into the decoder.
+
+```typescript
+import { decodeAadhaarQR } from 'aadhaar-react-scanner';
+
+const rawQrString = "697941..."; // Scanned from the QR code
+
+const verify = async () => {
+  const result = await decodeAadhaarQR(rawQrString);
+  
+  if (result.success) {
+    console.log("Resident Name:", result.data.name);
+    console.log("Valid Signature?", result.data.signature_valid);
+  } else {
+    console.error("Failed to decode:", result.error);
+  }
+}
+```
+
+### 2. Displaying the 3D Card
+If the decode is successful, pass the data directly into the React component to render a stunning virtual card.
+
+```tsx
+import { VirtualAadhaarCard } from 'aadhaar-react-scanner';
+
+function MyVerificationPage() {
+  // Assuming 'result.data' from decodeAadhaarQR
+  return <VirtualAadhaarCard data={result.data} />;
+}
+```
+
+## Security
+This library is entirely client-side. No data is ever transmitted to any external servers. The cryptographic signature verification ensures that any manipulated QR data is immediately flagged as a `Signature Mismatch`.
+# aadharreader

package/dist/index.d.mts

@@ -0,0 +1,30 @@
+interface AadhaarData {
+    email_mobile_indicator?: string;
+    reference_id?: string;
+    name?: string;
+    dob?: string;
+    gender?: string;
+    care_of?: string;
+    district?: string;
+    landmark?: string;
+    house?: string;
+    location?: string;
+    pincode?: string;
+    post_office?: string;
+    state?: string;
+    street?: string;
+    sub_district?: string;
+    vtc?: string;
+    aadhaar_last4?: string;
+    photo_base64?: string;
+    photo_mime?: string;
+    signature_valid?: boolean;
+}
+interface DecodeResult {
+    success: boolean;
+    data?: AadhaarData;
+    error?: string;
+}
+declare function decodeAadhaarQR(qrString: string): Promise<DecodeResult>;
+
+export { type AadhaarData, type DecodeResult, decodeAadhaarQR };

package/dist/index.d.ts

@@ -0,0 +1,30 @@
+interface AadhaarData {
+    email_mobile_indicator?: string;
+    reference_id?: string;
+    name?: string;
+    dob?: string;
+    gender?: string;
+    care_of?: string;
+    district?: string;
+    landmark?: string;
+    house?: string;
+    location?: string;
+    pincode?: string;
+    post_office?: string;
+    state?: string;
+    street?: string;
+    sub_district?: string;
+    vtc?: string;
+    aadhaar_last4?: string;
+    photo_base64?: string;
+    photo_mime?: string;
+    signature_valid?: boolean;
+}
+interface DecodeResult {
+    success: boolean;
+    data?: AadhaarData;
+    error?: string;
+}
+declare function decodeAadhaarQR(qrString: string): Promise<DecodeResult>;
+
+export { type AadhaarData, type DecodeResult, decodeAadhaarQR };

package/dist/index.js

@@ -0,0 +1,294 @@
+var __create = Object.create;
+var __defProp = Object.defineProperty;
+var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __getProtoOf = Object.getPrototypeOf;
+var __hasOwnProp = Object.prototype.hasOwnProperty;
+var __export = (target, all) => {
+  for (var name in all)
+    __defProp(target, name, { get: all[name], enumerable: true });
+};
+var __copyProps = (to, from, except, desc) => {
+  if (from && typeof from === "object" || typeof from === "function") {
+    for (let key of __getOwnPropNames(from))
+      if (!__hasOwnProp.call(to, key) && key !== except)
+        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
+  }
+  return to;
+};
+var __toESM = (mod, isNodeMode, target) => (target = mod != null ? __create(__getProtoOf(mod)) : {}, __copyProps(
+  // If the importer is in node compatibility mode or this is not an ESM
+  // file that has been converted to a CommonJS file using a Babel-
+  // compatible transform (i.e. "__esModule" has not been set), then set
+  // "default" to the CommonJS "module.exports" for node compatibility.
+  isNodeMode || !mod || !mod.__esModule ? __defProp(target, "default", { value: mod, enumerable: true }) : target,
+  mod
+));
+var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
+
+// src/index.ts
+var index_exports = {};
+__export(index_exports, {
+  decodeAadhaarQR: () => decodeAadhaarQR
+});
+module.exports = __toCommonJS(index_exports);
+
+// src/decoder.ts
+var pako = __toESM(require("pako"));
+var import_jpeg2000 = require("jpeg2000");
+var import_buffer = require("buffer");
+function bigIntToBytes(bigIntStr) {
+  let hex = BigInt(bigIntStr.trim()).toString(16);
+  if (hex.length % 2 !== 0) {
+    hex = "0" + hex;
+  }
+  const len = hex.length / 2;
+  const u8 = new Uint8Array(len);
+  for (let i = 0; i < len; i++) {
+    u8[i] = parseInt(hex.substring(i * 2, i * 2 + 2), 16);
+  }
+  return u8;
+}
+function jp2ToDataURL(jp2Bytes) {
+  const jpx = new import_jpeg2000.JpxImage();
+  const buf = import_buffer.Buffer.from(jp2Bytes);
+  jpx.parse(buf);
+  const width = jpx.width;
+  const height = jpx.height;
+  const componentsCount = jpx.componentsCount;
+  const tiles = jpx.tiles;
+  if (!tiles || tiles.length === 0) throw new Error("No tiles found in JP2");
+  const items = tiles[0].items;
+  const canvas = document.createElement("canvas");
+  canvas.width = width;
+  canvas.height = height;
+  const ctx = canvas.getContext("2d");
+  if (!ctx) throw new Error("Canvas context not available");
+  const imgData = ctx.createImageData(width, height);
+  const data = imgData.data;
+  if (componentsCount === 3 || componentsCount === 4) {
+    const step = componentsCount;
+    for (let i = 0, j = 0; i < items.length; i += step, j += 4) {
+      data[j] = items[i];
+      data[j + 1] = items[i + 1];
+      data[j + 2] = items[i + 2];
+      data[j + 3] = componentsCount === 4 ? items[i + 3] : 255;
+    }
+  } else if (componentsCount === 1) {
+    for (let i = 0, j = 0; i < items.length; i++, j += 4) {
+      const val = items[i];
+      data[j] = val;
+      data[j + 1] = val;
+      data[j + 2] = val;
+      data[j + 3] = 255;
+    }
+  } else {
+    throw new Error("Unsupported components count: " + componentsCount);
+  }
+  ctx.putImageData(imgData, 0, 0);
+  return canvas.toDataURL("image/png");
+}
+var UIDAI_PUBLIC_KEYS = [
+  "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh1+zYnvbcEm0Yz73s5u42odpUJMr9wv5bVw7sOE5nFNbrB+U++5I0f8cL2HoHnJOkwvLZzrD0jG/vxAKi6vii/gjEzUEgrkdIHxMP3D6GJs0MSQHiEXvIGOwPIH3BLtBOc3m28NVNT6Q9iq0gUwuxnlhV38UdNhCllqNYhWmAMPJkImgaKrRZvY2pWNs6gd+PlAF/9SO69x3+1meA8kPk2ZvQanZlx9tfaExeOe9or3NQiKy2+UbtXrpcoAfYbbWi1OUzXi5bJdhbGp239c1fX6UKyUM5IUMY+m3I7wu2WQ7lmeO2n/vwzQz/PKHXPWYu3bydWMLdCi07vOQBqzCKwIDAQAB",
+  "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv1DSK9/qrW8RX1vDZMsE8xiiyJlj+6xxDtu+nSZDW9C/iajSqJ2QgLvRgweTw4suzzxZQseOE+kbqlbesNHc0lQjt9T+CGYrUTCbMI/a3zZbr3vPxz3VlN7iqr8U6ISUN53x+6qAc4Z/Pc66IqJA6zXBPKFZiHHMmi00eM14HgNWrLEkYHE5geBmBgEevznskS4Q+sJVX+4seJ/zadc35O4G6gvWZatlsB5STGSdes4TqF1k0FV4a0CF7vAzpUA4EtQohl6dnKWpfWYAJUxbSrH1OCLFBn1ABe9Yw5iZkIMFYauhyFzP16XCiG91TPoORIJ8ssIR9uf21o6rD82OJwIDAQAB",
+  "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmMIJKj28JcTN1B72p2/pgzDCoguhs/rbIXgN/ybNNh0NVOrZV2KllrmT5VOYlMrABpvIp7JU/n6hma3/O14n7nvngJ/y3colh8rk7msDwVAO7ZuVD+GCzfaYPLLkUS+wqH7M7FOHIn/pyJo1Rkxm98lO3dyox5RuLG2Uqm7JfVIomm0t7QKJoM5rf8JNvPXdwsxN89eWlT2Bf7BF//G3FKiF7ZHfvIyyqte/3orRRG/M80QqLrDP1RIeOa53ZTgILXcyQOb2yZOqNH3iN2uSKRsusNO17To5FOb2J9Hd5wIMuDv3zw4MWTrKAWuTYon90QSeGRKv1d5AQNRt0x5dSwIDAQAB",
+  "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv0HjbFpvu/kR+gTI2+svGNmW4eZHhTVBG/N+byaq3GH0SDM+jO5RW4BbXNzaSKc0I5mIyN1vQf2KmNV/3Xai6MokiiZrBRfM8a497zCMteHTAzSP1L0DmohUuBQh/s1hfqRIIWpfEu7noW2G8toK0ZOQR1E0FtinWNtqEeuxlNEKgfxkN4/vRzgvGFw+PPcoG5uMdcd7/DjDE1i20zmT+55DgIBrneCwrW7nIM0Md3BPOTV8iBwzjdVcdDHhMtSpi9UKUHw80sDRZp7ygB4Z0QmhSxCMCg9g7KPHYY+PVRC2sFreZBC6rtmIL+HMUPciRCCqMZLx3f6xRSD97lZr/wIDAQAB",
+  "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAonIsDl8t5bpwftk/A27CsfC5VZMjkPrMDwvL8gyAoVwIi0iGhmty6yWrC/VaL+Brae29XMg7dMdwnbIUHmwHxovN+FnT2vfz/O0kHQcgVdwVSIR0tFwsmC+pVKpSqm//skgYYcZQhdhLZBWOn0PZ81ymm0jOkwBSIQKkyuCTv/1HSwjTLR0EBvaH9+Vb0iaiOEv1ikHDhMOXTxx8URWBnJJt463z7LuZBMSG8fXVMDl3vqY1hDZzKbXBaK/clRIXMff0jUOvfPMfabHju+eUnceosQwL3eurq96+oHahz4FmrfBqikHe3xQ7/4NdvSvVuwth0kcsI0ptRBG8m1NglQIDAQAB"
+];
+async function verifySignature(signedData, signature) {
+  try {
+    for (const pem of UIDAI_PUBLIC_KEYS) {
+      const binaryDerString = window.atob(pem);
+      const binaryDer = new Uint8Array(binaryDerString.length);
+      for (let i = 0; i < binaryDerString.length; i++) {
+        binaryDer[i] = binaryDerString.charCodeAt(i);
+      }
+      try {
+        const key = await window.crypto.subtle.importKey(
+          "spki",
+          binaryDer.buffer,
+          {
+            name: "RSASSA-PKCS1-v1_5",
+            hash: "SHA-256"
+          },
+          false,
+          ["verify"]
+        );
+        const isValid = await window.crypto.subtle.verify(
+          "RSASSA-PKCS1-v1_5",
+          key,
+          signature,
+          signedData
+        );
+        if (isValid) return true;
+      } catch (err) {
+      }
+    }
+    return false;
+  } catch (e) {
+    console.error("Signature verification failed:", e);
+    return false;
+  }
+}
+async function decodeAadhaarQR(qrString) {
+  try {
+    const rawQr = qrString.trim();
+    if (rawQr.startsWith("<")) {
+      const parser = new DOMParser();
+      const xmlDoc = parser.parseFromString(rawQr, "text/xml");
+      const parseError = xmlDoc.getElementsByTagName("parsererror");
+      if (parseError.length > 0) {
+        return { success: false, error: "Failed to parse XML data" };
+      }
+      const root = xmlDoc.documentElement;
+      const result2 = {};
+      const fieldMap = {
+        "uid": "aadhaar_last4",
+        // We'll extract last 4 below
+        "name": "name",
+        "gender": "gender",
+        "yob": "dob",
+        // Fallback if dob isn't present
+        "dob": "dob",
+        "co": "care_of",
+        "house": "house",
+        "street": "street",
+        "lm": "landmark",
+        "loc": "location",
+        "vtc": "vtc",
+        "po": "post_office",
+        "dist": "district",
+        "subdist": "sub_district",
+        "state": "state",
+        "pc": "pincode"
+      };
+      for (const [xmlKey, resKey] of Object.entries(fieldMap)) {
+        const val = root.getAttribute(xmlKey);
+        if (val) {
+          result2[resKey] = val;
+        }
+      }
+      if (root.getAttribute("uid") && root.getAttribute("uid").length >= 4) {
+        result2.aadhaar_last4 = root.getAttribute("uid").slice(-4);
+      }
+      return { success: true, data: result2 };
+    }
+    const isSecure = rawQr.match(/^\d{100,}$/);
+    if (!isSecure) {
+      return { success: false, error: "Invalid QR string format." };
+    }
+    const rawBytes = bigIntToBytes(rawQr);
+    let decompressed = null;
+    const windowBitsOptions = [15, -15, 31, 47];
+    for (let pad = 0; pad < 4; pad++) {
+      let paddedBytes = rawBytes;
+      if (pad > 0) {
+        paddedBytes = new Uint8Array(rawBytes.length + pad);
+        paddedBytes.set(rawBytes, pad);
+      }
+      for (const wbits of windowBitsOptions) {
+        try {
+          decompressed = pako.inflate(paddedBytes, { windowBits: wbits });
+          break;
+        } catch (e) {
+        }
+      }
+      if (decompressed) break;
+    }
+    if (!decompressed) {
+      return { success: false, error: "Failed to decompress Aadhaar data (Zlib error)" };
+    }
+    const signedData = decompressed.slice(0, -256);
+    const signature = decompressed.slice(-256);
+    const data = signedData;
+    const DELIMITER = 255;
+    let parts = [];
+    let start = 0;
+    let dob_idx = -1;
+    for (let i = 0; i < data.length; i++) {
+      if (data[i] === DELIMITER) {
+        const valBytes = data.slice(start, i);
+        const val = Array.from(valBytes).map((b) => String.fromCharCode(b)).join("");
+        parts.push(val);
+        start = i + 1;
+        if (dob_idx === -1 && ["M", "F", "T"].includes(val) && parts.length > 3) {
+          dob_idx = parts.length - 2;
+        }
+        if (dob_idx !== -1 && parts.length === dob_idx + 13) {
+          start = i + 1;
+          break;
+        }
+      }
+    }
+    const result = {};
+    result.email_mobile_indicator = parts[0];
+    if (dob_idx !== -1) {
+      const getP = (i) => i < parts.length ? parts[i].trim() : "";
+      result.reference_id = getP(dob_idx - 2);
+      result.name = getP(dob_idx - 1);
+      result.dob = getP(dob_idx);
+      result.gender = getP(dob_idx + 1);
+      result.care_of = getP(dob_idx + 2);
+      result.district = getP(dob_idx + 3);
+      result.landmark = getP(dob_idx + 4);
+      result.house = getP(dob_idx + 5);
+      result.location = getP(dob_idx + 6);
+      result.pincode = getP(dob_idx + 7);
+      result.post_office = getP(dob_idx + 8);
+      result.state = getP(dob_idx + 9);
+      result.street = getP(dob_idx + 10);
+      result.sub_district = getP(dob_idx + 11);
+      result.vtc = getP(dob_idx + 12);
+    }
+    if (result.reference_id && result.reference_id.length >= 4) {
+      result.aadhaar_last4 = result.reference_id.substring(0, 4);
+    }
+    if (start < data.length) {
+      let tail = data.length;
+      const ind = parseInt(parts[0], 10) || 0;
+      if (ind === 3) tail -= 64;
+      else if (ind === 1 || ind === 2) tail -= 32;
+      let photoBytes = data.slice(start, tail);
+      let photoStart = -1;
+      for (let j = 0; j < photoBytes.length - 3; j++) {
+        if (photoBytes[j] === 255 && photoBytes[j + 1] === 79 && photoBytes[j + 2] === 255 && photoBytes[j + 3] === 81) {
+          photoStart = j;
+          break;
+        }
+      }
+      if (photoStart === -1) {
+        for (let j = 0; j < photoBytes.length - 7; j++) {
+          if (photoBytes[j] === 0 && photoBytes[j + 1] === 0 && photoBytes[j + 2] === 0 && photoBytes[j + 3] === 12 && photoBytes[j + 4] === 106 && photoBytes[j + 5] === 80 && photoBytes[j + 6] === 32 && photoBytes[j + 7] === 32) {
+            photoStart = j;
+            break;
+          }
+        }
+      }
+      if (photoStart !== -1) {
+        photoBytes = photoBytes.slice(photoStart);
+      }
+      try {
+        const dataUrl = jp2ToDataURL(photoBytes);
+        result.photo_base64 = dataUrl.split(",")[1];
+        result.photo_mime = "image/png";
+      } catch (err) {
+        console.error("Canvas JP2 decoding failed:", err);
+        const CHUNK_SIZE = 32768;
+        let c = [];
+        for (let i = 0; i < photoBytes.length; i += CHUNK_SIZE) {
+          c.push(String.fromCharCode.apply(null, Array.from(photoBytes.subarray(i, i + CHUNK_SIZE))));
+        }
+        result.photo_base64 = btoa(c.join(""));
+        result.photo_mime = "image/jp2";
+      }
+    }
+    result.signature_valid = await verifySignature(signedData, signature);
+    return { success: true, data: result };
+  } catch (error) {
+    return { success: false, error: error.message || "Unknown error occurred during parsing" };
+  }
+}
+// Annotate the CommonJS export names for ESM import in node:
+0 && (module.exports = {
+  decodeAadhaarQR
+});

package/dist/index.mjs

@@ -0,0 +1,258 @@
+// src/decoder.ts
+import * as pako from "pako";
+import { JpxImage } from "jpeg2000";
+import { Buffer } from "buffer";
+function bigIntToBytes(bigIntStr) {
+  let hex = BigInt(bigIntStr.trim()).toString(16);
+  if (hex.length % 2 !== 0) {
+    hex = "0" + hex;
+  }
+  const len = hex.length / 2;
+  const u8 = new Uint8Array(len);
+  for (let i = 0; i < len; i++) {
+    u8[i] = parseInt(hex.substring(i * 2, i * 2 + 2), 16);
+  }
+  return u8;
+}
+function jp2ToDataURL(jp2Bytes) {
+  const jpx = new JpxImage();
+  const buf = Buffer.from(jp2Bytes);
+  jpx.parse(buf);
+  const width = jpx.width;
+  const height = jpx.height;
+  const componentsCount = jpx.componentsCount;
+  const tiles = jpx.tiles;
+  if (!tiles || tiles.length === 0) throw new Error("No tiles found in JP2");
+  const items = tiles[0].items;
+  const canvas = document.createElement("canvas");
+  canvas.width = width;
+  canvas.height = height;
+  const ctx = canvas.getContext("2d");
+  if (!ctx) throw new Error("Canvas context not available");
+  const imgData = ctx.createImageData(width, height);
+  const data = imgData.data;
+  if (componentsCount === 3 || componentsCount === 4) {
+    const step = componentsCount;
+    for (let i = 0, j = 0; i < items.length; i += step, j += 4) {
+      data[j] = items[i];
+      data[j + 1] = items[i + 1];
+      data[j + 2] = items[i + 2];
+      data[j + 3] = componentsCount === 4 ? items[i + 3] : 255;
+    }
+  } else if (componentsCount === 1) {
+    for (let i = 0, j = 0; i < items.length; i++, j += 4) {
+      const val = items[i];
+      data[j] = val;
+      data[j + 1] = val;
+      data[j + 2] = val;
+      data[j + 3] = 255;
+    }
+  } else {
+    throw new Error("Unsupported components count: " + componentsCount);
+  }
+  ctx.putImageData(imgData, 0, 0);
+  return canvas.toDataURL("image/png");
+}
+var UIDAI_PUBLIC_KEYS = [
+  "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh1+zYnvbcEm0Yz73s5u42odpUJMr9wv5bVw7sOE5nFNbrB+U++5I0f8cL2HoHnJOkwvLZzrD0jG/vxAKi6vii/gjEzUEgrkdIHxMP3D6GJs0MSQHiEXvIGOwPIH3BLtBOc3m28NVNT6Q9iq0gUwuxnlhV38UdNhCllqNYhWmAMPJkImgaKrRZvY2pWNs6gd+PlAF/9SO69x3+1meA8kPk2ZvQanZlx9tfaExeOe9or3NQiKy2+UbtXrpcoAfYbbWi1OUzXi5bJdhbGp239c1fX6UKyUM5IUMY+m3I7wu2WQ7lmeO2n/vwzQz/PKHXPWYu3bydWMLdCi07vOQBqzCKwIDAQAB",
+  "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv1DSK9/qrW8RX1vDZMsE8xiiyJlj+6xxDtu+nSZDW9C/iajSqJ2QgLvRgweTw4suzzxZQseOE+kbqlbesNHc0lQjt9T+CGYrUTCbMI/a3zZbr3vPxz3VlN7iqr8U6ISUN53x+6qAc4Z/Pc66IqJA6zXBPKFZiHHMmi00eM14HgNWrLEkYHE5geBmBgEevznskS4Q+sJVX+4seJ/zadc35O4G6gvWZatlsB5STGSdes4TqF1k0FV4a0CF7vAzpUA4EtQohl6dnKWpfWYAJUxbSrH1OCLFBn1ABe9Yw5iZkIMFYauhyFzP16XCiG91TPoORIJ8ssIR9uf21o6rD82OJwIDAQAB",
+  "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmMIJKj28JcTN1B72p2/pgzDCoguhs/rbIXgN/ybNNh0NVOrZV2KllrmT5VOYlMrABpvIp7JU/n6hma3/O14n7nvngJ/y3colh8rk7msDwVAO7ZuVD+GCzfaYPLLkUS+wqH7M7FOHIn/pyJo1Rkxm98lO3dyox5RuLG2Uqm7JfVIomm0t7QKJoM5rf8JNvPXdwsxN89eWlT2Bf7BF//G3FKiF7ZHfvIyyqte/3orRRG/M80QqLrDP1RIeOa53ZTgILXcyQOb2yZOqNH3iN2uSKRsusNO17To5FOb2J9Hd5wIMuDv3zw4MWTrKAWuTYon90QSeGRKv1d5AQNRt0x5dSwIDAQAB",
+  "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv0HjbFpvu/kR+gTI2+svGNmW4eZHhTVBG/N+byaq3GH0SDM+jO5RW4BbXNzaSKc0I5mIyN1vQf2KmNV/3Xai6MokiiZrBRfM8a497zCMteHTAzSP1L0DmohUuBQh/s1hfqRIIWpfEu7noW2G8toK0ZOQR1E0FtinWNtqEeuxlNEKgfxkN4/vRzgvGFw+PPcoG5uMdcd7/DjDE1i20zmT+55DgIBrneCwrW7nIM0Md3BPOTV8iBwzjdVcdDHhMtSpi9UKUHw80sDRZp7ygB4Z0QmhSxCMCg9g7KPHYY+PVRC2sFreZBC6rtmIL+HMUPciRCCqMZLx3f6xRSD97lZr/wIDAQAB",
+  "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAonIsDl8t5bpwftk/A27CsfC5VZMjkPrMDwvL8gyAoVwIi0iGhmty6yWrC/VaL+Brae29XMg7dMdwnbIUHmwHxovN+FnT2vfz/O0kHQcgVdwVSIR0tFwsmC+pVKpSqm//skgYYcZQhdhLZBWOn0PZ81ymm0jOkwBSIQKkyuCTv/1HSwjTLR0EBvaH9+Vb0iaiOEv1ikHDhMOXTxx8URWBnJJt463z7LuZBMSG8fXVMDl3vqY1hDZzKbXBaK/clRIXMff0jUOvfPMfabHju+eUnceosQwL3eurq96+oHahz4FmrfBqikHe3xQ7/4NdvSvVuwth0kcsI0ptRBG8m1NglQIDAQAB"
+];
+async function verifySignature(signedData, signature) {
+  try {
+    for (const pem of UIDAI_PUBLIC_KEYS) {
+      const binaryDerString = window.atob(pem);
+      const binaryDer = new Uint8Array(binaryDerString.length);
+      for (let i = 0; i < binaryDerString.length; i++) {
+        binaryDer[i] = binaryDerString.charCodeAt(i);
+      }
+      try {
+        const key = await window.crypto.subtle.importKey(
+          "spki",
+          binaryDer.buffer,
+          {
+            name: "RSASSA-PKCS1-v1_5",
+            hash: "SHA-256"
+          },
+          false,
+          ["verify"]
+        );
+        const isValid = await window.crypto.subtle.verify(
+          "RSASSA-PKCS1-v1_5",
+          key,
+          signature,
+          signedData
+        );
+        if (isValid) return true;
+      } catch (err) {
+      }
+    }
+    return false;
+  } catch (e) {
+    console.error("Signature verification failed:", e);
+    return false;
+  }
+}
+async function decodeAadhaarQR(qrString) {
+  try {
+    const rawQr = qrString.trim();
+    if (rawQr.startsWith("<")) {
+      const parser = new DOMParser();
+      const xmlDoc = parser.parseFromString(rawQr, "text/xml");
+      const parseError = xmlDoc.getElementsByTagName("parsererror");
+      if (parseError.length > 0) {
+        return { success: false, error: "Failed to parse XML data" };
+      }
+      const root = xmlDoc.documentElement;
+      const result2 = {};
+      const fieldMap = {
+        "uid": "aadhaar_last4",
+        // We'll extract last 4 below
+        "name": "name",
+        "gender": "gender",
+        "yob": "dob",
+        // Fallback if dob isn't present
+        "dob": "dob",
+        "co": "care_of",
+        "house": "house",
+        "street": "street",
+        "lm": "landmark",
+        "loc": "location",
+        "vtc": "vtc",
+        "po": "post_office",
+        "dist": "district",
+        "subdist": "sub_district",
+        "state": "state",
+        "pc": "pincode"
+      };
+      for (const [xmlKey, resKey] of Object.entries(fieldMap)) {
+        const val = root.getAttribute(xmlKey);
+        if (val) {
+          result2[resKey] = val;
+        }
+      }
+      if (root.getAttribute("uid") && root.getAttribute("uid").length >= 4) {
+        result2.aadhaar_last4 = root.getAttribute("uid").slice(-4);
+      }
+      return { success: true, data: result2 };
+    }
+    const isSecure = rawQr.match(/^\d{100,}$/);
+    if (!isSecure) {
+      return { success: false, error: "Invalid QR string format." };
+    }
+    const rawBytes = bigIntToBytes(rawQr);
+    let decompressed = null;
+    const windowBitsOptions = [15, -15, 31, 47];
+    for (let pad = 0; pad < 4; pad++) {
+      let paddedBytes = rawBytes;
+      if (pad > 0) {
+        paddedBytes = new Uint8Array(rawBytes.length + pad);
+        paddedBytes.set(rawBytes, pad);
+      }
+      for (const wbits of windowBitsOptions) {
+        try {
+          decompressed = pako.inflate(paddedBytes, { windowBits: wbits });
+          break;
+        } catch (e) {
+        }
+      }
+      if (decompressed) break;
+    }
+    if (!decompressed) {
+      return { success: false, error: "Failed to decompress Aadhaar data (Zlib error)" };
+    }
+    const signedData = decompressed.slice(0, -256);
+    const signature = decompressed.slice(-256);
+    const data = signedData;
+    const DELIMITER = 255;
+    let parts = [];
+    let start = 0;
+    let dob_idx = -1;
+    for (let i = 0; i < data.length; i++) {
+      if (data[i] === DELIMITER) {
+        const valBytes = data.slice(start, i);
+        const val = Array.from(valBytes).map((b) => String.fromCharCode(b)).join("");
+        parts.push(val);
+        start = i + 1;
+        if (dob_idx === -1 && ["M", "F", "T"].includes(val) && parts.length > 3) {
+          dob_idx = parts.length - 2;
+        }
+        if (dob_idx !== -1 && parts.length === dob_idx + 13) {
+          start = i + 1;
+          break;
+        }
+      }
+    }
+    const result = {};
+    result.email_mobile_indicator = parts[0];
+    if (dob_idx !== -1) {
+      const getP = (i) => i < parts.length ? parts[i].trim() : "";
+      result.reference_id = getP(dob_idx - 2);
+      result.name = getP(dob_idx - 1);
+      result.dob = getP(dob_idx);
+      result.gender = getP(dob_idx + 1);
+      result.care_of = getP(dob_idx + 2);
+      result.district = getP(dob_idx + 3);
+      result.landmark = getP(dob_idx + 4);
+      result.house = getP(dob_idx + 5);
+      result.location = getP(dob_idx + 6);
+      result.pincode = getP(dob_idx + 7);
+      result.post_office = getP(dob_idx + 8);
+      result.state = getP(dob_idx + 9);
+      result.street = getP(dob_idx + 10);
+      result.sub_district = getP(dob_idx + 11);
+      result.vtc = getP(dob_idx + 12);
+    }
+    if (result.reference_id && result.reference_id.length >= 4) {
+      result.aadhaar_last4 = result.reference_id.substring(0, 4);
+    }
+    if (start < data.length) {
+      let tail = data.length;
+      const ind = parseInt(parts[0], 10) || 0;
+      if (ind === 3) tail -= 64;
+      else if (ind === 1 || ind === 2) tail -= 32;
+      let photoBytes = data.slice(start, tail);
+      let photoStart = -1;
+      for (let j = 0; j < photoBytes.length - 3; j++) {
+        if (photoBytes[j] === 255 && photoBytes[j + 1] === 79 && photoBytes[j + 2] === 255 && photoBytes[j + 3] === 81) {
+          photoStart = j;
+          break;
+        }
+      }
+      if (photoStart === -1) {
+        for (let j = 0; j < photoBytes.length - 7; j++) {
+          if (photoBytes[j] === 0 && photoBytes[j + 1] === 0 && photoBytes[j + 2] === 0 && photoBytes[j + 3] === 12 && photoBytes[j + 4] === 106 && photoBytes[j + 5] === 80 && photoBytes[j + 6] === 32 && photoBytes[j + 7] === 32) {
+            photoStart = j;
+            break;
+          }
+        }
+      }
+      if (photoStart !== -1) {
+        photoBytes = photoBytes.slice(photoStart);
+      }
+      try {
+        const dataUrl = jp2ToDataURL(photoBytes);
+        result.photo_base64 = dataUrl.split(",")[1];
+        result.photo_mime = "image/png";
+      } catch (err) {
+        console.error("Canvas JP2 decoding failed:", err);
+        const CHUNK_SIZE = 32768;
+        let c = [];
+        for (let i = 0; i < photoBytes.length; i += CHUNK_SIZE) {
+          c.push(String.fromCharCode.apply(null, Array.from(photoBytes.subarray(i, i + CHUNK_SIZE))));
+        }
+        result.photo_base64 = btoa(c.join(""));
+        result.photo_mime = "image/jp2";
+      }
+    }
+    result.signature_valid = await verifySignature(signedData, signature);
+    return { success: true, data: result };
+  } catch (error) {
+    return { success: false, error: error.message || "Unknown error occurred during parsing" };
+  }
+}
+export {
+  decodeAadhaarQR
+};

package/package.json

@@ -0,0 +1,38 @@
+{
+  "name": "aadhaar-react-scanner",
+  "version": "1.0.0",
+  "description": "Pure JS local Aadhaar QR parsing, JP2 decoding, and 3D React UI",
+  "main": "./dist/index.js",
+  "module": "./dist/index.mjs",
+  "types": "./dist/index.d.ts",
+  "scripts": {
+    "build": "tsup",
+    "dev": "tsup --watch"
+  },
+  "keywords": [
+    "aadhaar",
+    "qr",
+    "scanner",
+    "react",
+    "uidai",
+    "jp2"
+  ],
+  "author": "",
+  "license": "MIT",
+  "dependencies": {
+    "buffer": "^6.0.3",
+    "jpeg2000": "^1.1.0",
+    "pako": "^2.1.0"
+  },
+  "peerDependencies": {
+    "lucide-react": "^0.462.0",
+    "react": "^18.0.0",
+    "react-dom": "^18.0.0"
+  },
+  "devDependencies": {
+    "@types/react": "^18.0.0",
+    "@types/react-dom": "^18.0.0",
+    "tsup": "^8.0.2",
+    "typescript": "^5.0.0"
+  }
+}

package/src/VirtualAadhaarCard.tsx

@@ -0,0 +1,133 @@
+import React, { useState, useRef } from "react";
+import { ScanFace } from "lucide-react";
+import { AadhaarData } from "./decoder";
+
+// Import assets as base64/data URLs
+import emblemSrc from "./assets/emblem.png";
+import cardBgSrc from "./assets/card-bg.png";
+
+export const VirtualAadhaarCard = ({ data }: { data: AadhaarData }) => {
+  const cardRef = useRef<HTMLDivElement>(null);
+  const [transform, setTransform] = useState("");
+  const [glare, setGlare] = useState("transparent");
+
+  const handleMouseMove = (e: React.MouseEvent<HTMLDivElement>) => {
+    if (!cardRef.current) return;
+    const rect = cardRef.current.getBoundingClientRect();
+    const x = e.clientX - rect.left;
+    const y = e.clientY - rect.top;
+    const centerX = rect.width / 2;
+    const centerY = rect.height / 2;
+    
+    // Rotate max 10 degrees
+    const rotateX = ((y - centerY) / centerY) * -10;
+    const rotateY = ((x - centerX) / centerX) * 10;
+    
+    setTransform(`perspective(1000px) rotateX(${rotateX}deg) rotateY(${rotateY}deg) scale3d(1.02, 1.02, 1.02)`);
+    
+    // Glare
+    const glareX = (x / rect.width) * 100;
+    const glareY = (y / rect.height) * 100;
+    setGlare(`radial-gradient(circle at ${glareX}% ${glareY}%, rgba(255,255,255,0.4) 0%, transparent 50%)`);
+  };
+
+  const handleMouseLeave = () => {
+    setTransform("perspective(1000px) rotateX(0deg) rotateY(0deg) scale3d(1, 1, 1)");
+    setGlare("transparent");
+  };
+
+  const displayAadhaar = data.aadhaar_last4 ? `XXXX XXXX ${data.aadhaar_last4}` : "XXXX XXXX XXXX";
+
+  return (
+    <div className="w-full flex justify-center py-4" style={{ perspective: "1000px" }}>
+      <div 
+        ref={cardRef}
+        onMouseMove={handleMouseMove}
+        onMouseLeave={handleMouseLeave}
+        className="relative w-full max-w-[450px] aspect-[1.58] rounded-xl overflow-hidden shadow-2xl transition-transform duration-200 ease-out text-black border border-[#d2cbbb] select-none"
+        style={{ 
+          transform, 
+          transformStyle: "preserve-3d",
+          backgroundImage: `url('${cardBgSrc}')`,
+          backgroundSize: "cover",
+          backgroundPosition: "center"
+        }}
+      >
+        {/* Glare Overlay */}
+        <div className="absolute inset-0 z-50 pointer-events-none transition-background duration-200 mix-blend-overlay" style={{ background: glare }} />
+
+        {/* Top Header Background */}
+        <div className="absolute top-0 left-0 w-full h-12 flex items-center justify-center pt-2">
+           <div className="flex items-center justify-center gap-2">
+             <img src={emblemSrc} alt="Emblem" className="w-10 h-10 object-contain mix-blend-multiply" />
+             <div className="flex flex-col items-center">
+               <p className="text-[11px] font-bold text-red-700 leading-none mb-[2px]">भारत सरकार</p>
+               <p className="text-[11px] font-bold text-green-700 leading-none">Government of India</p>
+             </div>
+           </div>
+        </div>
+
+        {/* Content */}
+        <div className="absolute top-[3.5rem] left-0 w-full px-5 flex gap-5">
+          {/* Photo Box */}
+          <div className="w-[85px] h-[105px] bg-[#e1dfda] border-2 border-white shadow-sm flex flex-col items-center justify-center overflow-hidden shrink-0 relative">
+             {data.photo_base64 ? (
+               <img 
+                 src={`data:${data.photo_mime || 'image/jp2'};base64,${data.photo_base64}`} 
+                 alt="Resident" 
+                 className="w-full h-full object-cover"
+                 onError={(e) => {
+                   e.currentTarget.style.display = 'none';
+                   const parent = e.currentTarget.parentElement;
+                   if (parent && !parent.querySelector('.fallback-text')) {
+                     const fallback = document.createElement('div');
+                     fallback.className = 'fallback-text text-[8px] text-gray-500 font-bold text-center px-1 uppercase tracking-wider absolute inset-0 flex items-center justify-center bg-[#e1dfda]';
+                     fallback.innerText = 'JP2 Format Unsupported';
+                     parent.appendChild(fallback);
+                   }
+                 }}
+               />
+             ) : (
+               <>
+                 <ScanFace className="w-10 h-10 text-gray-400 mb-1 opacity-50" />
+                 <span className="text-[8px] text-gray-500 font-bold text-center px-1 uppercase tracking-wider">Photo Decode Skipped</span>
+               </>
+             )}
+          </div>
+
+          {/* Details */}
+          <div className="flex-1 flex flex-col pt-1 text-[12px] leading-tight font-sans tracking-wide">
+            <div className="mb-3">
+              <p className="font-extrabold text-[15px] uppercase text-gray-900">{data.name || "N/A"}</p>
+            </div>
+            
+            <div className="flex gap-6 mb-3">
+              <div>
+                <p className="text-gray-500 font-semibold mb-0.5">जन्म तिथि / DOB</p>
+                <p className="font-bold text-gray-900">{data.dob || "N/A"}</p>
+              </div>
+            </div>
+
+            <div className="flex gap-6">
+              <div>
+                <p className="text-gray-500 font-semibold mb-0.5">लिंग / Gender</p>
+                <p className="font-bold text-gray-900">{data.gender || "N/A"}</p>
+              </div>
+            </div>
+          </div>
+        </div>
+
+        {/* Bottom Aadhaar Number & Red Bar */}
+        <div className="absolute bottom-0 left-0 w-full">
+           <div className="text-center mb-1.5">
+             <p className="text-[26px] font-extrabold tracking-[4px] font-mono text-gray-900">{displayAadhaar}</p>
+           </div>
+           <div className="h-1 w-full bg-[#E53E3E]" />
+           <div className="bg-[#E7F3E8] py-1.5 flex items-center justify-center border-t border-green-200">
+             <p className="text-[#E53E3E] font-bold text-[13px] tracking-wide">मेरा <span className="text-gray-900">आधार</span>, <span className="text-gray-900">मेरी पहचान</span></p>
+           </div>
+        </div>
+      </div>
+    </div>
+  );
+};

package/src/decoder.ts

@@ -0,0 +1,336 @@
+import * as pako from 'pako';
+// @ts-ignore
+import { JpxImage } from 'jpeg2000';
+import { Buffer } from 'buffer';
+
+export interface AadhaarData {
+  email_mobile_indicator?: string;
+  reference_id?: string;
+  name?: string;
+  dob?: string;
+  gender?: string;
+  care_of?: string;
+  district?: string;
+  landmark?: string;
+  house?: string;
+  location?: string;
+  pincode?: string;
+  post_office?: string;
+  state?: string;
+  street?: string;
+  sub_district?: string;
+  vtc?: string;
+  aadhaar_last4?: string;
+  photo_base64?: string;
+  photo_mime?: string;
+  signature_valid?: boolean;
+}
+
+export interface DecodeResult {
+  success: boolean;
+  data?: AadhaarData;
+  error?: string;
+}
+
+function bigIntToBytes(bigIntStr: string): Uint8Array {
+  let hex = BigInt(bigIntStr.trim()).toString(16);
+  if (hex.length % 2 !== 0) {
+    hex = '0' + hex;
+  }
+  const len = hex.length / 2;
+  const u8 = new Uint8Array(len);
+  for (let i = 0; i < len; i++) {
+    u8[i] = parseInt(hex.substring(i * 2, i * 2 + 2), 16);
+  }
+  return u8;
+}
+
+function jp2ToDataURL(jp2Bytes: Uint8Array): string {
+  const jpx = new JpxImage();
+  const buf = Buffer.from(jp2Bytes);
+  jpx.parse(buf);
+  
+  const width = jpx.width;
+  const height = jpx.height;
+  const componentsCount = jpx.componentsCount;
+  const tiles = jpx.tiles;
+  if (!tiles || tiles.length === 0) throw new Error("No tiles found in JP2");
+  
+  const items = tiles[0].items;
+
+  const canvas = document.createElement('canvas');
+  canvas.width = width;
+  canvas.height = height;
+  const ctx = canvas.getContext('2d');
+  if (!ctx) throw new Error("Canvas context not available");
+
+  const imgData = ctx.createImageData(width, height);
+  const data = imgData.data;
+
+  if (componentsCount === 3 || componentsCount === 4) {
+      const step = componentsCount;
+      for (let i = 0, j = 0; i < items.length; i += step, j += 4) {
+          data[j] = items[i];
+          data[j + 1] = items[i + 1];
+          data[j + 2] = items[i + 2];
+          data[j + 3] = componentsCount === 4 ? items[i + 3] : 255;
+      }
+  } else if (componentsCount === 1) {
+      for (let i = 0, j = 0; i < items.length; i++, j += 4) {
+          const val = items[i];
+          data[j] = val;
+          data[j + 1] = val;
+          data[j + 2] = val;
+          data[j + 3] = 255;
+      }
+  } else {
+      throw new Error("Unsupported components count: " + componentsCount);
+  }
+
+  ctx.putImageData(imgData, 0, 0);
+  return canvas.toDataURL('image/png');
+}
+
+const UIDAI_PUBLIC_KEYS = [
+  "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh1+zYnvbcEm0Yz73s5u42odpUJMr9wv5bVw7sOE5nFNbrB+U++5I0f8cL2HoHnJOkwvLZzrD0jG/vxAKi6vii/gjEzUEgrkdIHxMP3D6GJs0MSQHiEXvIGOwPIH3BLtBOc3m28NVNT6Q9iq0gUwuxnlhV38UdNhCllqNYhWmAMPJkImgaKrRZvY2pWNs6gd+PlAF/9SO69x3+1meA8kPk2ZvQanZlx9tfaExeOe9or3NQiKy2+UbtXrpcoAfYbbWi1OUzXi5bJdhbGp239c1fX6UKyUM5IUMY+m3I7wu2WQ7lmeO2n/vwzQz/PKHXPWYu3bydWMLdCi07vOQBqzCKwIDAQAB",
+  "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv1DSK9/qrW8RX1vDZMsE8xiiyJlj+6xxDtu+nSZDW9C/iajSqJ2QgLvRgweTw4suzzxZQseOE+kbqlbesNHc0lQjt9T+CGYrUTCbMI/a3zZbr3vPxz3VlN7iqr8U6ISUN53x+6qAc4Z/Pc66IqJA6zXBPKFZiHHMmi00eM14HgNWrLEkYHE5geBmBgEevznskS4Q+sJVX+4seJ/zadc35O4G6gvWZatlsB5STGSdes4TqF1k0FV4a0CF7vAzpUA4EtQohl6dnKWpfWYAJUxbSrH1OCLFBn1ABe9Yw5iZkIMFYauhyFzP16XCiG91TPoORIJ8ssIR9uf21o6rD82OJwIDAQAB",
+  "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmMIJKj28JcTN1B72p2/pgzDCoguhs/rbIXgN/ybNNh0NVOrZV2KllrmT5VOYlMrABpvIp7JU/n6hma3/O14n7nvngJ/y3colh8rk7msDwVAO7ZuVD+GCzfaYPLLkUS+wqH7M7FOHIn/pyJo1Rkxm98lO3dyox5RuLG2Uqm7JfVIomm0t7QKJoM5rf8JNvPXdwsxN89eWlT2Bf7BF//G3FKiF7ZHfvIyyqte/3orRRG/M80QqLrDP1RIeOa53ZTgILXcyQOb2yZOqNH3iN2uSKRsusNO17To5FOb2J9Hd5wIMuDv3zw4MWTrKAWuTYon90QSeGRKv1d5AQNRt0x5dSwIDAQAB",
+  "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv0HjbFpvu/kR+gTI2+svGNmW4eZHhTVBG/N+byaq3GH0SDM+jO5RW4BbXNzaSKc0I5mIyN1vQf2KmNV/3Xai6MokiiZrBRfM8a497zCMteHTAzSP1L0DmohUuBQh/s1hfqRIIWpfEu7noW2G8toK0ZOQR1E0FtinWNtqEeuxlNEKgfxkN4/vRzgvGFw+PPcoG5uMdcd7/DjDE1i20zmT+55DgIBrneCwrW7nIM0Md3BPOTV8iBwzjdVcdDHhMtSpi9UKUHw80sDRZp7ygB4Z0QmhSxCMCg9g7KPHYY+PVRC2sFreZBC6rtmIL+HMUPciRCCqMZLx3f6xRSD97lZr/wIDAQAB",
+  "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAonIsDl8t5bpwftk/A27CsfC5VZMjkPrMDwvL8gyAoVwIi0iGhmty6yWrC/VaL+Brae29XMg7dMdwnbIUHmwHxovN+FnT2vfz/O0kHQcgVdwVSIR0tFwsmC+pVKpSqm//skgYYcZQhdhLZBWOn0PZ81ymm0jOkwBSIQKkyuCTv/1HSwjTLR0EBvaH9+Vb0iaiOEv1ikHDhMOXTxx8URWBnJJt463z7LuZBMSG8fXVMDl3vqY1hDZzKbXBaK/clRIXMff0jUOvfPMfabHju+eUnceosQwL3eurq96+oHahz4FmrfBqikHe3xQ7/4NdvSvVuwth0kcsI0ptRBG8m1NglQIDAQAB"
+];
+
+async function verifySignature(signedData: Uint8Array, signature: Uint8Array): Promise<boolean> {
+  try {
+    for (const pem of UIDAI_PUBLIC_KEYS) {
+      const binaryDerString = window.atob(pem);
+      const binaryDer = new Uint8Array(binaryDerString.length);
+      for (let i = 0; i < binaryDerString.length; i++) {
+        binaryDer[i] = binaryDerString.charCodeAt(i);
+      }
+      
+      try {
+        const key = await window.crypto.subtle.importKey(
+          "spki",
+          binaryDer.buffer as ArrayBuffer,
+          {
+            name: "RSASSA-PKCS1-v1_5",
+            hash: "SHA-256"
+          },
+          false,
+          ["verify"]
+        );
+        
+        const isValid = await window.crypto.subtle.verify(
+          "RSASSA-PKCS1-v1_5",
+          key,
+          signature as any,
+          signedData as any
+        );
+
+        if (isValid) return true;
+      } catch (err) {
+        // Continue to next key
+      }
+    }
+    
+    return false;
+  } catch (e) {
+    console.error("Signature verification failed:", e);
+    return false;
+  }
+}
+
+export async function decodeAadhaarQR(qrString: string): Promise<DecodeResult> {
+  try {
+    const rawQr = qrString.trim();
+    
+    // Handle old XML format
+    if (rawQr.startsWith('<')) {
+      const parser = new DOMParser();
+      const xmlDoc = parser.parseFromString(rawQr, "text/xml");
+      
+      const parseError = xmlDoc.getElementsByTagName("parsererror");
+      if (parseError.length > 0) {
+        return { success: false, error: 'Failed to parse XML data' };
+      }
+
+      // The root element is usually PrintLetterBarcodeData
+      const root = xmlDoc.documentElement;
+      
+      const result: AadhaarData = {};
+      
+      const fieldMap: Record<string, keyof AadhaarData> = {
+        "uid": "aadhaar_last4", // We'll extract last 4 below
+        "name": "name", 
+        "gender": "gender",
+        "yob": "dob", // Fallback if dob isn't present
+        "dob": "dob", 
+        "co": "care_of",
+        "house": "house", 
+        "street": "street", 
+        "lm": "landmark",
+        "loc": "location", 
+        "vtc": "vtc", 
+        "po": "post_office",
+        "dist": "district", 
+        "subdist": "sub_district",
+        "state": "state", 
+        "pc": "pincode"
+      };
+
+      for (const [xmlKey, resKey] of Object.entries(fieldMap)) {
+        const val = root.getAttribute(xmlKey);
+        if (val) {
+          (result as any)[resKey] = val;
+        }
+      }
+
+      // Format Aadhaar Last 4 if full UID was provided
+      if (root.getAttribute("uid") && root.getAttribute("uid")!.length >= 4) {
+        result.aadhaar_last4 = root.getAttribute("uid")!.slice(-4);
+      }
+
+      // Old XML doesn't have signature or photo
+      return { success: true, data: result };
+    }
+
+    // Handle Secure QR Format (Big Integer)
+    const isSecure = rawQr.match(/^\d{100,}$/);
+    if (!isSecure) {
+      return { success: false, error: 'Invalid QR string format.' };
+    }
+
+    const rawBytes = bigIntToBytes(rawQr);
+
+    let decompressed: Uint8Array | null = null;
+    const windowBitsOptions = [15, -15, 31, 47];
+
+    // Try decompressing with different padded lengths
+    for (let pad = 0; pad < 4; pad++) {
+      let paddedBytes = rawBytes;
+      if (pad > 0) {
+        paddedBytes = new Uint8Array(rawBytes.length + pad);
+        paddedBytes.set(rawBytes, pad);
+      }
+      
+      for (const wbits of windowBitsOptions) {
+        try {
+          decompressed = pako.inflate(paddedBytes, { windowBits: wbits });
+          break;
+        } catch (e) {
+          // Ignore and try next
+        }
+      }
+      if (decompressed) break;
+    }
+
+    if (!decompressed) {
+      return { success: false, error: 'Failed to decompress Aadhaar data (Zlib error)' };
+    }
+
+    const signedData = decompressed.slice(0, -256);
+    const signature = decompressed.slice(-256);
+    const data = signedData;
+
+    const DELIMITER = 255;
+    let parts: string[] = [];
+    let start = 0;
+    let dob_idx = -1;
+
+    for (let i = 0; i < data.length; i++) {
+      if (data[i] === DELIMITER) {
+        const valBytes = data.slice(start, i);
+        // Convert Latin-1 (ISO-8859-1) bytes to string
+        const val = Array.from(valBytes).map(b => String.fromCharCode(b)).join('');
+        parts.push(val);
+        start = i + 1;
+
+        if (dob_idx === -1 && ['M', 'F', 'T'].includes(val) && parts.length > 3) {
+          dob_idx = parts.length - 2;
+        }
+
+        if (dob_idx !== -1 && parts.length === dob_idx + 13) {
+          start = i + 1;
+          break;
+        }
+      }
+    }
+
+    const result: AadhaarData = {};
+    result.email_mobile_indicator = parts[0];
+
+    if (dob_idx !== -1) {
+      const getP = (i: number) => i < parts.length ? parts[i].trim() : "";
+      result.reference_id = getP(dob_idx - 2);
+      result.name = getP(dob_idx - 1);
+      result.dob = getP(dob_idx);
+      result.gender = getP(dob_idx + 1);
+      result.care_of = getP(dob_idx + 2);
+      result.district = getP(dob_idx + 3);
+      result.landmark = getP(dob_idx + 4);
+      result.house = getP(dob_idx + 5);
+      result.location = getP(dob_idx + 6);
+      result.pincode = getP(dob_idx + 7);
+      result.post_office = getP(dob_idx + 8);
+      result.state = getP(dob_idx + 9);
+      result.street = getP(dob_idx + 10);
+      result.sub_district = getP(dob_idx + 11);
+      result.vtc = getP(dob_idx + 12);
+    }
+
+    if (result.reference_id && result.reference_id.length >= 4) {
+      result.aadhaar_last4 = result.reference_id.substring(0, 4);
+    }
+
+    if (start < data.length) {
+      let tail = data.length;
+      const ind = parseInt(parts[0], 10) || 0;
+      if (ind === 3) tail -= 64;
+      else if (ind === 1 || ind === 2) tail -= 32;
+
+      let photoBytes = data.slice(start, tail);
+
+      let photoStart = -1;
+      for (let j = 0; j < photoBytes.length - 3; j++) {
+        if (photoBytes[j] === 0xFF && photoBytes[j+1] === 0x4F && photoBytes[j+2] === 0xFF && photoBytes[j+3] === 0x51) {
+          photoStart = j;
+          break;
+        }
+      }
+      if (photoStart === -1) {
+        for (let j = 0; j < photoBytes.length - 7; j++) {
+          if (photoBytes[j] === 0x00 && photoBytes[j+1] === 0x00 && photoBytes[j+2] === 0x00 && photoBytes[j+3] === 0x0C &&
+              photoBytes[j+4] === 0x6A && photoBytes[j+5] === 0x50 && photoBytes[j+6] === 0x20 && photoBytes[j+7] === 0x20) {
+            photoStart = j;
+            break;
+          }
+        }
+      }
+      if (photoStart !== -1) {
+        photoBytes = photoBytes.slice(photoStart);
+      }
+
+      try {
+        const dataUrl = jp2ToDataURL(photoBytes);
+        result.photo_base64 = dataUrl.split(',')[1];
+        result.photo_mime = "image/png";
+      } catch (err) {
+        console.error("Canvas JP2 decoding failed:", err);
+        const CHUNK_SIZE = 0x8000;
+        let c = [];
+        for (let i = 0; i < photoBytes.length; i += CHUNK_SIZE) {
+          c.push(String.fromCharCode.apply(null, Array.from(photoBytes.subarray(i, i + CHUNK_SIZE))));
+        }
+        result.photo_base64 = btoa(c.join(''));
+        result.photo_mime = "image/jp2";
+      }
+    }
+
+    result.signature_valid = await verifySignature(signedData, signature);
+
+    return { success: true, data: result };
+
+  } catch (error: any) {
+    return { success: false, error: error.message || 'Unknown error occurred during parsing' };
+  }
+}

package/src/index.ts

@@ -0,0 +1,3 @@
+export * from './decoder';
+// Export the React Component if they want to use it
+// export { VirtualAadhaarCard } from './VirtualAadhaarCard';

package/tsup.config.ts

@@ -0,0 +1,12 @@
+import { defineConfig } from 'tsup';
+
+export default defineConfig({
+  entry: ['src/index.ts'],
+  format: ['cjs', 'esm'],
+  dts: true,
+  clean: true,
+  external: ['react', 'react-dom', 'lucide-react'],
+  loader: {
+    '.png': 'dataurl',
+  },
+});