From 48c2d1cb3baea9d8e2e1adb90ee83321dc163953 Mon Sep 17 00:00:00 2001
From: pilcrowOnPaper <pilcrowonpaper@gmail.com>
Date: Sat, 21 Sep 2024 15:31:57 +0900
Subject: [PATCH] add ecdsa example

---
 pages/webauthn.md | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/pages/webauthn.md b/pages/webauthn.md
index 0774d19..b94850b 100644
--- a/pages/webauthn.md
+++ b/pages/webauthn.md
@@ -318,9 +318,14 @@ if clientData.Type != "webauthn.get" {
 Finally, verify the signature. The signature is of the authenticator data and the SHA-256 hash of the client data JSON. For ECDSA, the signature is ASN.1 DER encoded.
 
 ```go
-import "crypto/sha256"
+import (
+	"crypto/ecdsa"
+	"crypto/sha256"
+)
 
 clientDataJSONHash := sha256.Sum256(clientDataJSON)
 // Concatenate the authenticator data with the hashed client data JSON.
 data := append(authenticatorData, clientDataJSONHash[:]...)
+hash := sha256.Sum256(data)
+validSignature := ecdsa.VerifyASN1(publicKey, hash[:], signature)
 ```