How to create mobile number hash from Aadhaar Paperless Offline e-kyc PHP

Question

how to solve the mobile number hash from Aadhaar Paperless Offline e-kyc PHP. I have the mobile number. but don't understand the logic.

Mobile Number: – This is represented as a hash with following logic.

Hashing logic for Mobile Number : Sha256(Sha256(Mobile+SharePhrase))*number of times last digit of Aadhaar number (Ref ID field contains last 4 digits).

Example : Mobile: 1234567890 Aadhaar Number:XXXX XXXX 3632 Passcode : Lock@487 Hash: Sha256(Sha256(1234567890Lock@487))*2 In case of Aadhaar number ends with Zero we will hashed one time. the full information available here https://uidai.gov.in/ecosystem/authentication-devices-documents/about-aadhaar-paperless-offline-e-kyc.html can anyone help me

Answer 1

Here is the example:

Aadhaar Number:XXXX XXXX 3632

Mobile Number: 1234567890

XML Password: 4567

If last digit of Aadhaar number is 0 OR 1

Sha256(12345678904567)

If last digit of Aadhaar number is 2 (this case)

Sha256(Sha256(12345678904567))

If last digit of Aadhaar number is 3

Sha256(Sha256(Sha256(12345678904567)))

If last digit of Aadhaar number is 4

Sha256(Sha256(Sha256(Sha256(12345678904567))))

Finally, compare XML "m=" value with Sha256 result value, you can only check if both are same or not.

Answer 2

<?php
$Mobile = "1234567890"; // Mobile Number
$SharePhrase = "1234"; // Share Phrase
$AadhaarNumber = "3"; // Last UID number
$HashAlgorithm = "sha256";
$HashValue = hash($HashAlgorithm, $Mobile . $SharePhrase);
for ($i = 1; $i <= $AadhaarNumber; $i++) {
  $HashValue = hash($HashAlgorithm, $HashValue);
  echo $HashValue."<br>";
}
?>

Answer 3

You can verify the hashed code using following steps :

download the JS file for Sha256 from '//cdn.jsdelivr.net/gh/chrisveness/crypto@latest/sha256.js';

and remove line export default Sha256; from downloaded JS file.

import this SHA256 JS file on your page & write following code in your JS/Jquery function:

        var mobile_no = "1234567890";  // Aadhaar Mobile No.
        var share_code = "1234";       // Share_Code passing in API to get Aadhaar data

        var data = mobile_no + share_code;

        var hashText = Sha256.hash(data);  //If your Aadhaar No. ends with 0 or 1 then you need to hash only once

        // If your Aadhaar No. ends with any other number instead of 0 or 1 then use following logic 
        var lastAadhaarChar = $('#<%=txtAadhaarNo.ClientID %>').val().slice(-1);
        if (lastAadhaarChar > 1) {
            for (var i = 2; i <= lastAadhaarChar; i++) {
                hashText = Sha256.hash(hashText);
            }
        }
        alert(hashText);