Requesting Digital Signatures

 

ON THIS PAGE      Show

 

 

 

 

Overview

To validate the authenticity of the returned data, you can use the optional includesignature parameter in the Elections or Election Reports request to receive a digital signature in the HTTP response headers. Elections API supports these validation methods:

  • SHA-256 can be validated using online tools; for example, the HMAC SHA-256 online tool.

  • EdDSA requires a custom coding solution. The crypto standard is Ed25519.

Optional Request Parameter and Response Header

  • When you specify includesignature=sha256 in the request, the API returns an HTTP response header with a Base64 string digital hash; for example:

    AP_SIGNATURE_SHA256:4jibk0xxXclAi5heTUCArWuosn5Ye+GYE0dWfgdm7wg=

  • If includesignature=eddsa is specified in the request, the Base64 string digital hash in the HTTP response header might look something like this:

    AP_SIGNATURE_EDDSA:7HsEepnryfyUjaLUzacjT0n7D05/imTu9dITBJ/Rh5hcu9BlsSIcVdWY/c+QTJQbcLMYx1l8BZbhUfCd8dXBAw==

Public Keys

  • To validate the SHA-256 signature, use this AP public key: 13c816496f281e01198ca3afe052326be11e8d34dd8200fcd537f45a2e414a08

  • To validate the EdDSA signature, use this AP public key: BQP15zpzZ7zATz20V+C/NZhWY9GSlrbIGMC2inm7gK8=