Merge branch 'main' into feat/download-n-update-verifiers

common/src/constants/constants.ts

@@ -5,15 +5,16 @@ export const COMMITMENT_TREE_DEPTH = 33;
 export const DEFAULT_USER_ID_TYPE = 'uuid';
 
 export const REDIRECT_URL = 'https://redirect.self.xyz';
-export const WS_RPC_URL_REGISTER = "ws://register.proving.self.xyz:8888/";
-export const WS_RPC_URL_DSC = "ws://dsc.proving.self.xyz:8888/";
 export const WS_RPC_URL_VC_AND_DISCLOSE = "ws://disclose.proving.self.xyz:8888/";
 export const WS_DB_RELAYER = 'wss://websocket.self.xyz';
-
+export const WS_DB_RELAYER_STAGING = 'wss://websocket.staging.self.xyz';
 export const API_URL = 'https://api.self.xyz';
 export const CSCA_TREE_URL = 'https://tree.self.xyz/csca';
 export const DSC_TREE_URL = 'https://tree.self.xyz/dsc';
+export const CSCA_TREE_URL_STAGING = 'https://tree.staging.self.xyz/csca';
+export const DSC_TREE_URL_STAGING = 'https://tree.staging.self.xyz/dsc';
 export const IDENTITY_TREE_URL = 'https://tree.self.xyz/identity';
+export const IDENTITY_TREE_URL_STAGING = 'https://tree.staging.self.xyz/identity';
 
 export const PASSPORT_ATTESTATION_ID = '1'; //"8518753152044246090169372947057357973469996808638122125210848696986717482788"
 
@@ -23,7 +24,7 @@ export const PCR0_MANAGER_ADDRESS = '0xE36d4EE5Fd3916e703A46C21Bb3837dB7680C8B8'
 
 
 // we make it global here because passing it to generateCircuitInputsRegister caused trouble
-export const DEVELOPMENT_MODE = false;
+export const DEVELOPMENT_MODE = true;
 export const DEFAULT_MAJORITY = '18';
 
 export const hashAlgos = ['sha512', 'sha384', 'sha256', 'sha224', 'sha1'];
@@ -266,6 +267,7 @@ export const n_dsc_ecdsa = 64;
 export const k_dsc_ecdsa = 4;
 export const max_dsc_bytes = 1792;
 export const max_csca_bytes = 1792;
+
 export const countryCodes = {
   AFG: 'Afghanistan',
   ALA: 'Aland Islands',
@@ -527,259 +529,6 @@ export function getCountryCode(countryName: string): string | string {
   return found ? found[0] : 'undefined';
 }
 
-export const countryNames = [
-  'Any',
-  'Afghanistan',
-  'Aland Islands',
-  'Albania',
-  'Algeria',
-  'American Samoa',
-  'Andorra',
-  'Angola',
-  'Anguilla',
-  'Antarctica',
-  'Antigua and Barbuda',
-  'Argentina',
-  'Armenia',
-  'Aruba',
-  'Australia',
-  'Austria',
-  'Azerbaijan',
-  'Bahamas',
-  'Bahrain',
-  'Bangladesh',
-  'Barbados',
-  'Belarus',
-  'Belgium',
-  'Belize',
-  'Benin',
-  'Bermuda',
-  'Bhutan',
-  'Bolivia (Plurinational State of)',
-  'Bonaire, Sint Eustatius and Saba',
-  'Bosnia and Herzegovina',
-  'Botswana',
-  'Bouvet Island',
-  'Brazil',
-  'British Indian Ocean Territory',
-  'Brunei Darussalam',
-  'Bulgaria',
-  'Burkina Faso',
-  'Burundi',
-  'Cabo Verde',
-  'Cambodia',
-  'Cameroon',
-  'Canada',
-  'Cayman Islands',
-  'Central African Republic',
-  'Chad',
-  'Chile',
-  'China',
-  'Christmas Island',
-  'Cocos (Keeling) Islands',
-  'Colombia',
-  'Comoros',
-  'Congo',
-  'Congo, Democratic Republic of the',
-  'Cook Islands',
-  'Costa Rica',
-  "Cote d'Ivoire",
-  'Croatia',
-  'Cuba',
-  'Curacao',
-  'Cyprus',
-  'Czechia',
-  'Denmark',
-  'Djibouti',
-  'Dominica',
-  'Dominican Republic',
-  'Ecuador',
-  'Egypt',
-  'El Salvador',
-  'Equatorial Guinea',
-  'Eritrea',
-  'Estonia',
-  'Eswatini',
-  'Ethiopia',
-  'Falkland Islands (Malvinas)',
-  'Faroe Islands',
-  'Fiji',
-  'Finland',
-  'France',
-  'French Guiana',
-  'French Polynesia',
-  'French Southern Territories',
-  'Gabon',
-  'Gambia',
-  'Georgia',
-  'Germany',
-  'Ghana',
-  'Gibraltar',
-  'Greece',
-  'Greenland',
-  'Grenada',
-  'Guadeloupe',
-  'Guam',
-  'Guatemala',
-  'Guernsey',
-  'Guinea',
-  'Guinea-Bissau',
-  'Guyana',
-  'Haiti',
-  'Heard Island and McDonald Islands',
-  'Holy See',
-  'Honduras',
-  'Hong Kong',
-  'Hungary',
-  'Iceland',
-  'India',
-  'Indonesia',
-  'Iran (Islamic Republic of)',
-  'Iraq',
-  'Ireland',
-  'Isle of Man',
-  'Israel',
-  'Italy',
-  'Jamaica',
-  'Japan',
-  'Jersey',
-  'Jordan',
-  'Kazakhstan',
-  'Kenya',
-  'Kiribati',
-  "Korea (Democratic People's Republic of)",
-  'Korea, Republic of',
-  'Kuwait',
-  'Kyrgyzstan',
-  "Lao People's Democratic Republic",
-  'Latvia',
-  'Lebanon',
-  'Lesotho',
-  'Liberia',
-  'Libya',
-  'Liechtenstein',
-  'Lithuania',
-  'Luxembourg',
-  'Macao',
-  'Madagascar',
-  'Malawi',
-  'Malaysia',
-  'Maldives',
-  'Mali',
-  'Malta',
-  'Marshall Islands',
-  'Martinique',
-  'Mauritania',
-  'Mauritius',
-  'Mayotte',
-  'Mexico',
-  'Micronesia (Federated States of)',
-  'Moldova, Republic of',
-  'Monaco',
-  'Mongolia',
-  'Montenegro',
-  'Montserrat',
-  'Morocco',
-  'Mozambique',
-  'Myanmar',
-  'Namibia',
-  'Nauru',
-  'Nepal',
-  'Netherlands',
-  'New Caledonia',
-  'New Zealand',
-  'Nicaragua',
-  'Niger',
-  'Nigeria',
-  'Niue',
-  'Norfolk Island',
-  'North Macedonia',
-  'Northern Mariana Islands',
-  'Norway',
-  'Oman',
-  'Pakistan',
-  'Palau',
-  'Palestine, State of',
-  'Panama',
-  'Papua New Guinea',
-  'Paraguay',
-  'Peru',
-  'Philippines',
-  'Pitcairn',
-  'Poland',
-  'Portugal',
-  'Puerto Rico',
-  'Qatar',
-  'Reunion',
-  'Romania',
-  'Russian Federation',
-  'Rwanda',
-  'Saint Barthelemy',
-  'Saint Helena, Ascension and Tristan da Cunha',
-  'Saint Kitts and Nevis',
-  'Saint Lucia',
-  'Saint Martin (French part)',
-  'Saint Pierre and Miquelon',
-  'Saint Vincent and the Grenadines',
-  'Samoa',
-  'San Marino',
-  'Sao Tome and Principe',
-  'Saudi Arabia',
-  'Senegal',
-  'Serbia',
-  'Seychelles',
-  'Sierra Leone',
-  'Singapore',
-  'Sint Maarten (Dutch part)',
-  'Slovakia',
-  'Slovenia',
-  'Solomon Islands',
-  'Somalia',
-  'South Africa',
-  'South Georgia and the South Sandwich Islands',
-  'South Sudan',
-  'Spain',
-  'Sri Lanka',
-  'Sudan',
-  'Suriname',
-  'Svalbard and Jan Mayen',
-  'Sweden',
-  'Switzerland',
-  'Syrian Arab Republic',
-  'Taiwan, Province of China',
-  'Tajikistan',
-  'Tanzania, United Republic of',
-  'Thailand',
-  'Timor-Leste',
-  'Togo',
-  'Tokelau',
-  'Tonga',
-  'Trinidad and Tobago',
-  'Tunisia',
-  'Turkey',
-  'Turkmenistan',
-  'Turks and Caicos Islands',
-  'Tuvalu',
-  'Uganda',
-  'Ukraine',
-  'United Arab Emirates',
-  'United Kingdom of Great Britain and Northern Ireland',
-  'United States of America',
-  'United States Minor Outlying Islands',
-  'Uruguay',
-  'Uzbekistan',
-  'Vanuatu',
-  'Venezuela (Bolivarian Republic of)',
-  'Viet Nam',
-  'Virgin Islands (British)',
-  'Virgin Islands (U.S.)',
-  'Wallis and Futuna',
-  'Western Sahara',
-  'Yemen',
-  'Zambia',
-  'Zimbabwe',
-] as const;
-
 export const contribute_publicKey = `-----BEGIN RSA PUBLIC KEY-----
 MIICCgKCAgEAv/hm7FZZ2KBmaeDHmLoRwuWmCcNKT561RqbsW8ZuYSyPWJUldE9U
 Cf0lW3K1H5lsSDkl0Cq84cooL9f6X59Mffb/N24ZKTdL0xdcPwjk4LbcrVm8qubL

common/src/scripts/extensions.cnf

@@ -0,0 +1,2 @@
+subjectKeyIdentifier = hash
+authorityKeyIdentifier = keyid,issuer

common/src/scripts/generateCertificates.sh

@@ -190,6 +190,7 @@ generate_certificate() {
             # For RSAPSS, we need to specify the PSS padding mode during signing
             openssl x509 -req -in "$csr_file" \
                 -CA "$csca_crt" -CAkey "$csca_key" -CAcreateserial \
+                -extfile src/scripts/extensions.cnf \
                 -days 3650 -sha${hash#sha} \
                 -sigopt rsa_padding_mode:pss \
                 -sigopt rsa_pss_saltlen:"$salt" \
@@ -198,6 +199,7 @@ generate_certificate() {
             # For standard RSA or ECDSA
             openssl x509 -req -in "$csr_file" \
                 -CA "$csca_crt" -CAkey "$csca_key" -CAcreateserial \
+                -extfile src/scripts/extensions.cnf \
                 -days 3650 -sha${hash#sha} \
                 -out "$dir_name/$crt_file"
         fi

common/src/utils/appType.ts

@@ -1,7 +1,7 @@
-import { UserIdType } from "./circuits/uuid";
+import { UserIdType, validateUserId } from "./circuits/uuid";
 
 export type Mode = 'register' | 'dsc' | 'vc_and_disclose';
-export type EndpointType = 'https' | 'celo';
+export type EndpointType = 'https' | 'celo' | 'staging_celo' | 'staging_https';
 
 import { v4 } from 'uuid';
 import { Country3LetterCode } from "../constants/constants";
@@ -48,19 +48,30 @@ export class SelfAppBuilder {
     if (!config.endpoint) {
       throw new Error('endpoint is required');
     }
+    if (!config.userId) {
+      throw new Error('userId is required');
+    }
     if (config.endpointType === 'https' && !config.endpoint.startsWith('https://')) {
       throw new Error('endpoint must start with https://');
     }
     if (config.endpointType === 'celo' && !config.endpoint.startsWith('0x')) {
       throw new Error('endpoint must be a valid address');
     }
-    
+    if (config.userIdType === 'hex') {
+      if (!config.userId.startsWith('0x')) {
+        throw new Error('userId as hex must start with 0x');
+      }
+      config.userId = config.userId.slice(2);
+    }
+    if (!validateUserId(config.userId, config.userIdType ?? "uuid")) {
+      throw new Error('userId must be a valid UUID or address');
+    }
+
     this.config = {
-      sessionId : v4(),
-      userIdType : 'uuid',
-      userId: "",
-      devMode : false,
-      endpointType : 'https',
+      sessionId: v4(),
+      userIdType: 'uuid',
+      devMode: false,
+      endpointType: 'https',
       header: "",
       logoBase64: "",
       disclosures: {},

common/src/utils/circuits/circuitsName.ts

@@ -1,10 +1,4 @@
 import { PassportData } from '../types';
-import { parseCertificateSimple } from '../certificate_parsing/parseCertificateSimple';
-import {
-  PublicKeyDetailsECDSA,
-  PublicKeyDetailsRSA,
-  PublicKeyDetailsRSAPSS,
-} from '../certificate_parsing/dataStructure';
 
 export function getCircuitNameFromPassportData(passportData: PassportData, circuitType: 'register' | 'dsc') {
   if (circuitType === 'register') {
@@ -15,52 +9,86 @@ export function getCircuitNameFromPassportData(passportData: PassportData, circu
 }
 
 function getDSCircuitNameFromPassportData(passportData: PassportData) {
+  console.log('Getting DSC circuit name from passport data...');
 
   if (!passportData.passportMetadata) {
+    console.error('Passport metadata is missing');
     throw new Error("Passport data are not parsed");
   }
   const passportMetadata = passportData.passportMetadata;
+  
   if (!passportMetadata.cscaFound) {
+    console.error('CSCA not found in passport metadata');
     throw new Error("CSCA not found");
   }
-  const parsedCSCA = passportData.csca_parsed;
+
   const signatureAlgorithm = passportMetadata.cscaSignatureAlgorithm;
   const hashFunction = passportMetadata.cscaHashFunction;
 
+  console.log('CSCA Signature Algorithm:', signatureAlgorithm);
+  console.log('CSCA Hash Function:', hashFunction);
+
   if (signatureAlgorithm === 'ecdsa') {
-    const curve = (parsedCSCA.publicKeyDetails as PublicKeyDetailsECDSA).curve;
-    return `dsc_${hashFunction}_${signatureAlgorithm}_${curve}`;
+    console.log('Processing ECDSA signature...');
+    const curve = passportMetadata.cscaCurveOrExponent;
+    console.log('ECDSA curve:', curve);
+    const circuitName = `dsc_${hashFunction}_${signatureAlgorithm}_${curve}`;
+    console.log('Generated circuit name:', circuitName);
+    return circuitName;
+
   } else if (signatureAlgorithm === 'rsa') {
-    const exponent = (parsedCSCA.publicKeyDetails as PublicKeyDetailsRSA).exponent;
-    const bits = (parsedCSCA.publicKeyDetails as PublicKeyDetailsRSA).bits;
-    if (parseInt(bits) <= 4096) {
-      return `dsc_${hashFunction}_${signatureAlgorithm}_${exponent}_${4096}`;
+    console.log('Processing RSA signature...');
+    const exponent = passportMetadata.cscaCurveOrExponent;
+    const bits = passportMetadata.cscaSignatureAlgorithmBits;
+    console.log('RSA exponent:', exponent);
+    console.log('RSA bits:', bits);
+    
+    if (bits <= 4096) {
+      const circuitName = `dsc_${hashFunction}_${signatureAlgorithm}_${exponent}_${4096}`;
+      console.log('Generated circuit name:', circuitName);
+      return circuitName;
     } else {
+      console.error('RSA key length exceeds maximum supported length');
       throw new Error(`Unsupported key length: ${bits}`);
     }
-  } else if (parsedCSCA.signatureAlgorithm === 'rsapss') {
-    const exponent = (parsedCSCA.publicKeyDetails as PublicKeyDetailsRSA).exponent;
-    const saltLength = (parsedCSCA.publicKeyDetails as PublicKeyDetailsRSAPSS).saltLength;
-    const bits = (parsedCSCA.publicKeyDetails as PublicKeyDetailsRSAPSS).bits;
-    if (parseInt(bits) <= 4096) {
-      return `dsc_${hashFunction}_${signatureAlgorithm}_${exponent}_${saltLength}_${bits}`;
+
+  } else if (signatureAlgorithm === 'rsapss') {
+    console.log('Processing RSA-PSS signature...');
+    const exponent = passportMetadata.cscaCurveOrExponent;
+    const saltLength = passportMetadata.cscaSaltLength;
+    const bits = passportMetadata.cscaSignatureAlgorithmBits;
+    console.log('RSA-PSS exponent:', exponent);
+    console.log('RSA-PSS salt length:', saltLength);
+    console.log('RSA-PSS bits:', bits);
+
+    if (bits <= 4096) {
+      const circuitName = `dsc_${hashFunction}_${signatureAlgorithm}_${exponent}_${saltLength}_${bits}`;
+      console.log('Generated circuit name:', circuitName);
+      return circuitName;
     } else {
+      console.error('RSA-PSS key length exceeds maximum supported length');
       throw new Error(`Unsupported key length: ${bits}`);
     }
   } else {
+    console.error('Unsupported signature algorithm:', signatureAlgorithm);
     throw new Error('Unsupported signature algorithm');
   }
-
 }
 
 function getRegisterNameFromPassportData(passportData: PassportData) {
+  console.log('Getting register circuit name from passport data...');
+
   if (!passportData.passportMetadata) {
+    console.error('Passport metadata is missing');
     throw new Error("Passport data are not parsed");
   }
   const passportMetadata = passportData.passportMetadata;
+
   if (!passportMetadata.cscaFound) {
+    console.error('CSCA not found in passport metadata');
     throw new Error("CSCA not found");
   }
+
   const parsedDsc = passportData.dsc_parsed;
 
   const dgHashAlgo = passportMetadata.dg1HashFunction;
@@ -68,27 +96,60 @@ function getRegisterNameFromPassportData(passportData: PassportData) {
   const signedAttrHashAlgo = passportMetadata.signedAttrHashFunction;
   const sigAlg = passportMetadata.signatureAlgorithm;
 
+  console.log('DG Hash Algorithm:', dgHashAlgo);
+  console.log('eContent Hash Algorithm:', eContentHashAlgo);
+  console.log('Signed Attributes Hash Algorithm:', signedAttrHashAlgo);
+  console.log('Signature Algorithm:', sigAlg);
+
   if (parsedDsc.signatureAlgorithm === 'ecdsa') {
-    const curve = (parsedDsc.publicKeyDetails as PublicKeyDetailsECDSA).curve;
-    return `register_${dgHashAlgo}_${eContentHashAlgo}_${signedAttrHashAlgo}_${sigAlg}_${curve}`;
+    console.log('Processing ECDSA signature...');
+    const {
+      curveOrExponent,
+    } = passportMetadata
+    console.log('ECDSA curve:', curveOrExponent);
+    const circuitName = `register_${dgHashAlgo}_${eContentHashAlgo}_${signedAttrHashAlgo}_${sigAlg}_${curveOrExponent}`;
+    console.log('Generated circuit name:', circuitName);
+    return circuitName;
+
   } else if (parsedDsc.signatureAlgorithm === 'rsa') {
-    const exponent = (parsedDsc.publicKeyDetails as PublicKeyDetailsRSA).exponent;
-    const bits = (parsedDsc.publicKeyDetails as PublicKeyDetailsRSA).bits;
-    if (parseInt(bits) <= 4096) {
-      return `register_${dgHashAlgo}_${eContentHashAlgo}_${signedAttrHashAlgo}_${sigAlg}_${exponent}_${4096}`;
+    console.log('Processing RSA signature...');
+    const {
+      curveOrExponent,
+      signatureAlgorithmBits
+    } = passportMetadata
+    console.log('RSA exponent:', curveOrExponent);
+    console.log('RSA bits:', signatureAlgorithmBits);
+
+    if (signatureAlgorithmBits <= 4096) {
+      const circuitName = `register_${dgHashAlgo}_${eContentHashAlgo}_${signedAttrHashAlgo}_${sigAlg}_${curveOrExponent}_${4096}`;
+      console.log('Generated circuit name:', circuitName);
+      return circuitName;
     } else {
-      throw new Error(`Unsupported key length: ${bits}`);
+      console.error('RSA key length exceeds maximum supported length');
+      throw new Error(`Unsupported key length: ${signatureAlgorithmBits}`);
     }
+
   } else if (parsedDsc.signatureAlgorithm === 'rsapss') {
-    const exponent = (parsedDsc.publicKeyDetails as PublicKeyDetailsRSA).exponent;
-    const saltLength = (parsedDsc.publicKeyDetails as PublicKeyDetailsRSAPSS).saltLength;
-    const bits = (parsedDsc.publicKeyDetails as PublicKeyDetailsRSAPSS).bits;
-    if (parseInt(bits) <= 4096) {
-      return `register_${dgHashAlgo}_${eContentHashAlgo}_${signedAttrHashAlgo}_${sigAlg}_${exponent}_${saltLength}_${bits}`;
+    console.log('Processing RSA-PSS signature...');
+    const {
+      curveOrExponent,
+      saltLength,
+      signatureAlgorithmBits
+    } = passportMetadata
+    console.log('RSA-PSS exponent:', curveOrExponent);
+    console.log('RSA-PSS salt length:', saltLength);
+    console.log('RSA-PSS bits:', signatureAlgorithmBits);
+
+    if (signatureAlgorithmBits <= 4096) {
+      const circuitName = `register_${dgHashAlgo}_${eContentHashAlgo}_${signedAttrHashAlgo}_${sigAlg}_${curveOrExponent}_${saltLength}_${signatureAlgorithmBits}`;
+      console.log('Generated circuit name:', circuitName);
+      return circuitName;
     } else {
-      throw new Error(`Unsupported key length: ${bits}`);
+      console.error('RSA-PSS key length exceeds maximum supported length');
+      throw new Error(`Unsupported key length: ${signatureAlgorithmBits}`);
     }
   } else {
+    console.error('Unsupported signature algorithm:', parsedDsc.signatureAlgorithm);
     throw new Error('Unsupported signature algorithm');
   }
 }

common/src/utils/circuits/generateInputs.ts

@@ -8,7 +8,7 @@ import {
 import { PassportData } from '../types';
 import { LeanIMT } from '@openpassport/zk-kit-lean-imt';
 import { getCountryLeaf, getNameDobLeaf, getPassportNumberAndNationalityLeaf, getLeafCscaTree, getLeafDscTree, getNameYobLeaf } from '../trees';
-import { getCSCATree, getCscaTreeInclusionProof, getDSCTree, getDscTreeInclusionProof } from '../trees';
+import { getCscaTreeInclusionProof, getDscTreeInclusionProof } from '../trees';
 import { SMT } from '@openpassport/zk-kit-smt';
 import {
   extractSignatureFromDSC,
@@ -43,7 +43,7 @@ export function generateCircuitInputsDSC(
   const dscTbsBytes = dscParsed.tbsBytes;
 
   // DSC is padded using sha padding because it will be hashed in the circuit
-  const [dscTbsBytesPadded, dscTbsBytesLen] = pad(cscaParsed.hashAlgorithm)(
+  const [dscTbsBytesPadded, dscTbsBytesLen] = pad(dscMetadata.cscaHashAlgorithm)(
     dscTbsBytes,
     max_dsc_bytes
   );
@@ -54,8 +54,8 @@ export function generateCircuitInputsDSC(
   // Parse CSCA certificate and get its public key
   const csca_pubKey_formatted = getCertificatePubKey(
     cscaParsed,
-    cscaParsed.signatureAlgorithm,
-    cscaParsed.hashAlgorithm
+    dscMetadata.cscaSignatureAlgorithm,
+    dscMetadata.cscaHashAlgorithm
   );
 
   const signatureRaw = extractSignatureFromDSC(dscCertificate);
@@ -67,7 +67,7 @@ export function generateCircuitInputsDSC(
   );
 
   // Get start index of CSCA pubkey based on algorithm
-  const [startIndex, keyLength] = findStartPubKeyIndex(cscaParsed, cscaTbsBytesPadded, cscaParsed.signatureAlgorithm);
+  const [startIndex, keyLength] = findStartPubKeyIndex(cscaParsed, cscaTbsBytesPadded, dscMetadata.cscaSignatureAlgorithm);
 
 
   return {

common/src/utils/circuits/uuid.ts

@@ -1,3 +1,5 @@
+export type UserIdType = 'hex' | 'uuid';
+
 /// UUID
 function hexToBigInt(hex: string): bigint {
     return BigInt(`0x${hex}`);
@@ -35,6 +37,19 @@ export function castToUUID(bigInt: bigint): string {
     return hexToUUID(hex);
 }
 
+export function castToUserIdentifier(bigInt: bigint, user_identifier_type: UserIdType): string {
+    switch (user_identifier_type) {
+        case 'hex':
+            return castToAddress(bigInt);
+        case 'uuid':
+            return castToUUID(bigInt);
+    }
+}
+
+export function castToAddress(bigInt: bigint): string {
+    return `0x${bigInt.toString(16).padStart(40, '0')}`;
+}
+
 /// scope
 function checkStringLength(str: string) {
     if (str.length > 25) {
@@ -70,14 +85,8 @@ export function stringToAsciiBigIntArray(str: string): bigint[] {
     return asciiBigIntArray;
 }
 
-
-// custom user_identifier type validation
-export type UserIdType = 'ascii' | 'hex' | 'uuid';
-
-const validateUserId = (userId: string, type: UserIdType): boolean => {
+export function validateUserId(userId: string, type: UserIdType): boolean {
     switch (type) {
-        case 'ascii':
-            return /^[\x00-\xFF]+$/.test(userId);
         case 'hex':
             return /^[0-9A-Fa-f]+$/.test(userId);
         case 'uuid':
@@ -88,37 +97,3 @@ const validateUserId = (userId: string, type: UserIdType): boolean => {
             return false;
     }
 };
-
-const getMaxLenght = (idType: UserIdType) => {
-    switch (idType) {
-        case 'ascii':
-            return 25;
-        default:
-            return 63;
-    }
-};
-
-export const parseUIDToBigInt = (
-    user_identifier: string,
-    user_identifier_type: UserIdType
-): string => {
-    if (!validateUserId(user_identifier, user_identifier_type)) {
-        throw new Error(`User identifier of type ${user_identifier_type} is not valid`);
-    }
-
-    const maxLength = getMaxLenght(user_identifier_type);
-    if (user_identifier.length > maxLength) {
-        throw new Error(
-            `User identifier of type ${user_identifier_type} exceeds maximum length of ${maxLength} characters`
-        );
-    }
-
-    switch (user_identifier_type) {
-        case 'ascii':
-            return stringToBigInt(user_identifier).toString();
-        case 'hex':
-            return hexToBigInt(user_identifier).toString();
-        case 'uuid':
-            return uuidToBigInt(user_identifier).toString();
-    }
-};

common/src/utils/passports/genMockPassportData.ts

@@ -259,6 +259,7 @@ export function genMockPassportData(
     eContent: eContent,
     signedAttr: signedAttr,
     encryptedDigest: signatureBytes,
+    documentType: "mock_passport"
   });
 }
 

common/src/utils/passports/passport_parsing/brutForceDscSignature.ts

@@ -102,14 +102,20 @@ function verifyECDSA(dsc: CertificateData, csca: CertificateData, hashAlgorithm:
 }
 function verifyRSA(dsc: CertificateData, csca: CertificateData, hashAlgorithm: string): boolean {
   try {
-    const dscCert = forge.pki.certificateFromPem(dsc.rawPem);
     const cscaCert = forge.pki.certificateFromPem(csca.rawPem);
     const tbsHash = getTBSHash(dsc.rawPem, hashAlgorithm);
     if (!tbsHash) {
       return false;
     }
     const publicKey = cscaCert.publicKey as forge.pki.rsa.PublicKey;
-    const signature = dscCert.signature;
+    const certBuffer_dsc = Buffer.from(
+      dsc.rawPem.replace(/(-----(BEGIN|END) CERTIFICATE-----|\n)/g, ''),
+      'base64'
+    );
+    const asn1Data_dsc = asn1js.fromBER(certBuffer_dsc);
+    const cert_dsc = new Certificate({ schema: asn1Data_dsc.result });
+    const signatureValue = cert_dsc.signatureValue.valueBlock.valueHexView;
+    const signature = Buffer.from(signatureValue).toString('binary');
     try {
       const verified = publicKey.verify(tbsHash, signature);
       return verified;

common/src/utils/selfAttestation.ts

@@ -1,6 +1,3 @@
-import { bigIntToHex, castToScope, castToUUID, UserIdType } from './circuits/uuid';
-import { formatForbiddenCountriesListFromCircuitOutput, getAttributeFromUnpackedReveal } from './circuits/formatOutputs';
-import { unpackReveal } from './circuits/formatOutputs';
 import { Groth16Proof, PublicSignals } from 'snarkjs';
 
 export interface SelfVerificationResult {
@@ -26,9 +23,9 @@ export interface SelfVerificationResult {
     gender?: string;
     expiry_date?: string;
     older_than?: string;
-    passport_no_ofac?: string;
-    name_and_dob_ofac?: string;
-    name_and_yob_ofac?: string;
+    passport_no_ofac?: boolean;
+    name_and_dob_ofac?: boolean;
+    name_and_yob_ofac?: boolean;
   };
   proof: {
     value: {

common/src/utils/trees.ts

@@ -8,17 +8,20 @@ import {
 import { packBytesAndPoseidon } from './hash';
 import { DscCertificateMetaData, parseDscCertificateData } from './passports/passport_parsing/parseDscCertificateData';
 import { parseCertificateSimple } from './certificate_parsing/parseCertificateSimple';
-import { CSCA_TREE_DEPTH, DSC_TREE_DEPTH, IDENTITY_TREE_URL, max_csca_bytes, OFAC_TREE_LEVELS } from '../constants/constants';
+import { CSCA_TREE_DEPTH, CSCA_TREE_URL_STAGING, DSC_TREE_DEPTH, DSC_TREE_URL_STAGING, IDENTITY_TREE_URL, IDENTITY_TREE_URL_STAGING, max_csca_bytes, OFAC_TREE_LEVELS } from '../constants/constants';
 import { CSCA_TREE_URL, DSC_TREE_URL } from '../constants/constants';
 import { max_dsc_bytes } from '../constants/constants';
 import { IMT } from '@openpassport/zk-kit-imt';
 import { pad } from './passports/passport';
 import countries from "i18n-iso-countries";
 import en from "i18n-iso-countries/langs/en.json";
+import { EndpointType } from './appType';
+import { DocumentType } from './types';
 countries.registerLocale(en);
 
-export async function getCSCATree(): Promise<string[][]> {
-  const response = await fetch(CSCA_TREE_URL);
+export async function getCSCATree(endpointType: EndpointType): Promise<string[][]> {
+  const cscaTreeUrl = (endpointType === 'celo' || endpointType === 'https') ? CSCA_TREE_URL : CSCA_TREE_URL_STAGING
+  const response = await fetch(cscaTreeUrl);
   const data = await response.json();
   const status = data.status ? data.status : data;
   if (status === 'error') {
@@ -30,8 +33,9 @@ export async function getCSCATree(): Promise<string[][]> {
   return tree;
 }
 
-export async function getDSCTree(): Promise<string> {
-  const response = await fetch(DSC_TREE_URL);
+export async function getDSCTree(endpointType: EndpointType): Promise<string> {
+  const dscTreeUrl = (endpointType === 'celo' || endpointType === 'https') ? DSC_TREE_URL : DSC_TREE_URL_STAGING
+  const response = await fetch(dscTreeUrl);
   const data = await response.json();
   const status = data.status ? data.status : data;
   if (status === 'error') {
@@ -42,8 +46,9 @@ export async function getDSCTree(): Promise<string> {
   return tree;
 }
 
-export async function getCommitmentTree(): Promise<string> {
-  const response = await fetch(IDENTITY_TREE_URL);
+export async function getCommitmentTree(documentType: DocumentType | null): Promise<string> {
+  const identityTreeUrl = !documentType || typeof documentType !== 'string' || documentType === 'passport' ? IDENTITY_TREE_URL : IDENTITY_TREE_URL_STAGING;
+  const response = await fetch(identityTreeUrl);
   return await response.json().then(data => data.data ? data.data : data);
 }
 

common/src/utils/types.ts

@@ -13,8 +13,11 @@ export type PassportData = {
   passportMetadata?: PassportMetadata;
   dsc_parsed?: CertificateData;
   csca_parsed?: CertificateData;
+  documentType: DocumentType;
 };
 
+export type DocumentType = "passport" | "mock_passport";
+
 // Define the signature algorithm in "algorithm_hashfunction_domainPapameter_keyLength"
 export type SignatureAlgorithm =
   | 'rsa_sha1_65537_2048'