Merge branch 'dev' of https://github.com/zk-passport/openpassport int…

…o dev
openpassport-org · Nov 2, 2024 · 0fe0881 · 0fe0881
2 parents ba7027f + 9096e39
commit 0fe0881
Show file tree

Hide file tree

Showing 31 changed files with 1,436 additions and 56 deletions.
diff --git a/app/android/app/build.gradle b/app/android/app/build.gradle
@@ -85,8 +85,8 @@ android {
         applicationId "com.proofofpassportapp"
         minSdkVersion rootProject.ext.minSdkVersion
         targetSdkVersion rootProject.ext.targetSdkVersion
-        versionCode 12
-        versionName "1.1"
+        versionCode 13
+        versionName "1.2"
         externalNativeBuild {
             cmake {
                 cppFlags += "-fexceptions -frtti -std=c++11"

diff --git a/...eact-native-passport-reader/android/src/main/java/io/tradle/nfc/RNPassportReaderModule.kt b/...eact-native-passport-reader/android/src/main/java/io/tradle/nfc/RNPassportReaderModule.kt
@@ -272,16 +272,29 @@ class RNPassportReaderModule(private val reactContext: ReactApplicationContext)
         override fun doInBackground(vararg params: Void?): Exception? {
             try {
                 eventMessageEmitter(Messages.STOP_MOVING)
-                isoDep.timeout = 10000
+                isoDep.timeout = 20000
                 Log.e("MY_LOGS", "This should obvsly log")
-                val cardService = CardService.getInstance(isoDep)
-                Log.e("MY_LOGS", "cardService gotten")
-                cardService.open()
+                val cardService = try {
+                    CardService.getInstance(isoDep)
+                } catch (e: Exception) {
+                    Log.e("MY_LOGS", "Failed to get CardService instance", e)
+                    throw e
+                }
+
+                try {
+                    cardService.open()
+                } catch (e: Exception) {
+                    Log.e("MY_LOGS", "Failed to open CardService", e)
+                    isoDep.close()
+                    Thread.sleep(500)
+                    isoDep.connect()
+                    cardService.open()
+                }
                 Log.e("MY_LOGS", "cardService opened")
                 val service = PassportService(
                     cardService,
-                    PassportService.NORMAL_MAX_TRANCEIVE_LENGTH,
-                    PassportService.DEFAULT_MAX_BLOCKSIZE,
+                    PassportService.NORMAL_MAX_TRANCEIVE_LENGTH * 2,
+                    PassportService.DEFAULT_MAX_BLOCKSIZE * 2,
                     false,
                     false,
                 )
@@ -313,14 +326,39 @@ class RNPassportReaderModule(private val reactContext: ReactApplicationContext)
                 }
                 Log.e("MY_LOGS", "Sending select applet command with paceSucceeded: ${paceSucceeded}") // this is false so PACE doesn't succeed
                 service.sendSelectApplet(paceSucceeded)
+
                 if (!paceSucceeded) {
-                    try {
-                        Log.e("MY_LOGS", "trying to get EF_COM...")
-                        service.getInputStream(PassportService.EF_COM).read()
-                    } catch (e: Exception) {
-                        Log.e("MY_LOGS", "doing BAC")
-                        service.doBAC(bacKey) // <======================== error happens here
-                        Log.e("MY_LOGS", "BAC done")
+                    var bacSucceeded = false
+                    var attempts = 0
+                    val maxAttempts = 3
+
+                    while (!bacSucceeded && attempts < maxAttempts) {
+                        try {
+                            attempts++
+                            Log.e("MY_LOGS", "BAC attempt $attempts of $maxAttempts")
+
+                            if (attempts > 1) {
+                                // Wait before retry
+                                Thread.sleep(500)
+                            }
+
+                            // Try to read EF_COM first
+                            try {
+                                service.getInputStream(PassportService.EF_COM).read()
+                            } catch (e: Exception) {
+                                // EF_COM failed, do BAC
+                                service.doBAC(bacKey)
+                            }
+
+                            bacSucceeded = true
+                            Log.e("MY_LOGS", "BAC succeeded on attempt $attempts")
+
+                        } catch (e: Exception) {
+                            Log.e("MY_LOGS", "BAC attempt $attempts failed: ${e.message}")
+                            if (attempts == maxAttempts) {
+                                throw e // Re-throw on final attempt
+                            }
+                        }
                     }
                 }
 

diff --git a/app/ios/OpenPassport.xcodeproj/project.pbxproj b/app/ios/OpenPassport.xcodeproj/project.pbxproj
@@ -500,7 +500,7 @@
 				CODE_SIGN_ENTITLEMENTS = OpenPassport/OpenPassportDebug.entitlements;
 				CODE_SIGN_IDENTITY = "Apple Development";
 				CODE_SIGN_STYLE = Automatic;
-				CURRENT_PROJECT_VERSION = 63;
+				CURRENT_PROJECT_VERSION = 64;
 				DEBUG_INFORMATION_FORMAT = dwarf;
 				DEVELOPMENT_TEAM = 5B29R5LYHQ;
 				ENABLE_BITCODE = NO;
@@ -615,7 +615,7 @@
 					"$(PROJECT_DIR)",
 					"$(PROJECT_DIR)/MoproKit/Libs",
 				);
-				MARKETING_VERSION = 1.9.6;
+				MARKETING_VERSION = 1.9.7;
 				OTHER_LDFLAGS = (
 					"$(inherited)",
 					"-ObjC",
@@ -639,7 +639,7 @@
 				ASSETCATALOG_COMPILER_APPICON_NAME = AppIcon;
 				CLANG_ENABLE_MODULES = YES;
 				CODE_SIGN_ENTITLEMENTS = OpenPassport/OpenPassport.entitlements;
-				CURRENT_PROJECT_VERSION = 63;
+				CURRENT_PROJECT_VERSION = 64;
 				DEBUG_INFORMATION_FORMAT = dwarf;
 				DEVELOPMENT_TEAM = 5B29R5LYHQ;
 				FRAMEWORK_SEARCH_PATHS = (
@@ -753,7 +753,7 @@
 					"$(PROJECT_DIR)",
 					"$(PROJECT_DIR)/MoproKit/Libs",
 				);
-				MARKETING_VERSION = 1.9.6;
+				MARKETING_VERSION = 1.9.7;
 				OTHER_LDFLAGS = (
 					"$(inherited)",
 					"-ObjC",

diff --git a/app/ios/Podfile.lock b/app/ios/Podfile.lock
@@ -1737,10 +1737,10 @@ CHECKOUT OPTIONS:
 SPEC CHECKSUMS:
   amplitude-react-native: 3fc003fed8453ac8131703869cc52ea626196a83
   boost: 4cb898d0bf20404aab1850c656dcea009429d6c1
-  DoubleConversion: 5189b271737e1565bdce30deb4a08d647e3f5f54
+  DoubleConversion: 76ab83afb40bddeeee456813d9c04f67f78771b5
   FBLazyVector: 430e10366de01d1e3d57374500b1b150fe482e6d
   fmt: 4c2741a687cc09f0634a2e2c72a838b99f1ff120
-  glog: 04b94705f318337d7ead9e6d17c019bd9b1f6b1b
+  glog: 69ef571f3de08433d766d614c73a9838a06bf7eb
   lottie-ios: a881093fab623c467d3bce374367755c272bdd59
   NFCPassportReader: a160b80e3df3b5325c13902f90405f5eef7520b3
   OpenSSL-Universal: ebc357f1e6bc71fa463ccb2fe676756aff50e88c

diff --git a/noir/Nargo.toml b/noir/Nargo.toml
@@ -2,6 +2,9 @@
 name = "noir"
 type = "bin"
 authors = [""]
-compiler_version = ">=0.36.0"
+compiler_version = ">=0.35.0"
 
 [dependencies]
+# version error in rsa crate 0.3.1, keep both rsa and bignum are causing some issues.
+rsa = { tag = "main", git = "https://github.com/noir-lang/noir_rsa" , directory = "lib" }
+bignum = { tag = "v0.3.6", git = "https://github.com/noir-lang/noir-bignum" }
diff --git a/noir/src/constants.nr b/noir/src/constants.nr
@@ -0,0 +1,13 @@
+//todo: check with circom values
+pub global MAX_ECONTENT_LEN = 384;
+pub global HASH_LEN_BYTES = 32;
+pub global DG_PADDING_BYTES_LEN = 7;
+pub global MAX_SIGNED_ATTR_LEN = 192;
+
+pub global ASCII_ZERO = 48;
+pub global TEN = 10;
+pub global CENTURY = 100;
+
+pub global SHA256_SIZE: u32 = 32;
+pub global SHA512_SIZE: u32 = 64;
+pub global SHA160_SIZE: u32 = 20;
diff --git a/noir/src/dg1.nr → noir/src/dg1/dg1.nr b/noir/src/dg1.nr → noir/src/dg1/dg1.nr
@@ -1,11 +1,11 @@
-use crate::utils::{MAX_ECONTENT_LEN, HASH_LEN_BYTES, DG_PADDING_BYTES_LEN, MAX_SIGNED_ATTR_LEN};
+use crate::constants::{MAX_ECONTENT_LEN, HASH_LEN_BYTES, DG_PADDING_BYTES_LEN, MAX_SIGNED_ATTR_LEN};
 use std::hash::sha256;
 
 pub fn verify_dg1_and_dg2(
     dg1: [u8; 93],
     dg1_hash_offset: u8,
     dg2_hash: [u8; 64],
-    eContent: [u8; MAX_ECONTENT_LEN],
+    eContent: [u8; MAX_ECONTENT_LEN]
 ) {
     let computed_dg1_hash = sha256(dg1);
 
@@ -25,6 +25,6 @@ pub fn verify_econtent(
     signed_attr: [u8; MAX_SIGNED_ATTR_LEN],
     signed_attr_econtent_hash_offset: u8,
     eContent_padded_length: u16,
-    signed_attr_padded_length: u8,
+    signed_attr_padded_length: u8
 ) {}
 
diff --git a/noir/src/dg1/mod.nr b/noir/src/dg1/mod.nr
@@ -0,0 +1,26 @@
+pub mod dg1;
+
+use crate::constants::{MAX_ECONTENT_LEN, MAX_SIGNED_ATTR_LEN};
+use dg1::{verify_dg1_and_dg2, verify_econtent};
+
+fn Dg1(
+    dg1: [u8; 93],
+    dg1_hash_offset: u8,
+    dg2_hash: [u8; 64],
+    eContent: [u8; MAX_ECONTENT_LEN],
+    signed_attr: [u8; MAX_SIGNED_ATTR_LEN],
+    signed_attr_econtent_hash_offset: u8,
+    eContent_padded_length: u16,
+    signed_attr_padded_length: u8
+) {
+    verify_dg1_and_dg2(dg1, dg1_hash_offset, dg2_hash, eContent);
+
+    verify_econtent(
+        eContent,
+        signed_attr,
+        signed_attr_econtent_hash_offset,
+        eContent_padded_length,
+        signed_attr_padded_length
+    );
+}
+
diff --git a/noir/src/disclose/country_not_in_list.nr b/noir/src/disclose/country_not_in_list.nr
@@ -0,0 +1,41 @@
+use crate::types::DG1;
+use crate::utils::array::array_equal;
+
+pub fn country_not_in_list<let N: u32>(dg1: DG1, forbidden_countries_list: [u8; N]) -> bool {
+    assert(N % 3 == 0);
+
+    let country_code = [dg1[7], dg1[8], dg1[9]];
+    let mut not_in_list = true;
+
+    for i in 0..(N / 3) {
+        let forbidden_country = [
+            forbidden_countries_list[i * 3],
+            forbidden_countries_list[(i * 3) + 1],
+            forbidden_countries_list[(i * 3) + 2],
+        ];
+        let equal = array_equal(country_code, forbidden_country);
+
+        if equal {
+            not_in_list = false;
+        }
+    }
+
+    not_in_list
+}
+
+#[test]
+fn test_country_not_in_list() {
+    let mut country = [0; 93];
+    country[7] = 1;
+    country[8] = 2;
+    country[9] = 3;
+
+    //country is in the list
+    let forbidden_countries_list_with_country = [1, 2, 3, 4, 5, 6];
+
+    assert(!country_not_in_list(country, forbidden_countries_list_with_country));
+
+    //country is not in the list
+    let forbidden_countries_list_without_country = [0, 1, 2, 3, 4, 5];
+    assert(country_not_in_list(country, forbidden_countries_list_without_country));
+}
diff --git a/noir/src/disclose/disclose.nr b/noir/src/disclose/disclose.nr
@@ -0,0 +1,46 @@
+use crate::types::DG1;
+use crate::utils::passport::date::is_older_than::is_older_than;
+
+pub struct DiscloseOutput {
+    revealed_data: [u8; 88],
+    older_than: [u8; 2],
+}
+
+// todo: check if we have to pack revealed data?
+pub fn disclose(
+    dg1: DG1,
+    selector_dg1: [bool; 88],
+    selector_older_than: bool,
+    current_date: [u8; 6],
+    age: [u8; 2],
+) -> DiscloseOutput {
+    let mut revealed_data: [u8; 88] = [0; 88];
+
+    for i in 0..88 {
+        let mut multiplier = 0;
+        if (selector_dg1[i]) {
+            multiplier = 1;
+        }
+        revealed_data[i] = dg1[i + 5] * multiplier;
+    }
+
+    let mut older_than = [0, 0];
+
+    if (selector_older_than) {
+        let is_verified = is_older_than(
+            age,
+            current_date,
+            [dg1[62], dg1[63], dg1[64], dg1[65], dg1[66], dg1[67]],
+        );
+
+        let mut multiplier = 0;
+        if (is_verified) {
+            multiplier = 1;
+        }
+
+        older_than[0] = multiplier * age[0];
+        older_than[1] = multiplier * age[1];
+    }
+
+    DiscloseOutput { revealed_data, older_than }
+}
diff --git a/noir/src/disclose/mod.nr b/noir/src/disclose/mod.nr
@@ -0,0 +1,2 @@
+pub mod disclose;
+pub mod country_not_in_list;