Generation and Verification of Hash for SBI and SDK:
In order to maintain the integrity of the SBI/SDK software solution, a cryptographic hash function has been implemented. This function has been thoroughly tested by CTK and found to be compliant with the MOSIP specification.
It is a requirement for partners to calculate the HASH of the software solution using the SHA256 hash function, regardless of the technology environment in which the devices will be utilized.
Furthermore, the calculated HASH of the solution should remain unchanged, allowing countries or relying parties to recalculate the HASH and validate the software's integrity prior to deployment.
In the event that the software undergoes any changes, the partner must calculate a new HASH and retest the solution using CTK in order to maintain their compliance status.
The Blake2b or SHA256 algorithms can be utilized to calculate the hash value of an APK file.
Blake2b produces digests with a byte size ranging from 1 to 64 and is specifically designed for 64-bit systems.
SHA256 is an unkeyed cryptographic hashing method that generates a 256-bit hash outcome from an input of variable length.
The hash value will be altered in the event of any modifications made to the APK file. Conversely, the hash value will remain constant if no changes are made.