Verify Result Signature
Verihubs provides a Liveness result signature to prove authenticity and integrity. Authenticity ensures that a given file was indeed created by Verihubs. Integrity ensures that the contents of the file have not been tampered with.
Before we proceed, the following prerequisite data must be provided:
credential.secret: The data provided in Builder.setCredentialcredential.clientId: The data provided in Builder.setCredentialresult.url: The URL from the Liveness resultresult.timestamp: The timestamp from the Liveness result
After providing this prerequisite data, the next step is to use the following command line to generate the signature for validation:
echo -n <credential.secret> | openssl dgst -sha256 -hmac <credential.clientId>:$(echo -n '"<result.url>"' | openssl dgst -sha256):<result.timestamp>If the result from this command line matches the digital signature from result.signature, the Liveness result is valid.
Updated about 12 hours ago