Cryptographic signatures ensure the authenticity and legal validity of electronically signed documents to align with international and regional regulations that recognize digital signatures as equivalent to handwritten ones under specific conditions. TeselaGen allows you to use E-Signatures to sign documents. Next, let's see how to manage and use signatures on TeselaGen.

You can have as many signatures as needed in one TeselaGen's account. To add a new one, go to Settings > Signature Key and click on the "New" button.

This will open a pop-up window to fill in the information about the new signature:

🚨 NOTE: TeselaGen doesn't save the private information of your signature. The password of each one should only be known by the owner. If you forget the password of any signature, you will have to create a new one.

Your signature keys will apear on a library-like view. For each signature, you can download the public key, or remove it. All of the signatures have an expiration date for security purposes. A signature will no longer be available to sign after its expiration, but will still appear on the previously signed documents.

🚨 NOTE: The removal of a signature key won't delete it from the registry or from the documents that were previously signed by that singature. Deleting a signature will only inactivate it to sign new documents.

When signing a document, you can also incorporate a meaning to describe your siganture. By default, TeselaGen includes four meanings: Approved, Reviewed, Authored, and Witnessed. However, you can create new ones as an admin user of an organization.

TeselaGen's Electronic Laboratory Notebook (ELN) allows you to sign your different entries. To do it, locate the three dots on the upper right corner of the entry and click on "Sign Entry".

A pop-up window will appear, in which you have to select the key from the list of signatures (or create a new one if you don't have any), type the passphrase, and select a meaning.

After that, click on "Submit" and your entry will be signed.

🚨 NOTE: Signed entries can no longer be edited.

After signing the entry, you won't be able to edit it. Any changes made won't be saved on exports of the entry. If you need to edit a previously signed entry, you need to first remove all of the signatures.

There is an error you may find that will stop you from signing an entry, in which you'll see an "Error signing record" message after hitting "Submit".

This is happening because the linked entities in your entry are no longer in the system. That is, if one of the DNA Sequences you have linked in your entry was deleted, you'll be unable to sign. To be able to sign that entry, you'll need to first delete that entity from your entry.

To verify a signature, go to the ELN entry and click on the "View Signatures" option (located on the three dots on the upper right corner).

Then, the side panel will show the list of signatures. To verify them, double-click on a signature and download the signature, signed document, and the public key.

🚨 NOTE: You need to make one verification per signature.

Next, let's see two ways of verifying the signatures on a signed document.

Verify by TeselaGen allows you to easily verify the signatures. To do so, access to the link and upload both the signed entry and the signature you previously downloaded.

Notice that, if the signature and the document don't match, you will notice it with a red icon.

However, if the document and signature do match, you'll see a green icon and the information of the signature, including timestamp, signer name and email, and meaning.

Now, let's see what to do if you want to verify the signatures externally.

For this case, let's verify an entry using CyberChef. When going to the link, we'll see a screen like this:

On the "Operations" left panel, search "RSA Verify" and drag it to the "Recipe" space.

Open your .json file and locate the "infoSigned" information. Copy it into the "Message" text area, making sure not to add any white space.

Then, open your file explorer and drag the public key (.pem file) to the "RSA Public Key (PEM)" space.

Change the "Message Digest Algorithm" to "SHA-256" and copy the "signature" from the .json file inside the "Input" text box.

Search "From Base64" in "Operations" and drag it to the "Recipe" space, above the "RSA Verify" box.

At this point, the window should be green, and the "Output" space will show a "Verified OK" message if the info signed was signed with the private key associated with the public key. Next, let's verify the data hash.

We'll remove both boxes from the "Recipe" space and add the "SHA2" box (similar to how we did before, we'll use the search option in "Operations"). There, we'll change the size to 256.

Then, open your file explorer and drag the exported entry into the "Input" space:

Now, we have to compare the "Output" obtained with the "dataHash" section on the .json file (this is found on "infoSigned"). If they contain the same information, it means that the file was signed with the private key associated with the public key exported.