The second test, Verifying Digital Signature, is not passing.
Ensure you have replaced the
private_key variable in the code with the new private key that you generated with the
openssl genpkey -algorithm ed25519 -out ed25519.pem command. The string should be 64 hex characters. Example:
Ensure you have created the signature correctly using the correct arguments to create the
SigningKey objects. Reference the code examples on step 7, Remediation - Signing Messages for help with specific languages.
Ensure you are returning the hex representation of the signature, and not the raw bytes. Reference the code examples on step 7, Remediation - Signing Messages for help with specific languages.
Use the web application to test your solution. If you have implemented the code correctly, the Expected signature and Actual signature fields in the app should match and the message should be posted. If the Enable message tampering box is checked, the signatures should not match and the message should be rejected.