Validating Audit Log Signature

The TSM Demo project can be accessed as described here.

The file audit.go in the folder audit-example shows how audit log signatures can be validated.

In audit.go the public verification keys are obtained by calling the MPC node Management API. These public key could also be installed in an initial setup instead. The audit log entry is input as a JSON string and parsed and split into signing data and signature. After this the signature is checked.