From e03c8d2a6e5111a38861cb4bdace18346ca5af70 Mon Sep 17 00:00:00 2001 From: Jesse Wierzbinski Date: Thu, 25 Jul 2024 15:09:44 +0200 Subject: [PATCH] docs: :memo: Add section on signature verification --- app/signatures/page.mdx | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/app/signatures/page.mdx b/app/signatures/page.mdx index 13d0e96..d3cef01 100644 --- a/app/signatures/page.mdx +++ b/app/signatures/page.mdx @@ -53,6 +53,14 @@ Where: Sign this string using the user's private key. The resulting signature should be encoded in Base64. +### Verifying the Signature + +To verify a signature, the server must: +- Recreate the string as described above. +- Extract the signature provided in the `Signature` header (`$signature` in the above section). +- Decode the signature from Base64. +- Perform a signature verification using the user's public key. + ### Example The following example is written in TypeScript using the WebCrypto API.