From 2406448d5a5a9346e6507b49b4513964630da0af Mon Sep 17 00:00:00 2001
From: ShubhneetChawla1805
 <136677859+ShubhneetChawla1805@users.noreply.github.com>
Date: Thu, 15 Jun 2023 12:59:00 +0530
Subject: [PATCH 1/3] Update README.md

Added few instructions while proof testing & Implementing utility for signing and verification.
---
 utilities/signing_and_verification/README.md | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/utilities/signing_and_verification/README.md b/utilities/signing_and_verification/README.md
index 84d7fad..9bbca9a 100644
--- a/utilities/signing_and_verification/README.md
+++ b/utilities/signing_and_verification/README.md
@@ -11,9 +11,9 @@ pip3 install -r requirements.txt
 2. Export request body json path:
 this file should be a valid json file
 ```
-export REQUEST_BODY_PATH=<request-body-text-path>
+export REQUEST_BODY_PATH=<request_body_raw_text.txt-path>
 ```
-  eg for json file provided, export REQUEST_BODY_PATH=request_body.json
+  eg if you rename the file ie request_body_raw_text.txt -> request_body.json , export REQUEST_BODY_PATH=request_body.json
 
 3. Generate key-pairs
 ```
@@ -31,7 +31,7 @@ python cryptic_utils.py generate_key_pairs
 ```
 export PRIVATE_KEY=<private_key>
 export PUBLIC_KEY=<public_key>
-export CRYPTO_PRIVATE_KEY=<Crypto_Privatekey>
+export CRYPTO_PRIVATE_KEY=<Crypto_Privatekey>. 
 export CRYPTO_PUBLIC_KEY=<Crypto_Publickey>
 ```
 
@@ -39,7 +39,7 @@ export CRYPTO_PUBLIC_KEY=<Crypto_Publickey>
 ```
 python cryptic_utils.py create_authorisation_header
 ```
-output will be like 
+output will be 'auth_header' like 
 ```shell
 Signature keyId="buyer-app.ondc.org|207|ed25519",algorithm="ed25519",created="1641287875",expires="1641291475",headers="(created) (expires) digest",signature="fKQWvXhln4UdyZdL87ViXQObdBme0dHnsclD2LvvnHoNxIgcvAwUZOmwAnH5QKi9Upg5tRaxpoGhCFGHD+d+Bw=="
 ```
@@ -75,4 +75,4 @@ eg usage
 python cryptic_utils.py decrypt "MC4CAQAwBQYDK2VuBCIEIOgl3rf3arbk1PvIe0C9TZp7ImR71NSQdvuSu+zzY6xo" "MCowBQYDK2VuAyEAi801MjVpgFOXHjliyT6Nb14HkS5dj1p41qbeyU6/SC8=" "CrwN248HS4CIYsUvxtrK0pWCBaoyZh4LnWtGqeH7Mpc="
 ```
 
-Output will be a Plain Text decoded string "ONDC is a Great Initiative!"
\ No newline at end of file
+Output will be a Plain Text decoded string "ONDC is a Great Initiative!"

From a082280a766461ba99f1a82b40ba3488cacfcd91 Mon Sep 17 00:00:00 2001
From: ShubhneetChawla1805
 <136677859+ShubhneetChawla1805@users.noreply.github.com>
Date: Thu, 15 Jun 2023 13:03:49 +0530
Subject: [PATCH 2/3] Update README.md

---
 utilities/signing_and_verification/README.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/utilities/signing_and_verification/README.md b/utilities/signing_and_verification/README.md
index 9bbca9a..73a0136 100644
--- a/utilities/signing_and_verification/README.md
+++ b/utilities/signing_and_verification/README.md
@@ -31,7 +31,7 @@ python cryptic_utils.py generate_key_pairs
 ```
 export PRIVATE_KEY=<private_key>
 export PUBLIC_KEY=<public_key>
-export CRYPTO_PRIVATE_KEY=<Crypto_Privatekey>. 
+export CRYPTO_PRIVATE_KEY=<Crypto_Privatekey>
 export CRYPTO_PUBLIC_KEY=<Crypto_Publickey>
 ```
 

From f10f9e2adcf5cdb0d84e42bd5041c5ecece5e3c2 Mon Sep 17 00:00:00 2001
From: ShubhneetChawla1805
 <136677859+ShubhneetChawla1805@users.noreply.github.com>
Date: Mon, 19 Jun 2023 13:45:57 +0530
Subject: [PATCH 3/3] Create auth_header_signing_and_verification.md

---
 .../auth_header_signing_and_verification.md   | 28 +++++++++++++++++++
 1 file changed, 28 insertions(+)
 create mode 100644 utilities/signing_and_verification/auth_header_signing_and_verification.md

diff --git a/utilities/signing_and_verification/auth_header_signing_and_verification.md b/utilities/signing_and_verification/auth_header_signing_and_verification.md
new file mode 100644
index 0000000..7708545
--- /dev/null
+++ b/utilities/signing_and_verification/auth_header_signing_and_verification.md
@@ -0,0 +1,28 @@
+**Pre-requisites**
+
+* Key pairs, for signing & encryption, can be generated using  using [libsodium](https://libsodium.gitbook.io/doc/bindings_for_other_languages).
+
+**Creating Key Pairs**
+
+* Create key pairs, for signing (ed25519) & encryption (X25519);
+* Update base64 encoded public keys in registry;
+
+* Utility to generate signing key pairs and test signing & verification is [here](https://github.com/ONDC-Official/reference-implementations/tree/main/utilities/signing_and_verification)
+
+**Auth Header Signing**
+
+* Generate UTF-8 byte array from json payload;
+* Generate Blake2b hash from UTF-8 byte array;
+
+* Create base64 encoding of Blake2b hash. This becomes the digest for signing;
+* Sign the request, using your private signing key, and add the signature to the request authorization header, following steps documented [here](https://docs.google.com/document/d/1Iw_x-6mtfoMh0KJwL4sqQYM0kD17MLxiMCUOZDBerBo/edit#heading=h.zs1tt1ewtdt)
+
+**Auth Header Verification**
+
+* Extract the digest from the encoded signature in the request;
+* Get the signing_public_key from registry using lookup (by using the ukId in the authorization header);
+
+* Create (UTF-8) byte array from the raw payload and generate Blake2b hash;
+* Compare generated Blake2b hash with the decoded digest from the signature in the request;
+
+* In case of failure to verify, HTTP error 401 should be thrown;