Here is a minimal (copy and paste) example of how to safely create and verify ECDSA signatures with OpenZeppelin in the Foundry environment.
This will work even if you change the data type from "string" to something else.
Note that OpenZeppelin supports two ways to represent the signature. It's generally more convenient to use the bytes version because this is only one extra piece of data to pass around. Note however that ERC20-Permit uses the three part signature (r, s, v).
This article is used as reference material in our Solidity Bootcamp.
We also have a free learn solidity tutorial.