Calculating Verification Code
- Einar Ársæll Hrafnsson
Owned by Einar Ársæll Hrafnsson
Jul 21, 2023
1 min read
Loading data...
In the step-by-step instructions, this is described like this:
The verification code is calculated by:
verification code = integer(SHA256(the hash)[-2:-1]) mod 10000
Calculate SHA256 from the hash, extract 2 rightmost bytes from the result, interpret them as a big-endian unsigned integer and take the last 4 digits in decimal form for display. SHA256 is always used here.
Please mind that hash is a real hash byte value, not the Base64 form or the hexadecimal representation.
This can be difficult to understand.
Below is a small Java code example that perhaps shows this in a more understandable way.
public static String CalculateVcode(String hashString) throws NoSuchAlgorithmException
{
MessageDigest md = MessageDigest.getInstance("SHA-256");
byte[] hash = Base64.getDecoder().decode(hashString);
md.update(hash);
byte[] _hash = md.digest();
byte[] last = new byte[2];
last[0] = _hash[_hash.length-2];
last[1] = _hash[_hash.length-1];
Integer code = new BigInteger(1, last).intValue();
int intCode = code.intValue();
String strCode = code.toString();
return strCode.substring(strCode.length()-4);
}