# RSA Signature

## Overview

The [RSA signature](https://docs.nowayback.io/game/skins) process is based on a pair of keys, mathematically linked, consisting of a private key and a public key.

The emitter uses the private key to generate a signature for the message. Then sends the message, the signature and his public key. With this information, the receiver can validate that the message was signed by the emitter identified by his public key and that the content in the message hasn't been modified.

In our implementation of the RSA signature, we follow a tweaked version, where the emitter needs to generate a signature for the body that he wants to send along with a timestamp, separated between a "." this timestamp makes the signature valid just for a limited period.

```bash
Data that I want to send = "Hello! Im George" 
Timestamp = 1672188588

Message = "Hello! Im George".1672188588

→ Sign Message ""Hello! Im George".1672188588" using my private key → Signature 

Send Signature, Message and Timestamp
```

## Extra Tools

### Verify Signature

To test the signature implementation, we facilitate this endpoint that you can call via code, or via Postman with the signature that you generated to see if its well implemented before introducing it in the application.

## Verify Signature

<mark style="color:green;">`POST`</mark> `https://kend.elixir.app/sdk/v2/signature/verify`

Validates the generated signature so the signing process can be tested.

#### Headers

| Name                                              | Type   | Description                                    |
| ------------------------------------------------- | ------ | ---------------------------------------------- |
| x-api-key<mark style="color:red;">\*</mark>       | String | Public Key obtained in the developer dashboard |
| x-api-signature<mark style="color:red;">\*</mark> | String | Generated RSA signature                        |
| x-api-token<mark style="color:red;">\*</mark>     | String | Timestamp used in the API Signature            |

#### Request Body

| Name                                 | Type   | Description                                              |
| ------------------------------------ | ------ | -------------------------------------------------------- |
| {}<mark style="color:red;">\*</mark> | Object | An object containing the message that wants to be signed |

{% tabs %}
{% tab title="200: OK " %}

```javascript
{
  "code": 1, 
  "success": true, 
  "data": <Req.Body> // Data will include body sent in the request
}
```

{% endtab %}
{% endtabs %}

## Example implementations

{% content-ref url="/pages/0BUxgAct8BhwvLOkGHmK" %}
[Node.js Example](/api-docs/api-docs-1/rsa-signature/node.js-example.md)
{% endcontent-ref %}

{% content-ref url="/pages/TWa4Hb4CSXEqJmh4oKMt" %}
[C# Example](/api-docs/api-docs-1/rsa-signature/c-example.md)
{% endcontent-ref %}


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.elixir.app/api-docs/api-docs-1/rsa-signature.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.