Unable to create the correct SHA256 hash

Question

I am working on a project where i need to create a SHA256 hash as per the steps shown below and compare it with existing hash for verification.

Below mentioned are the steps mentioned for creating hash:

Hashing logic for Mobile Number : 
Sha256(Sha256(Mobile+SharePhrase))*number of times last digit of Aadhaar number
(Ref ID field contains last 4 digits).

Example : 
Mobile: 1234567890
Aadhaar Number:XXXX XXXX 3632
Passcode : Lock@487
Hash: Sha256(Sha256(1234567890Lock@487))*2 

I am doing it this way

byte[] digCloneOutput = new byte[32];
private void getPhoneHash(String numberToHash) {

    String phn = (getPhn+""+ed_shareCode.getText().toString().trim());

    Log.e("phn", phn);

    MessageDigest md = null;

    byte[] digest;
    byte[] digClone = new byte[0];

    if (android.os.Build.VERSION.SDK_INT >= android.os.Build.VERSION_CODES.KITKAT) {
        digest = phn.getBytes(Charset.forName("UTF-8"));
        digClone = digest.clone();
    }

    try
    {
        md = MessageDigest.getInstance("SHA-256");
    }
    catch (NoSuchAlgorithmException e)
    {
        throw new IllegalStateException("SHA-256 hash should be available", e);
    }

    for(int i = 0; i< 2; i++){
        md.update(digClone);
        digClone = md.digest();
        Log.e("Intermediate hash",""+ digClone);
    }


    for (int i = 0; i < digClone.length; i++)
    {

        digCloneOutput[i] = (byte) (digClone[i]*lastDigAdhr);
        //  md.update(digClone);
        //  printDigest("Intermediate hash", digClone);
    }

    printDigest( digCloneOutput);
}


public  void printDigest(byte[] digest)
{
    StringBuffer hexString = new StringBuffer();
    for (int i = 0; i < digest.length; i++) {
    String hex = Integer.toHexString(0xff & digest[i]);
    if(hex.length() == 1) hexString.append('0');
    hexString.append(hex);
}

    Log.e("Final HashString to compare", String.valueOf(hexString));

}

Final hash with which i have to compare looks like this

6d0af38001b278389875d2119a187ac5d4df16f5dd75fa5272499059c1149803

but the hash created by my logic never matches the original hash.

I am struggling from last 2 days on this. Any help will be appreciated. Thanks in advance

Answer 1

Sorry for the late answer. I assume you have already resolved your issue. Hope this answer helps anyone still looking for the answer.

Aadhar website have very vague documentation which makes it harder to develop. Most of us will get confused by looking at the statement: Sha256(Sha256(Mobile+SharePhrase))*number of times last digit of Aadhaar number(at-least I got confused). So I had to use trial & error method to verify the hash and it comes out to be simple logic. All you need to do is concatenate the mobile with Zip password & hash the resulted string number of times last digit of aadhaar no. You can use the below code for the same:

private boolean isHashMatched(String mobileNo, String zipPassword, String 
    hashedMobile ,int aadharLastDigit){
    String concatedString  = mobileNo + zipPassword;
    aadharLastDigit = aadharLastDigit == 0 ? 1 : aadharLastDigit; //if last 
    //digit is "0", hash only one time.
    try {
        for(int i = 0; i < aadharLastDigit; i++){
            concatedString = DigestUtils.sha256Hex(concatedString);
        }
        return hashedMobile.equals(concatedString);
    }catch (Exception e){
        e.printStackTrace();
        return false;
    }
}

Use Apache Commons-Codec for hashing purposes(implementation 'commons-codec:commons-codec:1.14').

Answer 2

For SHA-256 I use this simple code hope it will help you

fun encryptToSha256(data: String): String {
    val digest = MessageDigest.getInstance("SHA-256")
    digest.update(data.toByteArray())
    return bytesToHexString(digest.digest())
}

private fun bytesToHexString(bytes: ByteArray): String {
    val sb = StringBuffer()
    for (i in bytes.indices) {
        val hex = Integer.toHexString(0xFF and bytes[i].toInt())
        if (hex.length == 1) {
            sb.append('0')
        }
        sb.append(hex)
    }
    return sb.toString()
}