Issue:
The second test, Verifying Digital Signature, is not passing.
Test 1:
Ensure you have replaced the private_key
variable in the code with the new private key that you generated with the openssl genpkey -algorithm ed25519 -out ed25519.pem
command. The string should be 64 hex characters. Example: 141c9742f67bfa09f84ab91ac5d2b56a6f00957b9ed2afc92f9debf95deb1885
Test 2:
Ensure you have created the signature correctly using the correct arguments to create the signer
or SigningKey
objects. Reference the code examples on step 7, Remediation - Signing Messages for help with specific languages.
Test 3:
Ensure you are returning the hex representation of the signature, and not the raw bytes. Reference the code examples on step 7, Remediation - Signing Messages for help with specific languages.
Test 4:
Use the web application to test your solution. If you have implemented the code correctly, the Expected signature and Actual signature fields in the app should match and the message should be posted. If the Enable message tampering box is checked, the signatures should not match and the message should be rejected.