@anon-aadhaar/core - npm Package Compare versions

Comparing version 2.2.4 to 2.3.0

package.json

 {
   "name": "@anon-aadhaar/core",
-  "version": "2.2.4",
+  "version": "2.3.0",
   "main": "./dist/index.js",
@@ -5,0 +5,0 @@ "types": "./src/index.ts",

src/qrGenerator.ts

@@ -1,2 +0,2 @@
-import { IdFields } from './utils'
+import { IdFields, extractPhoto, getRandomBytes } from './utils'
 import pako from 'pako'
@@ -9,9 +9,17 @@
 // - Optionally it can take parameters to change the test data fields (dob, pinCode, gender, state)
-export const createCustomV2TestData = (
-  signedData: Uint8Array,
-  dob?: string,
-  pincode?: string,
-  gender?: string,
+export const createCustomV2TestData = ({
+  signedData,
+  dob,
+  pincode,
+  gender,
+  state,
+  photo,
+}: {
+  signedData: Uint8Array
+  dob?: string
+  pincode?: string
+  gender?: string
   state?: string
-) => {
+  photo?: boolean
+}) => {
   const allDataParsed: number[][] = []
@@ -91,2 +99,17 @@ const delimiterIndices: number[] = []
 
+  if (photo) {
+    const { begin, dataLength } = extractPhoto(
+      Array.from(modifiedSignedData),
+      modifiedSignedData.length
+    )
+    const photoLength = dataLength - begin
+
+    modifiedSignedData = replaceBytesBetween(
+      modifiedSignedData,
+      getRandomBytes(photoLength - 1),
+      begin + 1,
+      begin + photoLength - 1
+    )
+  }
+
   const versionSpecifier = new Uint8Array([86, 50, 255]) // 'V2' in ASCII followed by 255
@@ -93,0 +116,0 @@ const number1234 = new Uint8Array([49, 50, 51, 52, 255]) // '1234' in ASCII followed by 255

src/utils.ts

@@ -101,2 +101,17 @@ import { PackedGroth16Proof } from './types'
 
+export function convertRevealBigIntToString(input: bigint | string) {
+  if (typeof input === "string")
+    input = BigInt(input)
+
+  let result: string;
+  while (input > 0) {
+    result += String.fromCharCode(Number(input % BigInt(256)))
+    input = input / BigInt(256)
+  }
+  // The proof input is in big endian format, on each iteration appends the last char
+  // which is the first char in little-endian format
+  // reversal is not needed
+  return result
+}
+
 export function decompressByteArray(byteArray: Uint8Array) {
@@ -206,1 +221,11 @@ const decompressedArray = pako.inflate(byteArray)
 }
+
+// This funtion is not cryptographically secure
+// It is only used to generate fake photo when updating test data
+export function getRandomBytes(length: number): Uint8Array {
+  const array = new Uint8Array(length)
+  for (let i = 0; i < length; i++) {
+    array[i] = Math.floor(Math.random() * 256)
+  }
+  return array
+}

New alerts

Network access

Supply chain risk

This module accesses the network.

Found 1 instance in 1 package

Dynamic require

Supply chain risk

Dynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.

Found 1 instance in 1 package

Long strings

Supply chain risk

Contains long string literals, which may be a sign of obfuscated or packed code.

Found 1 instance in 1 package

URL strings

Supply chain risk

Package contains fragments of external URLs or IP addresses, which the package may be accessing at runtime.

Found 1 instance in 1 package

Fixed alerts

Network access

Supply chain risk

This module accesses the network.

Found 1 instance in 1 package

Dynamic require

Supply chain risk

Dynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.

Found 1 instance in 1 package

Long strings

Supply chain risk

Contains long string literals, which may be a sign of obfuscated or packed code.

Found 1 instance in 1 package

URL strings

Supply chain risk

Package contains fragments of external URLs or IP addresses, which the package may be accessing at runtime.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

788305

0.28%

Lines of code

24357

0.35%

No dependency changes