|
Requesting Digital Signatures
Overview
To validate the authenticity of the returned data,
you can use the optional includesignature parameter
in the Elections or Election Reports request to receive a digital signature
in the HTTP response headers. Elections API supports these validation
methods:
SHA-256 can be validated
using online tools; for example, the HMAC
SHA-256 online tool.
EdDSA requires a custom coding
solution. The crypto standard is Ed25519.
Optional Request Parameter and Response Header
When you specify includesignature=sha256
in the request, the API returns an HTTP response header with a Base64
string digital hash; for example:
AP_SIGNATURE_SHA256:4jibk0xxXclAi5heTUCArWuosn5Ye+GYE0dWfgdm7wg=
If includesignature=eddsa
is specified in the request, the Base64 string digital hash in the
HTTP response header might look something like this:
AP_SIGNATURE_EDDSA:7HsEepnryfyUjaLUzacjT0n7D05/imTu9dITBJ/Rh5hcu9BlsSIcVdWY/c+QTJQbcLMYx1l8BZbhUfCd8dXBAw==
Public Keys
To validate the SHA-256 signature,
use this AP public key: 13c816496f281e01198ca3afe052326be11e8d34dd8200fcd537f45a2e414a08
To validate the EdDSA signature, use
this AP public key: BQP15zpzZ7zATz20V+C/NZhWY9GSlrbIGMC2inm7gK8=
|
|