kibotu/gist:1278883c19810f40f2c4

## gistfile1.as
[Test]
public function should_verify_response():void {

        // @see https://manage.sbs.wooga.com/docs/api/abconfig

        // 1) Decrypt the X-SBS-Config-Signature using the public key for your SBS-ID
        var rsa:RSAKey = PEM.readRSAPublicKey(correctKey);

        var src:ByteArray = new ByteArray();
        src.writeUTFBytes(Base64.encode(correctSignature));

        var dst:ByteArray = new ByteArray();
        rsa.verify(src, dst, src.length);

        var dstResult = dst.readUTFBytes(dst.bytesAvailable);

        // 2) Calculate a SHA256 of the JSON body returned by the endpoint
        var dataEncrypted = SHA256.hashBytes(Hex.toArray(Hex.fromString(data)));

        // 3) Compare the values generated in Step 1 and 2, they should be the same
        assertEquals(dstResult, dataEncrypted);
    }
	[Test]
	public function should_verify_response():void {

	// @see https://manage.sbs.wooga.com/docs/api/abconfig

	// 1) Decrypt the X-SBS-Config-Signature using the public key for your SBS-ID
	var rsa:RSAKey = PEM.readRSAPublicKey(correctKey);

	var src:ByteArray = new ByteArray();
	src.writeUTFBytes(Base64.encode(correctSignature));

	var dst:ByteArray = new ByteArray();
	rsa.verify(src, dst, src.length);

	var dstResult = dst.readUTFBytes(dst.bytesAvailable);

	// 2) Calculate a SHA256 of the JSON body returned by the endpoint
	var dataEncrypted = SHA256.hashBytes(Hex.toArray(Hex.fromString(data)));

	// 3) Compare the values generated in Step 1 and 2, they should be the same
	assertEquals(dstResult, dataEncrypted);
	}